Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/I-RwdCpQWKON3V4-C9N8wqUUUrY.roa
File: I-RwdCpQWKON3V4-C9N8wqUUUrY.roa (raw, json)
Hash identifier: Dy0rn3TZn/MH4N0JbrxAAYCGtLuLJhfRYRh+xOOZ8yE=
Subject key identifier: 23:E4:70:74:2A:50:58:A3:8D:DD:5E:3E:0B:D3:7C:C2:A5:14:52:B6
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0188C8552A41CFCDE158DA6FF201F24413D9
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/I-RwdCpQWKON3V4-C9N8wqUUUrY.roa
Signing time: Sat 17 Jun 2023 07:50:04 +0000
ROA not before: Sat 17 Jun 2023 07:50:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 24
2.56.111.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 15 Jul 2023 15:06:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c8:55:2a:41:cf:cd:e1:58:da:6f:f2:01:f2:44:13:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jun 17 07:50:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23e470742a5058a38ddd5e3e0bd37cc2a51452b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c7:76:d7:62:f0:7e:4d:fa:a0:69:a7:2f:28:
fd:1e:c4:31:15:17:75:05:ec:43:f9:a4:ac:d4:ea:
aa:1b:c9:59:76:b6:c9:2e:80:9c:0c:a0:3c:b4:b7:
c3:00:7d:8d:e1:37:a6:28:33:89:49:63:88:29:aa:
75:5c:82:c8:e2:33:5c:66:a2:97:40:28:93:e1:ac:
7e:0f:b6:87:41:75:a3:44:9d:8c:2b:64:ce:3d:f6:
88:ba:6e:be:e3:aa:4f:27:1b:bb:0e:b9:bf:19:7f:
87:f4:57:72:10:3a:d2:f0:41:6b:2d:ac:2e:b0:78:
0d:22:fc:88:11:0f:56:3a:ac:12:4e:c1:e4:9d:09:
7d:00:f3:6c:34:8a:9e:a6:e2:97:b8:89:44:3c:f0:
6f:02:92:5f:3c:40:3a:e2:6b:c0:20:b1:6e:d6:32:
07:a0:be:5f:81:51:22:2b:8e:c6:64:b2:b6:e4:81:
b0:bb:04:66:c8:a7:9b:c7:30:2e:ba:f5:e4:1e:96:
5a:09:e0:35:dd:d2:30:a1:e0:3f:ff:23:37:8d:48:
95:8d:5a:d5:a8:55:9e:65:f4:d2:c2:6c:a4:82:b3:
ea:82:da:6f:a1:3d:07:f4:27:e5:f6:56:d1:9b:c4:
5b:b2:bc:5e:34:19:e3:53:a1:08:50:01:21:9e:c8:
b6:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E4:70:74:2A:50:58:A3:8D:DD:5E:3E:0B:D3:7C:C2:A5:14:52:B6
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/I-RwdCpQWKON3V4-C9N8wqUUUrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.38.0/23
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
61:43:03:c4:26:2c:8f:dd:37:0c:a8:1e:52:0e:e4:ef:c3:58:
4f:96:d1:19:d5:4e:4e:74:52:07:a6:56:36:07:d1:2f:65:84:
c6:0a:bb:46:38:ee:40:8a:ad:1f:97:56:59:8e:62:19:1d:2c:
19:af:d5:bb:8e:80:7f:24:a5:c8:65:c0:40:16:f4:72:1b:ca:
88:d9:a6:96:8a:73:fc:9b:5a:89:cf:a0:4d:96:d8:c2:63:a9:
37:74:6e:5e:81:8e:f1:5b:d0:24:e9:45:a0:61:f5:18:9c:64:
b6:ff:d6:82:9d:be:2b:aa:84:d3:63:25:f8:45:65:1d:0a:26:
16:dd:37:8c:6a:09:a9:06:cc:c5:d5:78:38:1f:26:d5:0b:54:
43:cf:b0:05:40:17:2f:18:b7:2b:e4:e8:b4:9d:9b:fc:16:50:
d1:9c:f9:df:ee:fb:fb:e7:9c:32:bf:12:cf:e0:c7:28:42:d7:
af:92:e0:09:19:e0:34:70:c0:3e:9b:79:0a:1c:09:bd:26:bd:
84:a2:46:a9:b4:aa:0a:35:c5:9a:73:10:22:3f:14:13:15:b1:
05:1d:f0:67:6a:77:12:a0:c0:9b:30:32:79:ef:90:0e:ba:c8:
d8:fa:75:ba:72:fe:ab:6c:5b:7f:d6:a5:99:53:77:b1:7c:5b:
81:bd:9f:c4
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYjIVSpBz83hWNpv8gHyRBPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNjE3MDc1MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2U0NzA3NDJhNTA1OGEzOGRkZDVlM2UwYmQzN2NjMmE1MTQ1MmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscd212Lwfk36oGmnLyj9HsQxFRd1
BexD+aSs1OqqG8lZdrbJLoCcDKA8tLfDAH2N4TemKDOJSWOIKap1XILI4jNcZqKX
QCiT4ax+D7aHQXWjRJ2MK2TOPfaIum6+46pPJxu7Drm/GX+H9FdyEDrS8EFrLawu
sHgNIvyIEQ9WOqwSTsHknQl9APNsNIqepuKXuIlEPPBvApJfPEA64mvAILFu1jIH
oL5fgVEiK47GZLK25IGwuwRmyKebxzAuuvXkHpZaCeA13dIwoeA//yM3jUiVjVrV
qFWeZfTSwmykgrPqgtpvoT0H9Cfl9lbRm8RbsrxeNBnjU6EIUAEhnsi2xQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFCPkcHQqUFijjd1ePgvTfMKlFFK2MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvSS1Sd2RDcFFXS09OM1Y0LUM5Tjh3cVVVVXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBjQQCAAEwgYYDBAIC
OGwDBAAFtVcDBAAtCR0DBAItUXADBAAtWIgDBAEtWIoDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAC2Q1AMEAU1TJgMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAjAwUAKgFx
IAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEB
AGFDA8QmLI/dNwyoHlIO5O/DWE+W0RnVTk50UgemVjYH0S9lhMYKu0Y47kCKrR+X
VlmOYhkdLBmv1buOgH8kpchlwEAW9HIbyojZppaKc/ybWonPoE2W2MJjqTd0bl6B
jvFb0CTpRaBh9RicZLb/1oKdviuqhNNjJfhFZR0KJhbdN4xqCakGzMXVeDgfJtUL
VEPPsAVAFy8Ytyvk6LSdm/wWUNGc+d/u+/vnnDK/Es/gxyhC16+S4AkZ4DRwwD6b
eQocCb0mvYSiRqm0qgo1xZpzECI/FBMVsQUd8GdqdxKgwJswMnnvkA66yNj6dbpy
/qtsW3/WpZlTd7F8W4G9n8Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org