Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/09mwlIr3llgYyBUeu53TBSGOyws.roa
File: 09mwlIr3llgYyBUeu53TBSGOyws.roa (raw, json)
Hash identifier: 4FquZcvkaRMa4053pPamgZwsgUXVIXvkH2qEux15uVs=
Subject key identifier: D3:D9:B0:94:8A:F7:96:58:18:C8:15:1E:BB:9D:D3:05:21:8E:CB:0B
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A460A251680719470AF88D2E3D9D8DE1C
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/09mwlIr3llgYyBUeu53TBSGOyws.roa
Signing time: Wed 30 Aug 2023 10:43:04 +0000
ROA not before: Wed 30 Aug 2023 10:43:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.81.114.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:0a:25:16:80:71:94:70:af:88:d2:e3:d9:d8:de:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 30 10:43:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3d9b0948af7965818c8151ebb9dd305218ecb0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6e:f6:cc:2d:73:20:41:37:4a:25:7c:2f:b5:
af:ae:74:0c:01:43:16:c6:f6:1f:3a:28:fa:64:1f:
61:55:cf:22:67:02:4f:cc:a7:67:70:70:71:1a:c5:
93:7f:23:4d:52:77:5b:11:03:61:9d:7e:3c:a2:20:
20:f0:99:97:3a:f0:ce:4d:31:b0:0f:e1:d3:a5:b5:
c8:a5:3b:b5:d5:d2:e1:0f:cf:57:e9:3d:12:a3:c9:
24:d4:c7:cb:fa:6b:5a:16:56:2e:8c:59:ab:ad:f8:
a5:bd:a2:24:65:db:55:a9:22:c6:11:68:35:04:68:
f5:ee:3d:74:ed:b3:95:f0:67:96:57:a9:fc:2a:a9:
58:1b:3e:25:c8:97:f8:31:05:91:bf:50:ce:f9:84:
d3:4f:f1:ff:eb:70:9d:3d:2c:d4:2b:b0:fe:ff:2b:
05:19:58:bd:f5:98:cf:e9:24:d6:cc:f1:8f:0e:5a:
ee:3e:92:24:aa:34:ca:01:5b:68:ce:d3:fd:19:7a:
0e:e1:6d:76:20:c2:d0:d7:dd:30:69:7b:a9:2f:e1:
21:d2:48:6e:33:a5:71:c2:86:ef:56:a9:ab:8c:db:
b8:e4:07:c3:95:24:c3:a5:c2:ad:9a:4c:a7:97:54:
bb:be:e8:2a:8a:33:08:ad:bd:5b:d2:1a:9a:92:d2:
7e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:D9:B0:94:8A:F7:96:58:18:C8:15:1E:BB:9D:D3:05:21:8E:CB:0B
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/09mwlIr3llgYyBUeu53TBSGOyws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
2d:f5:7a:07:f5:cc:99:5c:9c:4e:16:4e:fd:7a:1d:48:27:73:
29:70:1b:f6:2b:46:d6:dc:28:ae:2e:88:69:8f:ad:66:4a:d8:
74:ef:1e:db:09:39:5e:f6:ed:33:99:82:4c:43:e9:bf:1a:34:
e9:45:ca:1c:23:32:8a:17:8a:d0:72:30:62:22:d7:69:4c:8d:
87:0a:cc:66:71:d7:52:7f:eb:f7:c2:d4:69:aa:8b:2b:59:cc:
15:f4:61:d8:7a:4d:b3:56:47:17:10:cc:2c:83:c1:ab:e3:90:
b4:c2:e3:1d:ed:bc:f2:a6:d1:1e:b7:1c:3a:d8:b0:6b:ac:2a:
35:61:f1:2f:2c:67:38:0a:de:18:7c:ad:09:c2:d4:81:3a:a3:
be:46:95:32:43:69:04:64:1c:ea:fd:71:cf:bb:32:20:40:87:
41:48:a0:5a:47:e5:89:a0:49:2d:ab:ca:18:e5:02:bb:3e:08:
1d:c5:87:48:40:3a:26:36:42:79:56:55:e9:5c:9e:8f:be:5a:
5b:d7:26:7a:ee:36:41:83:76:4b:53:85:e7:52:3d:1c:a2:b3:
63:71:24:8b:d8:b8:f6:0e:16:07:d3:3a:38:47:7e:87:d9:72:
40:4c:7f:83:a7:c4:ce:4c:36:9e:26:01:c0:01:db:80:eb:4b:
85:1c:81:66
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYpGCiUWgHGUcK+I0uPZ2N4cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODMwMTA0MzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2Q5YjA5NDhhZjc5NjU4MThjODE1MWViYjlkZDMwNTIxOGVjYjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl272zC1zIEE3SiV8L7WvrnQMAUMW
xvYfOij6ZB9hVc8iZwJPzKdncHBxGsWTfyNNUndbEQNhnX48oiAg8JmXOvDOTTGw
D+HTpbXIpTu11dLhD89X6T0So8kk1MfL+mtaFlYujFmrrfilvaIkZdtVqSLGEWg1
BGj17j107bOV8GeWV6n8KqlYGz4lyJf4MQWRv1DO+YTTT/H/63CdPSzUK7D+/ysF
GVi99ZjP6STWzPGPDlruPpIkqjTKAVtoztP9GXoO4W12IMLQ190waXupL+Eh0khu
M6VxwobvVqmrjNu45AfDlSTDpcKtmkynl1S7vugqijMIrb1b0hqaktJ+aQIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFNPZsJSK95ZYGMgVHrud0wUhjssLMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMDltd2xJcjNsbGdZeUJVZXU1M1RCU0dPeXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBkwQCAAEwgYwDBAAF
tVcDBAAtCR0DBAItUXADBAAtWIgDBAEtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AS2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KQMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAj
AwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQEL
BQADggEBAC31egf1zJlcnE4WTv16HUgncylwG/YrRtbcKK4uiGmPrWZK2HTvHtsJ
OV727TOZgkxD6b8aNOlFyhwjMooXitByMGIi12lMjYcKzGZx11J/6/fC1GmqiytZ
zBX0Ydh6TbNWRxcQzCyDwavjkLTC4x3tvPKm0R63HDrYsGusKjVh8S8sZzgK3hh8
rQnC1IE6o75GlTJDaQRkHOr9cc+7MiBAh0FIoFpH5YmgSS2ryhjlArs+CB3Fh0hA
OiY2QnlWVelcno++WlvXJnruNkGDdktThedSPRyis2NxJIvYuPYOFgfTOjhHfofZ
ckBMf4OnxM5MNp4mAcAB24DrS4UcgWY=
-----END CERTIFICATE-----
Generated at Wed Aug 30 14:39:21 2023 by rpki-client on console-fra.rpki-client.org