Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/BK9vezJnT1tJBCac8iBlFg3N8aM.roa
File: BK9vezJnT1tJBCac8iBlFg3N8aM.roa (raw, json)
Hash identifier: b1uBRA9M2Ch487zkt80XwpCQtRAwL1Ix1+GGw9DsiS8=
Subject key identifier: 04:AF:6F:7B:32:67:4F:5B:49:04:26:9C:F2:20:65:16:0D:CD:F1:A3
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01907376B9295487BE82C7EDD635EDA41083
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/BK9vezJnT1tJBCac8iBlFg3N8aM.roa
Signing time: Tue 02 Jul 2024 12:41:18 +0000
ROA not before: Tue 02 Jul 2024 12:41:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42864
IP address blocks: 45.9.169.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
83.137.158.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.246.0/24 maxlen: 24
88.209.247.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
92.52.209.0/24 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.212.0/22 maxlen: 24
92.52.215.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
2a05:f5c0::/29 maxlen: 29
2a05:f5c0::/32 maxlen: 32
2a0c:f1c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 13 Jul 2024 11:58:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:73:76:b9:29:54:87:be:82:c7:ed:d6:35:ed:a4:10:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 2 12:41:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04af6f7b32674f5b4904269cf22065160dcdf1a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:06:99:4a:fd:51:d0:13:e0:88:0a:86:ea:2e:
72:98:5a:b3:ae:9c:7d:18:84:b0:6c:ef:d7:a0:62:
2b:2f:f8:63:78:62:8e:42:45:99:c5:b6:af:02:47:
f3:a1:a3:8b:bd:c8:f9:1b:19:39:16:f5:66:ea:53:
d8:c7:c7:66:27:8c:bd:9a:ce:b6:6b:41:ee:bb:30:
90:9f:d3:80:ee:de:00:d0:31:f0:b6:aa:5c:86:8f:
82:85:04:ee:bb:fb:a1:28:c4:ea:3d:69:c4:ca:72:
70:8e:ec:b9:9e:fe:bf:03:27:81:08:00:8c:22:ac:
a6:3c:c6:8a:80:e9:55:7b:b3:67:cf:08:36:ad:b5:
be:2e:ab:75:9c:9f:62:b0:f9:1e:7f:74:4b:82:e2:
f4:58:1e:68:7a:5c:1c:71:40:ac:ab:cd:fb:cc:cd:
fa:b2:7d:e8:41:6e:1c:29:58:28:6d:e5:56:f9:48:
06:3b:5f:a1:e1:07:a8:f5:c3:e7:d6:36:95:4f:dc:
82:73:49:9c:9d:7c:50:28:15:f5:c9:ea:50:2a:9d:
34:8f:bd:17:26:4f:fe:88:72:91:fb:f5:ff:6f:69:
f5:77:3b:05:fb:f8:87:56:56:fb:fd:1d:d8:52:8d:
9e:57:be:e7:67:04:f6:48:89:18:81:df:84:fd:81:
52:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:AF:6F:7B:32:67:4F:5B:49:04:26:9C:F2:20:65:16:0D:CD:F1:A3
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/BK9vezJnT1tJBCac8iBlFg3N8aM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
83.137.158.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
88.209.246.0/23
