Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/S4ztc8KwfN_ZRTQaGU1jtKkt02k.roa
File: S4ztc8KwfN_ZRTQaGU1jtKkt02k.roa (raw, json)
Hash identifier: pQdZwam5/tjgHOrvIo/W/oT0dHSEhkvwSZ1lvcHJvF4=
Subject key identifier: 4B:8C:ED:73:C2:B0:7C:DF:D9:45:34:1A:19:4D:63:B4:A9:2D:D3:69
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018DCB7EAA61E40577FA7165B18C61012A76
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/S4ztc8KwfN_ZRTQaGU1jtKkt02k.roa
Signing time: Wed 21 Feb 2024 11:48:12 +0000
ROA not before: Wed 21 Feb 2024 11:48:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 45.89.66.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.176.0/24 maxlen: 24
45.128.177.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
45.132.252.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.139.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
94.142.143.0/24 maxlen: 24
185.5.248.0/22 maxlen: 22
185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.250.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.204.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.207.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.48.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.87.50.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
185.125.216.0/22 maxlen: 22
185.125.218.0/23 maxlen: 23
185.125.228.0/22 maxlen: 22
185.125.228.0/24 maxlen: 24
185.125.229.0/24 maxlen: 24
185.125.230.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.200.188.0/24 maxlen: 24
193.109.85.0/24 maxlen: 24
193.124.176.0/20 maxlen: 20
193.124.176.0/21 maxlen: 21
193.124.184.0/21 maxlen: 21
193.168.224.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.193.0/24 maxlen: 24
194.67.194.0/23 maxlen: 23
194.67.196.0/22 maxlen: 22
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
195.47.250.0/24 maxlen: 24
2a0a:9300::/48 maxlen: 48
2a0a:9300:2::/48 maxlen: 48
2a0a:9300:d0::/48 maxlen: 48
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a0a:9302:1::/48 maxlen: 48
2a0b:7780::/29 maxlen: 29
2a0c:77c0::/32 maxlen: 32
2a0d:3880::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 06 Mar 2024 09:59:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cb:7e:aa:61:e4:05:77:fa:71:65:b1:8c:61:01:2a:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Feb 21 11:48:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b8ced73c2b07cdfd945341a194d63b4a92dd369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:3a:bd:6f:aa:b5:1a:e4:95:db:e7:28:97:99:
31:b8:eb:85:b2:95:61:68:4d:cb:fc:4b:e2:88:14:
88:bf:2e:ba:e5:13:13:ca:e2:c9:a4:af:6e:66:5b:
80:e9:df:72:72:b0:29:9e:91:f5:13:54:90:8b:18:
45:91:a0:a3:72:b3:4c:d0:5f:39:d0:0f:0f:2f:f5:
9b:04:76:69:6e:bc:ea:99:50:34:f7:f5:d1:c4:a1:
cb:26:fd:b1:91:a0:4d:59:78:a7:bf:e4:f8:e3:10:
69:8a:4f:e1:18:fe:bb:e6:5a:1d:06:38:35:e4:04:
5d:0a:c1:f6:21:82:37:7d:30:96:35:58:14:00:38:
f2:ad:d4:06:a8:d1:7e:71:34:d2:02:07:5f:9b:70:
40:25:42:ca:08:ce:9a:55:09:a0:31:73:6b:b9:b7:
9f:21:e2:05:ee:90:d7:63:f5:d0:30:41:83:7e:13:
2f:31:9a:24:af:2d:4d:21:7a:83:ee:71:7a:81:7d:
4e:94:f7:fc:1a:ae:34:66:49:ef:f8:ff:fa:7e:73:
77:99:56:e0:6b:0e:82:ee:3d:3a:cf:96:22:2e:a4:
47:9f:b3:8c:08:21:de:56:8b:06:95:c8:8f:ba:34:
75:1a:b6:93:1b:71:85:da:c0:fc:61:71:46:58:07:
9d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:8C:ED:73:C2:B0:7C:DF:D9:45:34:1A:19:4D:63:B4:A9:2D:D3:69
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/S4ztc8KwfN_ZRTQaGU1jtKkt02k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.66.0/23
45.128.176.0/22
45.132.252.0/24
91.217.80.0/24
94.142.136.0/21
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
185.200.188.0/24
193.109.85.0/24
193.124.176.0/20
193.168.224.0/24
194.67.192.0/19
195.47.250.0/24
IPv6:
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
2a0b:7780::/29
2a0c:77c0::/32
2a0d:3880::/29
Signature Algorithm: sha256WithRSAEncryption
73:46:47:93:40:00:35:75:cf:6a:88:f9:68:e2:49:c3:b4:3c:
45:d5:c9:2e:9d:a8:ce:8a:92:e8:67:dc:65:8b:9f:3c:06:70:
cc:e5:d5:66:16:6a:cb:f9:8d:77:05:b0:76:8a:c1:02:a6:ff:
e4:5d:20:b2:6d:62:db:ed:dc:05:ae:82:e8:5b:13:4f:46:7a:
34:38:e3:69:4f:f5:f2:4a:66:f5:67:d0:cc:2c:0c:01:d3:ba:
70:f9:4e:a8:58:9c:bc:63:bf:8c:69:f0:e3:01:f9:3b:f5:1b:
9c:31:0f:70:7b:d4:f5:a1:70:d6:78:9f:fe:3c:f8:e1:9b:86:
b0:2d:c2:62:6f:b7:eb:de:27:77:25:55:62:3c:33:26:55:13:
3c:b3:3b:cf:c2:cd:d0:72:ed:b2:b8:af:a5:2c:25:32:df:00:
3e:18:7a:1c:6b:8c:63:1a:5a:9e:51:97:bf:09:de:ca:79:8f:
2b:62:28:90:fa:53:6c:9c:36:fd:52:6a:ad:57:35:68:a0:53:
cf:35:08:f9:00:3d:83:8c:26:e5:6f:8e:03:52:2a:3f:87:8e:
4f:2a:dd:1e:d0:13:7f:32:19:c4:e1:71:c8:e4:c0:54:ce:05:
14:27:4e:3b:44:23:97:f1:a6:a7:59:b0:a9:25:58:48:9c:8a:
a5:c8:91:db
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAY3Lfqph5AV3+nFlsYxhASp2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMjIxMTE0ODEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjhjZWQ3M2MyYjA3Y2RmZDk0NTM0MWExOTRkNjNiNGE5MmRkMzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijq9b6q1GuSV2+col5kxuOuFspVh
aE3L/EviiBSIvy665RMTyuLJpK9uZluA6d9ycrApnpH1E1SQixhFkaCjcrNM0F85
0A8PL/WbBHZpbrzqmVA09/XRxKHLJv2xkaBNWXinv+T44xBpik/hGP675lodBjg1
5ARdCsH2IYI3fTCWNVgUADjyrdQGqNF+cTTSAgdfm3BAJULKCM6aVQmgMXNrubef
IeIF7pDXY/XQMEGDfhMvMZokry1NIXqD7nF6gX1OlPf8Gq40Zknv+P/6fnN3mVbg
aw6C7j06z5YiLqRHn7OMCCHeVosGlciPujR1GraTG3GF2sD8YXFGWAedHQIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFEuM7XPCsHzf2UU0GhlNY7SpLdNpMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvUzR6dGM4S3dmTl9aUlRRYUdVMWp0S2t0MDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DByBAIAATBsAwQBLVlC
AwQCLYCwAwQALYT8AwQAW9lQAwQDXo6IAwQCuQX4AwQCuTrMAwQCuVcwAwQBuWl0
AwQCuXWYAwQCuX3YAwQCuX3kAwQAuci8AwQAwW1VAwQEwXywAwQAwajgAwQFwkPA
AwQAwy/6MFoEAgACMFQDBwAqCpMAAAADBwAqCpMAAAIwEgMHBCoKkwAA0AMHACoK
kwAA0jAQAwUAKgqTAQMHACoKkwEAAgMFACoKkwIDBQMqC3eAAwUAKgx3wAMFAyoN
OIAwDQYJKoZIhvcNAQELBQADggEBAHNGR5NAADV1z2qI+WjiScO0PEXVyS6dqM6K
kuhn3GWLnzwGcMzl1WYWasv5jXcFsHaKwQKm/+RdILJtYtvt3AWuguhbE09GejQ4
42lP9fJKZvVn0MwsDAHTunD5TqhYnLxjv4xp8OMB+Tv1G5wxD3B71PWhcNZ4n/48
+OGbhrAtwmJvt+veJ3clVWI8MyZVEzyzO8/CzdBy7bK4r6UsJTLfAD4YehxrjGMa
Wp5Rl78J3sp5jytiKJD6U2ycNv1Saq1XNWigU881CPkAPYOMJuVvjgNSKj+Hjk8q
3R7QE38yGcThccjkwFTOBRQnTjtEI5fxpqdZsKklWEiciqXIkds=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org