Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/M1pOkHiiBu8a4Wxei_eSNLcoteQ.roa
File: M1pOkHiiBu8a4Wxei_eSNLcoteQ.roa (raw, json)
Hash identifier: hni6tCi7GtyLe5Ozjm+Y4ixu7saIBH7/j6Er4rTxl3Y=
Subject key identifier: 33:5A:4E:90:78:A2:06:EF:1A:E1:6C:5E:8B:F7:92:34:B7:28:B5:E4
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 018A742899680DF6DCD656E9A27E021828AD
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/M1pOkHiiBu8a4Wxei_eSNLcoteQ.roa
Signing time: Fri 08 Sep 2023 09:38:52 +0000
ROA not before: Fri 08 Sep 2023 09:38:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204916
IP address blocks: 45.151.139.0/24 maxlen: 24
45.142.210.0/24 maxlen: 24
45.142.211.0/24 maxlen: 24
84.54.36.0/24 maxlen: 24
83.171.240.0/24 maxlen: 24
83.171.240.0/22 maxlen: 22
83.171.243.0/24 maxlen: 24
83.171.242.0/24 maxlen: 24
194.113.105.0/24 maxlen: 24
2a09:3d00::/29 maxlen: 36
2a0f:cc87::/36 maxlen: 36
2a11:b80::/29 maxlen: 36
2a09:b680::/29 maxlen: 36
2a10:c0c3::/32 maxlen: 32
2a10:c0c0::/29 maxlen: 29
2a11:200:8000::/36 maxlen: 36
2a11:200:7000::/36 maxlen: 36
2a11:200:5000::/36 maxlen: 36
2a11:200::/36 maxlen: 36
2a11:200:4000::/36 maxlen: 36
2a11:200:a000::/36 maxlen: 36
2a09:3505:9000::/36 maxlen: 36
2a0d:5ec5::/32 maxlen: 32
2a11:202::/32 maxlen: 32
2a11:e87:6000::/36 maxlen: 36
2a11:af01::/32 maxlen: 32
2a0c:e8c0::/29 maxlen: 29
2a10:c0c1::/32 maxlen: 32
2a10:c0c7:3000::/36 maxlen: 36
2a10:c0c7:5000::/36 maxlen: 36
2a10:c0c0::/32 maxlen: 32
2a0d:5ec0::/29 maxlen: 36
2a11:e82::/32 maxlen: 32
2a06:d900::/29 maxlen: 29
2a11:780::/29 maxlen: 36
2a09:3b00::/29 maxlen: 29
2a09:4e01:3000::/36 maxlen: 36
2a09:4e01:4000::/36 maxlen: 36
2a09:4e01:5000::/36 maxlen: 36
2a09:4e01:9000::/36 maxlen: 36
2a09:4e01:a000::/36 maxlen: 36
2a11:201::/32 maxlen: 32
2a11:980::/29 maxlen: 29
2a11:204::/32 maxlen: 32
2a10:c340::/29 maxlen: 36
Validation: Failed, certificate revoked on Wed 13 Sep 2023 08:50:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:74:28:99:68:0d:f6:dc:d6:56:e9:a2:7e:02:18:28:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Sep 8 09:38:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=335a4e9078a206ef1ae16c5e8bf79234b728b5e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c7:4c:10:4b:d4:b9:3a:f6:d4:ee:38:6b:a4:
66:80:0f:54:cd:31:66:88:91:b3:57:04:60:7d:1f:
7e:5a:74:0d:0b:b7:ce:a6:97:0b:63:b6:1f:c0:d6:
50:2e:d2:3f:c0:a9:ac:79:67:13:e3:22:22:34:9b:
8e:91:e2:ea:59:71:b7:1b:06:db:bf:b5:52:8f:95:
d1:5e:ff:e6:88:d8:40:51:d9:a5:55:9f:b9:87:f7:
76:45:37:df:b7:76:71:44:2f:fa:f8:59:56:9f:b0:
8d:01:82:16:0a:1d:85:7c:69:c6:c8:25:1e:ce:75:
14:e7:8a:74:c0:9c:22:ab:a3:62:79:36:9c:09:33:
0e:fa:d8:72:81:9e:d7:9e:43:e3:bf:0d:04:52:51:
98:c2:76:4e:b6:37:59:a5:97:c2:1b:b9:54:d3:89:
e7:4b:a8:a9:9e:38:d6:57:a6:f5:e4:63:b2:9d:85:
84:12:65:1f:2e:ef:86:64:fc:70:22:89:6f:e2:31:
fc:45:bc:63:23:69:fe:9a:26:01:65:f8:bb:dd:a8:
a0:f0:1a:6a:e9:06:21:19:40:de:ab:f1:fd:27:6a:
d5:17:1a:15:0d:95:ce:89:45:bb:dd:60:c1:1b:14:
5c:02:62:e2:1d:43:f5:19:83:d0:fb:f6:74:e8:96:
ac:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:5A:4E:90:78:A2:06:EF:1A:E1:6C:5E:8B:F7:92:34:B7:28:B5:E4
