Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Cqm4pCS9XwyfA7k_LDKu3IxI_cs.roa
File: Cqm4pCS9XwyfA7k_LDKu3IxI_cs.roa (raw, json)
Hash identifier: /4LaUNS0WctPM935DAt5omvrAckE78PwQsR7oHLDv6E=
Subject key identifier: 0A:A9:B8:A4:24:BD:5F:0C:9F:03:B9:3F:2C:32:AE:DC:8C:48:FD:CB
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FB2C7B41A8617BF2F25C185E98869
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Cqm4pCS9XwyfA7k_LDKu3IxI_cs.roa
Signing time: Tue 02 Jan 2024 04:30:12 +0000
ROA not before: Tue 02 Jan 2024 04:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206092
IP address blocks: 45.92.229.0/24 maxlen: 24
45.86.202.0/24 maxlen: 24
45.86.200.0/24 maxlen: 24
136.144.17.0/24 maxlen: 24
193.37.33.0/24 maxlen: 24
193.37.32.0/24 maxlen: 24
136.144.19.0/24 maxlen: 24
194.5.48.0/24 maxlen: 24
136.144.33.0/24 maxlen: 24
194.5.53.0/24 maxlen: 24
136.144.42.0/24 maxlen: 24
194.34.173.0/24 maxlen: 24
45.84.216.0/24 maxlen: 24
193.36.224.0/24 maxlen: 24
193.36.225.0/24 maxlen: 24
45.95.243.0/24 maxlen: 24
193.176.211.0/24 maxlen: 24
45.154.138.0/24 maxlen: 24
45.146.54.0/24 maxlen: 24
2a0f:e386::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 18 Apr 2024 11:07:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:b2:c7:b4:1a:86:17:bf:2f:25:c1:85:e9:88:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0aa9b8a424bd5f0c9f03b93f2c32aedc8c48fdcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6f:56:05:33:83:9b:9a:de:54:c0:e4:b9:eb:
07:cf:77:d2:80:21:5d:95:a8:8f:56:3c:aa:f1:94:
1e:cf:1e:f7:81:b8:53:14:82:81:aa:aa:6b:79:18:
09:3a:27:a3:a7:86:b7:0b:76:81:4d:3c:7d:ec:c8:
12:95:49:11:22:6c:46:00:51:1a:ec:da:2a:b1:3f:
66:b2:85:8b:3f:86:bd:ee:b2:9d:97:50:a1:62:34:
11:b3:ad:0c:13:ae:21:d2:c6:ae:e1:eb:90:c2:14:
ca:dd:45:a8:87:d2:e1:c2:a6:86:07:6f:cf:9b:fe:
c2:f4:49:b5:e4:46:b5:b8:45:16:08:3a:06:cb:de:
2e:3a:fc:16:2f:1d:20:33:da:6e:cc:42:a9:ee:49:
71:d1:be:f1:0b:e7:b4:56:9d:b2:b1:77:0e:7a:40:
b7:9e:aa:bc:2f:e2:a6:7f:12:ec:7a:5b:8d:fb:0f:
a2:f0:4d:e9:c5:9f:9c:93:f2:45:d4:a8:9a:09:b9:
7b:27:af:0c:db:b0:49:75:f5:8c:95:d7:56:2f:ef:
11:54:0d:c9:4f:aa:42:7d:cc:e0:8d:07:f0:3a:f2:
ee:a1:70:1c:07:1d:32:cd:ff:d3:d1:c8:c6:1a:63:
f1:c7:99:59:eb:1a:e7:35:63:f7:77:86:42:bf:3d:
88:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A9:B8:A4:24:BD:5F:0C:9F:03:B9:3F:2C:32:AE:DC:8C:48:FD:CB
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Cqm4pCS9XwyfA7k_LDKu3IxI_cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.216.0/24
45.86.200.0/24
