Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/4a0LoZ-p5dUvxTZBRfSZSSeg8bc.roa
File: 4a0LoZ-p5dUvxTZBRfSZSSeg8bc.roa (raw, json)
Hash identifier: gHDGp+KU+I0V5kfA5Hg2xIAjIzq8p6jZIL6jAGps7Lk=
Subject key identifier: E1:AD:0B:A1:9F:A9:E5:D5:2F:C5:36:41:45:F4:99:49:27:A0:F1:B7
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 018E85460F9473169D4900D203FACD8686AC
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/4a0LoZ-p5dUvxTZBRfSZSSeg8bc.roa
Signing time: Thu 28 Mar 2024 13:35:44 +0000
ROA not before: Thu 28 Mar 2024 13:35:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 45.67.228.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.230.0/24 maxlen: 24
45.67.231.0/24 maxlen: 24
45.120.176.0/22 maxlen: 24
62.3.12.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
74.119.193.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.206.0/24 maxlen: 24
86.104.72.0/22 maxlen: 24
89.221.224.0/24 maxlen: 24
89.221.225.0/24 maxlen: 24
91.194.161.0/24 maxlen: 24
91.225.217.0/24 maxlen: 24
91.225.218.0/24 maxlen: 24
91.225.219.0/24 maxlen: 24
103.35.188.0/22 maxlen: 24
103.106.0.0/22 maxlen: 24
103.113.68.0/22 maxlen: 24
176.120.64.0/22 maxlen: 24
176.120.64.0/24 maxlen: 24
176.120.72.0/22 maxlen: 24
185.234.64.0/22 maxlen: 24
185.235.240.0/22 maxlen: 24
185.236.232.0/22 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.85.0/24 maxlen: 24
185.242.86.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
185.250.149.0/24 maxlen: 24
185.250.150.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
193.203.202.0/24 maxlen: 24
194.246.114.0/24 maxlen: 24
194.246.115.0/24 maxlen: 24
195.149.87.0/24 maxlen: 24
2a09:7c40::/32 maxlen: 32
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
2a09:7c43::/32 maxlen: 32
2a09:7c44::/32 maxlen: 32
2a09:7c45::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
2a09:7c47::/32 maxlen: 32
2a11:3805::/32 maxlen: 32
2a11:3c02::/32 maxlen: 32
2a11:3c03::/32 maxlen: 32
2a14:2d80::/32 maxlen: 32
2a14:2d81::/32 maxlen: 32
2a14:2d82::/32 maxlen: 32
2a14:2e80::/32 maxlen: 32
2a14:2f80::/32 maxlen: 32
2a14:3080::/32 maxlen: 32
2a14:3880::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 10 Apr 2024 05:28:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:85:46:0f:94:73:16:9d:49:00:d2:03:fa:cd:86:86:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Mar 28 13:35:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1ad0ba19fa9e5d52fc5364145f4994927a0f1b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3c:5b:b3:91:93:12:95:fa:86:ec:f1:ed:b1:
27:9e:3d:e5:78:41:cc:36:96:17:73:75:c7:46:1f:
79:c4:eb:18:80:b5:9e:96:b6:cb:8e:cd:a7:6f:e9:
2d:ba:3e:fe:6f:f6:e1:f5:82:7d:e9:e4:fa:2d:21:
a2:e6:3c:1a:9f:e3:8e:a0:f1:1a:96:6d:cc:53:67:
86:73:7a:2a:32:9e:7d:02:51:8e:5c:31:79:a0:aa:
16:94:a1:b3:e2:fd:76:f8:41:0b:20:cf:ed:d1:c1:
6d:58:77:6f:0c:70:4e:a8:a9:4b:a1:11:67:99:d0:
05:ce:a3:17:5d:1f:9a:b3:af:4e:e5:37:99:56:8a:
cb:60:c7:7a:f3:d9:99:bd:42:84:e0:57:aa:25:e9:
f0:6d:66:35:70:19:02:4f:20:7c:dc:06:e8:a3:53:
fd:ff:92:ba:1c:b9:90:0e:77:35:c1:23:b3:90:ec:
31:a6:a9:85:c4:ae:53:25:25:17:66:f9:17:f8:37:
df:74:e3:04:01:06:91:a9:76:81:15:71:92:f7:5f:
ce:90:38:02:60:49:71:b7:53:50:f5:b8:1a:35:74:
5f:d0:da:32:52:0a:87:55:cc:4c:db:bf:e4:0c:10:
15:21:18:2c:c1:7d:2d:6c:b7:18:2f:99:ef:be:b9:
