Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/9cy5gr-K0ySrn8QE0-0T_hc61Xw.roa
File: 9cy5gr-K0ySrn8QE0-0T_hc61Xw.roa (raw, json)
Hash identifier: oSGvQnZk0943HwRnVOBZqkvEtL9sZn2B35qT3WonTdI=
Subject key identifier: F5:CC:B9:82:BF:8A:D3:24:AB:9F:C4:04:D3:ED:13:FE:17:3A:D5:7C
Certificate issuer: /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial: 01912C5B4595CF3626602132A99BD53B2040
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/9cy5gr-K0ySrn8QE0-0T_hc61Xw.roa
Signing time: Wed 07 Aug 2024 10:21:04 +0000
ROA not before: Wed 07 Aug 2024 10:21:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203020
IP address blocks: 2.58.76.0/22 maxlen: 32
45.67.4.0/22 maxlen: 32
46.16.32.0/24 maxlen: 32
46.254.105.0/24 maxlen: 32
80.73.243.0/24 maxlen: 32
87.236.144.0/24 maxlen: 32
92.119.168.0/22 maxlen: 32
93.157.108.0/24 maxlen: 32
103.110.160.0/22 maxlen: 32
103.195.144.0/22 maxlen: 32
137.59.4.0/22 maxlen: 32
146.255.187.0/24 maxlen: 32
178.212.226.0/24 maxlen: 32
185.72.240.0/22 maxlen: 32
213.173.60.0/22 maxlen: 32
Validation: Failed, certificate revoked on Sun 08 Sep 2024 07:37:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2c:5b:45:95:cf:36:26:60:21:32:a9:9b:d5:3b:20:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Validity
Not Before: Aug 7 10:21:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5ccb982bf8ad324ab9fc404d3ed13fe173ad57c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4a:50:a8:54:08:85:f4:25:a1:9c:a6:9f:6a:
0d:1e:14:75:35:c4:bc:1e:1f:b0:d5:e0:7e:70:25:
b6:83:2c:54:34:8c:99:56:d4:0f:30:66:6b:79:f4:
f5:cb:2c:6e:1b:5f:ce:4a:10:2d:ca:16:37:83:1e:
64:8a:a9:42:c0:54:e9:2a:87:b4:2c:94:84:50:04:
e0:c9:3c:03:85:69:69:0f:6c:90:38:ac:63:73:15:
09:2e:fa:e3:fa:ac:a7:db:99:de:b3:45:fb:6e:c5:
ad:f2:09:f4:1a:b9:f4:87:e2:f8:c5:45:75:15:3c:
90:6d:1f:34:b6:47:7e:19:24:e8:ab:ee:52:7b:5a:
62:ea:e8:35:a3:c2:01:bf:3d:73:7a:2e:9f:30:0d:
13:3b:08:7a:ef:d5:5e:a8:3e:95:25:6a:5e:dd:5e:
2d:ec:21:7c:00:9d:0e:18:5b:36:af:39:8d:08:1b:
d9:4f:53:f4:88:6c:e8:20:8b:3e:66:bf:1b:28:ea:
14:8e:0a:33:05:6a:12:84:3f:79:92:1d:c4:a4:0f:
bd:9c:97:86:b2:69:1f:90:5b:f9:51:e9:e0:8c:81:
df:cd:95:7c:ff:a8:c6:90:1a:bd:82:e1:25:f5:46:
fe:06:fa:d6:da:73:88:3f:9c:06:df:b5:13:55:78:
cc:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:CC:B9:82:BF:8A:D3:24:AB:9F:C4:04:D3:ED:13:FE:17:3A:D5:7C
X509v3 Authority Key Identifier:
keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/9cy5gr-K0ySrn8QE0-0T_hc61Xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.76.0/22
45.67.4.0/22
46.16.32.0/24
46.254.105.0/24
80.73.243.0/24
87.236.144.0/24
92.119.168.0/22
93.157.108.0/24
