Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/qSDYIs7MUw3StAOZrY5lm8u9tQQ.roa
File: qSDYIs7MUw3StAOZrY5lm8u9tQQ.roa (raw, json)
Hash identifier: wwmLBu8j0JWgN+0M6cSUylD0wy2cUnIuNjFumTcLNjQ=
Subject key identifier: A9:20:D8:22:CE:CC:53:0D:D2:B4:03:99:AD:8E:65:9B:CB:BD:B5:04
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 018A3BD48B73B2031FA0998F61D0362F6670
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/qSDYIs7MUw3StAOZrY5lm8u9tQQ.roa
Signing time: Mon 28 Aug 2023 11:08:19 +0000
ROA not before: Mon 28 Aug 2023 11:08:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204916
IP address blocks: 45.151.139.0/24 maxlen: 24
45.142.210.0/24 maxlen: 24
45.142.211.0/24 maxlen: 24
84.54.36.0/24 maxlen: 24
83.171.240.0/24 maxlen: 24
83.171.240.0/22 maxlen: 22
83.171.243.0/24 maxlen: 24
83.171.242.0/24 maxlen: 24
194.113.105.0/24 maxlen: 24
2a09:3d00::/29 maxlen: 36
2a0f:cc87::/36 maxlen: 36
2a11:b80::/29 maxlen: 36
2a09:b680::/29 maxlen: 36
2a10:c0c3::/32 maxlen: 32
2a10:c0c0::/29 maxlen: 29
2a11:200:8000::/36 maxlen: 36
2a11:200:7000::/36 maxlen: 36
2a11:200:5000::/36 maxlen: 36
2a11:200::/36 maxlen: 36
2a11:200:4000::/36 maxlen: 36
2a11:200:a000::/36 maxlen: 36
2a09:3505:9000::/36 maxlen: 36
2a0d:5ec5::/32 maxlen: 32
2a11:202::/32 maxlen: 32
2a11:af01::/32 maxlen: 32
2a0c:e8c0::/29 maxlen: 29
2a10:c0c1::/32 maxlen: 32
2a10:c0c7:3000::/36 maxlen: 36
2a10:c0c7:5000::/36 maxlen: 36
2a10:c0c0::/32 maxlen: 32
2a0d:5ec0::/29 maxlen: 36
2a11:e82::/32 maxlen: 32
2a06:d900::/29 maxlen: 29
2a11:780::/29 maxlen: 36
2a09:3b00::/29 maxlen: 29
2a09:4e01:3000::/36 maxlen: 36
2a09:4e01:4000::/36 maxlen: 36
2a09:4e01:5000::/36 maxlen: 36
2a09:4e01:9000::/36 maxlen: 36
2a11:201::/32 maxlen: 32
2a10:c340::/29 maxlen: 36
Validation: Failed, certificate revoked on Tue 29 Aug 2023 07:17:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:d4:8b:73:b2:03:1f:a0:99:8f:61:d0:36:2f:66:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Aug 28 11:08:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a920d822cecc530dd2b40399ad8e659bcbbdb504
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e2:ac:46:4c:f5:a1:12:04:d1:14:be:c1:7f:
39:7d:78:1e:d4:f4:69:c4:f9:ac:47:ac:75:66:a7:
ca:8e:f0:60:1e:29:dd:1e:19:21:2e:69:f6:0b:3c:
bf:fa:a5:13:29:6f:62:3b:2c:11:6a:c7:c2:96:65:
a1:46:48:a3:50:0c:10:66:41:5e:50:b7:05:96:ae:
d2:75:4b:25:de:79:1e:2f:49:2e:9d:55:78:88:1f:
f9:a4:1a:24:1c:c8:28:5d:a3:e7:d6:2c:b0:e0:fd:
ca:70:3a:3f:07:c0:83:09:09:d4:9e:65:fc:f8:71:
19:ec:a3:c2:0c:dc:49:f4:d6:79:d7:7e:04:98:d1:
3e:d8:18:01:a1:2f:66:f8:86:e4:ea:4d:54:8d:42:
c8:02:42:87:be:1c:4e:43:56:f4:82:20:10:18:f0:
1f:d5:b0:33:5e:99:a9:4e:71:5d:a5:4d:0b:e6:00:
af:89:7d:f0:26:87:63:67:9d:eb:00:09:3c:26:1a:
ca:e0:5d:a9:1e:34:26:71:55:36:29:22:c0:86:67:
88:75:47:bd:e3:38:11:ec:62:5b:e3:cf:cc:e3:b8:
f3:a2:01:7b:9f:ae:dc:3f:42:99:d7:f3:01:5d:62:
b5:d4:ab:90:79:44:39:69:fe:a6:ba:da:67:92:b9:
d1:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:20:D8:22:CE:CC:53:0D:D2:B4:03:99:AD:8E:65:9B:CB:BD:B5:04
