Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/luAi2YGlO1hP8Yl4QL5w7zGtGXM.roa
File: luAi2YGlO1hP8Yl4QL5w7zGtGXM.roa (raw, json)
Hash identifier: OHQ9v5D8EoBM0ttYM99jVWWmzi4/NMVgR68Lx1oSKd8=
Subject key identifier: 96:E0:22:D9:81:A5:3B:58:4F:F1:89:78:40:BE:70:EF:31:AD:19:73
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018FBF28F3803DCE2A9F9A93735639DC95C3
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/luAi2YGlO1hP8Yl4QL5w7zGtGXM.roa
Signing time: Tue 28 May 2024 12:24:43 +0000
ROA not before: Tue 28 May 2024 12:24:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 45.89.66.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.176.0/24 maxlen: 24
45.128.177.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
45.132.252.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.139.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
103.82.103.0/24 maxlen: 24
103.127.76.0/23 maxlen: 23
185.5.248.0/22 maxlen: 22
185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.250.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.204.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.207.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.48.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.87.50.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
185.125.216.0/22 maxlen: 22
185.125.218.0/23 maxlen: 23
185.125.228.0/22 maxlen: 22
185.125.228.0/24 maxlen: 24
185.125.229.0/24 maxlen: 24
185.125.230.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.200.188.0/24 maxlen: 24
193.109.85.0/24 maxlen: 24
193.124.176.0/20 maxlen: 20
193.124.176.0/21 maxlen: 21
193.124.176.0/24 maxlen: 24
193.124.177.0/24 maxlen: 24
193.124.178.0/24 maxlen: 24
193.124.179.0/24 maxlen: 24
193.124.180.0/24 maxlen: 24
193.124.181.0/24 maxlen: 24
193.124.182.0/24 maxlen: 24
193.124.183.0/24 maxlen: 24
193.124.184.0/21 maxlen: 21
193.168.224.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.193.0/24 maxlen: 24
194.67.194.0/23 maxlen: 23
194.67.196.0/22 maxlen: 22
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
195.47.250.0/24 maxlen: 24
2a0a:9300::/48 maxlen: 48
2a0a:9300:2::/48 maxlen: 48
2a0a:9300:d0::/48 maxlen: 48
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a0a:9302:1::/48 maxlen: 48
2a0b:7780::/29 maxlen: 29
2a0c:77c0::/32 maxlen: 32
2a0d:3880::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 30 May 2024 08:40:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bf:28:f3:80:3d:ce:2a:9f:9a:93:73:56:39:dc:95:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: May 28 12:24:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96e022d981a53b584ff1897840be70ef31ad1973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c8:0e:3f:cd:e8:4a:df:ff:a2:55:70:7b:95:
f5:d7:c3:0e:7d:78:09:f1:94:58:e6:5f:c8:0e:62:
36:e3:f4:c3:df:99:25:23:dd:11:5a:ce:b8:5b:e3:
3d:8e:d9:57:7a:40:62:39:71:9f:56:b9:0e:3b:c5:
e9:90:d6:3a:c3:5a:a1:15:80:1c:6d:7d:12:cb:79:
c4:a2:fd:20:3d:f6:17:dc:d9:52:7a:a8:fe:60:ca:
29:28:32:ac:71:1a:22:1f:0c:a8:f6:f5:37:35:58:
5f:6a:2a:66:25:8d:2a:af:18:89:20:9d:78:dc:a0:
bb:91:5e:06:42:ab:4b:ea:6c:5d:52:62:2d:85:c3:
d9:79:51:44:17:11:d6:c1:ec:d7:e3:0d:a8:3d:94:
05:5c:36:94:c4:57:de:37:71:ac:2f:a2:c6:fa:17:
5d:c7:66:ea:cd:7d:6f:30:02:ab:67:e9:18:05:a3:
75:03:c1:53:0f:5c:0f:73:28:94:e4:0c:a2:03:b6:
b0:43:c8:57:17:1b:b5:83:ba:33:f4:a4:73:da:02:
a2:4c:5a:19:fb:4f:37:52:f1:77:a7:7b:30:b3:ed:
69:88:47:2a:b1:e1:2a:6a:e1:e7:04:0c:17:a2:3f:
57:c2:69:5d:e7:7b:05:2e:a4:ff:16:3d:34:2a:09:
7d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E0:22:D9:81:A5:3B:58:4F:F1:89:78:40:BE:70:EF:31:AD:19:73
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/luAi2YGlO1hP8Yl4QL5w7zGtGXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.66.0/23
45.128.176.0/22
45.132.252.0/24
91.217.80.0/24
94.142.136.0/21
103.82.103.0/24
103.127.76.0/23
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
185.200.188.0/24
193.109.85.0/24
193.124.176.0/20
193.168.224.0/24
194.67.192.0/19
195.47.250.0/24
IPv6:
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
2a0b:7780::/29
2a0c:77c0::/32
2a0d:3880::/29
Signature Algorithm: sha256WithRSAEncryption
93:5c:27:b1:b2:1f:6b:81:a9:8b:b1:4e:31:e0:83:90:38:ef:
5f:79:b5:a5:95:36:6d:49:b6:d9:8a:e6:e5:e5:57:a5:4b:a9:
db:07:3a:d5:1c:da:f5:d0:d2:11:f2:76:81:5a:7d:37:54:9d:
04:34:b1:1c:19:46:f6:81:61:a7:c1:c9:df:97:53:2f:49:1b:
84:a9:f7:52:93:c5:44:ae:a1:17:28:1b:5e:6f:b3:a3:2f:47:
55:e0:51:ad:b0:55:07:a0:28:cd:dd:03:3e:d5:2a:a6:01:fd:
06:65:cd:fe:7c:0b:9d:40:47:2b:9e:f3:18:35:4e:0f:ea:67:
f1:78:0a:20:06:8c:d5:2d:ea:44:2a:6d:55:ef:f0:a0:a5:60:
6a:fd:56:01:9f:d8:49:4c:5a:35:a0:a3:f1:bd:09:ea:47:0b:
ca:8c:64:4b:8c:6a:c8:df:87:58:25:f9:5d:43:e8:b5:71:f7:
5d:23:f8:e0:fa:b2:e8:1c:e7:da:17:4d:5f:a6:d1:72:ca:9e:
80:e3:0e:5a:c6:58:7a:35:1b:02:f1:ec:7f:06:fd:ee:aa:40:
05:e4:a7:a6:dd:14:c1:bf:e7:7d:69:3b:35:0c:0a:71:02:41:
ce:f1:89:dc:73:32:6e:c2:b4:bf:eb:58:5a:c1:d7:25:1a:3f:
27:67:64:c9
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAY+/KPOAPc4qn5qTc1Y53JXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwNTI4MTIyNDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmUwMjJkOTgxYTUzYjU4NGZmMTg5Nzg0MGJlNzBlZjMxYWQxOTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMgOP83oSt//olVwe5X118MOfXgJ
8ZRY5l/IDmI24/TD35klI90RWs64W+M9jtlXekBiOXGfVrkOO8XpkNY6w1qhFYAc
bX0Sy3nEov0gPfYX3NlSeqj+YMopKDKscRoiHwyo9vU3NVhfaipmJY0qrxiJIJ14
3KC7kV4GQqtL6mxdUmIthcPZeVFEFxHWwezX4w2oPZQFXDaUxFfeN3GsL6LG+hdd
x2bqzX1vMAKrZ+kYBaN1A8FTD1wPcyiU5AyiA7awQ8hXFxu1g7oz9KRz2gKiTFoZ
+083UvF3p3sws+1piEcqseEqauHnBAwXoj9Xwmld53sFLqT/Fj00Kgl9iQIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFJbgItmBpTtYT/GJeEC+cO8xrRlzMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvbHVBaTJZR2xPMWhQOFlsNFFMNXc3ekd0R1hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DB+BAIAATB4AwQBLVlC
AwQCLYCwAwQALYT8AwQAW9lQAwQDXo6IAwQAZ1JnAwQBZ39MAwQCuQX4AwQCuTrM
AwQCuVcwAwQBuWl0AwQCuXWYAwQCuX3YAwQCuX3kAwQAuci8AwQAwW1VAwQEwXyw
AwQAwajgAwQFwkPAAwQAwy/6MFoEAgACMFQDBwAqCpMAAAADBwAqCpMAAAIwEgMH
BCoKkwAA0AMHACoKkwAA0jAQAwUAKgqTAQMHACoKkwEAAgMFACoKkwIDBQMqC3eA
AwUAKgx3wAMFAyoNOIAwDQYJKoZIhvcNAQELBQADggEBAJNcJ7GyH2uBqYuxTjHg
g5A47195taWVNm1JttmK5uXlV6VLqdsHOtUc2vXQ0hHydoFafTdUnQQ0sRwZRvaB
YafByd+XUy9JG4Sp91KTxUSuoRcoG15vs6MvR1XgUa2wVQegKM3dAz7VKqYB/QZl
zf58C51ARyue8xg1Tg/qZ/F4CiAGjNUt6kQqbVXv8KClYGr9VgGf2ElMWjWgo/G9
CepHC8qMZEuMasjfh1gl+V1D6LVx910j+OD6sugc59oXTV+m0XLKnoDjDlrGWHo1
GwLx7H8G/e6qQAXkp6bdFMG/531pOzUMCnECQc7xidxzMm7CtL/rWFrB1yUaPydn
ZMk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org