Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/sULyUhkUbliFxCIrfuft7Hv-0Y8.roa
File: sULyUhkUbliFxCIrfuft7Hv-0Y8.roa (raw, json)
Hash identifier: TrpWSq09tLgm5pKZS1W6o0duhSPTwASVzC6XNz1Jk6k=
Subject key identifier: B1:42:F2:52:19:14:6E:58:85:C4:22:2B:7E:E7:ED:EC:7B:FE:D1:8F
Certificate issuer: /CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Certificate serial: 01931A7176E3C84C906D8D6B6972651F27AB
Authority key identifier: 4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/sULyUhkUbliFxCIrfuft7Hv-0Y8.roa
Signing time: Mon 11 Nov 2024 08:57:43 +0000
ROA not before: Mon 11 Nov 2024 08:57:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49788
IP address blocks: 45.153.104.0/22 maxlen: 22
79.141.96.0/20 maxlen: 20
91.90.104.0/21 maxlen: 21
91.189.120.0/21 maxlen: 21
91.193.0.0/22 maxlen: 24
91.209.212.0/24 maxlen: 24
91.218.184.0/22 maxlen: 22
91.221.130.0/23 maxlen: 23
91.223.100.0/24 maxlen: 24
91.225.60.0/22 maxlen: 22
93.184.112.0/21 maxlen: 21
151.252.8.0/21 maxlen: 24
176.111.206.0/23 maxlen: 23
185.7.192.0/22 maxlen: 22
185.55.104.0/22 maxlen: 22
185.80.180.0/22 maxlen: 24
193.202.115.0/24 maxlen: 24
2001:67c:230::/48 maxlen: 48
2001:67c:206c::/48 maxlen: 48
2a02:d140::/29 maxlen: 29
2a04:d340::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 11 Nov 2024 23:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:71:76:e3:c8:4c:90:6d:8d:6b:69:72:65:1f:27:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Validity
Not Before: Nov 11 08:57:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b142f25219146e5885c4222b7ee7edec7bfed18f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:71:dc:7b:31:55:b6:92:95:eb:ed:93:56:f9:
fe:23:fc:67:f7:1e:fb:a3:57:41:9f:0c:84:ae:29:
71:10:6a:88:52:6d:f6:a5:ea:c7:e6:b0:11:ca:fe:
9b:b9:67:3b:4c:1e:68:ce:0e:c4:77:55:f9:13:f0:
3b:df:c9:ce:99:5f:c8:ba:2c:70:cc:47:cb:07:09:
00:67:98:f0:33:5d:ad:b1:ad:cf:7c:a9:3a:7d:7b:
34:ac:28:bd:3e:2b:c1:8e:bb:85:32:ef:68:33:86:
e0:3f:d9:33:a2:67:8f:b4:8b:d0:f2:04:c4:df:bc:
af:27:eb:51:51:90:93:b8:b6:13:a7:a4:d5:50:bb:
e2:ee:55:3f:31:96:a8:ef:e7:f8:75:f5:9b:6b:eb:
96:41:0d:f5:09:d4:9e:9c:9f:d8:89:f5:41:d3:aa:
06:eb:4a:ac:18:86:2c:10:6f:07:fa:f5:a7:66:57:
97:64:65:df:d3:56:f0:f3:34:9d:c3:62:e0:22:aa:
26:ab:c4:be:af:e1:a5:86:e1:15:31:4d:0b:56:c0:
99:de:32:b8:91:3b:a5:9d:30:f9:a4:38:0a:79:78:
ab:55:fd:40:eb:04:25:b2:6e:30:a1:3b:02:09:69:
35:9d:d4:27:27:f8:b7:08:cc:9d:29:3f:9e:83:57:
6f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:42:F2:52:19:14:6E:58:85:C4:22:2B:7E:E7:ED:EC:7B:FE:D1:8F
X509v3 Authority Key Identifier:
keyid:4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/sULyUhkUbliFxCIrfuft7Hv-0Y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.104.0/22
79.141.96.0/20
91.90.104.0/21
91.189.120.0/21
91.193.0.0/22
91.209.212.0/24
91.218.184.0/22
91.221.130.0/23
91.223.100.0/24
91.225.60.0/22
93.184.112.0/21
151.252.8.0/21
