Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/RoaXzLOnzN8LejuVIY_bZ9A0x7k.roa
File: RoaXzLOnzN8LejuVIY_bZ9A0x7k.roa (raw, json)
Hash identifier: +mb25yOh0nRFEQpsOeT2VcYu+bzaapYslbmvBOnpTWk=
Subject key identifier: 46:86:97:CC:B3:A7:CC:DF:0B:7A:3B:95:21:8F:DB:67:D0:34:C7:B9
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018ACB84DF5C49EFD9F19E760D403774BD3B
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/RoaXzLOnzN8LejuVIY_bZ9A0x7k.roa
Signing time: Mon 25 Sep 2023 08:46:37 +0000
ROA not before: Mon 25 Sep 2023 08:46:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205090
IP address blocks: 185.112.102.0/24 maxlen: 24
185.112.101.0/24 maxlen: 24
185.112.103.0/24 maxlen: 24
45.9.73.0/24 maxlen: 24
45.9.75.0/24 maxlen: 24
193.162.143.0/24 maxlen: 24
185.233.83.0/24 maxlen: 24
185.105.90.0/24 maxlen: 24
185.105.88.0/24 maxlen: 24
185.105.91.0/24 maxlen: 24
185.105.89.0/24 maxlen: 24
185.221.162.0/24 maxlen: 24
45.95.202.0/24 maxlen: 24
185.102.139.0/24 maxlen: 24
45.95.203.0/24 maxlen: 24
45.90.216.0/24 maxlen: 24
45.90.218.0/24 maxlen: 24
45.90.217.0/24 maxlen: 24
45.90.219.0/24 maxlen: 24
84.252.73.0/24 maxlen: 24
84.252.75.0/24 maxlen: 24
84.252.74.0/24 maxlen: 24
185.233.200.0/24 maxlen: 24
185.232.169.0/24 maxlen: 24
185.128.105.0/24 maxlen: 24
45.89.65.0/24 maxlen: 24
85.209.2.0/24 maxlen: 24
185.103.109.0/24 maxlen: 24
185.128.107.0/24 maxlen: 24
185.128.106.0/24 maxlen: 24
193.168.227.0/24 maxlen: 24
185.217.198.0/24 maxlen: 24
185.217.199.0/24 maxlen: 24
185.104.251.0/24 maxlen: 24
2a09:5302:ffff::/48 maxlen: 48
2a09:5302::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:84:df:5c:49:ef:d9:f1:9e:76:0d:40:37:74:bd:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 25 08:46:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=468697ccb3a7ccdf0b7a3b95218fdb67d034c7b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5d:7e:69:29:5e:81:36:b4:bd:c8:22:60:23:
a8:8b:15:bf:27:0a:9b:a7:9d:0f:14:8a:30:3a:9b:
c3:e8:ad:5d:98:47:15:80:c2:04:71:2f:26:21:d8:
e2:31:04:ac:12:84:3e:a4:ab:86:bc:bd:e6:3e:5b:
0a:20:7e:fc:02:30:cd:5c:d5:63:0f:4f:08:ca:0b:
b7:a2:ef:04:23:15:28:0e:7e:27:02:42:41:54:9a:
80:53:2e:5a:6b:e6:44:1a:fe:b5:07:b4:02:91:f3:
70:d4:fa:c5:29:3e:d5:a1:cf:fa:33:83:13:3f:66:
36:03:2b:54:f3:70:8f:53:9b:25:b2:bb:50:21:67:
ad:d6:86:42:2b:96:f5:c0:90:69:cf:07:c8:c1:e1:
f8:7e:b0:3a:09:fe:c0:ed:a9:2d:8d:b7:77:b5:4a:
c0:05:55:ce:92:40:1d:8b:65:74:26:ce:a5:a6:aa:
da:b1:b6:9f:e2:4c:6a:88:23:70:65:96:fd:e2:61:
09:e3:7e:5a:1e:fb:64:50:60:1c:65:b0:c8:68:cf:
0d:5f:34:5e:22:83:ba:d4:ed:d0:e2:8a:87:c3:1c:
2d:a8:5c:06:74:15:59:4b:9a:d7:ea:5e:27:4e:28:
d6:17:9b:d3:04:68:27:bc:cc:be:1f:4b:7b:5a:50:
4b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:86:97:CC:B3:A7:CC:DF:0B:7A:3B:95:21:8F:DB:67:D0:34:C7:B9
