Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Ka6Eel3fKcVVTGFReAAM2AcB-0M.roa
File: Ka6Eel3fKcVVTGFReAAM2AcB-0M.roa (raw, json)
Hash identifier: tcjrzvFxbV1jHePAkTgpPsRVzT3oEKGCYENCFVakdjI=
Subject key identifier: 29:AE:84:7A:5D:DF:29:C5:55:4C:61:51:78:00:0C:D8:07:01:FB:43
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01922EED7D5D7224D5476294B49379E7E961
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Ka6Eel3fKcVVTGFReAAM2AcB-0M.roa
Signing time: Thu 26 Sep 2024 15:22:48 +0000
ROA not before: Thu 26 Sep 2024 15:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35196
IP address blocks: 45.9.73.179/32 maxlen: 32
45.9.73.184/32 maxlen: 32
45.9.73.236/32 maxlen: 32
45.89.65.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.128.176.0/24 maxlen: 24
45.128.177.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.136.67/32 maxlen: 32
94.142.139.0/24 maxlen: 24
185.5.248.0/22 maxlen: 22
185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.250.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.87.48.0/22 maxlen: 22
185.87.48.0/24 maxlen: 24
185.87.48.18/32 maxlen: 32
185.87.49.0/24 maxlen: 24
185.87.50.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
185.125.216.0/22 maxlen: 22
185.125.218.0/23 maxlen: 23
185.125.229.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.194.0/23 maxlen: 23
194.67.196.0/22 maxlen: 22
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
195.47.250.0/24 maxlen: 24
2a09:5302:ffff::/48 maxlen: 48
2a0a:9300:1000::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2e:ed:7d:5d:72:24:d5:47:62:94:b4:93:79:e7:e9:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 26 15:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29ae847a5ddf29c5554c615178000cd80701fb43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6b:24:4d:26:81:a1:08:e0:42:47:11:ac:6b:
37:5b:a5:37:43:cb:fd:79:10:5a:a9:88:36:27:5f:
67:6b:45:e9:e9:ec:9f:24:7a:53:c4:94:c1:3c:85:
ba:9e:ec:1c:c4:e8:18:24:d3:50:07:9f:86:fe:5f:
42:20:3c:48:94:c9:0b:23:fe:28:7d:df:24:41:ad:
29:62:3b:07:8e:96:ca:71:7b:14:7b:37:da:e8:84:
3d:87:62:88:3a:fc:85:00:be:e7:10:51:08:ef:df:
61:08:9d:9c:68:ab:b4:13:f6:67:fa:f7:4d:02:66:
15:eb:38:32:74:21:61:84:eb:26:11:86:0c:95:0d:
88:cf:ea:29:bb:65:51:31:f9:54:c5:50:23:25:d9:
80:f6:65:23:3d:7c:f5:2e:c0:72:9a:6b:3f:2c:08:
e8:8f:6d:ce:1c:b0:b0:bf:9d:c2:71:28:90:1e:07:
1d:f7:b9:74:c0:78:9b:76:91:66:99:70:a5:c0:f4:
61:03:d6:8e:8f:d0:81:82:c7:09:0f:62:60:83:0f:
f9:b4:82:37:03:14:51:1e:4f:23:8e:a1:69:26:2a:
2a:4e:e2:3c:ee:97:9a:b8:d8:39:1b:dc:a7:e7:38:
3e:af:35:1c:ad:47:f8:18:c8:aa:60:25:04:4d:8c:
fa:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:AE:84:7A:5D:DF:29:C5:55:4C:61:51:78:00:0C:D8:07:01:FB:43
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Ka6Eel3fKcVVTGFReAAM2AcB-0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.73.179/32
