Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lXaJ32biP74kSYqawkQWKoEmlps.roa
File: lXaJ32biP74kSYqawkQWKoEmlps.roa (raw, json)
Hash identifier: tpbH4aaLSGdtlpJlemVIVqphRAFnUglwAeB05frqbTo=
Subject key identifier: 95:76:89:DF:66:E2:3F:BE:24:49:8A:9A:C2:44:16:2A:81:26:96:9B
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A800DA5338C12D705DAE2B76EE33EC526
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lXaJ32biP74kSYqawkQWKoEmlps.roa
Signing time: Sun 10 Sep 2023 17:04:52 +0000
ROA not before: Sun 10 Sep 2023 17:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.114.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 11 Sep 2023 21:06:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:80:0d:a5:33:8c:12:d7:05:da:e2:b7:6e:e3:3e:c5:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 10 17:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=957689df66e23fbe24498a9ac244162a8126969b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d1:cd:bd:80:8f:3b:e8:cd:7a:e8:4a:f5:77:
90:49:a7:85:53:12:5a:97:32:7a:24:95:8b:32:fc:
b1:37:55:92:46:b7:a5:fe:b7:51:68:aa:43:72:47:
40:09:c4:21:9e:5c:b2:ca:43:53:59:8e:38:b8:27:
13:7d:9c:48:e3:5a:57:0b:a1:46:0c:93:b8:e5:df:
32:d8:a0:21:8d:1d:9c:31:c1:14:19:e6:72:37:9d:
0e:20:f6:a4:80:5a:59:7d:15:8a:5a:b9:d6:cc:4c:
42:bb:bf:87:6e:24:ad:75:09:d6:a6:b7:7e:37:ac:
67:fd:ee:6d:16:e5:9d:76:4a:79:d9:df:b1:e9:cc:
71:70:f5:a1:26:08:d2:62:4b:14:52:5e:cc:32:63:
68:1a:04:92:56:55:b9:da:3e:72:b8:a4:ab:e7:55:
c3:b2:e7:cb:75:08:73:b8:34:6e:f1:fe:b7:39:09:
01:a7:32:4d:15:35:81:11:95:13:4e:4e:19:fa:54:
a9:98:19:6f:b8:98:43:1c:ca:c3:4a:07:13:c9:87:
bb:38:27:f4:3e:28:bf:21:10:25:4d:24:ca:49:58:
46:d1:5e:fb:76:0b:41:2a:1f:6b:eb:9e:82:0f:96:
3d:af:56:68:e0:8b:7e:a5:3f:2b:11:24:d8:41:ad:
e6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:76:89:DF:66:E2:3F:BE:24:49:8A:9A:C2:44:16:2A:81:26:96:9B
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lXaJ32biP74kSYqawkQWKoEmlps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
51:b2:11:20:2e:9a:0a:b0:f4:b3:0e:ad:5f:72:92:e1:e1:ed:
1d:a6:12:70:4e:2e:94:50:85:b9:2d:2a:60:96:64:19:b0:a3:
db:78:1f:eb:e6:08:41:59:0a:32:39:93:da:54:57:3b:e4:ef:
cb:e1:3b:87:8b:a8:50:3e:9f:08:60:60:16:10:1c:71:75:18:
82:c0:bc:3b:b9:7d:0d:ad:e2:06:f6:9b:c4:82:36:9b:92:a5:
70:0d:56:aa:70:81:de:9a:dd:3a:36:32:9c:87:bc:ba:1b:03:
a2:fd:e7:fc:c6:47:e8:a9:3b:52:72:16:e8:88:f3:6a:68:86:
3b:23:82:dc:78:33:9f:ff:13:2d:20:b4:9f:7d:b7:d6:d3:fb:
f5:3e:8d:1c:0b:39:0f:b6:03:25:94:6b:5b:c3:59:85:dd:d4:
08:8a:21:f3:be:f6:df:8d:64:ee:39:03:6b:fc:c2:64:06:d0:
77:47:c3:42:99:47:db:fe:ed:4c:00:f1:f4:42:4b:b7:f5:52:
8b:b5:ef:4b:7d:02:6f:a3:53:cf:dc:f3:de:81:4d:94:61:cd:
ce:38:f8:e0:45:01:cb:16:81:44:98:9f:f2:bf:00:cf:38:27:
f7:06:79:83:5c:09:e6:52:3a:d4:71:7e:b3:0b:05:a8:bb:60:
6d:dc:f3:bf
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgISAYqADaUzjBLXBdrit27jPsUmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTEwMTcwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTc2ODlkZjY2ZTIzZmJlMjQ0OThhOWFjMjQ0MTYyYTgxMjY5NjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtHNvYCPO+jNeuhK9XeQSaeFUxJa
lzJ6JJWLMvyxN1WSRrel/rdRaKpDckdACcQhnlyyykNTWY44uCcTfZxI41pXC6FG
DJO45d8y2KAhjR2cMcEUGeZyN50OIPakgFpZfRWKWrnWzExCu7+HbiStdQnWprd+
N6xn/e5tFuWddkp52d+x6cxxcPWhJgjSYksUUl7MMmNoGgSSVlW52j5yuKSr51XD
sufLdQhzuDRu8f63OQkBpzJNFTWBEZUTTk4Z+lSpmBlvuJhDHMrDSgcTyYe7OCf0
Pii/IRAlTSTKSVhG0V77dgtBKh9r656CD5Y9r1Zo4It+pT8rESTYQa3mRwIDAQAB
o4ICzTCCAskwHQYDVR0OBBYEFJV2id9m4j++JEmKmsJEFiqBJpabMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvbFhhSjMyYmlQNzRrU1lxYXdrUVdLb0VtbHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHiBggrBgEFBQcBBwEB/wSB0jCBzzCBoQQCAAEwgZoDBAAF
tVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AS2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AMEe8AMEAcEe8gMEAME5KQMEAME5KwMEAsLyYAMEAMM+GDAMAwQCw7FcAwQAw7Fe
AwQCw9O8MCkEAgACMCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEF
gDANBgkqhkiG9w0BAQsFAAOCAQEAUbIRIC6aCrD0sw6tX3KS4eHtHaYScE4ulFCF
uS0qYJZkGbCj23gf6+YIQVkKMjmT2lRXO+Tvy+E7h4uoUD6fCGBgFhAccXUYgsC8
O7l9Da3iBvabxII2m5KlcA1WqnCB3prdOjYynIe8uhsDov3n/MZH6Kk7UnIW6Ijz
amiGOyOC3Hgzn/8TLSC0n3231tP79T6NHAs5D7YDJZRrW8NZhd3UCIoh8772341k
7jkDa/zCZAbQd0fDQplH2/7tTADx9EJLt/VSi7XvS30Cb6NTz9zz3oFNlGHNzjj4
4EUByxaBRJif8r8Azzgn9wZ5g1wJ5lI61HF+swsFqLtgbdzzvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org