Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/lTQMmzSS7QX77Qpg1_e8HyZ8ig8.roa
File: lTQMmzSS7QX77Qpg1_e8HyZ8ig8.roa (raw, json)
Hash identifier: C5pQy/Uv8EnJdGe8ErnE73J1xhYlpAc98JNMQbnHFVI=
Subject key identifier: 95:34:0C:9B:34:92:ED:05:FB:ED:0A:60:D7:F7:BC:1F:26:7C:8A:0F
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018F58BAA0385E86CAD753EB1BA38D14E364
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/lTQMmzSS7QX77Qpg1_e8HyZ8ig8.roa
Signing time: Wed 08 May 2024 15:02:56 +0000
ROA not before: Wed 08 May 2024 15:02:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208258
IP address blocks: 45.144.244.0/23 maxlen: 24
45.144.246.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.158.0/24 maxlen: 24
46.161.216.0/24 maxlen: 24
46.161.217.0/24 maxlen: 24
46.161.219.0/24 maxlen: 24
185.208.208.0/24 maxlen: 24
185.208.209.0/24 maxlen: 24
185.208.210.0/24 maxlen: 24
185.208.211.0/24 maxlen: 24
185.227.82.0/24 maxlen: 24
185.228.83.0/24 maxlen: 24
185.243.112.0/24 maxlen: 24
185.243.113.0/24 maxlen: 24
193.56.239.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
195.26.6.0/24 maxlen: 24
195.26.7.0/24 maxlen: 24
195.88.226.0/24 maxlen: 24
195.88.227.0/24 maxlen: 24
2a0b:3c40:1::/48 maxlen: 48
2a0b:3c40:9::/48 maxlen: 48
2a0b:3c40:11::/48 maxlen: 48
2a0b:3c40:12::/48 maxlen: 48
2a0b:3c40:15::/48 maxlen: 48
2a0b:3c40:16::/48 maxlen: 48
2a0b:3c40:17::/48 maxlen: 48
2a0b:3c40:20::/48 maxlen: 48
2a0b:3c40:21::/48 maxlen: 48
2a0b:3c40:25::/48 maxlen: 48
2a0b:3c40:fca6::/48 maxlen: 48
2a0e:5540::/48 maxlen: 48
2a0e:5540:10::/48 maxlen: 48
2a0e:5540:11::/48 maxlen: 48
2a0e:5540:12::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 08 May 2024 17:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:58:ba:a0:38:5e:86:ca:d7:53:eb:1b:a3:8d:14:e3:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: May 8 15:02:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95340c9b3492ed05fbed0a60d7f7bc1f267c8a0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7d:32:04:51:30:22:9d:60:4d:fb:d6:78:b1:
eb:6b:4a:82:5c:15:3b:5f:dd:6e:38:79:cf:bf:93:
77:d9:97:5a:61:cc:77:c8:8a:5c:c6:28:00:01:ef:
bf:e8:e6:5f:eb:17:44:54:ac:cf:00:41:cb:18:50:
43:52:00:a4:73:5a:bd:f2:51:6f:56:f2:52:ec:97:
22:16:5e:01:88:5f:a0:70:81:42:fe:74:9d:f2:c9:
d5:68:4d:f6:58:b2:41:ae:b7:9b:f0:cd:fa:84:8d:
60:09:16:1e:87:36:e2:59:55:a0:e7:94:ee:ea:d7:
3b:6a:7c:d8:9a:33:27:a5:b5:7f:be:a1:83:72:76:
11:8d:69:7b:5f:ae:50:27:ca:b0:3d:45:f5:8d:01:
b5:01:52:be:49:75:37:05:0e:df:2f:4a:69:2b:02:
31:53:82:0d:23:cc:39:16:e0:55:47:af:a7:7d:ad:
f4:03:3e:0b:c4:d9:1d:cc:cc:ae:2c:b5:09:43:4c:
44:8b:ea:f2:ce:d2:2b:ec:69:9b:9f:32:fe:10:bc:
72:0e:12:89:e4:b7:2c:e0:a3:af:9a:09:b6:76:99:
81:8f:da:cf:3d:d7:ad:e5:c5:c7:44:3d:a0:32:a3:
47:b6:91:df:d1:8d:14:7e:48:27:b3:7b:b7:64:c1:
f1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:34:0C:9B:34:92:ED:05:FB:ED:0A:60:D7:F7:BC:1F:26:7C:8A:0F
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/lTQMmzSS7QX77Qpg1_e8HyZ8ig8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.244.0-45.144.246.255
