Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/SixfuGz3Ado4IDQf1gP8ae3KeC8.roa
File: SixfuGz3Ado4IDQf1gP8ae3KeC8.roa (raw, json)
Hash identifier: cDrLIX5D3idwv/jrSAWEES9a+2CEDxYtuKx6tSNIc1A=
Subject key identifier: 4A:2C:5F:B8:6C:F7:01:DA:38:20:34:1F:D6:03:FC:69:ED:CA:78:2F
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018D45D27FBFA1645B69167F4003D06E0156
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/SixfuGz3Ado4IDQf1gP8ae3KeC8.roa
Signing time: Fri 26 Jan 2024 12:50:39 +0000
ROA not before: Fri 26 Jan 2024 12:50:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25211
IP address blocks: 45.141.232.0/24 maxlen: 24
45.141.233.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.156.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
78.159.159.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
91.92.34.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.41.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
91.92.47.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
91.92.50.0/24 maxlen: 24
91.92.51.0/24 maxlen: 24
91.92.52.0/24 maxlen: 24
91.92.53.0/24 maxlen: 24
93.152.205.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.208.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.212.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
93.152.218.0/24 maxlen: 24
93.152.219.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.227.0/24 maxlen: 24
93.152.230.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
94.26.76.0/22 maxlen: 22
94.26.76.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.79.0/24 maxlen: 24
94.26.89.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
212.102.105.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 12:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:d2:7f:bf:a1:64:5b:69:16:7f:40:03:d0:6e:01:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jan 26 12:50:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a2c5fb86cf701da3820341fd603fc69edca782f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:1b:20:c3:77:d2:81:2d:3b:de:b9:14:e0:ab:
66:fb:5e:9d:8f:f1:18:31:11:cb:0c:8a:80:c4:23:
5c:c6:14:a1:61:60:34:99:bf:d0:c8:fd:b6:8e:e8:
3c:68:1c:ce:b3:75:f6:37:69:c9:b7:e0:b1:d7:0d:
2d:88:9f:c0:bd:be:75:87:5e:1f:3c:69:c8:fd:d0:
69:03:70:e2:17:c1:92:2b:6b:e7:d2:5e:63:b8:89:
de:20:81:4f:0c:3c:81:b7:d4:99:e4:5d:f0:bc:bb:
9a:a3:15:5c:63:ed:f0:b3:3c:83:af:95:72:69:f5:
07:92:0c:18:5e:05:8c:33:6c:6e:99:96:2b:9b:f9:
88:a1:fa:6e:f7:37:5a:1d:b0:55:f8:a0:45:af:d6:
6c:f6:c0:14:d0:6f:23:68:99:78:ff:5c:51:c7:f9:
f2:ef:0d:79:d5:d5:e0:74:9e:5f:8c:e6:54:d4:74:
8d:83:67:8b:86:42:9a:81:5c:de:dd:ea:b2:3f:82:
70:ee:f8:6b:9a:ed:03:1f:41:59:14:64:b1:14:b6:
1c:ca:b0:99:dd:04:24:c6:7c:f0:d9:74:c5:a5:39:
3e:59:bc:1f:9f:4c:b5:66:54:17:3e:38:32:25:7e:
3f:7d:63:9b:7e:37:81:e6:d5:bb:e8:2e:81:d2:38:
e3:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:2C:5F:B8:6C:F7:01:DA:38:20:34:1F:D6:03:FC:69:ED:CA:78:2F
