Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/4I1Ei050UReaVo9EcD-T1S2WVAk.roa
File: 4I1Ei050UReaVo9EcD-T1S2WVAk.roa (raw, json)
Hash identifier: 0msXEY45Ez0SCKTq2czvM7FVknBr7u3qjRZJLuRrQdo=
Subject key identifier: E0:8D:44:8B:4E:74:51:17:9A:56:8F:44:70:3F:93:D5:2D:96:54:09
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018FD2AA009EE9EEC19CCF6F364EA7E4CB3F
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/4I1Ei050UReaVo9EcD-T1S2WVAk.roa
Signing time: Sat 01 Jun 2024 07:18:27 +0000
ROA not before: Sat 01 Jun 2024 07:18:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 45.87.20.0/24 maxlen: 24
45.140.214.0/24 maxlen: 24
45.142.204.0/24 maxlen: 24
45.142.206.0/24 maxlen: 24
45.144.156.0/24 maxlen: 24
45.144.158.0/24 maxlen: 24
45.145.249.0/24 maxlen: 24
45.146.53.0/24 maxlen: 24
45.148.25.0/24 maxlen: 24
45.149.1.0/24 maxlen: 24
89.251.2.0/24 maxlen: 24
136.144.25.0/24 maxlen: 24
2a07:e343::/32 maxlen: 32
2a0f:e381::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 17 Jun 2024 12:43:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d2:aa:00:9e:e9:ee:c1:9c:cf:6f:36:4e:a7:e4:cb:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jun 1 07:18:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e08d448b4e7451179a568f44703f93d52d965409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:4e:1b:6c:d5:40:3b:5c:ac:7f:f4:0d:bb:4b:
8d:2b:16:8f:4d:a3:e9:d1:5f:50:5f:2f:bb:64:5f:
2b:84:ef:fc:b1:be:8e:6f:ff:ad:76:02:99:84:23:
92:44:2c:9d:0a:d4:61:48:8c:e7:8f:a0:fc:f6:7d:
dc:2f:62:77:24:5c:de:af:00:06:77:28:bf:18:70:
ae:77:eb:e5:c0:24:d1:78:ec:48:bf:2e:ad:14:9f:
85:a8:e5:eb:b0:fd:20:69:2a:47:2e:23:d6:58:50:
d8:04:77:73:47:24:94:5c:05:3e:0b:ea:0d:fc:19:
3b:07:6d:b2:ed:b0:9b:fd:92:bf:2a:86:e2:f3:2c:
fc:83:5c:d3:c9:65:00:cf:f3:12:b2:ed:17:60:be:
5d:e8:c5:91:cb:8f:79:8e:39:1f:79:e1:a0:4a:44:
a0:cf:1d:eb:df:eb:c6:ff:a0:de:b2:4b:a8:10:bb:
17:b5:b8:1f:6f:ba:cc:d1:3e:1d:11:7c:00:db:2a:
4f:84:c3:7e:6e:cf:93:08:fb:2d:0f:e6:e8:99:db:
9c:29:3c:c7:4a:ba:91:0a:4f:b7:c6:26:97:79:bf:
93:99:58:93:b0:e7:17:de:ef:90:be:d2:6f:f5:17:
13:67:d4:cc:77:69:d8:65:87:71:14:52:b3:af:40:
9b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:8D:44:8B:4E:74:51:17:9A:56:8F:44:70:3F:93:D5:2D:96:54:09
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/4I1Ei050UReaVo9EcD-T1S2WVAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.20.0/24
45.140.214.0/24
45.142.204.0/24
45.142.206.0/24
45.144.156.0/24
45.144.158.0/24
