Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/Gp4d8q0RgkiQ_rwVZn8sftcYfKg.roa
File: Gp4d8q0RgkiQ_rwVZn8sftcYfKg.roa (raw, json)
Hash identifier: mE2F/YEJMQuMG8iEavRQUsqdJdCl9n7ZBp3LSh8yPig=
Subject key identifier: 1A:9E:1D:F2:AD:11:82:48:90:FE:BC:15:66:7F:2C:7E:D7:18:7C:A8
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 018C7FBF81B48A7E225D79C161A60D6B1E51
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/Gp4d8q0RgkiQ_rwVZn8sftcYfKg.roa
Signing time: Tue 19 Dec 2023 01:45:06 +0000
ROA not before: Tue 19 Dec 2023 01:45:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 45.120.176.0/22 maxlen: 24
195.149.87.0/24 maxlen: 24
89.221.225.0/24 maxlen: 24
89.221.224.0/24 maxlen: 24
91.194.161.0/24 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.85.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.242.86.0/24 maxlen: 24
103.106.0.0/22 maxlen: 24
185.250.150.0/24 maxlen: 24
185.250.149.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
103.35.188.0/22 maxlen: 24
193.203.202.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
80.92.206.0/24 maxlen: 24
91.225.218.0/24 maxlen: 24
91.225.217.0/24 maxlen: 24
91.225.219.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
74.119.193.0/24 maxlen: 24
176.120.64.0/24 maxlen: 24
176.120.64.0/22 maxlen: 24
176.120.72.0/22 maxlen: 24
103.113.68.0/22 maxlen: 24
45.67.231.0/24 maxlen: 24
45.67.230.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.228.0/24 maxlen: 24
194.246.115.0/24 maxlen: 24
194.246.114.0/24 maxlen: 24
2a09:7c44::/32 maxlen: 32
2a09:7c45::/32 maxlen: 32
2a09:7c47::/32 maxlen: 32
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
2a09:7c43::/32 maxlen: 32
2a09:7c40::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7f:bf:81:b4:8a:7e:22:5d:79:c1:61:a6:0d:6b:1e:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Dec 19 01:45:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a9e1df2ad11824890febc15667f2c7ed7187ca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:99:1d:cd:0d:5b:31:64:c3:b8:55:ee:8d:46:
db:c7:93:17:cd:36:88:1e:3a:ac:4b:a8:e5:9f:e8:
71:2c:4d:89:0d:e9:b8:cf:be:9d:fb:b0:84:8c:b1:
bb:76:a2:44:8e:fd:12:eb:11:59:7b:45:36:9a:31:
db:79:bd:11:ae:68:78:40:1d:df:c4:0e:9e:de:9f:
41:50:3b:43:a3:c2:51:16:e2:35:74:8e:7f:32:81:
d0:95:bb:57:d2:8b:12:d4:81:9e:56:f5:f4:d5:0e:
71:d3:e4:2b:1f:52:45:28:89:97:92:ec:fc:ef:90:
fc:54:9e:ed:7e:2a:fe:15:9f:6d:0a:d7:d9:b5:7e:
88:aa:80:92:9f:61:05:fe:7b:52:e8:4c:6b:a6:29:
ac:aa:09:3f:2e:46:5d:bb:78:5d:87:40:eb:4b:19:
48:39:f0:df:80:6c:0b:35:7c:31:5a:1a:4f:98:62:
71:fd:99:8a:d4:54:7e:b2:47:37:b7:99:db:df:9e:
01:8e:55:ee:79:71:61:08:d0:54:d3:b8:54:6c:f9:
17:2d:be:6f:fb:4a:0a:aa:84:58:98:bb:88:1e:60:
33:0d:fe:da:68:3d:3e:86:2e:18:f4:95:4c:02:dc:
31:da:d0:7d:7f:c9:67:75:2c:2c:0f:be:b4:81:87:
1a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:9E:1D:F2:AD:11:82:48:90:FE:BC:15:66:7F:2C:7E:D7:18:7C:A8
