Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/s4MtD4d-naq1IenCXvUFejbhNLA.roa
File: s4MtD4d-naq1IenCXvUFejbhNLA.roa (raw, json)
Hash identifier: 1d/TPetj4gY4B7PaM96QrvWxtuYBlBl3dnffDSVPGdI=
Subject key identifier: B3:83:2D:0F:87:7E:9D:AA:B5:21:E9:C2:5E:F5:05:7A:36:E1:34:B0
Certificate issuer: /CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Certificate serial: 018D407208DBB60CCB2914AC954378512E0E
Authority key identifier: DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/s4MtD4d-naq1IenCXvUFejbhNLA.roa
Signing time: Thu 25 Jan 2024 11:47:11 +0000
ROA not before: Thu 25 Jan 2024 11:47:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39351
IP address blocks: 45.83.220.0/24 maxlen: 24
45.83.221.0/24 maxlen: 24
45.83.222.0/23 maxlen: 24
45.83.222.0/24 maxlen: 24
45.83.223.0/24 maxlen: 24
45.129.56.0/24 maxlen: 24
45.129.57.0/24 maxlen: 24
45.129.58.0/24 maxlen: 24
141.98.252.0/24 maxlen: 24
141.98.254.0/24 maxlen: 24
141.98.255.0/24 maxlen: 24
185.65.132.0/24 maxlen: 24
185.65.133.0/24 maxlen: 24
185.65.134.0/24 maxlen: 24
185.65.135.0/24 maxlen: 24
185.195.232.0/24 maxlen: 24
185.195.233.0/24 maxlen: 24
185.209.196.0/24 maxlen: 24
185.209.197.0/24 maxlen: 24
185.213.152.0/24 maxlen: 24
185.213.153.0/24 maxlen: 24
185.213.154.0/24 maxlen: 24
185.213.155.0/24 maxlen: 24
193.32.126.0/24 maxlen: 24
193.32.127.0/24 maxlen: 24
193.32.248.0/24 maxlen: 24
193.32.249.0/24 maxlen: 24
193.138.216.0/22 maxlen: 22
2a03:1b20:1::/48 maxlen: 48
2a03:1b20:2::/48 maxlen: 48
2a03:1b20:3::/48 maxlen: 48
2a03:1b20:4::/48 maxlen: 48
2a03:1b20:5::/48 maxlen: 48
2a03:1b20:6::/48 maxlen: 48
2a03:1b20:7::/48 maxlen: 48
2a03:1b20:8::/48 maxlen: 48
2a03:1b20:9::/48 maxlen: 48
2a03:1b20:a::/48 maxlen: 48
2a03:1b20:b::/48 maxlen: 48
2a03:1b20:beed::/48 maxlen: 48
2a03:1b20:beee::/48 maxlen: 48
2a03:1b20:beef::/48 maxlen: 48
2a03:1b20:bef1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 26 Jan 2024 14:14:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:40:72:08:db:b6:0c:cb:29:14:ac:95:43:78:51:2e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Validity
Not Before: Jan 25 11:47:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3832d0f877e9daab521e9c25ef5057a36e134b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:02:60:43:7d:67:c1:70:cc:36:d3:f3:70:90:
26:ec:a4:59:29:86:54:80:b7:92:cd:19:43:82:30:
32:54:06:2f:2c:b1:43:26:f5:94:a7:f1:40:f6:60:
f4:67:8b:82:5a:35:0c:91:1a:06:94:36:18:2d:fe:
ea:ff:b7:64:aa:32:f6:fb:fc:58:61:0f:db:34:49:
fe:59:0f:f8:ed:26:57:f4:4a:87:0a:48:fa:0f:0a:
8f:67:b4:61:fb:16:bf:f8:a6:4f:68:99:9a:f2:a8:
a2:f9:80:8c:eb:c6:aa:4c:75:a1:b8:96:2b:26:42:
1d:6d:19:f6:35:33:70:b7:0c:e3:87:80:4c:6f:16:
18:de:8b:41:d1:0a:1b:16:7f:56:d0:d7:86:d4:4f:
3e:05:6f:cc:ea:3c:31:fa:79:51:d4:f3:c7:7f:75:
a4:53:66:ee:4f:d0:3c:58:6d:45:a9:1f:fe:27:c3:
fb:33:8a:35:43:3d:5a:fc:b4:a9:6e:3c:18:3a:f3:
97:14:cf:5c:8e:f9:fc:58:5c:48:ea:0e:e7:9d:81:
93:8f:91:be:72:80:95:6d:0e:14:3e:e1:f8:19:4b:
b7:ac:f4:b0:a7:3b:15:4f:97:e7:02:1c:4f:8e:df:
00:78:46:10:c8:80:79:ee:54:2c:48:20:2a:c5:5d:
e4:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:83:2D:0F:87:7E:9D:AA:B5:21:E9:C2:5E:F5:05:7A:36:E1:34:B0
X509v3 Authority Key Identifier:
