Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/5m3nic4TqniddpWEibR7QzRGVmc.roa
File: 5m3nic4TqniddpWEibR7QzRGVmc.roa (raw, json)
Hash identifier: PK4m/YlKYA9kpqCMaxO8RXkQ0AbqVqJylf57mu2KJlI=
Subject key identifier: E6:6D:E7:89:CE:13:AA:78:9D:76:95:84:89:B4:7B:43:34:46:56:67
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 018D53840E50FEB1042E0D6FDC91494B3BD7
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/5m3nic4TqniddpWEibR7QzRGVmc.roa
Signing time: Mon 29 Jan 2024 04:39:39 +0000
ROA not before: Mon 29 Jan 2024 04:39:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201106
IP address blocks: 45.142.156.0/24 maxlen: 32
45.142.157.0/24 maxlen: 32
45.142.158.0/23 maxlen: 32
45.145.72.0/23 maxlen: 32
45.145.74.0/23 maxlen: 32
45.150.164.0/22 maxlen: 32
45.150.226.0/23 maxlen: 32
45.151.132.0/22 maxlen: 32
45.154.212.0/22 maxlen: 32
94.154.114.0/24 maxlen: 32
178.22.30.0/24 maxlen: 32
188.93.139.0/24 maxlen: 32
193.218.200.0/23 maxlen: 32
193.221.94.0/23 maxlen: 32
194.124.218.0/23 maxlen: 32
194.124.224.0/23 maxlen: 32
194.147.98.0/23 maxlen: 32
194.147.100.0/23 maxlen: 32
217.114.47.0/24 maxlen: 32
2a0e:da40:4000::/34 maxlen: 128
Validation: Failed, certificate revoked on Wed 31 Jan 2024 21:13:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:53:84:0e:50:fe:b1:04:2e:0d:6f:dc:91:49:4b:3b:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jan 29 04:39:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e66de789ce13aa789d76958489b47b4334465667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1c:d4:c2:1a:85:1a:49:eb:bc:69:e2:89:fb:
56:60:8a:8a:99:2d:5f:bf:b3:7f:3c:06:38:aa:1c:
d8:10:46:56:49:dd:7e:35:59:97:dc:9a:bb:80:83:
d3:a6:cc:61:3a:8d:43:d9:0c:4c:99:07:f3:c6:14:
ba:13:ae:b2:a2:a7:99:e3:99:7f:16:83:fc:98:36:
31:2d:66:77:6a:c2:92:77:2f:cb:46:af:96:95:08:
7e:07:31:f5:50:53:53:12:05:7a:e4:9d:e0:b7:29:
65:ab:12:a6:7f:f2:32:79:3f:d6:28:b5:3c:fd:98:
59:40:3b:15:41:45:e3:0e:63:f1:f6:56:f5:e8:9f:
0a:90:d2:29:22:fd:6f:2b:28:d6:c7:8c:27:fe:08:
da:ec:02:19:4b:94:0f:03:9c:3b:79:38:2f:58:15:
51:be:94:5b:19:d2:25:9d:0b:08:34:fd:b1:68:9e:
e1:33:e3:9e:7f:21:db:d0:2c:c0:26:2d:e4:83:ba:
7f:6f:91:fc:de:2d:96:e9:a7:e7:e4:40:a0:c0:7c:
25:52:ec:db:f0:84:b8:56:68:d5:c1:8f:71:38:fc:
9a:7e:63:6e:9d:93:ee:70:6c:d1:79:11:30:87:c5:
5d:fe:d5:3f:3b:a5:a0:d5:9d:65:93:eb:da:aa:37:
1d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:6D:E7:89:CE:13:AA:78:9D:76:95:84:89:B4:7B:43:34:46:56:67
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/5m3nic4TqniddpWEibR7QzRGVmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.156.0/22
45.145.72.0/22