45.86.202.0/24
45.92.229.0/24
45.95.243.0/24
45.146.54.0/24
45.154.138.0/24
136.144.17.0/24
136.144.19.0/24
136.144.33.0/24
136.144.42.0/24
193.36.224.0/23
193.37.32.0/23
193.176.211.0/24
194.5.48.0/24
194.5.53.0/24
194.34.173.0/24
IPv6:
2a0f:e386::/32
Signature Algorithm: sha256WithRSAEncryption
bb:48:71:ae:30:2a:0f:9a:49:4f:ef:80:fd:82:e1:00:c2:6c:
07:e2:95:ea:2e:c7:a0:df:ac:74:8b:5e:e2:8c:24:ab:67:30:
59:36:d2:6f:2d:71:c0:66:d1:b1:c5:8e:de:d6:4f:9c:d9:07:
32:55:7e:00:68:4e:b8:3f:b7:cf:e8:49:d2:8e:e7:3c:a8:e3:
5a:b9:b7:c1:8a:21:9e:62:d8:75:a0:63:10:ee:a7:e2:7b:8d:
e9:de:60:ef:66:02:b1:7f:c9:13:4b:58:98:ec:e7:38:c3:4a:
c0:ea:7e:ef:40:f6:c9:7b:8a:6a:5f:15:f4:17:ab:60:76:24:
fb:44:63:f7:e5:cc:92:9d:4c:fe:0c:48:b4:7a:00:c5:42:a0:
3c:70:9e:fe:04:fb:a5:53:42:22:c3:c9:bf:14:fb:04:27:14:
cd:59:70:e3:0f:2b:5f:0f:92:30:f0:18:f5:f7:73:21:5a:79:
c7:f2:81:2f:ca:fe:09:72:dd:00:a9:c7:a2:c8:97:da:6f:09:
5a:77:a0:05:e5:ce:85:e9:0b:c3:29:59:0d:77:bc:77:5c:fc:
bd:bc:9a:6f:fa:f6:18:b9:d7:bf:ee:ff:b2:be:7e:93:11:8d:
cc:4c:27:0e:72:e1:9e:e5:20:79:bd:16:cc:3e:22:3b:85:68:
ed:cb:46:7f
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYzIb7LHtBqGF78vJcGF6YhpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWE5YjhhNDI0YmQ1ZjBjOWYwM2I5M2YyYzMyYWVkYzhjNDhmZGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAum9WBTODm5reVMDkuesHz3fSgCFd
laiPVjyq8ZQezx73gbhTFIKBqqpreRgJOiejp4a3C3aBTTx97MgSlUkRImxGAFEa
7NoqsT9msoWLP4a97rKdl1ChYjQRs60ME64h0sau4euQwhTK3UWoh9LhwqaGB2/P
m/7C9Em15Ea1uEUWCDoGy94uOvwWLx0gM9puzEKp7klx0b7xC+e0Vp2ysXcOekC3
nqq8L+KmfxLseluN+w+i8E3pxZ+ck/JF1KiaCbl7J68M27BJdfWMlddWL+8RVA3J
T6pCfczgjQfwOvLuoXAcBx0yzf/T0cjGGmPxx5lZ6xrnNWP3d4ZCvz2InwIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFAqpuKQkvV8MnwO5PywyrtyMSP3LMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvQ3FtNHBDUzlYd3lmQTdrX0xES3UzSXhJX2NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAC1U2AME
AC1WyAMEAC1WygMEAC1c5QMEAC1f8wMEAC2SNgMEAC2aigMEAIiQEQMEAIiQEwME
AIiQIQMEAIiQKgMEAcEk4AMEAcElIAMEAMGw0wMEAMIFMAMEAMIFNQMEAMIirTAN
BAIAAjAHAwUAKg/jhjANBgkqhkiG9w0BAQsFAAOCAQEAu0hxrjAqD5pJT++A/YLh
AMJsB+KV6i7HoN+sdIte4owkq2cwWTbSby1xwGbRscWO3tZPnNkHMlV+AGhOuD+3
z+hJ0o7nPKjjWrm3wYohnmLYdaBjEO6n4nuN6d5g72YCsX/JE0tYmOznOMNKwOp+
70D2yXuKal8V9BerYHYk+0Rj9+XMkp1M/gxItHoAxUKgPHCe/gT7pVNCIsPJvxT7
BCcUzVlw4w8rXw+SMPAY9fdzIVp5x/KBL8r+CXLdAKnHosiX2m8JWnegBeXOhekL
wylZDXe8d1z8vbyab/r2GLnXv+7/sr5+kxGNzEwnDnLhnuUgeb0WzD4iO4Vo7ctG
fw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org