45.9.73.184/32
45.9.73.236/32
45.89.65.0-45.89.67.255
45.128.176.0/22
91.217.80.0/24
94.142.136.0/21
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.229.0/24
185.125.231.0/24
194.67.192.0/19
195.47.250.0/24
IPv6:
2a09:5302:ffff::/48
2a0a:9300:1000::/48
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
Signature Algorithm: sha256WithRSAEncryption
1d:f8:e8:ce:2d:09:b1:cc:2f:3b:61:ec:7c:19:26:2e:57:55:
1a:4b:68:bc:68:d3:f6:65:2b:1c:4e:33:42:a3:e3:ad:7f:c1:
64:63:9e:81:2f:84:76:a5:36:2f:19:95:15:92:64:9a:b6:27:
f9:09:d8:ec:95:84:cb:a8:8b:5e:92:e2:22:42:53:3f:c8:33:
73:2f:f2:88:d8:66:af:f5:88:2f:7c:fc:5c:9a:90:c2:26:5e:
20:d8:0d:8f:81:46:69:7f:1a:c9:9b:9c:ee:2a:b1:61:bc:70:
28:eb:f9:c0:e7:11:28:78:ea:07:12:c7:cc:33:81:46:1e:6b:
20:1b:10:c7:c3:53:80:e1:22:e3:6e:9e:88:02:9f:3a:8c:77:
9e:6c:55:4c:94:69:f8:3b:8e:1e:d8:ac:90:9e:ef:07:7a:1e:
a1:7b:43:1d:40:b0:36:b2:02:c4:43:6d:fc:40:3d:bf:14:0e:
a3:28:b5:13:31:f5:61:f2:ee:02:17:38:62:2b:64:07:40:1d:
c7:5d:27:44:34:a0:d1:dd:b8:12:f4:8f:12:bb:cd:33:d2:8b:
b6:2c:68:32:a8:0e:65:08:86:cd:34:48:39:03:30:d8:56:5d:
02:c7:19:7b:56:7c:b7:64:62:2d:f6:da:5d:3e:92:7a:2f:e7:
4c:e7:12:65
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAZIu7X1dciTVR2KUtJN55+lhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwOTI2MTUyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWFlODQ3YTVkZGYyOWM1NTU0YzYxNTE3ODAwMGNkODA3MDFmYjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGskTSaBoQjgQkcRrGs3W6U3Q8v9
eRBaqYg2J19na0Xp6eyfJHpTxJTBPIW6nuwcxOgYJNNQB5+G/l9CIDxIlMkLI/4o
fd8kQa0pYjsHjpbKcXsUezfa6IQ9h2KIOvyFAL7nEFEI799hCJ2caKu0E/Zn+vdN
AmYV6zgydCFhhOsmEYYMlQ2Iz+opu2VRMflUxVAjJdmA9mUjPXz1LsBymms/LAjo
j23OHLCwv53CcSiQHgcd97l0wHibdpFmmXClwPRhA9aOj9CBgscJD2Jggw/5tII3
AxRRHk8jjqFpJioqTuI87peauNg5G9yn5zg+rzUcrUf4GMiqYCUETYz6BQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFCmuhHpd3ynFVUxhUXgADNgHAftDMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvS2E2RWVsM2ZLY1ZWVEdGUmVBQU0yQWNCLTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDB3BAIAATBxAwUALQlJ
swMFAC0JSbgDBQAtCUnsMAwDBAAtWUEDBAItWUADBAItgLADBABb2VADBANejogD
BAK5BfgDBAK5OswDBAK5VzADBAG5aXQDBAK5dZgDBAK5fdgDBAC5feUDBAC5fecD
BAXCQ8ADBADDL/owMQQCAAIwKwMHACoJUwL//wMHACoKkwAQADAQAwUAKgqTAQMH
ACoKkwEAAgMFACoKkwIwDQYJKoZIhvcNAQELBQADggEBAB346M4tCbHMLzth7HwZ
Ji5XVRpLaLxo0/ZlKxxOM0Kj461/wWRjnoEvhHalNi8ZlRWSZJq2J/kJ2OyVhMuo
i16S4iJCUz/IM3Mv8ojYZq/1iC98/FyakMImXiDYDY+BRml/GsmbnO4qsWG8cCjr
+cDnESh46gcSx8wzgUYeayAbEMfDU4DhIuNunogCnzqMd55sVUyUafg7jh7YrJCe
7wd6HqF7Qx1AsDayAsRDbfxAPb8UDqMotRMx9WHy7gIXOGIrZAdAHcddJ0Q0oNHd
uBL0jxK7zTPSi7YsaDKoDmUIhs00SDkDMNhWXQLHGXtWfLdkYi322l0+knov50zn
EmU=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:11:45 2025 by rpki-client