45.150.164.0/22
45.150.226.0/23
45.151.132.0/22
45.154.212.0/22
94.154.114.0/24
178.22.30.0/24
188.93.139.0/24
193.218.200.0/23
193.221.94.0/23
194.124.218.0/23
194.124.224.0/23
194.147.98.0-194.147.101.255
217.114.47.0/24
IPv6:
2a0e:da40:4000::/34
Signature Algorithm: sha256WithRSAEncryption
66:5f:fd:03:53:d3:a1:84:42:31:0d:85:68:01:fc:0c:af:de:
f9:51:68:37:7e:10:5a:64:0e:de:11:59:98:3f:83:08:bb:e1:
14:3f:f6:c8:56:5c:b3:17:e3:73:e3:63:94:bb:29:39:38:5f:
2a:8a:b4:8e:56:5e:1f:2b:69:9f:78:f8:9b:32:b3:35:c8:c5:
84:19:19:12:d9:13:c3:ab:46:e2:84:41:8b:0d:0d:ad:92:25:
d9:e3:5c:46:5b:04:69:4a:8a:be:3a:f3:70:5c:ac:28:22:bf:
58:be:57:8e:21:a2:ed:22:21:e0:b0:05:30:cf:fd:36:4a:7e:
4e:ad:04:51:e7:ed:84:da:2d:1f:22:64:e1:90:34:93:ce:f4:
27:9f:2c:de:bb:6d:da:95:0c:b7:f1:c3:b4:5d:e0:a4:e6:a6:
9d:15:ae:fb:c5:df:d0:04:93:21:f6:d0:98:2b:90:58:f4:94:
ad:d1:47:60:c6:2b:e6:d8:48:5a:85:a8:9c:d6:d6:e8:51:b1:
75:96:f1:b4:8e:79:bb:bc:c8:26:2a:79:c4:8d:0f:9d:a2:33:
45:93:2e:58:a4:4c:b8:7c:8b:f1:cc:5a:97:78:e9:1a:2d:f9:
e7:6c:2e:26:91:13:95:9f:8b:60:ee:13:44:98:de:16:9b:34:
bd:2d:42:35
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAY1ThA5Q/rEELg1v3JFJSzvXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjQwMTI5MDQzOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjZkZTc4OWNlMTNhYTc4OWQ3Njk1ODQ4OWI0N2I0MzM0NDY1NjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBzUwhqFGknrvGniiftWYIqKmS1f
v7N/PAY4qhzYEEZWSd1+NVmX3Jq7gIPTpsxhOo1D2QxMmQfzxhS6E66yoqeZ45l/
FoP8mDYxLWZ3asKSdy/LRq+WlQh+BzH1UFNTEgV65J3gtyllqxKmf/IyeT/WKLU8
/ZhZQDsVQUXjDmPx9lb16J8KkNIpIv1vKyjWx4wn/gja7AIZS5QPA5w7eTgvWBVR
vpRbGdIlnQsINP2xaJ7hM+OefyHb0CzAJi3kg7p/b5H83i2W6afn5ECgwHwlUuzb
8IS4VmjVwY9xOPyafmNunZPucGzReREwh8Vd/tU/O6Wg1Z1lk+vaqjcdXwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFOZt54nOE6p4nXaVhIm0e0M0RlZnMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvNW0zbmljNFRxbmlkZHBXRWliUjdRelJHVm1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowaAQCAAEwYgMEAi2OnAME
Ai2RSAMEAi2WpAMEAS2W4gMEAi2XhAMEAi2a1AMEAF6acgMEALIWHgMEALxdiwME
AcHayAMEAcHdXgMEAcJ82gMEAcJ84DAMAwQBwpNiAwQBwpNkAwQA2XIvMA4EAgAC
MAgDBgYqDtpAQDANBgkqhkiG9w0BAQsFAAOCAQEAZl/9A1PToYRCMQ2FaAH8DK/e
+VFoN34QWmQO3hFZmD+DCLvhFD/2yFZcsxfjc+NjlLspOThfKoq0jlZeHytpn3j4
mzKzNcjFhBkZEtkTw6tG4oRBiw0NrZIl2eNcRlsEaUqKvjrzcFysKCK/WL5XjiGi
7SIh4LAFMM/9Nkp+Tq0EUefthNotHyJk4ZA0k870J58s3rtt2pUMt/HDtF3gpOam
nRWu+8Xf0ASTIfbQmCuQWPSUrdFHYMYr5thIWoWonNbW6FGxdZbxtI55u7zIJip5
xI0PnaIzRZMuWKRMuHyL8cxal3jpGi3552wuJpETlZ+LYO4TRJjeFps0vS1CNQ==
-----END CERTIFICATE-----
Generated at Thu Feb 1 00:36:27 2024 by rpki-client on console-ams.rpki-client.org