Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/4bV4Xro8AK-KbvYdjfOQ5d2VbMk.roa
File: 4bV4Xro8AK-KbvYdjfOQ5d2VbMk.roa (raw, json)
Hash identifier: 6dN2ezNlK9bySReMlzaeyZuv4ZujrMnSyGLTQyt2wmA=
Subject key identifier: E1:B5:78:5E:BA:3C:00:AF:8A:6E:F6:1D:8D:F3:90:E5:DD:95:6C:C9
Certificate issuer: /CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Certificate serial: 01856E1436F3C8307827BC40291341990657
Authority key identifier: 01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/4bV4Xro8AK-KbvYdjfOQ5d2VbMk.roa
Signing time: Sun 01 Jan 2023 16:04:56 +0000
ROA not before: Sun 01 Jan 2023 16:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35699
IP address blocks: 45.145.244.0/22 maxlen: 24
62.56.192.0/20 maxlen: 24
70.34.224.0/20 maxlen: 24
216.147.96.0/20 maxlen: 24
87.236.180.0/22 maxlen: 24
45.230.12.0/22 maxlen: 24
45.137.240.0/22 maxlen: 24
91.126.32.0/19 maxlen: 24
91.126.64.0/19 maxlen: 24
185.239.36.0/22 maxlen: 24
147.161.64.0/18 maxlen: 24
91.126.16.0/20 maxlen: 24
45.151.224.0/22 maxlen: 24
91.126.160.0/19 maxlen: 24
74.126.176.0/20 maxlen: 24
143.131.192.0/18 maxlen: 24
110.93.8.0/22 maxlen: 24
185.203.208.0/22 maxlen: 24
91.126.96.0/19 maxlen: 24
86.111.60.0/22 maxlen: 24
64.190.114.0/23 maxlen: 24
91.126.128.0/19 maxlen: 24
135.129.224.0/20 maxlen: 24
98.96.184.0/21 maxlen: 24
103.202.232.0/22 maxlen: 24
45.130.132.0/22 maxlen: 24
91.126.192.0/19 maxlen: 24
45.133.138.0/23 maxlen: 24
147.136.252.0/23 maxlen: 24
91.126.224.0/19 maxlen: 24
91.126.232.0/21 maxlen: 24
173.243.32.0/20 maxlen: 24
2a00:1af4::/32 maxlen: 32
2a00:1af4:1000::/48 maxlen: 48
2a00:1af0::/29 maxlen: 29
2a00:1af4:1003::/48 maxlen: 48
2a00:1af1::/32 maxlen: 32
2a00:1af1::/36 maxlen: 36
2a00:1af2::/32 maxlen: 32
2a00:1af3::/32 maxlen: 32
2a00:1af0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:36:f3:c8:30:78:27:bc:40:29:13:41:99:06:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Validity
Not Before: Jan 1 16:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1b5785eba3c00af8a6ef61d8df390e5dd956cc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:37:2f:b7:ce:7f:69:df:3e:5b:70:24:da:ae:
21:b9:49:e6:26:f4:78:a7:21:d5:14:fc:d9:a0:65:
d9:89:f6:be:65:47:2b:97:4d:fe:d4:9d:06:bf:a4:
2e:86:82:bc:95:4e:df:53:62:07:32:78:0a:65:71:
94:ad:62:48:4b:5f:66:9e:d7:8a:1f:26:32:5b:30:
8a:84:c3:c0:5e:5e:6a:0f:62:74:3e:92:e1:45:f8:
ad:1d:36:96:56:ca:6d:bd:f4:0b:df:95:29:c7:22:
ad:7b:99:39:99:c1:08:84:45:22:10:3c:8b:cf:6f:
74:1c:19:dc:fb:80:6b:b3:ec:56:70:42:fd:1c:35:
23:aa:17:00:1b:32:1d:3f:8f:7e:8f:66:fc:db:38:
3d:1d:1f:92:02:14:d6:e5:45:98:c7:45:d5:1d:2c:
69:4e:00:09:00:8a:35:1d:a5:93:d2:71:ff:c2:34:
5d:83:2c:02:ad:f1:c8:22:5b:0e:7d:e7:4c:98:12:
ae:ed:e3:1a:f2:ff:d3:6a:40:7b:44:01:51:f7:f0:
3c:b4:3a:8b:70:65:c6:5b:00:12:5d:b0:90:66:89:
d1:28:82:9f:b3:4f:94:7b:74:86:74:2e:8b:bf:f9:
be:6b:e5:f9:02:48:9b:75:39:33:b2:9c:66:98:4c:
29:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:B5:78:5E:BA:3C:00:AF:8A:6E:F6:1D:8D:F3:90:E5:DD:95:6C:C9
X509v3 Authority Key Identifier:
keyid:01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/4bV4Xro8AK-KbvYdjfOQ5d2VbMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.132.0/22
45.133.138.0/23
