Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6RDbP-_G7vNcN-N0ER5MsYofVnU.roa
File: 6RDbP-_G7vNcN-N0ER5MsYofVnU.roa (raw, json)
Hash identifier: kmpHHkvpUvWC8zhOzF4jCrmDbx3j3uHxIVnSbAjsJ/A=
Subject key identifier: E9:10:DB:3F:EF:C6:EE:F3:5C:37:E3:74:11:1E:4C:B1:8A:1F:56:75
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018DB3F5B93E577105291A24C63E42999452
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6RDbP-_G7vNcN-N0ER5MsYofVnU.roa
Signing time: Fri 16 Feb 2024 22:07:21 +0000
ROA not before: Fri 16 Feb 2024 22:07:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.122.0/24 maxlen: 24
85.209.123.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a07:9200::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a10:dfc0::/29 maxlen: 29
2a11:580::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 24 Feb 2024 17:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b3:f5:b9:3e:57:71:05:29:1a:24:c6:3e:42:99:94:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Feb 16 22:07:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e910db3fefc6eef35c37e374111e4cb18a1f5675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:15:8f:f5:25:a7:27:fe:4b:fb:51:fd:38:88:
11:dd:c9:4f:c9:ce:65:71:63:49:c3:0a:97:e7:0d:
18:54:3c:80:c5:ae:1b:ff:a1:41:dd:ec:73:54:a9:
a9:99:9d:e7:e5:2f:2e:9d:5f:73:59:de:86:8b:41:
d0:9e:f9:81:d1:81:ef:26:95:5c:3c:11:6b:a3:15:
f8:c8:ab:9c:74:92:54:a8:ae:96:9e:63:fe:f7:31:
56:88:9a:3b:1f:3f:e6:c9:10:95:14:c7:b8:fc:5b:
09:03:66:d7:fa:37:78:30:ca:fc:d8:98:cf:ba:e8:
89:f1:d1:f9:aa:cb:75:86:67:8f:a5:35:d9:81:4f:
87:46:58:3a:e1:8b:0c:1b:99:95:47:0a:04:83:1e:
d7:76:79:9a:15:ee:75:3a:e1:ae:16:1c:83:58:9b:
0c:08:60:97:49:8c:75:c8:88:b0:72:e1:90:17:cf:
91:db:f1:39:10:f0:47:a5:36:9b:d6:31:d7:25:8a:
e6:ac:8b:8a:0a:48:3c:bd:39:8a:6b:af:ea:75:58:
d4:3d:f8:5e:f9:16:79:a5:80:e3:2e:fd:9d:6e:ce:
3b:2d:f5:95:e0:8d:ec:98:7c:fc:06:bd:3c:bf:7c:
a6:6f:ff:48:c3:5b:70:3a:f8:b7:58:4a:b0:bc:37:
9c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:10:DB:3F:EF:C6:EE:F3:5C:37:E3:74:11:1E:4C:B1:8A:1F:56:75
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6RDbP-_G7vNcN-N0ER5MsYofVnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.87.0/24
45.9.29.0/24
45.81.113.0/24
45.81.115.0/24
45.88.136.0/24
45.88.138.0/23
45.94.170.0/23
45.132.180.0/22
45.144.212.0/24
77.83.37.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
2d:e3:76:63:bb:27:35:6e:31:27:06:1f:89:cf:fb:fb:36:5b:
7e:c7:1e:42:1e:b3:13:30:f8:0f:55:94:9a:92:f6:85:07:db:
48:e8:9b:4d:c8:bc:52:a6:2b:ec:7e:73:c4:bb:cb:de:1d:f0:
6f:56:8a:b5:d5:9c:60:42:56:8c:9b:6e:fc:22:b7:2f:64:47:
4d:23:f7:a6:46:cb:f7:52:b0:ad:11:46:df:1d:49:05:c2:aa:
26:e5:8f:fd:96:b9:20:49:ad:76:05:1d:e7:57:a8:7c:da:dd:
75:dc:9e:7a:53:6f:1c:56:94:25:f7:84:59:50:84:0c:ec:37:
d9:32:b5:35:f5:87:f5:af:2f:e2:be:3a:70:24:b4:d3:bb:fb:
26:41:19:f9:37:72:5c:a8:2c:b0:e6:14:fc:69:5b:5a:55:64:
91:dd:76:05:d6:7f:af:fa:ba:f1:a3:27:9d:75:52:10:f4:1b:
0d:27:3f:1f:60:c8:d2:6d:81:93:3f:7c:09:3a:6a:6a:4c:9e:
ef:5d:dd:5e:22:88:94:79:1c:d3:0b:0a:cb:6c:31:25:bf:3f:
2c:18:0f:6e:19:28:c1:ab:cf:76:9b:57:65:33:7d:22:5c:ab:
9a:8d:18:0e:db:f8:a9:85:6b:1c:5e:1d:bf:f6:71:6b:93:fe:
ed:5d:e1:9f
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAY2z9bk+V3EFKRokxj5CmZRSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMjE2MjIwNzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTEwZGIzZmVmYzZlZWYzNWMzN2UzNzQxMTFlNGNiMThhMWY1Njc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhWP9SWnJ/5L+1H9OIgR3clPyc5l
cWNJwwqX5w0YVDyAxa4b/6FB3exzVKmpmZ3n5S8unV9zWd6Gi0HQnvmB0YHvJpVc
PBFroxX4yKucdJJUqK6WnmP+9zFWiJo7Hz/myRCVFMe4/FsJA2bX+jd4MMr82JjP
uuiJ8dH5qst1hmePpTXZgU+HRlg64YsMG5mVRwoEgx7XdnmaFe51OuGuFhyDWJsM
CGCXSYx1yIiwcuGQF8+R2/E5EPBHpTab1jHXJYrmrIuKCkg8vTmKa6/qdVjUPfhe
+RZ5pYDjLv2dbs47LfWV4I3smHz8Br08v3ymb/9Iw1twOvi3WEqwvDecrwIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFOkQ2z/vxu7zXDfjdBEeTLGKH1Z1MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvNlJEYlAtX0c3dk5jTi1OMEVSNU1zWW9mVm5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBkwQCAAEwgYwDBAAC
OG0DBAAFtVcDBAAtCR0DBAAtUXEDBAAtUXMDBAAtWIgDBAEtWIoDBAEtXqoDBAIt
hLQDBAAtkNQDBABNUyUDBAJV0XgDBAG5K/gDBAC5K/sDBAG5yD4DBADBHvADBAHB
HvIDBADBOSkDBADBOSsDBALC8mAwDAMEAsOxXAMEAMOxXgMEAsPTvDApBAIAAjAj
AwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQEL
BQADggEBAC3jdmO7JzVuMScGH4nP+/s2W37HHkIesxMw+A9VlJqS9oUH20jom03I
vFKmK+x+c8S7y94d8G9WirXVnGBCVoybbvwity9kR00j96ZGy/dSsK0RRt8dSQXC
qiblj/2WuSBJrXYFHedXqHza3XXcnnpTbxxWlCX3hFlQhAzsN9kytTX1h/WvL+K+
OnAktNO7+yZBGfk3clyoLLDmFPxpW1pVZJHddgXWf6/6uvGjJ511UhD0Gw0nPx9g
yNJtgZM/fAk6ampMnu9d3V4iiJR5HNMLCstsMSW/PywYD24ZKMGrz3abV2UzfSJc
q5qNGA7b+KmFaxxeHb/2cWuT/u1d4Z8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org