Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/9NbqCIZTNiySCsUnL968ohVqeM8.roa
File: 9NbqCIZTNiySCsUnL968ohVqeM8.roa (raw, json)
Hash identifier: vYf/JYCTN04G4cy4q64FyLhpec60tt+lPP/6xcF8QxQ=
Subject key identifier: F4:D6:EA:08:86:53:36:2C:92:0A:C5:27:2F:DE:BC:A2:15:6A:78:CF
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0190FB160DD93E2A08BE815016DA530E885D
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/9NbqCIZTNiySCsUnL968ohVqeM8.roa
Signing time: Sun 28 Jul 2024 20:44:04 +0000
ROA not before: Sun 28 Jul 2024 20:44:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8903
IP address blocks: 45.10.104.0/22 maxlen: 22
45.83.50.0/24 maxlen: 24
80.66.112.0/23 maxlen: 23
80.66.114.0/24 maxlen: 24
80.66.115.0/24 maxlen: 24
80.66.116.0/24 maxlen: 24
80.66.117.0/24 maxlen: 24
80.66.118.0/24 maxlen: 24
80.66.119.0/24 maxlen: 24
80.66.120.0/23 maxlen: 23
80.66.122.0/24 maxlen: 24
80.66.123.0/24 maxlen: 24
80.66.124.0/24 maxlen: 24
80.66.125.0/24 maxlen: 24
80.66.126.0/24 maxlen: 24
80.66.127.0/24 maxlen: 24
85.209.72.0/22 maxlen: 22
89.42.70.0/24 maxlen: 24
89.42.71.0/24 maxlen: 24
89.44.150.0/24 maxlen: 24
89.44.151.0/24 maxlen: 24
89.45.208.0/24 maxlen: 24
89.45.209.0/24 maxlen: 24
91.132.31.0/24 maxlen: 24
94.198.46.0/24 maxlen: 24
94.198.47.0/24 maxlen: 24
178.19.32.0/24 maxlen: 24
178.19.33.0/24 maxlen: 24
178.19.34.0/24 maxlen: 24
178.19.35.0/24 maxlen: 24
178.19.44.0/24 maxlen: 24
178.19.45.0/24 maxlen: 24
178.19.46.0/23 maxlen: 23
178.19.47.0/24 maxlen: 24
185.71.28.0/24 maxlen: 24
185.203.21.0/24 maxlen: 24
185.203.22.0/24 maxlen: 24
185.203.23.0/24 maxlen: 24
185.229.212.0/24 maxlen: 24
185.229.213.0/24 maxlen: 24
185.229.215.0/24 maxlen: 24
185.242.175.0/24 maxlen: 24
193.178.212.0/24 maxlen: 24
194.15.140.0/24 maxlen: 24
194.15.146.0/24 maxlen: 24
194.15.182.0/24 maxlen: 24
194.15.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jul 2024 20:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fb:16:0d:d9:3e:2a:08:be:81:50:16:da:53:0e:88:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jul 28 20:44:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4d6ea088653362c920ac5272fdebca2156a78cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d6:bd:80:8d:4c:a9:6a:33:cb:f3:9a:57:c8:
10:4c:d8:0a:51:e7:ac:c0:18:ca:54:a9:4a:3d:61:
b0:43:82:08:0a:90:e8:9d:17:5e:6c:3e:17:ef:cd:
da:91:7e:60:17:a9:0e:8e:cb:b5:df:90:24:d7:9b:
70:3d:50:56:d1:42:10:e1:42:ac:d5:83:d7:cf:ab:
b3:9e:73:1b:ef:74:b4:d9:d6:51:a9:f6:01:42:dc:
13:7e:69:89:2a:fb:6c:28:d5:44:96:30:6a:4a:16:
bf:99:24:77:6d:d9:09:a1:d4:97:8e:b6:9a:6f:d4:
f9:e5:7e:a8:7e:c5:c0:16:2d:6c:07:ba:04:8e:8a:
46:2d:14:2d:86:4f:33:12:54:06:af:f4:2d:81:bc:
8d:c5:30:df:a1:ac:37:53:8a:a3:fc:82:89:58:6d:
cc:6d:ce:05:3b:da:9b:ff:e7:a3:39:85:d1:db:94:
2c:ee:54:50:9e:14:38:1b:ef:66:75:32:63:13:e6:
cb:c7:49:1a:1d:e6:dd:81:59:28:2f:d0:a4:10:2d:
12:96:09:76:c7:32:7b:0c:4b:36:c6:2a:a7:00:ab:
1c:5d:41:83:61:b6:9d:7c:d1:ce:ac:9b:28:78:05:
95:92:13:b2:69:b6:1d:ac:d6:61:c6:65:ec:ac:e2:
13:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D6:EA:08:86:53:36:2C:92:0A:C5:27:2F:DE:BC:A2:15:6A:78:CF
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/9NbqCIZTNiySCsUnL968ohVqeM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.104.0/22
45.83.50.0/24
80.66.112.0/20
85.209.72.0/22
89.42.70.0/23
89.44.150.0/23
89.45.208.0/23
91.132.31.0/24
94.198.46.0/23
178.19.32.0/22
178.19.44.0/22
185.71.28.0/24
185.203.21.0-185.203.23.255
185.229.212.0/23
185.229.215.0/24
185.242.175.0/24
193.178.212.0/24
194.15.140.0/24
194.15.146.0/24
194.15.182.0/24
194.15.195.0/24
Signature Algorithm: sha256WithRSAEncryption
30:d8:ae:7a:e5:67:e2:aa:45:c1:a0:1d:5d:01:9b:3e:92:66:
61:8c:fe:09:22:cd:f5:f5:6f:3f:2e:9c:ad:7c:97:92:3a:06:
10:65:e7:0e:cf:23:75:1e:1a:71:63:7e:89:32:83:8f:1d:ce:
7f:30:43:b6:19:80:63:c0:62:ef:06:fd:d5:c6:44:43:c1:3a:
f7:f0:dd:54:46:c1:6c:7f:08:9c:80:79:d5:06:09:50:15:f0:
df:d1:8a:c1:fe:47:a7:22:d3:0b:b3:dc:40:4e:21:7d:b4:23:
46:af:46:d7:ad:aa:78:a0:c2:23:ca:e8:8c:b3:c6:37:7d:33:
27:4e:80:dd:8f:f8:97:25:ad:f5:5c:fe:8a:d4:69:d3:cb:e6:
f5:bb:9e:af:13:03:1c:0d:ca:3a:56:cf:2c:cb:39:78:c3:4b:
b8:73:66:ef:a3:a1:6e:30:a9:4c:a3:86:59:d0:6d:20:3e:74:
17:d7:8a:ce:3f:83:6a:3c:cb:c1:a9:84:fc:f9:03:23:01:7b:
16:b4:b2:fa:62:eb:b1:3d:f0:67:83:5c:62:db:f0:c1:03:16:
6f:33:f8:f0:e5:ee:ab:f9:12:1d:a7:d7:b3:c6:3b:ae:6b:11:
c5:a5:ca:36:39:ea:3f:12:fa:98:4c:de:84:29:47:41:55:6f:
a0:c0:6b:01
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZD7Fg3ZPioIvoFQFtpTDohdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwNzI4MjA0NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGQ2ZWEwODg2NTMzNjJjOTIwYWM1MjcyZmRlYmNhMjE1NmE3OGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwda9gI1MqWozy/OaV8gQTNgKUees
wBjKVKlKPWGwQ4IICpDonRdebD4X783akX5gF6kOjsu135Ak15twPVBW0UIQ4UKs
1YPXz6uznnMb73S02dZRqfYBQtwTfmmJKvtsKNVEljBqSha/mSR3bdkJodSXjraa
b9T55X6ofsXAFi1sB7oEjopGLRQthk8zElQGr/QtgbyNxTDfoaw3U4qj/IKJWG3M
bc4FO9qb/+ejOYXR25Qs7lRQnhQ4G+9mdTJjE+bLx0kaHebdgVkoL9CkEC0Slgl2
xzJ7DEs2xiqnAKscXUGDYbadfNHOrJsoeAWVkhOyabYdrNZhxmXsrOITWQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFPTW6giGUzYskgrFJy/evKIVanjPMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvOU5icUNJWlROaXlTQ3NVbkw5NjhvaFZxZU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAIt
CmgDBAAtUzIDBARQQnADBAJV0UgDBAFZKkYDBAFZLJYDBAFZLdADBABbhB8DBAFe
xi4DBAKyEyADBAKyEywDBAC5RxwwDAMEALnLFQMEA7nLEAMEAbnl1AMEALnl1wME
ALnyrwMEAMGy1AMEAMIPjAMEAMIPkgMEAMIPtgMEAMIPwzANBgkqhkiG9w0BAQsF
AAOCAQEAMNiueuVn4qpFwaAdXQGbPpJmYYz+CSLN9fVvPy6crXyXkjoGEGXnDs8j
dR4acWN+iTKDjx3OfzBDthmAY8Bi7wb91cZEQ8E69/DdVEbBbH8InIB51QYJUBXw
39GKwf5HpyLTC7PcQE4hfbQjRq9G162qeKDCI8rojLPGN30zJ06A3Y/4lyWt9Vz+
itRp08vm9buerxMDHA3KOlbPLMs5eMNLuHNm76OhbjCpTKOGWdBtID50F9eKzj+D
ajzLwamE/PkDIwF7FrSy+mLrsT3wZ4NcYtvwwQMWbzP48OXuq/kSHafXs8Y7rmsR
xaXKNjnqPxL6mEzehClHQVVvoMBrAQ==
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:29:10 2025 by rpki-client