176.111.206.0/23
185.7.192.0/22
185.55.104.0/22
185.80.180.0/22
193.202.115.0/24
IPv6:
2001:67c:230::/48
2001:67c:206c::/48
2a02:d140::/29
2a04:d340::/29
Signature Algorithm: sha256WithRSAEncryption
31:94:92:94:0d:46:9c:2c:cd:3d:f7:5f:a2:ab:56:bd:13:45:
75:70:c0:14:aa:1b:1c:c4:3a:6e:66:29:2d:c3:34:12:64:87:
c0:34:24:06:3f:e9:7f:74:70:93:0b:ff:5a:a7:59:dc:0a:58:
e1:e3:a0:9e:63:0d:e4:f9:b3:25:50:83:89:e0:0e:df:27:d7:
64:e0:ca:62:ab:3c:7f:93:b9:86:26:31:ef:fb:d8:d7:d7:f9:
a2:ae:6d:d1:d3:18:92:3c:7f:31:0a:0e:36:89:68:b0:0e:00:
d5:ed:d1:66:8a:c9:ef:1f:70:1f:53:5f:f2:40:ff:16:68:1b:
e4:8e:dc:35:73:61:0a:84:ad:02:3e:d6:96:7c:e5:bf:ba:88:
68:1a:1c:53:e3:72:41:bd:d2:f0:7f:62:e1:c8:9e:dd:a9:92:
29:3c:fa:55:c7:88:a6:d7:af:b5:61:53:53:d0:bb:41:14:b2:
a5:7f:71:55:36:9a:2b:d0:f4:27:4a:42:8b:5f:c4:1d:dd:b2:
05:21:fd:ba:c7:08:23:22:17:42:88:bd:0c:23:47:e7:40:a2:
8c:39:57:98:28:8e:38:47:c0:2c:c5:93:7c:a9:02:d3:d5:ac:
bb:1b:f1:c1:9d:01:20:47:2c:06:53:aa:ef:e3:87:8d:bd:ed:
a5:c4:e3:b9
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZMacXbjyEyQbY1raXJlHyerMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGFkZTU0YzI3ZTZmY2RkYWNlMjYyYzRmZGY3OTBmMzIw
ZmVkOWMwHhcNMjQxMTExMDg1NzQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTQyZjI1MjE5MTQ2ZTU4ODVjNDIyMmI3ZWU3ZWRlYzdiZmVkMThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3HcezFVtpKV6+2TVvn+I/xn9x77
o1dBnwyErilxEGqIUm32perH5rARyv6buWc7TB5ozg7Ed1X5E/A738nOmV/Iuixw
zEfLBwkAZ5jwM12tsa3PfKk6fXs0rCi9PivBjruFMu9oM4bgP9kzomePtIvQ8gTE
37yvJ+tRUZCTuLYTp6TVULvi7lU/MZao7+f4dfWba+uWQQ31CdSenJ/YifVB06oG
60qsGIYsEG8H+vWnZleXZGXf01bw8zSdw2LgIqomq8S+r+GlhuEVMU0LVsCZ3jK4
kTulnTD5pDgKeXirVf1A6wQlsm4woTsCCWk1ndQnJ/i3CMydKT+eg1dvbwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFLFC8lIZFG5YhcQiK37n7ex7/tGPMB8GA1UdIwQY
MBaAFE0K3lTCfm/N2s4mLE/feQ8yD+2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFyZVZNSi1iODNhemlZc1Q5OTVEeklQN1p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC84ZWZkOGItZTUxNi00YzQ5LTkyY2It
ODkyOTZjY2IzNWY1LzEvc1VMeVVoa1VibGlGeENJcmZ1ZnQ3SHYtMFk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC84ZWZkOGItZTUxNi00YzQ5LTkyY2ItODkyOTZjY2IzNWY1
LzEvVFFyZVZNSi1iODNhemlZc1Q5OTVEeklQN1p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljBsBAIAATBmAwQCLZlo
AwQET41gAwQDW1poAwQDW714AwQCW8EAAwQAW9HUAwQCW9q4AwQBW92CAwQAW99k
AwQCW+E8AwQDXbhwAwQDl/wIAwQBsG/OAwQCuQfAAwQCuTdoAwQCuVC0AwQAwcpz
MCYEAgACMCADBwAgAQZ8AjADBwAgAQZ8IGwDBQMqAtFAAwUDKgTTQDANBgkqhkiG
9w0BAQsFAAOCAQEAMZSSlA1GnCzNPfdfoqtWvRNFdXDAFKobHMQ6bmYpLcM0EmSH
wDQkBj/pf3Rwkwv/WqdZ3ApY4eOgnmMN5PmzJVCDieAO3yfXZODKYqs8f5O5hiYx
7/vY19f5oq5t0dMYkjx/MQoONolosA4A1e3RZorJ7x9wH1Nf8kD/Fmgb5I7cNXNh
CoStAj7Wlnzlv7qIaBocU+NyQb3S8H9i4cie3amSKTz6VceIptevtWFTU9C7QRSy
pX9xVTaaK9D0J0pCi1/EHd2yBSH9uscIIyIXQoi9DCNH50CijDlXmCiOOEfALMWT
fKkC09WsuxvxwZ0BIEcsBlOq7+OHjb3tpcTjuQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:42:38 2025 by rpki-client