Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/BEtzSvCL2F3YQm19o7lWgy4oAAw.roa
File: BEtzSvCL2F3YQm19o7lWgy4oAAw.roa (raw, json)
Hash identifier: Z2cai79Tz4CifvKZNy3c++L2O7xkEJcS1XyeSQn6lw4=
Subject key identifier: 04:4B:73:4A:F0:8B:D8:5D:D8:42:6D:7D:A3:B9:56:83:2E:28:00:0C
Certificate issuer: /CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Certificate serial: 018CC9BCEB76FC56B65893CE658D0E1D3316
Authority key identifier: 01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/BEtzSvCL2F3YQm19o7lWgy4oAAw.roa
Signing time: Tue 02 Jan 2024 10:34:10 +0000
ROA not before: Tue 02 Jan 2024 10:34:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35699
IP address blocks: 45.145.244.0/22 maxlen: 24
62.56.192.0/20 maxlen: 24
70.34.224.0/20 maxlen: 24
216.147.96.0/20 maxlen: 24
87.236.180.0/22 maxlen: 24
45.230.12.0/22 maxlen: 24
45.137.240.0/22 maxlen: 24
91.126.32.0/19 maxlen: 24
91.126.64.0/19 maxlen: 24
185.239.36.0/22 maxlen: 24
147.161.64.0/18 maxlen: 24
91.126.16.0/20 maxlen: 24
45.151.224.0/22 maxlen: 24
91.126.160.0/19 maxlen: 24
74.126.176.0/20 maxlen: 24
143.131.192.0/18 maxlen: 24
110.93.8.0/22 maxlen: 24
185.203.208.0/22 maxlen: 24
91.126.96.0/19 maxlen: 24
86.111.60.0/22 maxlen: 24
64.190.114.0/23 maxlen: 24
91.126.128.0/19 maxlen: 24
135.129.224.0/20 maxlen: 24
98.96.184.0/21 maxlen: 24
103.202.232.0/22 maxlen: 24
45.130.132.0/22 maxlen: 24
91.126.192.0/19 maxlen: 24
45.133.138.0/23 maxlen: 24
147.136.252.0/23 maxlen: 24
91.126.224.0/19 maxlen: 24
91.126.232.0/21 maxlen: 24
173.243.32.0/20 maxlen: 24
2a00:1af4::/32 maxlen: 32
2a00:1af4:1000::/48 maxlen: 48
2a00:1af0::/29 maxlen: 29
2a00:1af4:1003::/48 maxlen: 48
2a00:1af1::/32 maxlen: 32
2a00:1af1::/36 maxlen: 36
2a00:1af2::/32 maxlen: 32
2a00:1af3::/32 maxlen: 32
2a00:1af0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 09 Jan 2024 08:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:eb:76:fc:56:b6:58:93:ce:65:8d:0e:1d:33:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Validity
Not Before: Jan 2 10:34:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=044b734af08bd85dd8426d7da3b956832e28000c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ef:b2:54:10:58:3f:61:36:41:ae:a6:e3:b6:
73:88:66:8b:72:7d:26:9a:32:85:dd:11:31:dd:bd:
43:78:5e:bb:b9:d6:2d:ac:53:81:80:e4:d2:ef:49:
5c:80:9f:23:e2:90:f3:eb:ad:04:f6:e8:d6:b1:3f:
50:bb:12:ef:90:d8:53:c7:7b:27:c6:93:4f:61:0b:
db:e1:2b:e4:8c:d8:d2:1d:40:bb:08:c6:32:ca:24:
8b:6b:7a:d8:49:97:4f:79:97:63:9a:be:22:30:42:
3c:e7:dc:26:1d:ef:28:b0:3d:57:1e:b3:11:83:4f:
01:b2:36:fa:e9:d4:3f:b0:24:90:69:b2:e0:96:9d:
eb:ea:26:da:d7:0f:aa:ab:90:be:66:c0:e3:00:a8:
bb:5b:1c:e4:4a:c5:9e:5f:d7:9a:c5:bf:9d:86:0c:
a4:ea:26:e7:85:9e:06:e1:66:5e:d3:31:ca:97:24:
84:2b:9f:73:02:95:6e:1a:52:0f:29:24:77:46:10:
1e:06:5a:05:d7:b6:4c:19:c1:04:d9:3d:92:e5:16:
6d:32:4f:8a:26:b2:ff:1e:49:ce:13:35:45:55:94:
cf:f4:12:f7:7f:3a:bd:25:f6:30:cc:a9:95:2d:1b:
4b:a3:87:0d:d7:1f:cf:2a:5e:26:e9:01:ef:0c:d7:
fb:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:4B:73:4A:F0:8B:D8:5D:D8:42:6D:7D:A3:B9:56:83:2E:28:00:0C
X509v3 Authority Key Identifier:
keyid:01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/BEtzSvCL2F3YQm19o7lWgy4oAAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.132.0/22
