Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/CWqVR-nHL2Sq3_dACpLJls6YtdY.roa
File: CWqVR-nHL2Sq3_dACpLJls6YtdY.roa (raw, json)
Hash identifier: Ba0H+dAmTkAQXfhfFgEAXAK9GQaJgaKuqp5SnBziqUI=
Subject key identifier: 09:6A:95:47:E9:C7:2F:64:AA:DF:F7:40:0A:92:C9:96:CE:98:B5:D6
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 018AFF90A55793D3AA09A88F068D1B1EAF4E
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/CWqVR-nHL2Sq3_dACpLJls6YtdY.roa
Signing time: Thu 05 Oct 2023 11:19:44 +0000
ROA not before: Thu 05 Oct 2023 11:19:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204916
IP address blocks: 95.215.109.0/24 maxlen: 24
45.151.139.0/24 maxlen: 24
194.113.105.0/24 maxlen: 24
45.142.210.0/24 maxlen: 24
45.142.211.0/24 maxlen: 24
84.54.36.0/24 maxlen: 24
83.171.240.0/24 maxlen: 24
83.171.240.0/22 maxlen: 22
83.171.243.0/24 maxlen: 24
83.171.242.0/24 maxlen: 24
2a09:3d00::/29 maxlen: 36
2a11:207::/32 maxlen: 32
2a11:206::/32 maxlen: 32
2a10:c0c3::/32 maxlen: 32
2a10:c0c0::/29 maxlen: 29
2a11:e87:6000::/36 maxlen: 36
2a11:af01::/32 maxlen: 32
2a11:205::/32 maxlen: 32
2a0c:e8c0::/29 maxlen: 29
2a10:c0c1::/32 maxlen: 32
2a10:c0c7:5000::/36 maxlen: 36
2a10:c0c7:3000::/36 maxlen: 36
2a10:c0c0::/32 maxlen: 32
2a0d:5ec0::/29 maxlen: 36
2a06:d900::/29 maxlen: 29
2a09:4e03::/32 maxlen: 32
2a09:3b00::/29 maxlen: 29
2a0d:8b03::/32 maxlen: 32
2a0f:cc87::/36 maxlen: 36
2a11:b80::/29 maxlen: 36
2a09:b680::/29 maxlen: 36
2a11:200:a000::/36 maxlen: 36
2a11:200:4000::/36 maxlen: 36
2a11:200::/36 maxlen: 36
2a11:200:5000::/36 maxlen: 36
2a11:200:7000::/36 maxlen: 36
2a11:200:8000::/36 maxlen: 36
2a09:3505:9000::/36 maxlen: 36
2a0d:5ec5::/32 maxlen: 32
2a11:202::/32 maxlen: 32
2a0d:8b04::/32 maxlen: 32
2a11:e82::/32 maxlen: 32
2a11:780::/29 maxlen: 36
2a10:c0c5::/32 maxlen: 32
2a09:4e01:a000::/36 maxlen: 36
2a09:4e01:9000::/36 maxlen: 36
2a09:4e01:5000::/36 maxlen: 36
2a09:4e01:4000::/36 maxlen: 36
2a09:4e01:3000::/36 maxlen: 36
2a11:201::/32 maxlen: 32
2a0c:2104::/32 maxlen: 32
2a11:980::/29 maxlen: 29
2a11:204::/32 maxlen: 32
