Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/9TdP2I2cBoe3ttijD1a_qzwW4q0.roa
File: 9TdP2I2cBoe3ttijD1a_qzwW4q0.roa (raw, json)
Hash identifier: U77OiDL9mUlufEz/0BzfunLmYvvGRsC/zfcbnPU4JVo=
Subject key identifier: F5:37:4F:D8:8D:9C:06:87:B7:B6:D8:A3:0F:56:BF:AB:3C:16:E2:AD
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018DF928AC5EF1B151DE7D87501FF884EEB5
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/9TdP2I2cBoe3ttijD1a_qzwW4q0.roa
Signing time: Fri 01 Mar 2024 08:36:48 +0000
ROA not before: Fri 01 Mar 2024 08:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 45.140.214.0/24 maxlen: 24
45.142.204.0/24 maxlen: 24
45.142.206.0/24 maxlen: 24
45.144.156.0/24 maxlen: 24
45.144.158.0/24 maxlen: 24
45.145.249.0/24 maxlen: 24
45.150.93.0/24 maxlen: 24
45.154.137.0/24 maxlen: 24
45.157.112.0/24 maxlen: 24
89.251.0.0/24 maxlen: 24
89.251.2.0/24 maxlen: 24
2a07:e343::/32 maxlen: 32
2a0f:e381::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 11 Mar 2024 07:58:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:28:ac:5e:f1:b1:51:de:7d:87:50:1f:f8:84:ee:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Mar 1 08:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5374fd88d9c0687b7b6d8a30f56bfab3c16e2ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:07:4c:65:e8:ba:21:84:68:42:87:d4:a6:2e:
3b:5b:18:b6:8f:42:e3:7c:19:7c:0e:7e:4c:c5:d3:
36:e7:31:14:5f:dc:2f:d5:16:aa:e3:34:73:e6:5e:
cd:a7:ad:0a:49:23:a9:15:22:4e:0c:09:10:30:36:
0c:bc:0a:af:06:9b:b6:9e:44:9b:23:97:fd:2c:24:
a5:4d:32:96:f7:9e:a6:4c:82:ca:fb:80:a6:42:5d:
c8:f5:44:58:4f:82:ca:cb:48:fa:4f:52:90:c9:40:
73:1c:99:cb:98:44:77:60:19:aa:ec:3c:42:94:68:
7b:58:31:37:59:06:7b:01:b8:5e:d0:5f:db:a8:b4:
c8:6e:ee:20:32:68:9e:6d:0b:1a:0a:53:67:58:0f:
47:d8:9f:c3:40:89:5b:83:f2:9a:b1:55:0d:a3:a2:
76:d3:88:32:18:45:eb:b5:22:a4:d8:0c:cb:8e:00:
da:b6:7b:f2:93:8a:87:d6:3a:31:7e:cf:32:45:90:
45:88:cd:14:78:25:19:75:7f:8b:16:0b:fe:2d:c0:
fc:f1:32:5e:83:2b:33:8e:20:79:5f:85:32:c9:89:
6b:6a:c6:f6:12:72:c7:be:7b:9a:26:9c:0a:fb:c9:
81:df:23:f0:36:c1:b3:41:d7:b5:19:de:bc:2b:bc:
57:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:37:4F:D8:8D:9C:06:87:B7:B6:D8:A3:0F:56:BF:AB:3C:16:E2:AD
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/9TdP2I2cBoe3ttijD1a_qzwW4q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.214.0/24
45.142.204.0/24
45.142.206.0/24
45.144.156.0/24
45.144.158.0/24
45.145.249.0/24