45.133.138.0/23
45.137.240.0/22
45.145.244.0/22
45.151.224.0/22
45.230.12.0/22
62.56.192.0/20
64.190.114.0/23
70.34.224.0/20
74.126.176.0/20
86.111.60.0/22
87.236.180.0/22
91.126.16.0-91.126.255.255
98.96.184.0/21
103.202.232.0/22
110.93.8.0/22
135.129.224.0/20
143.131.192.0/18
147.136.252.0/23
147.161.64.0/18
173.243.32.0/20
185.203.208.0/22
185.239.36.0/22
216.147.96.0/20
IPv6:
2a00:1af0::/29
Signature Algorithm: sha256WithRSAEncryption
9e:90:ee:62:cd:b5:67:0c:5c:b9:e2:2d:8b:a2:14:7a:5e:84:
48:66:20:9e:04:c7:21:00:81:3b:29:c7:67:11:b7:fc:ff:9a:
3a:51:ed:3a:99:09:70:f3:b5:28:bd:e5:b6:00:e5:e8:84:64:
ca:90:1b:70:a7:04:d1:a9:c7:0d:15:fc:fa:13:e7:1d:6b:b0:
27:78:d6:47:f5:4e:5f:14:86:0f:9a:d4:d7:da:c1:e0:72:dd:
a5:6d:2a:be:65:2d:7a:fe:1d:32:c0:11:24:07:57:06:1d:92:
41:4b:71:73:ef:44:7c:30:52:74:5a:49:f1:ab:90:f2:66:e9:
11:ab:ef:b8:a2:e1:ec:54:2a:29:b4:09:7c:1a:be:70:78:1b:
9b:26:97:f6:d9:33:cd:51:ad:77:46:18:0b:22:56:84:52:77:
8b:5a:3f:59:d2:31:74:b1:5d:78:ea:d5:f7:e6:a7:3f:86:72:
68:68:42:b3:0c:5b:f9:d2:98:6b:cc:2d:df:5a:c5:8b:9b:0b:
3b:70:a6:34:25:88:2d:0e:f9:b8:1a:2f:7e:42:ed:9a:39:08:
a0:bb:cb:3d:61:5a:e9:4d:e0:2e:a9:8a:6b:df:ce:ec:0e:fa:
d0:20:91:65:c4:ec:62:1f:df:eb:65:b6:a7:95:cd:5c:f5:7f:
e8:2e:c8:1a
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYzJvOt2/Fa2WJPOZY0OHTMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNzBhMTY5YjZjZDQxMTAyMjI3OWU5ZmY5OTdmMTM0ZmY1
NGFiMWMwHhcNMjQwMTAyMTAzNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDRiNzM0YWYwOGJkODVkZDg0MjZkN2RhM2I5NTY4MzJlMjgwMDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs++yVBBYP2E2Qa6m47ZziGaLcn0m
mjKF3REx3b1DeF67udYtrFOBgOTS70lcgJ8j4pDz660E9ujWsT9QuxLvkNhTx3sn
xpNPYQvb4SvkjNjSHUC7CMYyyiSLa3rYSZdPeZdjmr4iMEI859wmHe8osD1XHrMR
g08Bsjb66dQ/sCSQabLglp3r6iba1w+qq5C+ZsDjAKi7WxzkSsWeX9eaxb+dhgyk
6ibnhZ4G4WZe0zHKlySEK59zApVuGlIPKSR3RhAeBloF17ZMGcEE2T2S5RZtMk+K
JrL/HknOEzVFVZTP9BL3fzq9JfYwzKmVLRtLo4cN1x/PKl4m6QHvDNf7KwIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFARLc0rwi9hd2EJtfaO5VoMuKAAMMB8GA1UdIwQY
MBaAFAFwoWm2zUEQIieen/mX8TT/VKscMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVhDaGFiYk5RUkFpSjU2Zi1aZnhOUDlVcXh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8xZTc3N2YtOTg2Yi00ZTM0LThkODEt
N2Q0YmIyMzgwNDg3LzEvQkV0elN2Q0wyRjNZUW0xOW83bFdneTRvQUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8xZTc3N2YtOTg2Yi00ZTM0LThkODEtN2Q0YmIyMzgwNDg3
LzEvQVhDaGFiYk5RUkFpSjU2Zi1aZnhOUDlVcXh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBngQCAAEwgZcDBAIt
goQDBAEthYoDBAItifADBAItkfQDBAItl+ADBAIt5gwDBAQ+OMADBAFAvnIDBARG
IuADBARKfrADBAJWbzwDBAJX7LQwCwMEBFt+EAMDAFt+AwQDYmC4AwQCZ8roAwQC
bl0IAwQEh4HgAwQGj4PAAwQBk4j8AwQGk6FAAwQErfMgAwQCucvQAwQCue8kAwQE
2JNgMA0EAgACMAcDBQMqABrwMA0GCSqGSIb3DQEBCwUAA4IBAQCekO5izbVnDFy5
4i2LohR6XoRIZiCeBMchAIE7KcdnEbf8/5o6Ue06mQlw87UoveW2AOXohGTKkBtw
pwTRqccNFfz6E+cda7AneNZH9U5fFIYPmtTX2sHgct2lbSq+ZS16/h0ywBEkB1cG
HZJBS3Fz70R8MFJ0Wknxq5DyZukRq++4ouHsVCoptAl8Gr5weBubJpf22TPNUa13
RhgLIlaEUneLWj9Z0jF0sV146tX35qc/hnJoaEKzDFv50phrzC3fWsWLmws7cKY0
JYgtDvm4Gi9+Qu2aOQigu8s9YVrpTeAuqYpr387sDvrQIJFlxOxiH9/rZbanlc1c
9X/oLsga
-----END CERTIFICATE-----
Generated at Tue Jan 9 12:41:19 2024 by rpki-client on console-fra.rpki-client.org