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/qSDYIs7MUw3StAOZrY5lm8u9tQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.210.0/23
45.151.139.0/24
83.171.240.0/22
84.54.36.0/24
194.113.105.0/24
IPv6:
2a06:d900::/29
2a09:3505:9000::/36
2a09:3b00::/29
2a09:3d00::/29
2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
2a09:4e01:9000::/36
2a09:b680::/29
2a0c:e8c0::/29
2a0d:5ec0::/29
2a0f:cc87::/36
2a10:c0c0::/29
2a10:c340::/29
2a11:200::/36
2a11:200:4000::/35
2a11:200:7000::-2a11:200:8fff:ffff:ffff:ffff:ffff:ffff
2a11:200:a000::/36
2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
2a11:780::/29
2a11:b80::/29
2a11:e82::/32
2a11:af01::/32
Signature Algorithm: sha256WithRSAEncryption
4e:bd:7b:26:70:85:fe:c2:9e:46:eb:88:de:aa:b6:5b:b9:cb:
80:b9:94:45:e0:7a:b4:7c:e5:21:85:11:e2:62:24:d1:00:fc:
82:15:f6:43:bb:0a:53:c3:03:ba:69:9a:ff:a5:0c:46:66:ab:
83:4a:78:48:6c:8d:54:4b:14:a2:4a:0c:a6:5d:87:c4:a2:47:
64:9e:13:fc:ad:77:b6:a1:6f:1d:84:e1:0c:52:b9:e2:b2:01:
35:9d:00:59:6a:da:a6:ab:d2:ae:5e:6f:ff:8f:4f:b5:99:fe:
d6:e8:ab:27:f0:f1:76:e2:4f:0c:e2:de:04:7d:4d:a0:0a:14:
1b:74:70:a2:82:de:93:0a:82:fd:69:b9:63:a8:e3:92:5e:d8:
21:54:e5:45:be:e2:a2:c0:07:48:af:c9:df:54:39:3b:61:c4:
5c:65:8e:1b:ab:dc:d8:36:31:df:8b:52:15:41:ca:bf:c5:9c:
fd:2e:72:9d:ec:b7:5d:1c:4c:c8:8e:32:9c:76:2e:f0:4d:13:
39:da:98:94:8f:da:c6:eb:76:49:c8:21:86:5d:01:07:b6:37:
d3:57:e5:ba:74:f8:3e:e2:2d:af:c4:52:0b:e7:30:c5:ce:68:
99:f7:40:3f:16:35:d7:6f:cf:0c:99:b7:6e:b7:0d:7d:34:99:
99:9d:9a:d2
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAYo71ItzsgMfoJmPYdA2L2ZwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwODI4MTEwODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTIwZDgyMmNlY2M1MzBkZDJiNDAzOTlhZDhlNjU5YmNiYmRiNTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieKsRkz1oRIE0RS+wX85fXge1PRp
xPmsR6x1ZqfKjvBgHindHhkhLmn2Czy/+qUTKW9iOywRasfClmWhRkijUAwQZkFe
ULcFlq7SdUsl3nkeL0kunVV4iB/5pBokHMgoXaPn1iyw4P3KcDo/B8CDCQnUnmX8
+HEZ7KPCDNxJ9NZ5134EmNE+2BgBoS9m+Ibk6k1UjULIAkKHvhxOQ1b0giAQGPAf
1bAzXpmpTnFdpU0L5gCviX3wJodjZ53rAAk8JhrK4F2pHjQmcVU2KSLAhmeIdUe9
4zgR7GJb48/M47jzogF7n67cP0KZ1/MBXWK11KuQeUQ5af6mutpnkrnRhQIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFKkg2CLOzFMN0rQDma2OZZvLvbUEMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvcVNEWUlzN01VdzNTdEFPWnJZNWxtOHU5dFFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DAkBAIAATAeAwQBLY7S
AwQALZeLAwQCU6vwAwQAVDYkAwQAwnFpMIG/BAIAAjCBuAMFAyoG2QADBgQqCTUF
kAMFAyoJOwADBQMqCT0AMBADBgQqCU4BMAMGBSoJTgFAAwYEKglOAZADBQMqCbaA
AwUDKgzowAMFAyoNXsADBgQqD8yHAAMFAyoQwMADBQMqEMNAAwYEKhECAAADBgUq
EQIAQDAQAwYEKhECAHADBgQqEQIAgAMGBCoRAgCgMA4DBQAqEQIBAwUAKhECAgMF
AyoRB4ADBQMqEQuAAwUAKhEOggMFACoRrwEwDQYJKoZIhvcNAQELBQADggEBAE69
eyZwhf7CnkbriN6qtlu5y4C5lEXgerR85SGFEeJiJNEA/IIV9kO7ClPDA7ppmv+l
DEZmq4NKeEhsjVRLFKJKDKZdh8SiR2SeE/ytd7ahbx2E4QxSueKyATWdAFlq2qar
0q5eb/+PT7WZ/tboqyfw8XbiTwzi3gR9TaAKFBt0cKKC3pMKgv1puWOo45Je2CFU
5UW+4qLAB0ivyd9UOTthxFxljhur3Ng2Md+LUhVByr/FnP0ucp3st10cTMiOMpx2
LvBNEznamJSP2sbrdknIIYZdAQe2N9NX5bp0+D7iLa/EUgvnMMXOaJn3QD8WNddv
zwyZt263DX00mZmdmtI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org