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/SixfuGz3Ado4IDQf1gP8ae3KeC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/22
78.159.128.0/23
78.159.131.0/24
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0/21
91.92.33.0-91.92.35.255
91.92.40.0/21
91.92.49.0-91.92.53.255
93.152.205.0-93.152.227.255
93.152.230.0/24
94.26.28.0/23
94.26.76.0/22
94.26.89.0-94.26.90.255
94.190.195.0/24
185.96.252.0/23
185.96.255.0/24
212.102.105.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:59:31:0f:20:4f:69:0d:d3:f5:68:b6:17:6e:ce:cd:84:2c:
6e:b8:d7:f7:22:33:c6:6e:b8:0f:9a:d0:23:9c:35:6d:d3:b3:
48:19:17:40:f5:7c:a1:15:eb:c5:fd:6f:d2:2b:a8:f4:aa:37:
0d:91:c2:44:be:65:b7:c9:cc:31:40:e6:38:e4:f7:00:13:69:
63:27:58:96:a2:c3:a6:c7:76:91:b7:c5:b7:35:d3:21:d1:ff:
98:be:f6:e4:ff:a1:db:99:fd:53:78:9c:74:f7:ab:4f:d9:8f:
b2:59:14:92:0d:6b:91:6a:52:2f:2c:20:6a:b3:12:00:06:a4:
a1:72:ec:0d:7c:5c:c9:e4:5e:27:7a:9c:56:52:fb:e9:48:22:
36:de:7d:88:c7:23:6d:a2:03:66:dd:5c:9a:da:42:fb:7a:74:
44:e7:69:b0:ad:7f:b2:e3:27:ed:bc:c3:db:7e:61:63:6e:08:
c3:e8:72:7c:80:c2:10:56:52:96:4a:57:78:ff:4d:ee:1b:8f:
2f:cf:6f:7c:ac:0c:3c:42:89:e4:2a:fe:aa:2e:bc:8e:87:3a:
c3:05:a6:18:ec:d4:f6:6f:6b:72:b1:f2:22:09:58:98:62:93:
5d:b0:12:37:91:a2:a5:a3:d7:f7:69:90:a7:3c:1d:c0:55:f7:
21:6f:36:d5
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAY1F0n+/oWRbaRZ/QAPQbgFWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwMTI2MTI1MDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTJjNWZiODZjZjcwMWRhMzgyMDM0MWZkNjAzZmM2OWVkY2E3ODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Rsgw3fSgS073rkU4Ktm+16dj/EY
MRHLDIqAxCNcxhShYWA0mb/QyP22jug8aBzOs3X2N2nJt+Cx1w0tiJ/Avb51h14f
PGnI/dBpA3DiF8GSK2vn0l5juIneIIFPDDyBt9SZ5F3wvLuaoxVcY+3wszyDr5Vy
afUHkgwYXgWMM2xumZYrm/mIofpu9zdaHbBV+KBFr9Zs9sAU0G8jaJl4/1xRx/ny
7w151dXgdJ5fjOZU1HSNg2eLhkKagVze3eqyP4Jw7vhrmu0DH0FZFGSxFLYcyrCZ
3QQkxnzw2XTFpTk+Wbwfn0y1ZlQXPjgyJX4/fWObfjeB5tW76C6B0jjjXwIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFEosX7hs9wHaOCA0H9YD/GntyngvMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvU2l4ZnVHejNBZG80SURRZjFnUDhhZTNLZUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBAIt
jegDBAFOn4ADBABOn4MDBAJOn4gwDAMEAE6flQMEAE6flgMEA06fmDAMAwQAW1wh
AwQCW1wgAwQDW1woMAwDBABbXDEDBAFbXDQwDAMEAF2YzQMEAl2Y4AMEAF2Y5gME
AV4aHAMEAl4aTDAMAwQAXhpZAwQAXhpaAwQAXr7DAwQBuWD8AwQAuWD/AwQA1GZp
AwQA1GZrMA0GCSqGSIb3DQEBCwUAA4IBAQAtWTEPIE9pDdP1aLYXbs7NhCxuuNf3
IjPGbrgPmtAjnDVt07NIGRdA9XyhFevF/W/SK6j0qjcNkcJEvmW3ycwxQOY45PcA
E2ljJ1iWosOmx3aRt8W3NdMh0f+Yvvbk/6Hbmf1TeJx096tP2Y+yWRSSDWuRalIv
LCBqsxIABqShcuwNfFzJ5F4nepxWUvvpSCI23n2IxyNtogNm3Vya2kL7enRE52mw
rX+y4yftvMPbfmFjbgjD6HJ8gMIQVlKWSld4/03uG48vz298rAw8QonkKv6qLryO
hzrDBaYY7NT2b2tysfIiCViYYpNdsBI3kaKlo9f3aZCnPB3AVfchbzbV
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:06:24 2025 by rpki-client