Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/8ouSC4edtOI5730UjkeE8sYQarA.roa
File: 8ouSC4edtOI5730UjkeE8sYQarA.roa (raw, json)
Hash identifier: bOiNduBEL2nSrMLN5l4Hv9O3TgPYIn1WMY9YFndd0Ms=
Subject key identifier: F2:8B:92:0B:87:9D:B4:E2:39:EF:7D:14:8E:47:84:F2:C6:10:6A:B0
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01876BB2A5EC4E42279D6233E8F5915FA41F
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/8ouSC4edtOI5730UjkeE8sYQarA.roa
Signing time: Mon 10 Apr 2023 15:04:42 +0000
ROA not before: Mon 10 Apr 2023 15:04:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.139.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 11 Apr 2023 12:23:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6b:b2:a5:ec:4e:42:27:9d:62:33:e8:f5:91:5f:a4:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 10 15:04:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f28b920b879db4e239ef7d148e4784f2c6106ab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:43:44:bb:26:a3:c7:1c:c6:f5:79:ba:05:cc:
d3:4e:17:1d:f8:e9:c7:87:48:14:48:8c:84:cd:7f:
0d:dc:26:0b:30:96:a5:80:2b:dd:27:32:eb:44:d7:
1a:5c:7e:90:8f:e2:dd:cc:5f:5a:b7:c1:16:b0:96:
09:1d:62:cf:fe:78:a3:a0:74:57:91:80:3d:95:24:
7f:55:cb:af:40:f3:94:0e:e5:cd:08:20:9f:af:1a:
12:34:94:4f:81:a8:6d:ae:88:19:54:9d:5f:25:d4:
17:37:fe:c8:4d:b7:84:d7:7a:19:b0:34:60:31:61:
df:ae:f7:01:76:c5:5d:92:84:00:d5:aa:18:93:85:
9b:12:42:2a:ee:6b:a7:b5:0f:2c:51:4e:a1:f6:e4:
55:77:e3:50:bf:03:9a:69:4f:05:3c:dc:5d:e8:48:
98:97:1e:36:02:5e:21:d1:02:57:11:62:32:16:cd:
54:5a:cb:1e:21:45:56:57:ee:cc:25:2a:29:6c:0b:
6d:0d:17:8d:64:cc:d2:3a:2c:e6:76:3f:ff:9d:0f:
e7:14:9e:4e:76:5b:9b:1a:dc:6d:d1:f5:45:21:4e:
b8:69:b1:b4:59:14:9c:04:74:cb:70:14:9b:bf:8d:
eb:5c:b4:fb:fd:dd:ad:ce:5f:5d:4a:4d:86:e5:a4:
45:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:8B:92:0B:87:9D:B4:E2:39:EF:7D:14:8E:47:84:F2:C6:10:6A:B0
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/8ouSC4edtOI5730UjkeE8sYQarA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.139.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.38.0/23
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
54:e0:51:b1:f5:d2:83:b8:ac:1e:04:dd:59:89:89:9a:4f:60:
79:98:c4:5d:4e:b1:91:13:20:5c:39:e6:23:78:80:38:09:a8:
5d:32:e6:f5:1f:22:d5:83:3b:c6:1a:2d:da:fd:45:f3:fa:5f:
fd:02:a6:0c:89:24:ee:02:b6:46:1f:a2:85:0a:86:14:7a:bd:
1e:a2:56:28:61:f9:4e:ff:2b:4f:5f:8e:ce:66:af:7a:a4:37:
4c:5e:0b:15:01:31:6d:7f:43:d9:1e:61:75:cd:34:f3:ff:7e:
8d:39:62:07:6e:ba:01:92:61:50:71:f4:84:d1:e2:4a:38:ed:
f3:94:25:24:39:fd:a9:33:7f:a9:e6:8a:29:e4:83:a7:45:ca:
ee:68:25:1e:87:9b:23:28:1e:eb:04:89:18:56:04:78:d6:d4:
45:3a:e1:9c:a5:76:8e:a9:15:96:be:b3:b9:de:fc:8b:fe:4f:
f2:8a:8f:93:0c:94:95:0d:1d:6d:ed:dc:09:c3:d1:2f:86:9a:
1e:ef:b5:0f:cb:5f:8d:9f:f7:60:b4:bb:d8:fb:26:52:5d:86:
b3:ac:d1:5a:4a:ee:23:a9:bc:3a:f9:c6:89:61:38:90:9a:d4:
9b:09:b8:6f:a7:e6:c4:c5:4a:e6:5d:ce:49:b0:b1:20:6a:b2:
4c:1f:1c:13
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAYdrsqXsTkInnWIz6PWRX6QfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNDEwMTUwNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjhiOTIwYjg3OWRiNGUyMzllZjdkMTQ4ZTQ3ODRmMmM2MTA2YWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjENEuyajxxzG9Xm6BczTThcd+OnH
h0gUSIyEzX8N3CYLMJalgCvdJzLrRNcaXH6Qj+LdzF9at8EWsJYJHWLP/nijoHRX
kYA9lSR/VcuvQPOUDuXNCCCfrxoSNJRPgahtrogZVJ1fJdQXN/7ITbeE13oZsDRg
MWHfrvcBdsVdkoQA1aoYk4WbEkIq7muntQ8sUU6h9uRVd+NQvwOaaU8FPNxd6EiY
lx42Al4h0QJXEWIyFs1UWsseIUVWV+7MJSopbAttDReNZMzSOizmdj//nQ/nFJ5O
dlubGtxt0fVFIU64abG0WRScBHTLcBSbv43rXLT7/d2tzl9dSk2G5aRFywIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFPKLkguHnbTiOe99FI5HhPLGEGqwMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvOG91U0M0ZWR0T0k1NzMwVWprZUU4c1lRYXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTCBhwQCAAEwgYADBAIC
OGwDBAAFtVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIsDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAC2Q1AMEAU1TJgMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAsEe8AME
AME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAjAwUAKgFxIAMFAyoH
kgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEBAFTgUbH1
0oO4rB4E3VmJiZpPYHmYxF1OsZETIFw55iN4gDgJqF0y5vUfItWDO8YaLdr9RfP6
X/0CpgyJJO4CtkYfooUKhhR6vR6iVihh+U7/K09fjs5mr3qkN0xeCxUBMW1/Q9ke
YXXNNPP/fo05YgduugGSYVBx9ITR4ko47fOUJSQ5/akzf6nmiinkg6dFyu5oJR6H
myMoHusEiRhWBHjW1EU64Zyldo6pFZa+s7ne/Iv+T/KKj5MMlJUNHW3t3AnD0S+G
mh7vtQ/LX42f92C0u9j7JlJdhrOs0VpK7iOpvDr5xolhOJCa1JsJuG+n5sTFSuZd
zkmwsSBqskwfHBM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org