9c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:AD:0B:A1:9F:A9:E5:D5:2F:C5:36:41:45:F4:99:49:27:A0:F1:B7
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/4a0LoZ-p5dUvxTZBRfSZSSeg8bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.228.0/22
45.120.176.0/22
62.3.12.0/24
74.119.192.0/22
80.92.204.0-80.92.206.255
86.104.72.0/22
89.221.224.0/23
91.194.161.0/24
91.225.217.0-91.225.219.255
103.35.188.0/22
103.106.0.0/22
103.113.68.0/22
176.120.64.0/22
176.120.72.0/22
185.234.64.0/22
185.235.240.0/22
185.236.232.0/22
185.242.84.0/22
185.250.148.0/22
193.203.202.0/24
194.246.114.0/23
195.149.87.0/24
IPv6:
2a09:7c40::/29
2a11:3805::/32
2a11:3c02::/31
2a14:2d80::-2a14:2d82:ffff:ffff:ffff:ffff:ffff:ffff
2a14:2e80::/32
2a14:2f80::/32
2a14:3080::/32
2a14:3880::/32
Signature Algorithm: sha256WithRSAEncryption
68:d8:21:e4:71:b0:21:80:65:55:1b:28:14:43:1c:1b:a9:db:
cb:eb:1a:2c:8a:ba:a2:f3:5a:c4:53:e5:e0:1d:aa:4d:77:b1:
84:d9:56:0b:d3:64:c4:0f:a3:02:67:42:e3:55:d4:c8:73:60:
57:f1:eb:b4:6f:bd:06:9d:75:3f:2b:44:a6:76:04:58:a0:4f:
f3:44:f6:0f:8c:ec:9d:4b:56:9a:07:b2:e8:ee:31:e2:ca:4f:
96:37:54:5f:d7:91:4d:ad:89:a6:ff:1e:48:c2:21:4d:01:d5:
46:4c:b9:56:40:3e:13:3c:cf:7f:3b:b6:0f:76:6d:45:37:e5:
e3:27:5e:58:6a:04:85:7c:31:02:6f:b4:f8:13:aa:87:12:74:
00:9e:28:99:55:4b:dc:92:9a:0a:fa:57:d5:11:48:92:32:bf:
7e:5a:33:7a:1f:c5:5b:4a:cc:2f:22:26:4e:3b:8c:2e:3a:d6:
0c:b6:5b:17:d3:64:16:b5:8b:9a:33:c2:db:38:d2:7b:c7:b6:
59:ae:bf:4a:38:6e:c6:13:70:d0:b6:82:2b:cb:26:7c:88:5d:
8b:3c:01:1d:1a:fe:93:25:06:ab:2a:25:4c:6a:1a:cb:e6:fb:
22:7c:ab:5b:2a:25:05:e9:90:82:21:24:c6:a8:e3:3f:7b:fd:
21:90:08:0b
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgISAY6FRg+UcxadSQDSA/rNhoasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjQwMzI4MTMzNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWFkMGJhMTlmYTllNWQ1MmZjNTM2NDE0NWY0OTk0OTI3YTBmMWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTxbs5GTEpX6huzx7bEnnj3leEHM
NpYXc3XHRh95xOsYgLWelrbLjs2nb+ktuj7+b/bh9YJ96eT6LSGi5jwan+OOoPEa
lm3MU2eGc3oqMp59AlGOXDF5oKoWlKGz4v12+EELIM/t0cFtWHdvDHBOqKlLoRFn
mdAFzqMXXR+as69O5TeZVorLYMd689mZvUKE4FeqJenwbWY1cBkCTyB83Aboo1P9
/5K6HLmQDnc1wSOzkOwxpqmFxK5TJSUXZvkX+DffdOMEAQaRqXaBFXGS91/OkDgC
YElxt1NQ9bgaNXRf0NoyUgqHVcxM27/kDBAVIRgswX0tbLcYL5nvvrmcpQIDAQAB
o4IC5TCCAuEwHQYDVR0OBBYEFOGtC6GfqeXVL8U2QUX0mUknoPG3MB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvNGEwTG9aLXA1ZFV2eFRaQlJmU1pTU2VnOGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH6BggrBgEFBQcBBwEB/wSB6jCB5zCBmwQCAAEwgZQDBAIt
Q+QDBAIteLADBAA+AwwDBAJKd8AwDAMEAlBczAMEAFBczgMEAlZoSAMEAVnd4AME
AFvCoTAMAwQAW+HZAwQCW+HYAwQCZyO8AwQCZ2oAAwQCZ3FEAwQCsHhAAwQCsHhI
AwQCuepAAwQCuevwAwQCuezoAwQCufJUAwQCufqUAwQAwcvKAwQBwvZyAwQAw5VX
MEcEAgACMEEDBQMqCXxAAwUAKhE4BQMFASoRPAIwDgMFByoULYADBQAqFC2CAwUA
KhQugAMFACoUL4ADBQAqFDCAAwUAKhQ4gDANBgkqhkiG9w0BAQsFAAOCAQEAaNgh
5HGwIYBlVRsoFEMcG6nby+saLIq6ovNaxFPl4B2qTXexhNlWC9NkxA+jAmdC41XU
yHNgV/HrtG+9Bp11PytEpnYEWKBP80T2D4zsnUtWmgey6O4x4spPljdUX9eRTa2J
pv8eSMIhTQHVRky5VkA+EzzPfzu2D3ZtRTfl4ydeWGoEhXwxAm+0+BOqhxJ0AJ4o
mVVL3JKaCvpX1RFIkjK/flozeh/FW0rMLyImTjuMLjrWDLZbF9NkFrWLmjPC2zjS
e8e2Wa6/SjhuxhNw0LaCK8smfIhdizwBHRr+kyUGqyolTGoay+b7InyrWyolBemQ
giEkxqjjP3v9IZAICw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:06 2024 by rpki-client on console-fra.rpki-client.org