92.52.208.0/21
92.52.219.0/24
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
2a05:f5c0::/29
2a0c:f1c0::/29
Signature Algorithm: sha256WithRSAEncryption
00:1e:3f:f2:e6:66:ee:85:6b:d0:51:94:74:5f:10:c9:5e:f5:
d3:a8:6f:df:f1:8f:4e:48:85:a0:ec:4b:d0:a9:5b:d7:b8:a0:
91:71:26:53:3e:4b:24:7e:17:99:df:c2:7d:b1:81:a7:1d:3c:
38:cd:49:4a:b3:b4:bd:0e:5a:bb:ba:2e:13:48:1b:50:3a:d9:
51:af:98:85:d4:97:17:88:f5:f4:c9:71:5f:62:95:0d:85:17:
4f:cd:53:fb:ee:a1:4f:03:ca:fe:9c:38:9e:be:0c:e7:2c:45:
56:7e:89:4b:6c:38:53:8d:61:f4:82:c4:92:8b:0f:1f:b3:c6:
1d:06:db:32:4e:d1:14:ac:8a:75:cd:b2:6b:8c:75:2d:f9:76:
08:1e:0c:3d:24:11:8a:10:c3:d6:73:2f:a5:28:e9:1d:b0:4f:
41:2d:84:1d:99:1d:fd:b4:7b:7a:c5:66:a1:6d:5c:b4:b6:3a:
19:d8:09:e3:bc:bc:57:4c:d0:b6:4f:33:99:61:66:0b:09:5d:
ff:53:8b:2a:82:06:ec:42:1c:96:a7:0b:81:bb:2a:1b:b0:35:
c4:cc:f6:59:71:d3:02:32:af:05:a0:34:ab:74:2a:ad:5f:37:
20:d5:e3:03:1a:5b:67:c9:82:d5:73:c8:b8:1f:bc:70:64:31:
fe:d6:9e:d1
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAZBzdrkpVIe+gsft1jXtpBCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwNzAyMTI0MTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGFmNmY3YjMyNjc0ZjViNDkwNDI2OWNmMjIwNjUxNjBkY2RmMWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAaZSv1R0BPgiAqG6i5ymFqzrpx9
GISwbO/XoGIrL/hjeGKOQkWZxbavAkfzoaOLvcj5Gxk5FvVm6lPYx8dmJ4y9ms62
a0HuuzCQn9OA7t4A0DHwtqpcho+ChQTuu/uhKMTqPWnEynJwjuy5nv6/AyeBCACM
IqymPMaKgOlVe7Nnzwg2rbW+Lqt1nJ9isPkef3RLguL0WB5oelwccUCsq837zM36
sn3oQW4cKVgobeVW+UgGO1+h4Qeo9cPn1jaVT9yCc0mcnXxQKBX1yepQKp00j70X
Jk/+iHKR+/X/b2n1dzsF+/iHVlb7/R3YUo2eV77nZwT2SIkYgd+E/YFSdwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFASvb3syZ09bSQQmnPIgZRYNzfGjMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvQks5dmV6Sm5UMXRKQkNhYzhpQmxGZzNOOGFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGoBggrBgEFBQcBBwEB/wSBmDCBlTB2BAIAATBwMAwDBAAt
CakDBAItCagDBAEtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylwMEAFOJngME
AFjRwQMEAFjRxAMEAFjR0AMEAFjR0gMEAljR1AMEAVjR9gMEA1w00AMEAFw02wME
A7L4yAMEAMGKfTAbBAIAAjAVAwUDKgAfQAMFAyoF9cADBQMqDPHAMA0GCSqGSIb3
DQEBCwUAA4IBAQAAHj/y5mbuhWvQUZR0XxDJXvXTqG/f8Y9OSIWg7EvQqVvXuKCR
cSZTPkskfheZ38J9sYGnHTw4zUlKs7S9Dlq7ui4TSBtQOtlRr5iF1JcXiPX0yXFf
YpUNhRdPzVP77qFPA8r+nDievgznLEVWfolLbDhTjWH0gsSSiw8fs8YdBtsyTtEU
rIp1zbJrjHUt+XYIHgw9JBGKEMPWcy+lKOkdsE9BLYQdmR39tHt6xWahbVy0tjoZ
2AnjvLxXTNC2TzOZYWYLCV3/U4sqggbsQhyWpwuBuyobsDXEzPZZcdMCMq8FoDSr
dCqtXzcg1eMDGltnyYLVc8i4H7xwZDH+1p7R
-----END CERTIFICATE-----
Generated at Sat Jul 13 13:55:39 2024 by rpki-client on console-ams.rpki-client.org