Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/sxOZcuFzmJ1LdJnlAaLFopIzlp0.roa
File: sxOZcuFzmJ1LdJnlAaLFopIzlp0.roa (raw, json)
Hash identifier: U3lnO45c3aVtPL7ha5yau3e6GuD63If2WoLHu2TarKU=
Subject key identifier: B3:13:99:72:E1:73:98:9D:4B:74:99:E5:01:A2:C5:A2:92:33:96:9D
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01922EED7DAE7A9555C8C8150F886640023E
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/sxOZcuFzmJ1LdJnlAaLFopIzlp0.roa
Signing time: Thu 26 Sep 2024 15:22:49 +0000
ROA not before: Thu 26 Sep 2024 15:22:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 45.9.74.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.176.0/24 maxlen: 24
45.128.177.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
45.132.252.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.139.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
103.82.103.0/24 maxlen: 24
185.5.248.0/22 maxlen: 22
185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.250.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.207.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.48.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.87.50.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
185.125.216.0/22 maxlen: 22
185.125.218.0/23 maxlen: 23
185.125.229.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.200.188.0/24 maxlen: 24
193.109.85.0/24 maxlen: 24
193.124.176.0/20 maxlen: 20
193.124.176.0/21 maxlen: 21
193.124.176.0/22 maxlen: 22
193.124.176.0/24 maxlen: 24
193.124.177.0/24 maxlen: 24
193.124.178.0/24 maxlen: 24
193.124.179.0/24 maxlen: 24
193.124.180.0/24 maxlen: 24
193.124.181.0/24 maxlen: 24
193.124.182.0/24 maxlen: 24
193.124.183.0/24 maxlen: 24
193.124.184.0/21 maxlen: 21
193.124.184.0/24 maxlen: 24
193.124.189.0/24 maxlen: 24
193.124.191.0/24 maxlen: 24
193.168.224.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.193.0/24 maxlen: 24
194.67.194.0/23 maxlen: 23
194.67.196.0/22 maxlen: 22
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
195.47.250.0/24 maxlen: 24
2a0a:9300::/48 maxlen: 48
2a0a:9300:2::/48 maxlen: 48
2a0a:9300:d0::/48 maxlen: 48
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a0a:9302:1::/48 maxlen: 48
2a0b:7780::/29 maxlen: 29
2a0c:77c0::/32 maxlen: 32
2a0d:3880::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 07 Oct 2024 11:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2e:ed:7d:ae:7a:95:55:c8:c8:15:0f:88:66:40:02:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 26 15:22:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3139972e173989d4b7499e501a2c5a29233969d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2a:f0:ce:0f:28:a7:bd:3c:03:71:7b:3c:db:
6b:e0:da:79:0f:4a:63:dc:d1:a8:cb:74:47:b5:4f:
49:32:da:5c:46:d2:d7:bb:fc:78:fb:70:8b:37:68:
40:dd:1e:24:4a:d5:15:72:bb:78:e1:25:64:e6:85:
34:34:ab:b0:28:53:b5:be:cb:d0:f8:da:36:21:40:
7a:51:d8:1f:a1:a0:96:d2:93:77:9d:fa:d5:4e:9d:
a1:f7:fe:4c:23:9e:1b:b1:84:f4:59:28:ed:83:8b:
e9:8d:68:a0:a8:63:99:ce:00:5b:b0:e5:0b:16:b7:
85:a1:33:33:be:75:b0:d8:7d:5e:42:67:d4:0f:57:
76:31:4d:b4:d2:64:c0:a0:64:c2:ab:a0:51:cb:61:
d1:d6:19:ad:4a:91:f8:dc:90:53:fa:b6:fa:e7:c8:
11:a2:f9:f7:f2:c1:f2:33:02:e0:3b:16:e3:82:1f:
87:7d:11:c6:90:b1:97:3e:32:80:57:df:5e:75:f6:
8e:e8:bd:e3:3d:90:23:a2:eb:c7:94:41:9c:d4:2d:
