Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/4QpoEMull_7Fif8kzmnbxstP46g.roa
File: 4QpoEMull_7Fif8kzmnbxstP46g.roa (raw, json)
Hash identifier: 04wo0C5VQIaPwdUltNe7n3BTEWHxEhI51yQRFwMVy64=
Subject key identifier: E1:0A:68:10:CB:A5:97:FE:C5:89:FF:24:CE:69:DB:C6:CB:4F:E3:A8
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018FC8A8957CA0E5B167B9B058FF5B24AE18
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/4QpoEMull_7Fif8kzmnbxstP46g.roa
Signing time: Thu 30 May 2024 08:40:42 +0000
ROA not before: Thu 30 May 2024 08:40:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 45.89.66.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.176.0/24 maxlen: 24
45.128.177.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
45.132.252.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.139.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
103.82.103.0/24 maxlen: 24
103.127.76.0/23 maxlen: 23
185.5.248.0/22 maxlen: 22
185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.250.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.204.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.207.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.48.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.87.50.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
185.125.216.0/22 maxlen: 22
185.125.218.0/23 maxlen: 23
185.125.228.0/22 maxlen: 22
185.125.228.0/24 maxlen: 24
185.125.229.0/24 maxlen: 24
185.125.230.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.200.188.0/24 maxlen: 24
193.109.85.0/24 maxlen: 24
193.124.176.0/20 maxlen: 20
193.124.176.0/21 maxlen: 21
193.124.176.0/24 maxlen: 24
193.124.177.0/24 maxlen: 24
193.124.178.0/24 maxlen: 24
193.124.179.0/24 maxlen: 24
193.124.180.0/24 maxlen: 24
193.124.181.0/24 maxlen: 24
193.124.182.0/24 maxlen: 24
193.124.183.0/24 maxlen: 24
193.124.184.0/21 maxlen: 21
193.124.184.0/24 maxlen: 24
193.124.185.0/24 maxlen: 24
193.124.186.0/24 maxlen: 24
193.124.187.0/24 maxlen: 24
193.124.188.0/24 maxlen: 24
193.124.189.0/24 maxlen: 24
193.124.190.0/24 maxlen: 24
193.124.191.0/24 maxlen: 24
193.168.224.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.193.0/24 maxlen: 24
194.67.194.0/23 maxlen: 23
194.67.196.0/22 maxlen: 22
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
195.47.250.0/24 maxlen: 24
2a0a:9300::/48 maxlen: 48
2a0a:9300:2::/48 maxlen: 48
2a0a:9300:d0::/48 maxlen: 48
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a0a:9302:1::/48 maxlen: 48
2a0b:7780::/29 maxlen: 29
2a0c:77c0::/32 maxlen: 32
2a0d:3880::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 09 Jul 2024 12:39:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c8:a8:95:7c:a0:e5:b1:67:b9:b0:58:ff:5b:24:ae:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: May 30 08:40:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e10a6810cba597fec589ff24ce69dbc6cb4fe3a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3f:fd:ce:b0:dd:2b:35:ca:7e:85:43:6f:95:
11:59:78:51:61:58:90:39:4e:74:ef:37:ab:70:d7:
42:f3:89:1f:6d:f6:bf:2f:d3:7f:8e:2c:00:3e:2e:
08:16:c5:4f:2c:a8:19:81:0c:6f:b0:17:38:b2:e9:
e0:5e:a2:c1:09:28:41:92:81:a2:83:f9:1b:27:f2:
8b:51:f9:08:0a:e2:fc:c8:00:ca:5e:86:85:83:6f:
27:62:15:a4:4f:ad:8f:be:5a:1d:0d:86:93:b6:fb:
a7:ae:05:60:12:4e:94:63:dd:83:e0:29:27:db:fc:
11:bd:36:c3:67:fd:e8:2f:4d:fb:03:cb:a9:d7:d0:
e1:a0:53:83:75:49:23:21:77:fd:0f:6f:4e:bb:0b:
