Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/qaXyA8haTvDW-6RvbSKGzOVlYws.roa
File: qaXyA8haTvDW-6RvbSKGzOVlYws.roa (raw, json)
Hash identifier: Z1VrraFVckRa12/5/5zdo2vwjMng3kWm3G9WhPyFH8U=
Subject key identifier: A9:A5:F2:03:C8:5A:4E:F0:D6:FB:A4:6F:6D:22:86:CC:E5:65:63:0B
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01914A8955BF6817DE0755B4A9435E86493F
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/qaXyA8haTvDW-6RvbSKGzOVlYws.roa
Signing time: Tue 13 Aug 2024 06:59:59 +0000
ROA not before: Tue 13 Aug 2024 06:59:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 45.89.66.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.176.0/24 maxlen: 24
45.128.177.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
45.132.252.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.139.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
103.82.103.0/24 maxlen: 24
185.5.248.0/22 maxlen: 22
185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.250.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.207.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.48.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.87.50.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
185.125.216.0/22 maxlen: 22
185.125.218.0/23 maxlen: 23
185.125.229.0/24 maxlen: 24
185.125.230.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.200.188.0/24 maxlen: 24
193.124.176.0/20 maxlen: 20
193.124.176.0/21 maxlen: 21
193.124.176.0/22 maxlen: 22
193.124.176.0/24 maxlen: 24
193.124.177.0/24 maxlen: 24
193.124.178.0/24 maxlen: 24
193.124.179.0/24 maxlen: 24
193.124.180.0/24 maxlen: 24
193.124.181.0/24 maxlen: 24
193.124.182.0/24 maxlen: 24
193.124.183.0/24 maxlen: 24
193.124.184.0/21 maxlen: 21
193.124.184.0/24 maxlen: 24
193.124.189.0/24 maxlen: 24
193.124.191.0/24 maxlen: 24
193.168.224.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.193.0/24 maxlen: 24
194.67.194.0/23 maxlen: 23
194.67.196.0/22 maxlen: 22
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
195.47.250.0/24 maxlen: 24
2a0a:9300::/48 maxlen: 48
2a0a:9300:2::/48 maxlen: 48
2a0a:9300:d0::/48 maxlen: 48
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a0a:9302:1::/48 maxlen: 48
2a0b:7780::/29 maxlen: 29
2a0c:77c0::/32 maxlen: 32
2a0d:3880::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 03 Sep 2024 14:52:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4a:89:55:bf:68:17:de:07:55:b4:a9:43:5e:86:49:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Aug 13 06:59:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9a5f203c85a4ef0d6fba46f6d2286cce565630b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5b:10:a7:31:ef:7a:0d:1e:65:f3:19:49:13:
19:c5:ff:6c:f9:65:f6:07:3a:a8:a1:f0:97:f7:bd:
ae:4b:72:b5:9f:98:62:6d:22:90:c6:61:a1:51:b5:
29:73:63:e2:68:7f:88:a4:0a:e1:31:d8:e6:14:e6:
ce:10:d2:89:7a:e6:df:a2:ad:66:69:b8:18:25:54:
61:3e:b2:93:a4:c4:80:58:48:d9:0d:16:ba:72:c2:
4a:9b:75:58:e9:fc:68:43:92:52:9f:db:da:80:1d:
91:d2:2b:18:c1:77:68:b5:56:70:1d:6c:55:58:4d:
07:bd:b1:99:3a:4a:ca:36:8b:fb:ab:c1:33:5b:f4:
98:18:bc:17:f6:c9:33:38:0d:3b:c4:03:b3:2f:b4:
df:0c:d5:a8:4a:fe:de:3d:85:1f:7d:eb:c2:e2:4b:
74:8d:37:f7:d6:c8:fd:b1:f0:2b:ef:e3:c7:29:41:
58:a8:73:8d:1c:8a:d1:f8:52:e6:81:10:69:e6:08:
29:f5:5c:04:af:db:ad:4e:dd:88:9f:79:27:51:c0:
72:76:f2:09:99:c4:26:92:85:97:7c:30:92:9d:29:
f0:57:6a:68:be:23:e7:a8:20:2b:fa:f7:0b:c3:ae:
77:87:70:20:60:30:02:88:46:b6:4a:ee:e2:b2:54:
be:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A5:F2:03:C8:5A:4E:F0:D6:FB:A4:6F:6D:22:86:CC:E5:65:63:0B
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/qaXyA8haTvDW-6RvbSKGzOVlYws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.66.0/23
45.128.176.0/22
45.132.252.0/24
91.217.80.0/24
94.142.136.0/21
103.82.103.0/24
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.229.0-185.125.231.255
185.200.188.0/24
193.124.176.0/20
193.168.224.0/24
194.67.192.0/19
195.47.250.0/24
IPv6:
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
2a0b:7780::/29
2a0c:77c0::/32
2a0d:3880::/29
Signature Algorithm: sha256WithRSAEncryption
97:24:39:f2:c3:df:5e:44:0f:b2:e1:31:eb:64:7b:63:ed:38:
23:d7:cd:76:45:91:e0:08:1f:bf:7d:55:c6:dc:2a:21:09:06:
ea:89:20:4f:8f:12:6a:28:ae:2e:b9:41:e8:de:aa:f2:31:77:
24:73:57:30:17:dc:57:6d:ec:a1:19:14:81:7e:a3:4c:1f:ff:
a3:2a:8e:c9:22:2f:e6:38:2f:3e:6f:1e:56:00:e0:80:70:a0:
c0:b7:56:cd:85:8d:47:da:05:d8:ab:72:88:8d:a8:fe:60:19:
05:4c:59:28:f1:a7:6f:d9:61:cd:13:d3:ef:3a:4e:46:4c:69:
95:5a:80:0c:bb:7c:8d:96:21:b1:90:5d:d0:00:7f:e2:1e:cd:
66:74:bc:89:26:27:f2:9b:c3:fa:1a:01:df:d3:46:59:b9:b3:
10:69:0f:3e:4a:00:b9:49:ef:e9:fb:eb:1e:ea:56:03:ec:2d:
ac:58:d3:6e:a3:16:e1:c9:5b:36:b7:af:17:ae:25:1a:63:ba:
2e:38:3e:16:2d:e1:d2:8a:e3:d3:94:cd:56:e9:13:f3:8a:45:
c8:12:5f:d8:92:bb:4e:28:d4:d8:8a:cb:91:3f:fc:74:40:cd:
a3:0f:06:a0:29:5d:0a:bb:0b:ee:91:73:45:2b:14:c3:69:36:
0d:97:24:95
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAZFKiVW/aBfeB1W0qUNehkk/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwODEzMDY1OTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWE1ZjIwM2M4NWE0ZWYwZDZmYmE0NmY2ZDIyODZjY2U1NjU2MzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVsQpzHveg0eZfMZSRMZxf9s+WX2
BzqoofCX972uS3K1n5hibSKQxmGhUbUpc2PiaH+IpArhMdjmFObOENKJeubfoq1m
abgYJVRhPrKTpMSAWEjZDRa6csJKm3VY6fxoQ5JSn9vagB2R0isYwXdotVZwHWxV
WE0HvbGZOkrKNov7q8EzW/SYGLwX9skzOA07xAOzL7TfDNWoSv7ePYUffevC4kt0
jTf31sj9sfAr7+PHKUFYqHONHIrR+FLmgRBp5ggp9VwEr9utTt2In3knUcBydvIJ
mcQmkoWXfDCSnSnwV2poviPnqCAr+vcLw653h3AgYDACiEa2Su7islS+zQIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFKml8gPIWk7w1vukb20ihszlZWMLMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvcWFYeUE4aGFUdkRXLTZSdmJTS0d6T1ZsWXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DB6BAIAATB0AwQBLVlC
AwQCLYCwAwQALYT8AwQAW9lQAwQDXo6IAwQAZ1JnAwQCuQX4AwQCuTrMAwQCuVcw
AwQBuWl0AwQCuXWYAwQCuX3YMAwDBAC5feUDBAO5feADBAC5yLwDBATBfLADBADB
qOADBAXCQ8ADBADDL/owWgQCAAIwVAMHACoKkwAAAAMHACoKkwAAAjASAwcEKgqT
AADQAwcAKgqTAADSMBADBQAqCpMBAwcAKgqTAQACAwUAKgqTAgMFAyoLd4ADBQAq
DHfAAwUDKg04gDANBgkqhkiG9w0BAQsFAAOCAQEAlyQ58sPfXkQPsuEx62R7Y+04
I9fNdkWR4Agfv31VxtwqIQkG6okgT48SaiiuLrlB6N6q8jF3JHNXMBfcV23soRkU
gX6jTB//oyqOySIv5jgvPm8eVgDggHCgwLdWzYWNR9oF2KtyiI2o/mAZBUxZKPGn
b9lhzRPT7zpORkxplVqADLt8jZYhsZBd0AB/4h7NZnS8iSYn8pvD+hoB39NGWbmz
EGkPPkoAuUnv6fvrHupWA+wtrFjTbqMW4clbNrevF64lGmO6Ljg+Fi3h0orj05TN
VukT84pFyBJf2JK7TijU2IrLkT/8dEDNow8GoCldCrsL7pFzRSsUw2k2DZcklQ==
-----END CERTIFICATE-----
Generated at Tue Sep 3 17:39:36 2024 by rpki-client on console-ams.rpki-client.org