45.145.249.0/24
45.146.53.0/24
45.148.25.0/24
45.149.1.0/24
89.251.2.0/24
136.144.25.0/24
IPv6:
2a07:e343::/32
2a0f:e381::/32
Signature Algorithm: sha256WithRSAEncryption
98:0b:37:12:3f:aa:d2:93:0c:39:23:57:08:f9:c1:cd:01:5a:
67:24:6c:0d:32:44:64:51:fd:ff:7f:7d:66:4b:e2:4b:26:32:
bf:1d:41:50:08:cc:d5:62:f7:7c:97:f6:1c:f9:2b:76:c5:d8:
7f:79:a7:20:67:de:c2:38:cb:0e:1f:43:0a:a7:0a:b8:94:36:
74:e9:fb:fe:80:95:a6:30:a2:53:fb:a3:4a:6e:ae:62:d8:0d:
bb:54:be:d2:04:3e:ba:c2:02:a2:a9:2f:6d:3b:65:ce:c0:fa:
aa:9e:33:b4:5e:6b:1c:39:ce:9d:fc:51:f9:16:56:41:96:eb:
47:d9:22:89:8e:17:97:dc:f9:03:84:29:a1:23:6d:4c:0f:48:
d7:83:ff:a6:5c:80:e7:1f:34:c8:ea:65:5a:4f:07:e5:42:00:
e5:c0:4f:53:b8:d3:b6:58:85:bf:85:b0:1e:6c:d6:63:34:c3:
5c:99:5f:f0:cb:94:80:0d:59:f1:92:62:5a:d1:e9:34:02:59:
f5:eb:98:5e:1b:85:e9:51:7a:eb:ff:16:59:7f:01:ee:37:ae:
f2:72:92:14:a5:37:13:60:71:dd:9e:fc:24:af:87:20:e9:df:
e9:33:16:d5:95:e1:70:98:01:15:c9:98:8a:f2:e5:f1:83:76:
6a:4d:81:f6
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAY/SqgCe6e7BnM9vNk6n5Ms/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwNjAxMDcxODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDhkNDQ4YjRlNzQ1MTE3OWE1NjhmNDQ3MDNmOTNkNTJkOTY1NDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA404bbNVAO1ysf/QNu0uNKxaPTaPp
0V9QXy+7ZF8rhO/8sb6Ob/+tdgKZhCOSRCydCtRhSIznj6D89n3cL2J3JFzerwAG
dyi/GHCud+vlwCTReOxIvy6tFJ+FqOXrsP0gaSpHLiPWWFDYBHdzRySUXAU+C+oN
/Bk7B22y7bCb/ZK/Kobi8yz8g1zTyWUAz/MSsu0XYL5d6MWRy495jjkfeeGgSkSg
zx3r3+vG/6DeskuoELsXtbgfb7rM0T4dEXwA2ypPhMN+bs+TCPstD+bomducKTzH
SrqRCk+3xiaXeb+TmViTsOcX3u+QvtJv9RcTZ9TMd2nYZYdxFFKzr0CbGwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFOCNRItOdFEXmlaPRHA/k9UtllQJMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvNEkxRWkwNTBVUmVhVm85RWNELVQxUzJXVkFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQALVcUAwQA
LYzWAwQALY7MAwQALY7OAwQALZCcAwQALZCeAwQALZH5AwQALZI1AwQALZQZAwQA
LZUBAwQAWfsCAwQAiJAZMBQEAgACMA4DBQAqB+NDAwUAKg/jgTANBgkqhkiG9w0B
AQsFAAOCAQEAmAs3Ej+q0pMMOSNXCPnBzQFaZyRsDTJEZFH9/399ZkviSyYyvx1B
UAjM1WL3fJf2HPkrdsXYf3mnIGfewjjLDh9DCqcKuJQ2dOn7/oCVpjCiU/ujSm6u
YtgNu1S+0gQ+usICoqkvbTtlzsD6qp4ztF5rHDnOnfxR+RZWQZbrR9kiiY4Xl9z5
A4QpoSNtTA9I14P/plyA5x80yOplWk8H5UIA5cBPU7jTtliFv4WwHmzWYzTDXJlf
8MuUgA1Z8ZJiWtHpNAJZ9euYXhuF6VF66/8WWX8B7jeu8nKSFKU3E2Bx3Z78JK+H
IOnf6TMW1ZXhcJgBFcmYivLl8YN2ak2B9g==
-----END CERTIFICATE-----
Generated at Mon Jun 17 17:17:09 2024 by rpki-client on console-ams.rpki-client.org