a7:c2:c2:f3:8e:4d:cf:7e:71:c4:10:60:3c:1d:7e:
1f:50:71:00:24:96:97:02:e7:86:7a:7e:ec:fc:aa:
8e:23:b3:31:7b:82:56:d2:97:09:f4:33:f7:8b:72:
86:b1:c5:39:10:ea:a1:e4:44:79:76:0a:8a:19:99:
82:80:b5:1d:2e:00:7a:f1:62:a2:0c:0d:fa:07:87:
6a:6d:f0:be:69:e3:f0:9e:99:dc:0e:0a:30:d6:48:
9b:0a:a0:d7:7f:2b:6a:7d:8d:3b:f0:ec:74:ba:1a:
d6:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:0A:68:10:CB:A5:97:FE:C5:89:FF:24:CE:69:DB:C6:CB:4F:E3:A8
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/4QpoEMull_7Fif8kzmnbxstP46g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.66.0/23
45.128.176.0/22
45.132.252.0/24
91.217.80.0/24
94.142.136.0/21
103.82.103.0/24
103.127.76.0/23
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
185.200.188.0/24
193.109.85.0/24
193.124.176.0/20
193.168.224.0/24
194.67.192.0/19
195.47.250.0/24
IPv6:
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
2a0b:7780::/29
2a0c:77c0::/32
2a0d:3880::/29
Signature Algorithm: sha256WithRSAEncryption
87:e1:d2:73:21:fa:23:b7:32:ad:d1:52:c6:7a:5f:b6:c2:93:
d9:92:90:4f:30:40:a6:41:00:68:e1:bf:45:2d:43:04:1b:4b:
5b:8b:35:6a:4e:42:e6:62:fd:de:23:01:87:86:a7:74:a4:14:
c7:d1:06:ea:ce:fb:fa:71:fe:33:9d:80:6e:35:0d:c1:99:8b:
5d:e7:20:d2:b9:d9:33:b9:ca:f5:d5:c4:c3:04:77:81:1b:80:
b8:21:c6:1a:5a:bf:78:a0:24:1b:68:82:c8:0e:58:a3:9e:c7:
bd:b6:16:5f:b9:9e:d5:21:2b:dd:f9:8f:38:9b:6c:c4:a8:0b:
cf:ce:3a:2b:e7:06:72:44:50:47:d0:22:04:c5:c9:99:6a:ff:
92:9f:4d:22:54:f0:f7:87:c5:85:12:cc:0f:75:61:07:f4:45:
20:2c:26:56:a0:7b:9e:46:cb:d2:41:46:4c:2f:c2:d0:6d:b0:
5b:61:be:3c:36:ac:d9:96:55:d0:38:13:0b:24:eb:62:ff:27:
08:4e:b5:2b:15:cc:34:b3:df:0a:c6:9e:66:32:f2:9e:dc:e2:
a9:44:31:a5:77:6e:f1:f7:1e:b3:9c:80:98:c4:d4:50:19:d3:
51:4a:cb:15:88:c3:21:2c:8b:82:0f:11:1b:41:b3:ae:32:59:
ce:47:6f:68
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAY/IqJV8oOWxZ7mwWP9bJK4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwNTMwMDg0MDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTBhNjgxMGNiYTU5N2ZlYzU4OWZmMjRjZTY5ZGJjNmNiNGZlM2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlD/9zrDdKzXKfoVDb5URWXhRYViQ
OU507zercNdC84kfbfa/L9N/jiwAPi4IFsVPLKgZgQxvsBc4sungXqLBCShBkoGi
g/kbJ/KLUfkICuL8yADKXoaFg28nYhWkT62PvlodDYaTtvunrgVgEk6UY92D4Ckn
2/wRvTbDZ/3oL037A8up19DhoFODdUkjIXf9D29OuwunwsLzjk3PfnHEEGA8HX4f
UHEAJJaXAueGen7s/KqOI7Mxe4JW0pcJ9DP3i3KGscU5EOqh5ER5dgqKGZmCgLUd
LgB68WKiDA36B4dqbfC+aePwnpncDgow1kibCqDXfytqfY078Ox0uhrWvwIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFOEKaBDLpZf+xYn/JM5p28bLT+OoMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvNFFwb0VNdWxsXzdGaWY4a3ptbmJ4c3RQNDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DB+BAIAATB4AwQBLVlC
AwQCLYCwAwQALYT8AwQAW9lQAwQDXo6IAwQAZ1JnAwQBZ39MAwQCuQX4AwQCuTrM
AwQCuVcwAwQBuWl0AwQCuXWYAwQCuX3YAwQCuX3kAwQAuci8AwQAwW1VAwQEwXyw
AwQAwajgAwQFwkPAAwQAwy/6MFoEAgACMFQDBwAqCpMAAAADBwAqCpMAAAIwEgMH
BCoKkwAA0AMHACoKkwAA0jAQAwUAKgqTAQMHACoKkwEAAgMFACoKkwIDBQMqC3eA
AwUAKgx3wAMFAyoNOIAwDQYJKoZIhvcNAQELBQADggEBAIfh0nMh+iO3Mq3RUsZ6
X7bCk9mSkE8wQKZBAGjhv0UtQwQbS1uLNWpOQuZi/d4jAYeGp3SkFMfRBurO+/px
/jOdgG41DcGZi13nINK52TO5yvXVxMMEd4EbgLghxhpav3igJBtogsgOWKOex722
Fl+5ntUhK935jzibbMSoC8/OOivnBnJEUEfQIgTFyZlq/5KfTSJU8PeHxYUSzA91
YQf0RSAsJlage55Gy9JBRkwvwtBtsFthvjw2rNmWVdA4Ewsk62L/JwhOtSsVzDSz
3wrGnmYy8p7c4qlEMaV3bvH3HrOcgJjE1FAZ01FKyxWIwyEsi4IPERtBs64yWc5H
b2g=
-----END CERTIFICATE-----
Generated at Tue Jul 9 15:52:58 2024 by rpki-client on console-ams.rpki-client.org