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/RoaXzLOnzN8LejuVIY_bZ9A0x7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.73.0/24
45.9.75.0/24
45.89.65.0/24
45.90.216.0/22
45.95.202.0/23
84.252.73.0-84.252.75.255
85.209.2.0/24
185.102.139.0/24
185.103.109.0/24
185.104.251.0/24
185.105.88.0/22
185.112.101.0-185.112.103.255
185.128.105.0-185.128.107.255
185.217.198.0/23
185.221.162.0/24
185.232.169.0/24
185.233.83.0/24
185.233.200.0/24
193.162.143.0/24
193.168.227.0/24
IPv6:
2a09:5302::/32
Signature Algorithm: sha256WithRSAEncryption
bd:94:65:49:28:d2:07:bf:55:e6:7a:83:cb:77:a5:20:91:ba:
6f:ef:59:95:5c:7d:fc:be:3d:48:68:fa:2e:a8:a6:ef:b4:6a:
fc:19:d6:c6:c2:00:85:da:b3:cf:13:8a:26:e7:c0:99:92:60:
3a:72:70:d3:7e:8c:c2:68:53:86:d3:37:4f:0f:c1:34:41:31:
65:ed:aa:78:ac:12:c9:43:92:85:b5:aa:77:bf:e8:28:0d:1d:
f1:c6:b4:64:1c:c2:21:92:64:a0:0a:33:a2:67:0a:fe:78:a6:
c6:ca:0d:bb:fc:74:95:dc:c7:5f:f0:f8:0c:f4:7e:db:10:6a:
b5:25:a8:bf:e4:82:ec:58:4f:ed:4d:b9:95:35:52:0a:a1:a7:
24:f7:e9:ce:9a:0e:a2:19:82:a6:79:10:17:d8:af:13:5d:bd:
94:f4:0d:37:ff:4e:51:29:46:66:eb:a9:79:87:2a:ff:61:2e:
f1:e0:a0:9a:e0:58:65:4a:24:7b:c7:54:e4:e4:f7:f5:7f:ac:
20:bd:e6:87:96:b8:80:ca:88:95:09:d2:24:04:44:14:e0:e4:
0a:29:45:8c:ae:83:b3:a5:21:2b:9d:58:5f:ed:6f:30:37:45:
5b:2b:7b:c0:88:3a:39:97:ad:18:bc:0c:5f:7f:8f:2d:58:ef:
cb:01:60:55
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAYrLhN9cSe/Z8Z52DUA3dL07MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwOTI1MDg0NjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njg2OTdjY2IzYTdjY2RmMGI3YTNiOTUyMThmZGI2N2QwMzRjN2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuV1+aSlegTa0vcgiYCOoixW/Jwqb
p50PFIowOpvD6K1dmEcVgMIEcS8mIdjiMQSsEoQ+pKuGvL3mPlsKIH78AjDNXNVj
D08Iygu3ou8EIxUoDn4nAkJBVJqAUy5aa+ZEGv61B7QCkfNw1PrFKT7Voc/6M4MT
P2Y2AytU83CPU5slsrtQIWet1oZCK5b1wJBpzwfIweH4frA6Cf7A7aktjbd3tUrA
BVXOkkAdi2V0Js6lpqrasbaf4kxqiCNwZZb94mEJ435aHvtkUGAcZbDIaM8NXzRe
IoO61O3Q4oqHwxwtqFwGdBVZS5rX6l4nTijWF5vTBGgnvMy+H0t7WlBL+QIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFEaGl8yzp8zfC3o7lSGP22fQNMe5MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvUm9hWHpMT256TjhMZWp1VklZX2JaOUEweDdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBlwQCAAEwgZADBAAt
CUkDBAAtCUsDBAAtWUEDBAItWtgDBAEtX8owDAMEAFT8SQMEAlT8SAMEAFXRAgME
ALlmiwMEALlnbQMEALlo+wMEArlpWDAMAwQAuXBlAwQDuXBgMAwDBAC5gGkDBAK5
gGgDBAG52cYDBAC53aIDBAC56KkDBAC56VMDBAC56cgDBADBoo8DBADBqOMwDQQC
AAIwBwMFACoJUwIwDQYJKoZIhvcNAQELBQADggEBAL2UZUko0ge/VeZ6g8t3pSCR
um/vWZVcffy+PUho+i6opu+0avwZ1sbCAIXas88TiibnwJmSYDpycNN+jMJoU4bT
N08PwTRBMWXtqnisEslDkoW1qne/6CgNHfHGtGQcwiGSZKAKM6JnCv54psbKDbv8
dJXcx1/w+Az0ftsQarUlqL/kguxYT+1NuZU1UgqhpyT36c6aDqIZgqZ5EBfYrxNd
vZT0DTf/TlEpRmbrqXmHKv9hLvHgoJrgWGVKJHvHVOTk9/V/rCC95oeWuIDKiJUJ
0iQERBTg5AopRYyug7OlISudWF/tbzA3RVsre8CIOjmXrRi8DF9/jy1Y78sBYFU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org