45.151.156.0-45.151.158.255
46.161.216.0/23
46.161.219.0/24
185.208.208.0/22
185.227.82.0/24
185.228.83.0/24
185.243.112.0/23
193.56.239.0/24
194.146.48.0/24
195.26.6.0/23
195.88.226.0/23
IPv6:
2a0b:3c40:1::/48
2a0b:3c40:9::/48
2a0b:3c40:11::-2a0b:3c40:12:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:15::-2a0b:3c40:17:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:20::/47
2a0b:3c40:25::/48
2a0b:3c40:fca6::/48
2a0e:5540::/48
2a0e:5540:10::-2a0e:5540:12:ffff:ffff:ffff:ffff:ffff
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
37:6b:bf:9f:d9:dc:8e:0e:e8:59:5a:11:65:de:40:6a:d3:29:
b9:a4:c9:83:53:ed:ff:71:92:c6:2f:da:13:be:01:a4:36:9d:
69:64:73:8c:a5:a8:e3:74:23:a7:8f:bd:60:2b:03:68:5c:32:
89:b7:0f:e0:cf:c7:db:c8:56:df:2c:d3:c5:7f:dd:36:c3:fc:
3c:37:3b:d3:27:7b:45:50:42:8d:c4:8b:d9:50:d6:68:f9:d7:
9d:08:8f:17:33:be:c5:a9:87:e3:bd:d2:01:cc:26:97:25:f5:
1b:29:e3:95:0d:a0:43:24:15:1c:ff:94:88:87:9e:37:08:54:
8f:96:98:59:60:dc:43:85:60:2c:5c:a3:28:8f:ec:fd:96:57:
13:9c:93:b1:1e:3b:c2:57:e4:78:d5:67:47:3a:47:a6:c5:48:
20:ed:11:97:f1:53:33:84:4b:0a:56:4a:68:c4:b7:09:5d:b4:
79:a7:8b:1b:50:31:99:9e:89:65:1f:d5:34:c3:59:91:35:50:
36:54:88:b6:ad:06:7a:1d:da:c2:ac:df:7a:db:3f:b6:5c:21:
fe:5b:8d:15:73:18:f7:78:c9:f2:ba:e0:53:a9:e1:61:57:04:
51:75:b6:ba:30:64:99:90:df:2f:db:4b:96:c6:d0:78:bf:db:
86:75:b8:67
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAY9YuqA4XobK11PrG6ONFONkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwNTA4MTUwMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTM0MGM5YjM0OTJlZDA1ZmJlZDBhNjBkN2Y3YmMxZjI2N2M4YTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjX0yBFEwIp1gTfvWeLHra0qCXBU7
X91uOHnPv5N32ZdaYcx3yIpcxigAAe+/6OZf6xdEVKzPAEHLGFBDUgCkc1q98lFv
VvJS7JciFl4BiF+gcIFC/nSd8snVaE32WLJBrreb8M36hI1gCRYehzbiWVWg55Tu
6tc7anzYmjMnpbV/vqGDcnYRjWl7X65QJ8qwPUX1jQG1AVK+SXU3BQ7fL0ppKwIx
U4INI8w5FuBVR6+nfa30Az4LxNkdzMyuLLUJQ0xEi+ryztIr7GmbnzL+ELxyDhKJ
5Lcs4KOvmgm2dpmBj9rPPdet5cXHRD2gMqNHtpHf0Y0Ufkgns3u3ZMHx3QIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFJU0DJs0ku0F++0KYNf3vB8mfIoPMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvbFRRTW16U1M3UVg3N1FwZzFfZThIeVo4aWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DBeBAIAATBYMAwDBAIt
kPQDBAAtkPYwDAMEAi2XnAMEAC2XngMEAS6h2AMEAC6h2wMEArnQ0AMEALnjUgME
ALnkUwMEAbnzcAMEAME47wMEAMKSMAMEAcMaBgMEAcNY4jCBgQQCAAIwewMHACoL
PEAAAQMHACoLPEAACTASAwcAKgs8QAARAwcAKgs8QAASMBIDBwAqCzxAABUDBwMq
CzxAABADBwEqCzxAACADBwAqCzxAACUDBwAqCzxA/KYDBwAqDlVAAAAwEgMHBCoO
VUAAEAMHACoOVUAAEgMHACoOVUABADANBgkqhkiG9w0BAQsFAAOCAQEAN2u/n9nc
jg7oWVoRZd5AatMpuaTJg1Pt/3GSxi/aE74BpDadaWRzjKWo43Qjp4+9YCsDaFwy
ibcP4M/H28hW3yzTxX/dNsP8PDc70yd7RVBCjcSL2VDWaPnXnQiPFzO+xamH473S
AcwmlyX1GynjlQ2gQyQVHP+UiIeeNwhUj5aYWWDcQ4VgLFyjKI/s/ZZXE5yTsR47
wlfkeNVnRzpHpsVIIO0Rl/FTM4RLClZKaMS3CV20eaeLG1AxmZ6JZR/VNMNZkTVQ
NlSItq0Geh3awqzfets/tlwh/luNFXMY93jJ8rrgU6nhYVcEUXW2ujBkmZDfL9tL
lsbQeL/bhnW4Zw==
-----END CERTIFICATE-----
Generated at Mon May 12 14:37:50 2025 by rpki-client