103.110.160.0/22
103.195.144.0/22
137.59.4.0/22
146.255.187.0/24
178.212.226.0/24
185.72.240.0/22
213.173.60.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:41:fb:6b:ac:95:79:4a:32:ee:e3:7e:65:6d:ab:a9:ff:2e:
51:3c:08:0e:39:49:6b:0a:35:6f:9a:8c:e7:61:29:9e:27:f3:
e3:a0:18:06:4d:5b:97:04:54:8e:a3:96:1b:29:18:32:c0:a6:
84:8b:69:f4:f6:a2:5a:f7:c0:2c:87:12:34:24:da:50:37:b1:
77:e4:fc:87:d0:82:aa:55:2b:89:53:c2:6c:4a:ec:ad:de:0a:
ae:ad:59:6f:31:e0:b5:fe:1a:fe:00:c3:27:a9:44:26:7c:a6:
b9:6b:f5:41:4d:2a:35:5c:81:bd:7a:d6:99:c8:60:4b:7f:3d:
f2:6f:10:a8:2d:06:5b:75:bc:f6:7b:cc:a7:6c:cd:34:1a:ea:
53:52:63:57:58:5b:d0:ce:e6:31:38:e8:61:b3:c1:f2:22:33:
7e:6c:30:f5:af:09:e8:66:7c:f2:1f:0d:fb:1e:76:c1:05:1c:
b7:3a:61:34:bc:c5:17:58:25:42:7c:ec:27:a7:52:05:77:73:
76:83:6b:48:42:8e:d9:7e:d1:c0:98:b7:05:cd:82:cf:a7:23:
95:1c:e2:e8:34:cb:69:bc:78:cf:ae:84:4d:c0:cf:ab:e8:34:
4d:81:0e:80:cb:8f:bd:61:69:45:28:9e:3a:4f:a6:1d:da:f0:
89:ab:ce:e5
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZEsW0WVzzYmYCEyqZvVOyBAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOTkxYWZjZDQ1NWViMWIxNzRmY2Y4OWY4ZTEwZWFmN2Y3
MGIzNTUwHhcNMjQwODA3MTAyMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWNjYjk4MmJmOGFkMzI0YWI5ZmM0MDRkM2VkMTNmZTE3M2FkNTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEpQqFQIhfQloZymn2oNHhR1NcS8
Hh+w1eB+cCW2gyxUNIyZVtQPMGZrefT1yyxuG1/OShAtyhY3gx5kiqlCwFTpKoe0
LJSEUATgyTwDhWlpD2yQOKxjcxUJLvrj+qyn25nes0X7bsWt8gn0Grn0h+L4xUV1
FTyQbR80tkd+GSToq+5Se1pi6ug1o8IBvz1zei6fMA0TOwh679VeqD6VJWpe3V4t
7CF8AJ0OGFs2rzmNCBvZT1P0iGzoIIs+Zr8bKOoUjgozBWoShD95kh3EpA+9nJeG
smkfkFv5UengjIHfzZV8/6jGkBq9guEl9Ub+BvrW2nOIP5wG37UTVXjMTwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFPXMuYK/itMkq5/EBNPtE/4XOtV8MB8GA1UdIwQY
MBaAFIOZGvzUVesbF0/PifjhDq9/cLNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmIt
ZTE1NDM3MzgwMDk5LzEvOWN5NWdyLUsweVNybjhRRTAtMFRfaGM2MVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmItZTE1NDM3MzgwMDk5
LzEvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQCAjpMAwQC
LUMEAwQALhAgAwQALv5pAwQAUEnzAwQAV+yQAwQCXHeoAwQAXZ1sAwQCZ26gAwQC
Z8OQAwQCiTsEAwQAkv+7AwQAstTiAwQCuUjwAwQC1a08MA0GCSqGSIb3DQEBCwUA
A4IBAQC4QftrrJV5SjLu435lbaup/y5RPAgOOUlrCjVvmoznYSmeJ/PjoBgGTVuX
BFSOo5YbKRgywKaEi2n09qJa98AshxI0JNpQN7F35PyH0IKqVSuJU8JsSuyt3gqu
rVlvMeC1/hr+AMMnqUQmfKa5a/VBTSo1XIG9etaZyGBLfz3ybxCoLQZbdbz2e8yn
bM00GupTUmNXWFvQzuYxOOhhs8HyIjN+bDD1rwnoZnzyHw37HnbBBRy3OmE0vMUX
WCVCfOwnp1IFd3N2g2tIQo7ZftHAmLcFzYLPpyOVHOLoNMtpvHjProRNwM+r6DRN
gQ6Ay4+9YWlFKJ46T6Yd2vCJq87l
-----END CERTIFICATE-----
Generated at Sun Sep 8 08:58:30 2024 by rpki-client on console-fra.rpki-client.org