Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BE9MYtWlq4BSFjTlm9wQeli-kKU.roa
File: BE9MYtWlq4BSFjTlm9wQeli-kKU.roa (raw, json)
Hash identifier: g05qTEiVmxDMzAbEpHvyx3bEuGe895C+n6A0QX5qRso=
Subject key identifier: 04:4F:4C:62:D5:A5:AB:80:52:16:34:E5:9B:DC:10:7A:58:BE:90:A5
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018965843B793E02F9D151A6B435B40F8B83
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BE9MYtWlq4BSFjTlm9wQeli-kKU.roa
Signing time: Mon 17 Jul 2023 20:21:51 +0000
ROA not before: Mon 17 Jul 2023 20:21:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 24
2.56.111.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 13 Aug 2023 07:28:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:65:84:3b:79:3e:02:f9:d1:51:a6:b4:35:b4:0f:8b:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jul 17 20:21:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=044f4c62d5a5ab80521634e59bdc107a58be90a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:db:92:70:8b:d0:98:87:15:e3:0b:ef:9b:3e:
87:ed:64:db:92:fa:54:a1:e5:6e:d5:ea:38:ff:49:
a1:a2:ba:b4:d0:1b:06:b3:b2:e2:5a:cf:c6:04:b6:
de:2b:28:9c:85:db:bd:87:b5:d4:de:5e:39:e1:56:
28:48:46:0b:61:9d:35:e2:e8:78:0c:a4:e2:0a:cd:
e3:f6:e9:e8:f6:42:8d:b4:e4:27:6b:00:ec:01:93:
99:db:5c:f8:e8:af:39:98:6c:c3:4f:ea:7a:c4:31:
51:72:3b:19:75:df:93:3f:b7:a3:f1:63:31:3e:fa:
c7:82:1c:cb:e4:64:0f:55:f9:0c:b6:3b:28:2c:69:
05:1f:2c:69:da:b6:88:ed:75:24:17:a9:12:92:7b:
84:31:05:0b:e9:67:11:a1:46:78:76:a9:b9:be:bb:
60:14:b4:a2:73:74:cd:a1:6a:47:c5:03:12:21:a2:
67:fd:a9:00:b3:1f:bb:81:dd:13:5f:0d:d9:d7:e4:
b9:0e:4d:30:cc:d7:cc:84:86:76:6c:4f:7f:37:dc:
bd:cb:83:4e:6e:4c:8a:bd:a4:88:de:8e:5c:35:a5:
f5:dd:bb:5e:fe:c0:90:0f:0d:1f:ab:d6:6d:e1:0c:
06:66:b6:d0:ee:a6:6b:59:97:36:54:f6:da:cc:b0:
4b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:4F:4C:62:D5:A5:AB:80:52:16:34:E5:9B:DC:10:7A:58:BE:90:A5
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BE9MYtWlq4BSFjTlm9wQeli-kKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
88:ad:8f:e2:0d:fe:45:4e:1b:8d:cf:ba:4c:a9:99:41:4f:60:
54:02:95:7c:c3:00:9c:e2:46:6c:55:8f:e5:71:8a:10:75:6b:
fc:86:a5:20:48:31:37:02:d1:62:00:33:c4:4d:24:a6:d4:d1:
99:dd:a7:02:ed:18:0a:74:29:11:c9:4a:18:c3:3e:9a:6d:2f:
d6:3d:1d:ab:3d:c2:7e:95:cd:29:2e:6c:bc:87:5b:34:de:3d:
5d:61:da:9d:0b:3e:d0:63:44:ac:eb:ca:44:77:a9:0f:fd:cf:
12:7c:f4:1d:d6:19:58:b9:09:0a:91:0c:d7:84:75:e1:46:6d:
74:b8:6a:43:5a:13:d8:c1:1f:a0:9f:03:71:43:77:f3:8a:27:
41:ab:3c:27:67:d0:ae:2d:36:6c:a0:c8:6a:56:d2:99:44:67:
c1:e5:c4:84:d0:c3:33:c9:6f:4d:f3:33:7c:63:29:e3:eb:1e:
16:9e:43:fb:ac:f1:48:97:37:a6:54:37:a6:a2:87:22:77:ae:
bb:9a:68:ad:cf:c2:92:f6:f3:5f:fd:c9:58:f0:84:12:5f:d8:
98:c5:58:d8:63:9b:a0:45:5a:71:08:ac:11:5a:af:bd:7b:64:
17:1c:2e:23:db:30:3b:28:0b:f8:a6:c5:cd:60:36:2f:3d:96:
cb:4c:37:16
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYllhDt5PgL50VGmtDW0D4uDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNzE3MjAyMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDRmNGM2MmQ1YTVhYjgwNTIxNjM0ZTU5YmRjMTA3YTU4YmU5MGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtuScIvQmIcV4wvvmz6H7WTbkvpU
oeVu1eo4/0mhorq00BsGs7LiWs/GBLbeKyichdu9h7XU3l454VYoSEYLYZ014uh4
DKTiCs3j9uno9kKNtOQnawDsAZOZ21z46K85mGzDT+p6xDFRcjsZdd+TP7ej8WMx
PvrHghzL5GQPVfkMtjsoLGkFHyxp2raI7XUkF6kSknuEMQUL6WcRoUZ4dqm5vrtg
FLSic3TNoWpHxQMSIaJn/akAsx+7gd0TXw3Z1+S5Dk0wzNfMhIZ2bE9/N9y9y4NO
bkyKvaSI3o5cNaX13bte/sCQDw0fq9Zt4QwGZrbQ7qZrWZc2VPbazLBLNQIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFARPTGLVpauAUhY05ZvcEHpYvpClMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvQkU5TVl0V2xxNEJTRmpUbG05d1FlbGkta0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBkwQCAAEwgYwDBAIC
OGwDBAAFtVcDBAAtCR0DBAItUXADBAAtWIgDBAEtWIoDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAC2Q1AMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KQMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAj
AwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQEL
BQADggEBAIitj+IN/kVOG43PukypmUFPYFQClXzDAJziRmxVj+VxihB1a/yGpSBI
MTcC0WIAM8RNJKbU0ZndpwLtGAp0KRHJShjDPpptL9Y9Has9wn6VzSkubLyHWzTe
PV1h2p0LPtBjRKzrykR3qQ/9zxJ89B3WGVi5CQqRDNeEdeFGbXS4akNaE9jBH6Cf
A3FDd/OKJ0GrPCdn0K4tNmygyGpW0plEZ8HlxITQwzPJb03zM3xjKePrHhaeQ/us
8UiXN6ZUN6aihyJ3rruaaK3PwpL281/9yVjwhBJf2JjFWNhjm6BFWnEIrBFar717
ZBccLiPbMDsoC/imxc1gNi89lstMNxY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org