Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/sofdzni4FHQznUziGgZGE0_FFjo.roa
File: sofdzni4FHQznUziGgZGE0_FFjo.roa (raw, json)
Hash identifier: +PelxB4jXgFI7auCb/pB3Q/FRnrsTiUlGs96hkDkSEo=
Subject key identifier: B2:87:DD:CE:78:B8:14:74:33:9D:4C:E2:1A:06:46:13:4F:C5:16:3A
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 018E3E452ECBF2F95DA6F43E39D3CE4BF02D
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/sofdzni4FHQznUziGgZGE0_FFjo.roa
Signing time: Thu 14 Mar 2024 18:41:44 +0000
ROA not before: Thu 14 Mar 2024 18:41:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 45.67.228.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.230.0/24 maxlen: 24
45.67.231.0/24 maxlen: 24
45.120.176.0/22 maxlen: 24
62.3.12.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
74.119.193.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.206.0/24 maxlen: 24
89.221.224.0/24 maxlen: 24
89.221.225.0/24 maxlen: 24
91.194.161.0/24 maxlen: 24
91.225.217.0/24 maxlen: 24
91.225.218.0/24 maxlen: 24
91.225.219.0/24 maxlen: 24
103.35.188.0/22 maxlen: 24
103.106.0.0/22 maxlen: 24
103.113.68.0/22 maxlen: 24
176.120.64.0/22 maxlen: 24
176.120.64.0/24 maxlen: 24
176.120.72.0/22 maxlen: 24
185.234.64.0/22 maxlen: 24
185.235.240.0/22 maxlen: 24
185.236.232.0/22 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.85.0/24 maxlen: 24
185.242.86.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
185.250.149.0/24 maxlen: 24
185.250.150.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
193.203.202.0/24 maxlen: 24
194.246.114.0/24 maxlen: 24
194.246.115.0/24 maxlen: 24
195.149.87.0/24 maxlen: 24
2a09:7c40::/32 maxlen: 32
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
2a09:7c43::/32 maxlen: 32
2a09:7c44::/32 maxlen: 32
2a09:7c45::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
2a09:7c47::/32 maxlen: 32
2a11:3c02::/32 maxlen: 32
2a11:3c03::/32 maxlen: 32
2a14:2d80::/32 maxlen: 32
2a14:2d81::/32 maxlen: 32
2a14:2d82::/32 maxlen: 32
2a14:2e80::/32 maxlen: 32
2a14:2f80::/32 maxlen: 32
2a14:3080::/32 maxlen: 32
2a14:3880::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 15 Mar 2024 12:28:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3e:45:2e:cb:f2:f9:5d:a6:f4:3e:39:d3:ce:4b:f0:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Mar 14 18:41:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b287ddce78b81474339d4ce21a0646134fc5163a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5e:6c:ba:b2:80:9a:c4:fc:ef:fd:ac:5e:12:
08:20:92:b7:82:aa:1b:c1:33:76:60:e5:c6:7d:26:
57:9f:b2:9d:89:cd:d0:d0:23:cd:e9:a3:b7:73:3b:
24:1d:ca:da:6f:64:d7:89:74:ec:aa:a0:4d:78:a7:
0e:5d:3d:ad:2b:97:fd:16:b6:03:55:25:ce:1f:d5:
28:b7:ac:3e:ce:da:8e:42:3c:ea:d5:7d:bb:69:a6:
19:d4:db:61:55:f2:ac:8c:23:5a:30:d5:52:80:3c:
26:01:bd:e7:ab:10:c1:65:42:b2:2b:eb:cf:09:8b:
db:a9:d9:6e:b9:fa:16:4c:0e:c3:00:9e:de:6f:21:
ed:a6:64:4d:0c:36:ff:b1:1b:4f:91:37:1f:f6:3a:
b2:51:0d:5e:ad:32:95:e0:9a:f9:53:91:d7:ee:6b:
c0:09:60:0c:4b:b2:50:f2:10:e8:1b:55:ca:e0:c3:
4e:20:7c:52:76:01:81:a6:54:96:ad:ac:84:6e:31:
6c:92:94:10:7a:ba:2d:d0:b3:0d:47:c0:05:a5:89:
11:05:8c:7d:c1:d4:27:13:51:ee:2a:38:08:c1:50:
8f:4a:bd:61:2c:68:93:2b:05:56:18:63:f8:34:17:
d8:a8:79:64:59:7a:c7:d7:75:0a:f8:cb:0c:fb:f0:
e7:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:87:DD:CE:78:B8:14:74:33:9D:4C:E2:1A:06:46:13:4F:C5:16:3A
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/sofdzni4FHQznUziGgZGE0_FFjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.228.0/22
45.120.176.0/22
62.3.12.0/24
74.119.192.0/22
80.92.204.0-80.92.206.255
89.221.224.0/23
91.194.161.0/24
91.225.217.0-91.225.219.255
103.35.188.0/22
103.106.0.0/22
103.113.68.0/22
176.120.64.0/22
176.120.72.0/22
185.234.64.0/22
185.235.240.0/22
185.236.232.0/22
185.242.84.0/22
185.250.148.0/22
193.203.202.0/24
194.246.114.0/23
195.149.87.0/24
IPv6:
2a09:7c40::/29
2a11:3c02::/31
2a14:2d80::-2a14:2d82:ffff:ffff:ffff:ffff:ffff:ffff
2a14:2e80::/32
2a14:2f80::/32
2a14:3080::/32
2a14:3880::/32
Signature Algorithm: sha256WithRSAEncryption
68:ac:ed:ca:16:29:29:17:6f:92:39:51:3f:d2:80:09:2d:b0:
56:58:7b:dc:f1:53:32:b3:e4:ad:bd:0a:b6:4a:3e:77:82:e1:
e3:c4:ed:72:77:77:4f:5d:be:56:8b:81:49:72:84:27:f1:f1:
48:da:fb:cb:f3:cd:29:e1:e5:47:b0:8c:6c:4e:d4:56:78:11:
c1:bb:b4:5a:ca:1f:da:14:b6:58:e9:36:45:52:59:68:1e:40:
50:3f:a8:cd:c1:5d:73:c1:25:82:6e:52:cb:00:39:24:33:2f:
4a:8a:f0:c8:a1:98:b4:ba:4b:5f:71:c6:e6:ab:4c:91:32:bd:
52:0b:62:82:07:0f:41:96:4b:f3:66:39:9d:7b:7e:6d:24:ac:
30:fb:09:15:20:43:c9:64:51:ce:63:63:89:10:e0:f1:51:6d:
96:1e:58:61:1f:b4:b2:08:3b:c2:3d:e9:b7:99:7b:8f:d2:be:
d4:ff:16:fc:2f:fc:ec:75:8a:2a:34:eb:db:e5:82:23:66:61:
36:10:d1:26:04:0a:8b:90:f1:62:46:8d:dd:9f:4e:6a:9f:95:
5c:ee:bc:73:09:92:21:e3:60:de:a1:ce:d2:a2:4c:5a:c6:94:
2a:f4:9c:7a:e8:31:d4:c4:64:db:c6:27:f8:bc:a1:7e:e2:4f:
42:af:70:fe
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAY4+RS7L8vldpvQ+OdPOS/AtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjQwMzE0MTg0MTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjg3ZGRjZTc4YjgxNDc0MzM5ZDRjZTIxYTA2NDYxMzRmYzUxNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoF5surKAmsT87/2sXhIIIJK3gqob
wTN2YOXGfSZXn7Kdic3Q0CPN6aO3czskHcrab2TXiXTsqqBNeKcOXT2tK5f9FrYD
VSXOH9Uot6w+ztqOQjzq1X27aaYZ1NthVfKsjCNaMNVSgDwmAb3nqxDBZUKyK+vP
CYvbqdluufoWTA7DAJ7ebyHtpmRNDDb/sRtPkTcf9jqyUQ1erTKV4Jr5U5HX7mvA
CWAMS7JQ8hDoG1XK4MNOIHxSdgGBplSWrayEbjFskpQQerot0LMNR8AFpYkRBYx9
wdQnE1HuKjgIwVCPSr1hLGiTKwVWGGP4NBfYqHlkWXrH13UK+MsM+/DnsQIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFLKH3c54uBR0M51M4hoGRhNPxRY6MB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvc29mZHpuaTRGSFF6blV6aUdnWkdFMF9GRmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCBlQQCAAEwgY4DBAIt
Q+QDBAIteLADBAA+AwwDBAJKd8AwDAMEAlBczAMEAFBczgMEAVnd4AMEAFvCoTAM
AwQAW+HZAwQCW+HYAwQCZyO8AwQCZ2oAAwQCZ3FEAwQCsHhAAwQCsHhIAwQCuepA
AwQCuevwAwQCuezoAwQCufJUAwQCufqUAwQAwcvKAwQBwvZyAwQAw5VXMEAEAgAC
MDoDBQMqCXxAAwUBKhE8AjAOAwUHKhQtgAMFACoULYIDBQAqFC6AAwUAKhQvgAMF
ACoUMIADBQAqFDiAMA0GCSqGSIb3DQEBCwUAA4IBAQBorO3KFikpF2+SOVE/0oAJ
LbBWWHvc8VMys+StvQq2Sj53guHjxO1yd3dPXb5Wi4FJcoQn8fFI2vvL880p4eVH
sIxsTtRWeBHBu7Rayh/aFLZY6TZFUlloHkBQP6jNwV1zwSWCblLLADkkMy9KivDI
oZi0uktfccbmq0yRMr1SC2KCBw9BlkvzZjmde35tJKww+wkVIEPJZFHOY2OJEODx
UW2WHlhhH7SyCDvCPem3mXuP0r7U/xb8L/zsdYoqNOvb5YIjZmE2ENEmBAqLkPFi
Ro3dn05qn5Vc7rxzCZIh42Deoc7SokxaxpQq9Jx66DHUxGTbxif4vKF+4k9Cr3D+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:06 2024 by rpki-client on console-fra.rpki-client.org