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/Gp4d8q0RgkiQ_rwVZn8sftcYfKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.228.0/22
45.120.176.0/22
74.119.192.0/22
80.92.204.0-80.92.206.255
89.221.224.0/23
91.194.161.0/24
91.225.217.0-91.225.219.255
103.35.188.0/22
103.106.0.0/22
103.113.68.0/22
176.120.64.0/22
176.120.72.0/22
185.242.84.0/22
185.250.148.0/22
193.203.202.0/24
194.246.114.0/23
195.149.87.0/24
IPv6:
2a09:7c40::/29
Signature Algorithm: sha256WithRSAEncryption
75:02:3d:0b:f9:e0:e6:f5:71:ff:68:e2:12:c7:05:bd:e3:54:
ed:62:14:7d:1e:82:58:20:b3:03:27:ca:c8:8d:61:0a:b0:a5:
ae:26:46:6a:13:fa:4a:98:47:e7:7c:6f:0e:d2:88:f2:c2:be:
a6:ce:34:3f:b4:9a:20:a9:1d:bd:90:cb:9d:d4:82:44:bd:65:
1c:fa:8b:5b:58:64:0e:d3:45:f6:c4:f3:b2:3d:41:38:7a:b4:
7e:12:86:1e:29:94:55:08:5a:c0:65:94:bf:25:36:a0:5f:2e:
e0:e3:52:ce:c8:87:68:c4:4b:24:d2:f3:de:19:00:9e:16:1b:
c4:20:bc:43:05:dc:a9:ee:72:34:e0:0f:8c:7c:9d:11:42:0f:
12:45:6f:95:64:b5:1f:9d:9a:c7:d5:44:43:c6:d9:46:4b:41:
44:31:03:37:76:9b:17:dd:6f:70:ac:e5:09:66:b2:5e:53:20:
8f:ef:66:e8:55:7f:aa:27:73:f5:aa:f1:47:d6:ab:b5:84:89:
41:11:4e:74:79:ae:53:24:62:9a:1e:2b:fd:c2:a0:02:72:d1:
69:0a:2f:d7:8d:44:58:a7:65:1b:c5:32:19:a0:04:2c:4a:99:
29:51:52:76:78:a6:0f:6f:4c:2f:fb:36:bf:03:05:66:01:bf:
15:24:71:07
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYx/v4G0in4iXXnBYaYNax5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjMxMjE5MDE0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTllMWRmMmFkMTE4MjQ4OTBmZWJjMTU2NjdmMmM3ZWQ3MTg3Y2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5kdzQ1bMWTDuFXujUbbx5MXzTaI
HjqsS6jln+hxLE2JDem4z76d+7CEjLG7dqJEjv0S6xFZe0U2mjHbeb0Rrmh4QB3f
xA6e3p9BUDtDo8JRFuI1dI5/MoHQlbtX0osS1IGeVvX01Q5x0+QrH1JFKImXkuz8
75D8VJ7tfir+FZ9tCtfZtX6IqoCSn2EF/ntS6Exrpimsqgk/LkZdu3hdh0DrSxlI
OfDfgGwLNXwxWhpPmGJx/ZmK1FR+skc3t5nb354BjlXueXFhCNBU07hUbPkXLb5v
+0oKqoRYmLuIHmAzDf7aaD0+hi4Y9JVMAtwx2tB9f8lndSwsD760gYcaBwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFBqeHfKtEYJIkP68FWZ/LH7XGHyoMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvR3A0ZDhxMFJna2lRX3J3VlpuOHNmdGNZZktnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2AwQCLUPk
AwQCLXiwAwQCSnfAMAwDBAJQXMwDBABQXM4DBAFZ3eADBABbwqEwDAMEAFvh2QME
Alvh2AMEAmcjvAMEAmdqAAMEAmdxRAMEArB4QAMEArB4SAMEArnyVAMEArn6lAME
AMHLygMEAcL2cgMEAMOVVzANBAIAAjAHAwUDKgl8QDANBgkqhkiG9w0BAQsFAAOC
AQEAdQI9C/ng5vVx/2jiEscFveNU7WIUfR6CWCCzAyfKyI1hCrClriZGahP6SphH
53xvDtKI8sK+ps40P7SaIKkdvZDLndSCRL1lHPqLW1hkDtNF9sTzsj1BOHq0fhKG
HimUVQhawGWUvyU2oF8u4ONSzsiHaMRLJNLz3hkAnhYbxCC8QwXcqe5yNOAPjHyd
EUIPEkVvlWS1H52ax9VEQ8bZRktBRDEDN3abF91vcKzlCWayXlMgj+9m6FV/qidz
9arxR9artYSJQRFOdHmuUyRimh4r/cKgAnLRaQov141EWKdlG8UyGaAELEqZKVFS
dnimD29ML/s2vwMFZgG/FSRxBw==
-----END CERTIFICATE-----
Generated at Tue Dec 19 11:05:18 2023 by rpki-client on console-fra.rpki-client.org