Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/Df4Y12pn8Q22ikn6_edu0Zy80gM.roa
File: Df4Y12pn8Q22ikn6_edu0Zy80gM.roa (raw, json)
Hash identifier: f8WiIRGNcTMzkpsMrQjRP9lkaIxHSxtP6ysn6y9LjlY=
Subject key identifier: 0D:FE:18:D7:6A:67:F1:0D:B6:8A:49:FA:FD:E7:6E:D1:9C:BC:D2:03
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 018AFA4F084CF7D7BE9273C6A616DF63C7BB
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/Df4Y12pn8Q22ikn6_edu0Zy80gM.roa
Signing time: Wed 04 Oct 2023 10:49:58 +0000
ROA not before: Wed 04 Oct 2023 10:49:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204916
IP address blocks: 95.215.109.0/24 maxlen: 24
45.151.139.0/24 maxlen: 24
194.113.105.0/24 maxlen: 24
45.142.210.0/24 maxlen: 24
45.142.211.0/24 maxlen: 24
84.54.36.0/24 maxlen: 24
83.171.240.0/24 maxlen: 24
83.171.240.0/22 maxlen: 22
83.171.243.0/24 maxlen: 24
83.171.242.0/24 maxlen: 24
2a09:3d00::/29 maxlen: 36
2a11:207::/32 maxlen: 32
2a11:206::/32 maxlen: 32
2a10:c0c3::/32 maxlen: 32
2a10:c0c0::/29 maxlen: 29
2a11:e87:6000::/36 maxlen: 36
2a11:af01::/32 maxlen: 32
2a11:205::/32 maxlen: 32
2a0c:e8c0::/29 maxlen: 29
2a10:c0c1::/32 maxlen: 32
2a10:c0c7:3000::/36 maxlen: 36
2a10:c0c7:5000::/36 maxlen: 36
2a10:c0c0::/32 maxlen: 32
2a0d:5ec0::/29 maxlen: 36
2a06:d900::/29 maxlen: 29
2a09:4e03::/32 maxlen: 32
2a09:3b00::/29 maxlen: 29
2a0d:8b03::/32 maxlen: 32
2a0f:cc87::/36 maxlen: 36
2a11:b80::/29 maxlen: 36
2a09:b680::/29 maxlen: 36
2a11:200:8000::/36 maxlen: 36
2a11:200:7000::/36 maxlen: 36
2a11:200:5000::/36 maxlen: 36
2a11:200::/36 maxlen: 36
2a11:200:4000::/36 maxlen: 36
2a11:200:a000::/36 maxlen: 36
2a09:3505:9000::/36 maxlen: 36
2a0d:5ec5::/32 maxlen: 32
2a11:202::/32 maxlen: 32
2a0d:8b04::/32 maxlen: 32
2a11:e82::/32 maxlen: 32
2a11:780::/29 maxlen: 36
2a10:c0c5::/32 maxlen: 32
2a09:4e01:3000::/36 maxlen: 36
2a09:4e01:4000::/36 maxlen: 36
2a09:4e01:5000::/36 maxlen: 36
2a09:4e01:9000::/36 maxlen: 36
2a09:4e01:a000::/36 maxlen: 36
2a11:201::/32 maxlen: 32
2a11:980::/29 maxlen: 29
2a11:204::/32 maxlen: 32
2a10:c340::/29 maxlen: 36
Validation: Failed, certificate revoked on Thu 05 Oct 2023 11:19:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:4f:08:4c:f7:d7:be:92:73:c6:a6:16:df:63:c7:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Oct 4 10:49:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0dfe18d76a67f10db68a49fafde76ed19cbcd203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:61:8b:42:02:be:b4:6a:47:27:3b:17:41:34:
f7:63:94:fd:5f:cd:1e:b9:ad:af:3a:d8:02:fe:84:
98:8a:98:d5:d1:8c:1f:81:42:70:1d:1e:4e:37:2d:
f1:b3:86:0b:4c:34:28:d3:79:68:76:20:0b:6a:b7:
c5:90:64:e8:af:af:8b:d2:8f:4a:0a:9a:be:6d:b7:
c2:0b:e6:df:58:b1:1c:d8:c0:da:ab:d8:25:cc:b4:
02:ee:05:cb:8b:3f:b6:e2:ac:38:4c:a0:b8:a9:95:
f3:5e:28:d5:ea:7f:f6:dd:0c:0a:9b:64:ca:0a:df:
b1:ea:91:b1:db:49:b1:e9:6b:9d:b6:30:ab:b0:28:
d6:3e:a1:f3:69:46:ee:65:1f:46:65:94:c7:15:9c:
0f:44:73:32:98:b3:ef:b0:17:20:e1:06:ef:29:09:
ae:4f:a5:f6:e2:53:a9:33:e7:c4:34:df:2b:99:27:
ac:bc:f8:43:f4:42:ab:f3:8d:46:0c:c2:01:ed:7e:
a4:96:36:48:dd:38:b7:bb:6a:fd:a0:f9:b9:d5:4d:
03:29:6f:8d:5e:f8:d7:52:78:a7:08:04:99:25:c7:
94:8f:70:25:09:17:50:36:8e:4a:69:73:57:68:cd:
8d:05:67:2a:83:a7:b2:70:b2:42:b5:3a:6e:4c:74:
cb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:FE:18:D7:6A:67:F1:0D:B6:8A:49:FA:FD:E7:6E:D1:9C:BC:D2:03
