Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/yNHWN3Y0V5zxhyKwnMzsIQUiCRg.roa
File: yNHWN3Y0V5zxhyKwnMzsIQUiCRg.roa (raw, json)
Hash identifier: 4OfAw8B103DQXbF+i5ZpOfaWZKQiagPIG9KFuz6YFu4=
Subject key identifier: C8:D1:D6:37:76:34:57:9C:F1:87:22:B0:9C:CC:EC:21:05:22:09:18
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019131930796E4C01B29D77A85345C609341
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/yNHWN3Y0V5zxhyKwnMzsIQUiCRg.roa
Signing time: Thu 08 Aug 2024 10:40:04 +0000
ROA not before: Thu 08 Aug 2024 10:40:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 45.89.66.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.176.0/24 maxlen: 24
45.128.177.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
45.132.252.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.139.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
103.82.103.0/24 maxlen: 24
185.5.248.0/22 maxlen: 22
185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.250.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.207.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.48.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.87.50.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
185.125.216.0/22 maxlen: 22
185.125.218.0/23 maxlen: 23
185.125.229.0/24 maxlen: 24
185.125.230.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.200.188.0/24 maxlen: 24
193.124.176.0/20 maxlen: 20
193.124.176.0/22 maxlen: 22
193.124.176.0/24 maxlen: 24
193.124.177.0/24 maxlen: 24
193.124.178.0/24 maxlen: 24
193.124.179.0/24 maxlen: 24
193.124.180.0/24 maxlen: 24
193.124.181.0/24 maxlen: 24
193.124.182.0/24 maxlen: 24
193.124.183.0/24 maxlen: 24
193.124.184.0/21 maxlen: 21
193.124.184.0/24 maxlen: 24
193.124.189.0/24 maxlen: 24
193.124.191.0/24 maxlen: 24
193.168.224.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.193.0/24 maxlen: 24
194.67.194.0/23 maxlen: 23
194.67.196.0/22 maxlen: 22
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
195.47.250.0/24 maxlen: 24
2a0a:9300::/48 maxlen: 48
2a0a:9300:2::/48 maxlen: 48
2a0a:9300:d0::/48 maxlen: 48
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a0a:9302:1::/48 maxlen: 48
2a0b:7780::/29 maxlen: 29
2a0c:77c0::/32 maxlen: 32
2a0d:3880::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 09 Aug 2024 13:57:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:93:07:96:e4:c0:1b:29:d7:7a:85:34:5c:60:93:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Aug 8 10:40:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8d1d6377634579cf18722b09cccec2105220918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:42:08:57:ad:a5:12:bf:89:7b:bc:4d:f6:9a:
55:a7:7f:9e:03:7a:4c:6b:d0:41:07:84:4e:79:5d:
54:9e:56:3f:bb:21:21:ba:86:76:9f:d8:29:49:df:
fa:fe:95:8e:38:f0:19:a1:4c:34:e2:1c:f9:6f:8a:
bd:2d:67:82:89:eb:56:ec:da:37:6e:4d:8e:6e:77:
0d:60:3e:e0:85:cb:aa:cf:27:c1:89:01:ea:f2:63:
83:c8:c2:fd:a6:38:9c:6b:68:3c:79:ed:3f:3b:62:
b2:c1:bb:dc:a9:66:55:3d:95:50:91:82:85:10:92:
e1:19:32:ab:c0:53:eb:7e:11:a6:e5:c2:63:ec:c7:
dd:e8:ea:59:56:3e:2b:49:7d:1e:f6:89:3b:d7:93:
9c:49:6e:dd:8c:0e:4b:b3:f5:73:eb:7c:0e:8a:3f:
37:65:64:16:dd:58:da:0f:2a:64:57:e9:3e:81:86:
52:60:c8:9c:be:aa:e5:15:5e:ab:f1:41:39:25:0d:
11:89:0b:b1:4f:8a:50:ed:6f:3a:78:e3:33:85:f1:
ee:bb:ab:45:14:d0:e8:5f:45:a9:c4:d4:d3:d2:9e:
6b:74:32:f4:31:07:cf:15:d8:d4:0b:18:72:c6:73:
57:30:2d:bb:69:c0:98:0f:75:5b:24:0e:12:24:ad:
8d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:D1:D6:37:76:34:57:9C:F1:87:22:B0:9C:CC:EC:21:05:22:09:18
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/yNHWN3Y0V5zxhyKwnMzsIQUiCRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.66.0/23
45.128.176.0/22
45.132.252.0/24
91.217.80.0/24
94.142.136.0/21
103.82.103.0/24
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.229.0-185.125.231.255
185.200.188.0/24
193.124.176.0/20
193.168.224.0/24
194.67.192.0/19
195.47.250.0/24
IPv6:
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
2a0b:7780::/29
2a0c:77c0::/32
2a0d:3880::/29
Signature Algorithm: sha256WithRSAEncryption
a3:77:89:ae:0f:f9:36:4d:72:fb:b4:27:d3:e5:38:36:1e:ac:
2e:8d:b3:75:ea:0f:80:38:0a:26:3f:05:78:6e:5b:62:a3:06:
72:ba:43:51:7f:04:a4:5b:37:7a:93:e8:fb:50:3e:14:bd:15:
73:3f:ef:c7:e5:2b:92:7f:ad:71:b4:50:75:95:bb:87:cf:e6:
c5:7a:d5:9f:bc:c7:98:e5:1e:01:c1:f7:15:50:34:f7:7d:4f:
08:b7:96:dc:af:fb:1b:0e:9e:2a:18:15:a1:70:f1:43:6c:f0:
38:cb:4e:79:d5:6a:a9:7d:35:07:80:b4:f1:cc:f7:7b:8c:64:
48:8c:94:6e:2c:c1:df:ba:90:f1:2a:79:30:b3:bd:75:2f:2a:
96:c0:ec:be:fa:9d:37:f2:68:b1:a1:70:0b:3c:fd:ac:de:8a:
3c:8d:dc:77:a0:4c:b2:ce:cf:a7:88:72:95:f7:3d:e5:85:59:
9c:50:25:3a:c5:af:10:2a:7b:fa:eb:8c:0e:f2:ed:91:9c:e0:
fe:66:ab:6a:51:b3:ab:f2:4a:a6:70:2c:95:62:74:6a:fd:a2:
ed:c8:6c:cd:91:4e:15:09:0e:ef:de:36:9e:18:82:3d:f8:61:
0a:7c:47:89:7e:13:e9:2c:e8:f3:df:f2:a6:a0:a4:2a:74:8b:
75:8f:5d:a4
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAZExkweW5MAbKdd6hTRcYJNBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwODA4MTA0MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGQxZDYzNzc2MzQ1NzljZjE4NzIyYjA5Y2NjZWMyMTA1MjIwOTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskIIV62lEr+Je7xN9ppVp3+eA3pM
a9BBB4ROeV1UnlY/uyEhuoZ2n9gpSd/6/pWOOPAZoUw04hz5b4q9LWeCietW7No3
bk2ObncNYD7ghcuqzyfBiQHq8mODyML9pjica2g8ee0/O2KywbvcqWZVPZVQkYKF
EJLhGTKrwFPrfhGm5cJj7Mfd6OpZVj4rSX0e9ok715OcSW7djA5Ls/Vz63wOij83
ZWQW3VjaDypkV+k+gYZSYMicvqrlFV6r8UE5JQ0RiQuxT4pQ7W86eOMzhfHuu6tF
FNDoX0WpxNTT0p5rdDL0MQfPFdjUCxhyxnNXMC27acCYD3VbJA4SJK2N2wIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFMjR1jd2NFec8YcisJzM7CEFIgkYMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEveU5IV04zWTBWNXp4aHlLd25NenNJUVVpQ1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DB6BAIAATB0AwQBLVlC
AwQCLYCwAwQALYT8AwQAW9lQAwQDXo6IAwQAZ1JnAwQCuQX4AwQCuTrMAwQCuVcw
AwQBuWl0AwQCuXWYAwQCuX3YMAwDBAC5feUDBAO5feADBAC5yLwDBATBfLADBADB
qOADBAXCQ8ADBADDL/owWgQCAAIwVAMHACoKkwAAAAMHACoKkwAAAjASAwcEKgqT
AADQAwcAKgqTAADSMBADBQAqCpMBAwcAKgqTAQACAwUAKgqTAgMFAyoLd4ADBQAq
DHfAAwUDKg04gDANBgkqhkiG9w0BAQsFAAOCAQEAo3eJrg/5Nk1y+7Qn0+U4Nh6s
Lo2zdeoPgDgKJj8FeG5bYqMGcrpDUX8EpFs3epPo+1A+FL0Vcz/vx+Urkn+tcbRQ
dZW7h8/mxXrVn7zHmOUeAcH3FVA0931PCLeW3K/7Gw6eKhgVoXDxQ2zwOMtOedVq
qX01B4C08cz3e4xkSIyUbizB37qQ8Sp5MLO9dS8qlsDsvvqdN/JosaFwCzz9rN6K
PI3cd6BMss7Pp4hylfc95YVZnFAlOsWvECp7+uuMDvLtkZzg/maralGzq/JKpnAs
lWJ0av2i7chszZFOFQkO7942nhiCPfhhCnxHiX4T6Szo89/ypqCkKnSLdY9dpA==
-----END CERTIFICATE-----
Generated at Fri Aug 9 16:17:44 2024 by rpki-client on console-fra.rpki-client.org