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/M1pOkHiiBu8a4Wxei_eSNLcoteQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.210.0/23
45.151.139.0/24
83.171.240.0/22
84.54.36.0/24
194.113.105.0/24
IPv6:
2a06:d900::/29
2a09:3505:9000::/36
2a09:3b00::/29
2a09:3d00::/29
2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
2a09:4e01:9000::-2a09:4e01:afff:ffff:ffff:ffff:ffff:ffff
2a09:b680::/29
2a0c:e8c0::/29
2a0d:5ec0::/29
2a0f:cc87::/36
2a10:c0c0::/29
2a10:c340::/29
2a11:200::/36
2a11:200:4000::/35
2a11:200:7000::-2a11:200:8fff:ffff:ffff:ffff:ffff:ffff
2a11:200:a000::/36
2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
2a11:204::/32
2a11:780::/29
2a11:980::/29
2a11:b80::/29
2a11:e82::/32
2a11:e87:6000::/36
2a11:af01::/32
Signature Algorithm: sha256WithRSAEncryption
00:04:69:b4:16:07:4f:b9:df:98:f1:fd:aa:ef:3f:1b:30:3d:
80:38:54:d3:73:fb:07:b1:ae:46:99:39:08:86:fd:f9:87:1e:
17:65:e5:77:21:0e:c1:6b:f0:fd:f1:39:d9:e6:83:13:dc:16:
74:31:65:54:49:5a:70:ef:4c:24:41:05:f7:2a:55:0b:2b:ca:
99:2a:d1:32:8b:42:20:dc:22:5d:f3:e2:25:e5:11:92:67:75:
5a:92:4b:0f:db:2f:6a:5c:29:5d:4e:a7:4b:4a:37:72:27:24:
29:51:90:58:aa:59:9c:10:57:07:59:6e:52:88:51:2e:2b:79:
14:93:92:07:76:c6:f7:63:81:f3:4c:3a:f9:5a:6e:a0:08:3a:
59:59:77:70:32:1a:04:e8:e3:45:85:29:93:0a:f1:c9:91:5d:
3e:2c:9b:59:27:34:83:b6:f3:f1:55:f7:02:be:b7:fa:d3:23:
fb:cb:f4:94:e1:e8:69:b8:3c:a4:38:62:2f:c3:3b:0b:2d:b5:
43:7e:65:7c:3c:e5:1b:f3:6d:1b:96:dc:95:ca:8c:5e:1f:09:
d8:15:02:1f:b0:86:08:49:3d:87:2a:4a:f2:53:ee:7c:47:88:
9d:4a:39:30:0c:f0:4d:5d:21:54:fb:70:33:2c:a8:cf:de:cc:
d7:f9:a7:1f
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgISAYp0KJloDfbc1lbpon4CGCitMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwOTA4MDkzODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzVhNGU5MDc4YTIwNmVmMWFlMTZjNWU4YmY3OTIzNGI3MjhiNWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMdMEEvUuTr21O44a6RmgA9UzTFm
iJGzVwRgfR9+WnQNC7fOppcLY7YfwNZQLtI/wKmseWcT4yIiNJuOkeLqWXG3Gwbb
v7VSj5XRXv/miNhAUdmlVZ+5h/d2RTfft3ZxRC/6+FlWn7CNAYIWCh2FfGnGyCUe
znUU54p0wJwiq6NieTacCTMO+thygZ7XnkPjvw0EUlGYwnZOtjdZpZfCG7lU04nn
S6ipnjjWV6b15GOynYWEEmUfLu+GZPxwIolv4jH8RbxjI2n+miYBZfi73aig8Bpq
6QYhGUDeq/H9J2rVFxoVDZXOiUW73WDBGxRcAmLiHUP1GYPQ+/Z06JasKwIDAQAB
o4IDCTCCAwUwHQYDVR0OBBYEFDNaTpB4ogbvGuFsXov3kjS3KLXkMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvTTFwT2tIaWlCdThhNFd4ZWlfZVNOTGNvdGVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHQYIKwYBBQUHAQcBAf8EggEMMIIBCDAkBAIAATAeAwQB
LY7SAwQALZeLAwQCU6vwAwQAVDYkAwQAwnFpMIHfBAIAAjCB2AMFAyoG2QADBgQq
CTUFkAMFAyoJOwADBQMqCT0AMBADBgQqCU4BMAMGBSoJTgFAMBADBgQqCU4BkAMG
BCoJTgGgAwUDKgm2gAMFAyoM6MADBQMqDV7AAwYEKg/MhwADBQMqEMDAAwUDKhDD
QAMGBCoRAgAAAwYFKhECAEAwEAMGBCoRAgBwAwYEKhECAIADBgQqEQIAoDAOAwUA
KhECAQMFACoRAgIDBQAqEQIEAwUDKhEHgAMFAyoRCYADBQMqEQuAAwUAKhEOggMG
BCoRDodgAwUAKhGvATANBgkqhkiG9w0BAQsFAAOCAQEAAARptBYHT7nfmPH9qu8/
GzA9gDhU03P7B7GuRpk5CIb9+YceF2XldyEOwWvw/fE52eaDE9wWdDFlVElacO9M
JEEF9ypVCyvKmSrRMotCINwiXfPiJeURkmd1WpJLD9svalwpXU6nS0o3cickKVGQ
WKpZnBBXB1luUohRLit5FJOSB3bG92OB80w6+VpuoAg6WVl3cDIaBOjjRYUpkwrx
yZFdPiybWSc0g7bz8VX3Ar63+tMj+8v0lOHoabg8pDhiL8M7Cy21Q35lfDzlG/Nt
G5bclcqMXh8J2BUCH7CGCEk9hypK8lPufEeInUo5MAzwTV0hVPtwMyyoz97M1/mn
Hw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org