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/Df4Y12pn8Q22ikn6_edu0Zy80gM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.210.0/23
45.151.139.0/24
83.171.240.0/22
84.54.36.0/24
95.215.109.0/24
194.113.105.0/24
IPv6:
2a06:d900::/29
2a09:3505:9000::/36
2a09:3b00::/29
2a09:3d00::/29
2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
2a09:4e01:9000::-2a09:4e01:afff:ffff:ffff:ffff:ffff:ffff
2a09:4e03::/32
2a09:b680::/29
2a0c:e8c0::/29
2a0d:5ec0::/29
2a0d:8b03::-2a0d:8b04:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:cc87::/36
2a10:c0c0::/29
2a10:c340::/29
2a11:200::/36
2a11:200:4000::/35
2a11:200:7000::-2a11:200:8fff:ffff:ffff:ffff:ffff:ffff
2a11:200:a000::/36
2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
2a11:204::/30
2a11:780::/29
2a11:980::/29
2a11:b80::/29
2a11:e82::/32
2a11:e87:6000::/36
2a11:af01::/32
Signature Algorithm: sha256WithRSAEncryption
63:39:b7:24:71:33:f8:01:e3:f8:e9:c9:eb:28:e6:08:10:da:
c9:f2:61:42:cf:91:7a:1a:d6:79:7c:a0:20:31:0d:30:9d:ba:
54:58:e2:10:d4:ef:66:c0:c1:0d:9c:05:70:7e:fb:1d:a2:cb:
e3:40:ea:8a:55:fd:7d:f4:1d:0a:5e:66:2d:ae:c6:d0:b7:8e:
9c:22:62:e1:0b:a1:f5:5e:ea:9b:c8:73:a0:c3:70:0f:c1:f3:
eb:cb:55:41:35:c5:72:69:a8:38:97:58:29:2b:4d:b4:e1:3c:
55:fe:84:d8:4a:35:0b:36:c4:88:0d:c9:cf:f1:71:af:7d:b8:
0a:b9:1a:92:19:4b:50:2c:0e:89:f6:22:0b:65:fb:00:91:b4:
8a:55:8a:27:0d:09:fd:d1:8d:52:0b:5a:9e:8d:7f:16:b5:3c:
b5:82:58:d4:7b:c7:90:8b:84:ad:e3:d6:05:0f:61:09:27:7c:
9b:6e:3c:a3:c5:2f:ce:25:b2:ae:a9:8b:f6:a4:00:c1:ee:5d:
d8:40:2b:95:cc:cc:da:aa:71:e0:a3:46:7e:75:63:e0:1e:3d:
d4:0f:c0:61:6a:1e:f9:1d:c3:1e:26:f3:74:df:c8:b6:39:8e:
81:4f:ee:f8:93:b4:78:01:fe:10:bf:fc:a4:00:4b:e6:20:67:
a4:77:84:8b
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgISAYr6TwhM99e+knPGphbfY8e7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMxMDA0MTA0OTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGZlMThkNzZhNjdmMTBkYjY4YTQ5ZmFmZGU3NmVkMTljYmNkMjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWGLQgK+tGpHJzsXQTT3Y5T9X80e
ua2vOtgC/oSYipjV0YwfgUJwHR5ONy3xs4YLTDQo03lodiALarfFkGTor6+L0o9K
Cpq+bbfCC+bfWLEc2MDaq9glzLQC7gXLiz+24qw4TKC4qZXzXijV6n/23QwKm2TK
Ct+x6pGx20mx6WudtjCrsCjWPqHzaUbuZR9GZZTHFZwPRHMymLPvsBcg4QbvKQmu
T6X24lOpM+fENN8rmSesvPhD9EKr841GDMIB7X6kljZI3Ti3u2r9oPm51U0DKW+N
XvjXUninCASZJceUj3AlCRdQNo5KaXNXaM2NBWcqg6eycLJCtTpuTHTLzwIDAQAB
o4IDJjCCAyIwHQYDVR0OBBYEFA3+GNdqZ/ENtopJ+v3nbtGcvNIDMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvRGY0WTEycG44UTIyaWtuNl9lZHUwWnk4MGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOgYIKwYBBQUHAQcBAf8EggEpMIIBJTAqBAIAATAkAwQB
LY7SAwQALZeLAwQCU6vwAwQAVDYkAwQAX9dtAwQAwnFpMIH2BAIAAjCB7wMFAyoG
2QADBgQqCTUFkAMFAyoJOwADBQMqCT0AMBADBgQqCU4BMAMGBSoJTgFAMBADBgQq
CU4BkAMGBCoJTgGgAwUAKglOAwMFAyoJtoADBQMqDOjAAwUDKg1ewDAOAwUAKg2L
AwMFACoNiwQDBgQqD8yHAAMFAyoQwMADBQMqEMNAAwYEKhECAAADBgUqEQIAQDAQ
AwYEKhECAHADBgQqEQIAgAMGBCoRAgCgMA4DBQAqEQIBAwUAKhECAgMFAioRAgQD
BQMqEQeAAwUDKhEJgAMFAyoRC4ADBQAqEQ6CAwYEKhEOh2ADBQAqEa8BMA0GCSqG
SIb3DQEBCwUAA4IBAQBjObckcTP4AeP46cnrKOYIENrJ8mFCz5F6GtZ5fKAgMQ0w
nbpUWOIQ1O9mwMENnAVwfvsdosvjQOqKVf199B0KXmYtrsbQt46cImLhC6H1Xuqb
yHOgw3APwfPry1VBNcVyaag4l1gpK0204TxV/oTYSjULNsSIDcnP8XGvfbgKuRqS
GUtQLA6J9iILZfsAkbSKVYonDQn90Y1SC1qejX8WtTy1gljUe8eQi4St49YFD2EJ
J3ybbjyjxS/OJbKuqYv2pADB7l3YQCuVzMzaqnHgo0Z+dWPgHj3UD8Bhah75HcMe
JvN038i2OY6BT+74k7R4Af4Qv/ykAEvmIGekd4SL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org