keyid:DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/s4MtD4d-naq1IenCXvUFejbhNLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/3i6RcxXwqHiyH8E51JqCGq3cPJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.220.0/22
45.129.56.0-45.129.58.255
141.98.252.0/24
141.98.254.0/23
185.65.132.0/22
185.195.232.0/23
185.209.196.0/23
185.213.152.0/22
193.32.126.0/23
193.32.248.0/23
193.138.216.0/22
IPv6:
2a03:1b20:1::-2a03:1b20:b:ffff:ffff:ffff:ffff:ffff
2a03:1b20:beed::-2a03:1b20:beef:ffff:ffff:ffff:ffff:ffff
2a03:1b20:bef1::/48
Signature Algorithm: sha256WithRSAEncryption
70:78:34:1b:f7:0e:a0:a7:39:c0:04:d4:62:93:03:18:d7:a4:
2c:76:f3:84:6e:2c:6b:85:9c:d6:05:a0:63:51:c3:8e:b6:bd:
7a:46:b7:f6:36:cc:e0:42:f9:9f:81:61:c3:47:a8:d7:04:33:
34:92:f7:b2:a2:77:7a:8d:06:06:0f:64:d8:bd:6b:f2:da:04:
1c:40:c4:da:78:29:0f:f5:a5:65:36:25:57:54:1b:29:7e:58:
71:99:62:55:ae:4b:95:72:e9:49:16:f7:99:c2:16:09:6e:b6:
3d:c0:b2:e0:66:a4:24:cd:51:14:61:d1:d9:e5:db:73:7e:2c:
82:95:c4:2a:72:83:0d:48:b2:95:4f:b4:1a:80:ff:ac:80:b4:
cf:38:4e:3d:fd:d3:96:0d:d9:9b:d0:92:13:db:79:ce:3a:a3:
33:66:e1:09:b2:fc:5a:e1:35:eb:81:a6:2f:3b:2a:0e:d2:ff:
55:05:08:20:b0:b2:69:93:af:f0:46:d8:5b:46:7a:79:9c:71:
a5:52:f6:64:0a:ee:08:7e:7c:b6:f4:0a:6f:fa:85:e9:48:93:
2e:4f:8b:64:4c:c8:72:b1:22:11:a1:8e:36:90:45:80:19:25:
c3:0e:a2:1f:5c:4b:87:e2:f3:ee:5a:33:2d:c1:a5:8a:1a:37:
54:29:15:66
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAY1AcgjbtgzLKRSslUN4US4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMmU5MTczMTVmMGE4NzhiMjFmYzEzOWQ0OWE4MjFhYWRk
YzNjOTcwHhcNMjQwMTI1MTE0NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzgzMmQwZjg3N2U5ZGFhYjUyMWU5YzI1ZWY1MDU3YTM2ZTEzNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwJgQ31nwXDMNtPzcJAm7KRZKYZU
gLeSzRlDgjAyVAYvLLFDJvWUp/FA9mD0Z4uCWjUMkRoGlDYYLf7q/7dkqjL2+/xY
YQ/bNEn+WQ/47SZX9EqHCkj6DwqPZ7Rh+xa/+KZPaJma8qii+YCM68aqTHWhuJYr
JkIdbRn2NTNwtwzjh4BMbxYY3otB0QobFn9W0NeG1E8+BW/M6jwx+nlR1PPHf3Wk
U2buT9A8WG1FqR/+J8P7M4o1Qz1a/LSpbjwYOvOXFM9cjvn8WFxI6g7nnYGTj5G+
coCVbQ4UPuH4GUu3rPSwpzsVT5fnAhxPjt8AeEYQyIB57lQsSCAqxV3k8QIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFLODLQ+Hfp2qtSHpwl71BXo24TSwMB8GA1UdIwQY
MBaAFN4ukXMV8Kh4sh/BOdSaghqt3DyXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2k2UmN4WHdxSGl5SDhFNTFKcUNHcTNjUEpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yZDViYzgtNWQ5My00YjBhLWE4YjYt
ZjhkNjVjOTgzNzQ0LzEvczRNdEQ0ZC1uYXExSWVuQ1h2VUZlamJoTkxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yZDViYzgtNWQ5My00YjBhLWE4YjYtZjhkNjVjOTgzNzQ0
LzEvM2k2UmN4WHdxSGl5SDhFNTFKcUNHcTNjUEpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizBQBAIAATBKAwQCLVPc
MAwDBAMtgTgDBAAtgToDBACNYvwDBAGNYv4DBAK5QYQDBAG5w+gDBAG50cQDBAK5
1ZgDBAHBIH4DBAHBIPgDBALBitgwNwQCAAIwMTASAwcAKgMbIAABAwcCKgMbIAAI
MBIDBwAqAxsgvu0DBwQqAxsgvuADBwAqAxsgvvEwDQYJKoZIhvcNAQELBQADggEB
AHB4NBv3DqCnOcAE1GKTAxjXpCx284RuLGuFnNYFoGNRw462vXpGt/Y2zOBC+Z+B
YcNHqNcEMzSS97Kid3qNBgYPZNi9a/LaBBxAxNp4KQ/1pWU2JVdUGyl+WHGZYlWu
S5Vy6UkW95nCFglutj3AsuBmpCTNURRh0dnl23N+LIKVxCpygw1IspVPtBqA/6yA
tM84Tj3905YN2ZvQkhPbec46ozNm4Qmy/FrhNeuBpi87Kg7S/1UFCCCwsmmTr/BG
2FtGenmccaVS9mQK7gh+fLb0Cm/6helIky5Pi2RMyHKxIhGhjjaQRYAZJcMOoh9c
S4fi8+5aMy3BpYoaN1QpFWY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:20 2024 by rpki-client on console-fra.rpki-client.org