45.150.93.0/24
45.154.137.0/24
45.157.112.0/24
89.251.0.0/24
89.251.2.0/24
IPv6:
2a07:e343::/32
2a0f:e381::/32
Signature Algorithm: sha256WithRSAEncryption
5d:e5:13:5a:30:27:b7:66:3e:6d:e3:ae:15:57:d0:1d:ac:48:
6a:53:94:d5:fd:6f:aa:2c:10:99:8e:9e:27:19:c0:f6:73:67:
65:12:fc:3f:0b:3b:3b:82:86:a8:dc:e3:b8:bd:f3:41:ef:b3:
af:f3:ed:68:88:f3:00:53:9a:3e:36:9d:91:3f:7e:b4:6c:c9:
69:9b:31:f2:3f:2c:c4:46:dc:b2:28:68:14:b3:ea:ef:c0:e7:
8e:83:4c:33:ee:75:7e:db:14:a5:1c:d1:ec:eb:6f:b5:e2:15:
07:d3:a0:45:9d:a2:4b:0e:d4:09:e2:d0:9b:e6:67:23:ba:ed:
af:7f:d8:aa:c5:ae:eb:ee:3d:42:6f:d1:c7:08:c4:ab:a4:a7:
4e:24:1f:36:8b:35:9d:00:0d:f0:6c:8d:29:57:40:90:3d:f1:
3b:d8:c9:7a:8c:38:3d:77:7a:38:99:f2:14:32:b9:3c:9e:bf:
ac:c3:e5:51:53:f6:a6:7c:8e:2f:84:09:81:68:d7:8f:9d:21:
2b:16:2c:46:0c:dd:0b:cf:a4:60:16:0d:e2:23:4c:04:f0:98:
65:34:25:ab:56:4b:3d:e9:37:5a:0f:22:72:06:66:dd:88:f8:
2e:39:80:19:45:eb:21:bd:cd:d8:9d:73:6d:82:2b:14:5e:57:
1e:08:d1:2f
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAY35KKxe8bFR3n2HUB/4hO61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMzAxMDgzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTM3NGZkODhkOWMwNjg3YjdiNmQ4YTMwZjU2YmZhYjNjMTZlMmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQdMZei6IYRoQofUpi47Wxi2j0Lj
fBl8Dn5MxdM25zEUX9wv1Raq4zRz5l7Np60KSSOpFSJODAkQMDYMvAqvBpu2nkSb
I5f9LCSlTTKW956mTILK+4CmQl3I9URYT4LKy0j6T1KQyUBzHJnLmER3YBmq7DxC
lGh7WDE3WQZ7Abhe0F/bqLTIbu4gMmiebQsaClNnWA9H2J/DQIlbg/KasVUNo6J2
04gyGEXrtSKk2AzLjgDatnvyk4qH1joxfs8yRZBFiM0UeCUZdX+LFgv+LcD88TJe
gyszjiB5X4UyyYlrasb2EnLHvnuaJpwK+8mB3yPwNsGzQde1Gd68K7xXFQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFPU3T9iNnAaHt7bYow9Wv6s8FuKtMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvOVRkUDJJMmNCb2UzdHRpakQxYV9xendXNHEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQALYzWAwQA
LY7MAwQALY7OAwQALZCcAwQALZCeAwQALZH5AwQALZZdAwQALZqJAwQALZ1wAwQA
WfsAAwQAWfsCMBQEAgACMA4DBQAqB+NDAwUAKg/jgTANBgkqhkiG9w0BAQsFAAOC
AQEAXeUTWjAnt2Y+beOuFVfQHaxIalOU1f1vqiwQmY6eJxnA9nNnZRL8Pws7O4KG
qNzjuL3zQe+zr/PtaIjzAFOaPjadkT9+tGzJaZsx8j8sxEbcsihoFLPq78DnjoNM
M+51ftsUpRzR7OtvteIVB9OgRZ2iSw7UCeLQm+ZnI7rtr3/YqsWu6+49Qm/RxwjE
q6SnTiQfNos1nQAN8GyNKVdAkD3xO9jJeow4PXd6OJnyFDK5PJ6/rMPlUVP2pnyO
L4QJgWjXj50hKxYsRgzdC8+kYBYN4iNMBPCYZTQlq1ZLPek3Wg8icgZm3Yj4LjmA
GUXrIb3N2J1zbYIrFF5XHgjRLw==
-----END CERTIFICATE-----
Generated at Mon Mar 11 11:55:59 2024 by rpki-client on console-fra.rpki-client.org