2d:e8:96:35:5f:71:a9:17:e0:8f:5f:e8:b0:16:19:
b6:a4:9e:94:17:a5:c5:4f:1e:9c:75:ae:28:30:cb:
2e:8c:6f:bc:43:d8:6d:aa:24:19:fc:62:d0:6a:22:
a1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:13:99:72:E1:73:98:9D:4B:74:99:E5:01:A2:C5:A2:92:33:96:9D
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/sxOZcuFzmJ1LdJnlAaLFopIzlp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.74.0/24
45.89.66.0/23
45.128.176.0/22
45.132.252.0/24
91.217.80.0/24
94.142.136.0/21
103.82.103.0/24
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.229.0/24
185.125.231.0/24
185.200.188.0/24
193.109.85.0/24
193.124.176.0/20
193.168.224.0/24
194.67.192.0/19
195.47.250.0/24
IPv6:
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
2a0b:7780::/29
2a0c:77c0::/32
2a0d:3880::/29
Signature Algorithm: sha256WithRSAEncryption
8d:32:1e:2c:41:f4:7d:f8:bc:83:fa:08:f9:20:c9:c6:31:53:
74:bf:9f:0b:a3:12:d4:be:af:6c:97:48:93:36:8c:84:ee:92:
4e:32:ff:91:01:b5:15:5f:18:0f:51:fa:1b:6a:98:3a:0f:f7:
d9:95:e7:cf:bf:f4:38:04:3a:96:2b:d8:60:76:70:e2:72:48:
99:28:dd:6f:b1:22:57:a7:64:ea:3e:c7:5b:a7:de:de:29:c4:
f7:fd:26:3a:d3:5d:ba:8b:07:a9:bd:d1:39:37:dd:7e:74:4f:
1a:d2:0a:6c:61:f6:68:88:f6:3d:bf:bb:c4:5e:5e:f5:05:54:
e9:2e:26:64:f3:94:82:41:dd:0f:a9:eb:40:0a:b1:56:df:7b:
f1:26:a2:c7:d5:85:f7:0b:b8:02:f2:be:76:3b:bb:46:43:cd:
65:84:13:09:ae:9d:e4:0e:9d:7d:e3:77:0a:54:e2:c2:63:22:
a5:7b:c7:89:fa:38:e7:fa:f3:69:26:d9:a4:55:80:86:e8:4a:
14:bc:55:64:a9:64:12:69:b6:d3:7b:d0:d7:ef:fa:48:4f:00:
88:3e:83:71:f3:18:e1:ee:f3:50:d8:01:a2:43:f5:c8:23:c5:
cf:90:ad:16:50:ca:33:37:b0:8b:34:85:83:da:38:3c:9f:a8:
5b:b0:9d:96
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAZIu7X2uepVVyMgVD4hmQAI+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwOTI2MTUyMjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzEzOTk3MmUxNzM5ODlkNGI3NDk5ZTUwMWEyYzVhMjkyMzM5NjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0irwzg8op708A3F7PNtr4Np5D0pj
3NGoy3RHtU9JMtpcRtLXu/x4+3CLN2hA3R4kStUVcrt44SVk5oU0NKuwKFO1vsvQ
+No2IUB6UdgfoaCW0pN3nfrVTp2h9/5MI54bsYT0WSjtg4vpjWigqGOZzgBbsOUL
FreFoTMzvnWw2H1eQmfUD1d2MU200mTAoGTCq6BRy2HR1hmtSpH43JBT+rb658gR
ovn38sHyMwLgOxbjgh+HfRHGkLGXPjKAV99edfaO6L3jPZAjouvHlEGc1C0t6JY1
X3GpF+CPX+iwFhm2pJ6UF6XFTx6cda4oMMsujG+8Q9htqiQZ/GLQaiKh9wIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFLMTmXLhc5idS3SZ5QGixaKSM5adMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvc3hPWmN1RnptSjFMZEpubEFhTEZvcEl6bHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zCBhAQCAAEwfgMEAC0J
SgMEAS1ZQgMEAi2AsAMEAC2E/AMEAFvZUAMEA16OiAMEAGdSZwMEArkF+AMEArk6
zAMEArlXMAMEAblpdAMEArl1mAMEArl92AMEALl95QMEALl95wMEALnIvAMEAMFt
VQMEBMF8sAMEAMGo4AMEBcJDwAMEAMMv+jBaBAIAAjBUAwcAKgqTAAAAAwcAKgqT
AAACMBIDBwQqCpMAANADBwAqCpMAANIwEAMFACoKkwEDBwAqCpMBAAIDBQAqCpMC
AwUDKgt3gAMFACoMd8ADBQMqDTiAMA0GCSqGSIb3DQEBCwUAA4IBAQCNMh4sQfR9
+LyD+gj5IMnGMVN0v58LoxLUvq9sl0iTNoyE7pJOMv+RAbUVXxgPUfobapg6D/fZ
lefPv/Q4BDqWK9hgdnDickiZKN1vsSJXp2TqPsdbp97eKcT3/SY60126iwepvdE5
N91+dE8a0gpsYfZoiPY9v7vEXl71BVTpLiZk85SCQd0PqetACrFW33vxJqLH1YX3
C7gC8r52O7tGQ81lhBMJrp3kDp1943cKVOLCYyKle8eJ+jjn+vNpJtmkVYCG6EoU
vFVkqWQSabbTe9DX7/pITwCIPoNx8xjh7vNQ2AGiQ/XII8XPkK0WUMozN7CLNIWD
2jg8n6hbsJ2W
-----END CERTIFICATE-----
Generated at Mon Oct 7 19:10:56 2024 by rpki-client on console-ams.rpki-client.org