45.137.240.0/22
45.145.244.0/22
45.151.224.0/22
45.230.12.0/22
62.56.192.0/20
64.190.114.0/23
70.34.224.0/20
74.126.176.0/20
86.111.60.0/22
87.236.180.0/22
91.126.16.0-91.126.255.255
98.96.184.0/21
103.202.232.0/22
110.93.8.0/22
135.129.224.0/20
143.131.192.0/18
147.136.252.0/23
147.161.64.0/18
173.243.32.0/20
185.203.208.0/22
185.239.36.0/22
216.147.96.0/20
IPv6:
2a00:1af0::/29
Signature Algorithm: sha256WithRSAEncryption
89:ce:5a:a7:62:88:47:44:b4:d2:43:88:70:f1:a1:bd:e7:aa:
e8:a4:79:ea:6e:86:c7:dc:99:b9:04:ad:a3:4b:1d:e4:4b:08:
06:c5:26:1e:85:75:a2:4f:2a:7e:87:21:d4:be:d6:e0:fd:6f:
f8:88:36:d4:6c:63:3e:e0:8d:85:09:3d:a5:2a:ea:39:41:ba:
cd:32:96:95:87:f5:6b:11:05:e6:08:f2:3c:7a:01:59:34:06:
0a:17:34:9d:21:01:61:c4:14:1a:4d:16:5a:3b:19:27:dc:f7:
be:f2:c6:52:82:22:ff:c1:9f:2a:bb:ef:23:03:33:b0:15:6f:
61:48:be:e0:c0:d2:d2:59:18:53:77:44:61:43:d2:94:d5:5e:
e4:09:02:45:cd:1f:f2:98:28:9f:d9:59:b9:42:42:87:16:e9:
0e:12:a8:7f:33:3b:33:09:ef:ce:b9:28:52:57:be:88:dd:23:
1e:e5:c7:7b:0f:e6:03:ad:15:b1:c6:36:6a:83:ea:1c:60:41:
69:b4:08:3b:cc:d9:27:94:18:37:2c:02:e9:cf:f1:bf:24:eb:
e6:b9:43:08:7b:80:ef:c2:b0:21:ff:62:9d:33:13:de:65:9c:
0a:75:13:64:8c:da:5a:da:ab:b6:19:7b:74:de:11:a0:29:f8:
3b:5f:11:f5
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYVuFDbzyDB4J7xAKRNBmQZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNzBhMTY5YjZjZDQxMTAyMjI3OWU5ZmY5OTdmMTM0ZmY1
NGFiMWMwHhcNMjMwMTAxMTYwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWI1Nzg1ZWJhM2MwMGFmOGE2ZWY2MWQ4ZGYzOTBlNWRkOTU2Y2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Tcvt85/ad8+W3Ak2q4huUnmJvR4
pyHVFPzZoGXZifa+ZUcrl03+1J0Gv6QuhoK8lU7fU2IHMngKZXGUrWJIS19mnteK
HyYyWzCKhMPAXl5qD2J0PpLhRfitHTaWVsptvfQL35UpxyKte5k5mcEIhEUiEDyL
z290HBnc+4Brs+xWcEL9HDUjqhcAGzIdP49+j2b82zg9HR+SAhTW5UWYx0XVHSxp
TgAJAIo1HaWT0nH/wjRdgywCrfHIIlsOfedMmBKu7eMa8v/TakB7RAFR9/A8tDqL
cGXGWwASXbCQZonRKIKfs0+Ue3SGdC6Lv/m+a+X5AkibdTkzspxmmEwplwIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFOG1eF66PACvim72HY3zkOXdlWzJMB8GA1UdIwQY
MBaAFAFwoWm2zUEQIieen/mX8TT/VKscMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVhDaGFiYk5RUkFpSjU2Zi1aZnhOUDlVcXh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8xZTc3N2YtOTg2Yi00ZTM0LThkODEt
N2Q0YmIyMzgwNDg3LzEvNGJWNFhybzhBSy1LYnZZZGpmT1E1ZDJWYk1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8xZTc3N2YtOTg2Yi00ZTM0LThkODEtN2Q0YmIyMzgwNDg3
LzEvQVhDaGFiYk5RUkFpSjU2Zi1aZnhOUDlVcXh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBngQCAAEwgZcDBAIt
goQDBAEthYoDBAItifADBAItkfQDBAItl+ADBAIt5gwDBAQ+OMADBAFAvnIDBARG
IuADBARKfrADBAJWbzwDBAJX7LQwCwMEBFt+EAMDAFt+AwQDYmC4AwQCZ8roAwQC
bl0IAwQEh4HgAwQGj4PAAwQBk4j8AwQGk6FAAwQErfMgAwQCucvQAwQCue8kAwQE
2JNgMA0EAgACMAcDBQMqABrwMA0GCSqGSIb3DQEBCwUAA4IBAQCJzlqnYohHRLTS
Q4hw8aG956ropHnqbobH3Jm5BK2jSx3kSwgGxSYehXWiTyp+hyHUvtbg/W/4iDbU
bGM+4I2FCT2lKuo5QbrNMpaVh/VrEQXmCPI8egFZNAYKFzSdIQFhxBQaTRZaOxkn
3Pe+8sZSgiL/wZ8qu+8jAzOwFW9hSL7gwNLSWRhTd0RhQ9KU1V7kCQJFzR/ymCif
2Vm5QkKHFukOEqh/MzszCe/OuShSV76I3SMe5cd7D+YDrRWxxjZqg+ocYEFptAg7
zNknlBg3LALpz/G/JOvmuUMIe4DvwrAh/2KdMxPeZZwKdRNkjNpa2qu2GXt03hGg
Kfg7XxH1
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:57 2024 by rpki-client on console-ams.rpki-client.org