2a10:c340::/29 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:90:a5:57:93:d3:aa:09:a8:8f:06:8d:1b:1e:af:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Oct 5 11:19:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=096a9547e9c72f64aadff7400a92c996ce98b5d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d1:77:82:b2:43:5f:d0:e0:4a:b4:69:cd:b1:
58:05:16:e5:c9:cb:5b:20:ae:55:64:9e:15:a9:8a:
26:9e:d2:15:15:fa:5d:52:a8:c6:49:40:13:e9:6c:
45:45:93:67:f9:7a:c5:35:3b:e4:93:6e:bb:36:fc:
09:e1:78:d0:8b:28:df:bc:0a:e8:29:66:25:5c:ff:
f0:2e:75:fd:e6:0b:75:7d:fc:0b:65:53:19:cc:d7:
0e:3a:70:a2:ba:71:3a:ea:7c:ab:76:76:2e:65:9f:
a5:38:f0:d0:a8:9e:9d:39:74:94:6e:df:89:4a:63:
99:d7:da:07:d2:4f:08:49:7a:94:2c:7a:fc:18:38:
21:31:ec:2a:c7:9b:86:a7:fb:3d:cb:40:1a:a0:7b:
1b:46:58:27:0e:c5:cf:21:c7:c4:bb:2d:ec:71:3a:
cf:8a:52:6c:da:50:2d:89:e9:d7:4f:6b:af:e1:eb:
50:86:fd:68:2f:e8:33:2c:7d:92:a3:b4:37:30:30:
4f:80:c3:04:46:d9:43:7b:96:90:51:59:65:69:37:
e7:a2:8b:a0:c8:b9:af:ab:aa:f7:bc:ac:ab:fb:cc:
92:34:14:b9:31:cd:b3:d6:de:32:e7:a8:1d:bf:ec:
d1:c3:07:a4:60:6e:0c:b9:97:d8:e1:85:65:56:29:
9c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:6A:95:47:E9:C7:2F:64:AA:DF:F7:40:0A:92:C9:96:CE:98:B5:D6
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/CWqVR-nHL2Sq3_dACpLJls6YtdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.210.0/23
45.151.139.0/24
83.171.240.0/22
84.54.36.0/24
95.215.109.0/24
194.113.105.0/24
IPv6:
2a06:d900::/29
2a09:3505:9000::/36
2a09:3b00::/29
2a09:3d00::/29
2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
2a09:4e01:9000::-2a09:4e01:afff:ffff:ffff:ffff:ffff:ffff
2a09:4e03::/32
2a09:b680::/29
2a0c:2104::/32
2a0c:e8c0::/29
2a0d:5ec0::/29
2a0d:8b03::-2a0d:8b04:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:cc87::/36
2a10:c0c0::/29
2a10:c340::/29
2a11:200::/36
2a11:200:4000::/35
2a11:200:7000::-2a11:200:8fff:ffff:ffff:ffff:ffff:ffff
2a11:200:a000::/36
2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
2a11:204::/30
2a11:780::/29
2a11:980::/29
2a11:b80::/29
2a11:e82::/32
2a11:e87:6000::/36
2a11:af01::/32
Signature Algorithm: sha256WithRSAEncryption
37:30:c2:7c:e0:09:ab:51:22:d8:62:b8:d7:b7:af:97:3c:af:
33:3e:be:87:82:cc:14:21:49:d7:69:52:9a:76:b9:98:f3:4b:
65:55:c2:f1:c8:59:e1:ac:8b:07:19:ca:a9:5a:70:ba:78:7e:
86:45:84:05:72:a2:63:f4:08:40:8d:8f:55:8e:e7:fe:30:3f:
e6:44:7a:52:85:d9:e7:18:ad:04:bf:f9:c4:8f:3e:68:7d:b4:
04:12:08:95:07:33:fe:cb:54:55:a0:7b:7a:c2:0f:e9:ad:e6:
91:aa:9c:68:18:ed:1d:2d:34:99:9a:c4:20:5a:d1:67:6b:06:
9f:66:db:77:f8:d6:78:85:c9:74:88:97:7a:f9:c1:b6:a4:05:
86:f2:45:ab:6a:f3:ec:a0:0a:ed:3c:2b:cf:c2:99:83:e2:0e:
f7:ff:16:3b:3b:4c:54:6a:a8:cc:61:b4:06:3a:8a:2b:d5:8c:
e1:b0:82:a0:ef:f5:ec:e1:0b:a3:90:c0:ee:a7:17:e1:0d:8c:
9d:57:89:e7:fb:63:44:de:e8:0b:8d:02:28:9f:38:98:74:bd:
a4:2e:41:07:b3:7a:c9:2f:c1:22:a9:3d:7a:b1:ed:a9:0c:22:
87:5c:2b:9e:d1:b4:f8:e4:c5:8d:20:e9:72:15:9d:c4:4b:a9:
8c:6f:c8:73
-----BEGIN CERTIFICATE-----
MIIGITCCBQmgAwIBAgISAYr/kKVXk9OqCaiPBo0bHq9OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMxMDA1MTExOTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTZhOTU0N2U5YzcyZjY0YWFkZmY3NDAwYTkyYzk5NmNlOThiNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9F3grJDX9DgSrRpzbFYBRblyctb
IK5VZJ4VqYomntIVFfpdUqjGSUAT6WxFRZNn+XrFNTvkk267NvwJ4XjQiyjfvAro
KWYlXP/wLnX95gt1ffwLZVMZzNcOOnCiunE66nyrdnYuZZ+lOPDQqJ6dOXSUbt+J
SmOZ19oH0k8ISXqULHr8GDghMewqx5uGp/s9y0AaoHsbRlgnDsXPIcfEuy3scTrP
ilJs2lAtienXT2uv4etQhv1oL+gzLH2So7Q3MDBPgMMERtlDe5aQUVllaTfnooug
yLmvq6r3vKyr+8ySNBS5Mc2z1t4y56gdv+zRwwekYG4MuZfY4YVlVimc6QIDAQAB
o4IDLTCCAykwHQYDVR0OBBYEFAlqlUfpxy9kqt/3QAqSyZbOmLXWMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvQ1dxVlItbkhMMlNxM19kQUNwTEpsczZZdGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQQYIKwYBBQUHAQcBAf8EggEwMIIBLDAqBAIAATAkAwQB
LY7SAwQALZeLAwQCU6vwAwQAVDYkAwQAX9dtAwQAwnFpMIH9BAIAAjCB9gMFAyoG
2QADBgQqCTUFkAMFAyoJOwADBQMqCT0AMBADBgQqCU4BMAMGBSoJTgFAMBADBgQq
CU4BkAMGBCoJTgGgAwUAKglOAwMFAyoJtoADBQAqDCEEAwUDKgzowAMFAyoNXsAw
DgMFACoNiwMDBQAqDYsEAwYEKg/MhwADBQMqEMDAAwUDKhDDQAMGBCoRAgAAAwYF
KhECAEAwEAMGBCoRAgBwAwYEKhECAIADBgQqEQIAoDAOAwUAKhECAQMFACoRAgID
BQIqEQIEAwUDKhEHgAMFAyoRCYADBQMqEQuAAwUAKhEOggMGBCoRDodgAwUAKhGv
ATANBgkqhkiG9w0BAQsFAAOCAQEANzDCfOAJq1Ei2GK417evlzyvMz6+h4LMFCFJ
12lSmna5mPNLZVXC8chZ4ayLBxnKqVpwunh+hkWEBXKiY/QIQI2PVY7n/jA/5kR6
UoXZ5xitBL/5xI8+aH20BBIIlQcz/stUVaB7esIP6a3mkaqcaBjtHS00mZrEIFrR
Z2sGn2bbd/jWeIXJdIiXevnBtqQFhvJFq2rz7KAK7Twrz8KZg+IO9/8WOztMVGqo
zGG0BjqKK9WM4bCCoO/17OELo5DA7qcX4Q2MnVeJ5/tjRN7oC40CKJ84mHS9pC5B
B7N6yS/BIqk9erHtqQwih1wrntG0+OTFjSDpchWdxEupjG/Icw==
-----END CERTIFICATE-----
Generated at Sun Oct 15 19:36:48 2023 by rpki-client on console-fra.rpki-client.org