Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/0hdlmzxoLBFmkqtGLo2RPVsSjLM.roa
File: 0hdlmzxoLBFmkqtGLo2RPVsSjLM.roa (raw, json)
Hash identifier: xlzrDb3pi3QY+m9YgIv+Qgt72bSLnUoZuVtWXImRX+I=
Subject key identifier: D2:17:65:9B:3C:68:2C:11:66:92:AB:46:2E:8D:91:3D:5B:12:8C:B3
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CAD51093E3D75862CC8E148BE9C047D0F
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/0hdlmzxoLBFmkqtGLo2RPVsSjLM.roa
Signing time: Wed 27 Dec 2023 22:06:58 +0000
ROA not before: Wed 27 Dec 2023 22:06:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ad:51:09:3e:3d:75:86:2c:c8:e1:48:be:9c:04:7d:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 27 22:06:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d217659b3c682c116692ab462e8d913d5b128cb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:6a:d4:c9:62:ab:eb:1e:91:d2:80:d4:89:a8:
ab:27:2d:06:d4:f7:79:02:a0:b5:5d:f2:d6:26:ce:
5d:74:ce:7f:af:db:33:42:56:34:59:8b:87:56:37:
be:b3:6a:07:39:bd:65:51:33:92:af:63:ad:6b:05:
d6:f1:d3:55:cc:b8:03:12:f9:a0:f1:5d:ea:15:76:
89:91:3a:4a:c9:da:4a:95:78:64:9c:78:20:46:5b:
7a:6d:07:dd:61:34:3f:42:cc:2c:b5:26:1b:97:2f:
ff:ab:9a:00:8f:cd:58:e9:ac:0d:d1:d8:87:01:07:
87:bf:d3:4a:c8:bc:44:ef:50:d1:3e:f4:f7:e4:e6:
be:ae:49:e0:1d:d0:25:a8:c5:74:b5:a2:c7:27:8d:
7a:3e:a1:64:29:ea:c3:1b:fc:2f:6d:e5:68:ec:9d:
05:47:10:c9:40:9f:89:1a:e7:0d:05:7f:87:d2:5b:
ab:51:c6:7e:cf:8d:5e:b1:f7:56:5f:3b:d8:9c:09:
6c:67:d4:c1:df:87:23:33:93:fb:4e:2d:f4:24:80:
eb:d0:91:eb:3f:dd:d8:e9:11:1e:ea:23:62:42:44:
02:f7:73:16:4a:72:2a:8b:5b:d8:ac:91:5e:76:57:
af:6d:b8:1e:5b:49:c6:01:57:26:c5:91:c2:40:df:
9d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:17:65:9B:3C:68:2C:11:66:92:AB:46:2E:8D:91:3D:5B:12:8C:B3
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/0hdlmzxoLBFmkqtGLo2RPVsSjLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.87.0/24
45.9.29.0/24
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
17:0d:fc:b2:06:4e:fe:62:53:b5:3c:dc:e6:e5:f6:ba:b7:09:
ee:0c:69:12:2c:36:e0:5c:3b:d9:6e:af:91:c3:a5:81:b6:c6:
6e:7d:56:d5:08:4b:e0:4d:4f:6c:ed:6a:a4:cc:19:08:b9:9d:
17:89:1c:88:1c:0f:c0:a4:6a:54:44:30:ee:e1:9d:cd:de:cd:
62:8d:3a:28:34:c7:e8:fc:a6:02:e0:5d:3c:65:33:36:e7:a2:
46:00:cc:35:a9:1f:f7:3f:84:ea:ed:b2:0f:f3:c2:4e:fd:3f:
46:04:00:ba:6a:7f:26:92:e8:7e:b2:9d:0c:8f:fd:33:70:e1:
65:38:dd:5c:de:c8:bb:51:0e:ca:a0:8f:a3:19:df:d2:c0:08:
47:bd:d2:5e:66:2f:71:36:a0:6e:8b:e0:b1:9d:e2:bf:07:00:
4e:62:a7:2a:ec:65:7d:61:64:cf:5e:4d:72:c4:40:15:a0:27:
36:da:9f:12:b6:bc:55:e7:2c:cb:69:df:94:2a:04:c2:49:68:
a8:c3:78:d1:eb:cd:2d:28:14:c1:3a:ac:2f:76:46:72:8c:6e:
50:44:26:73:9c:ea:06:69:f9:4c:c7:40:e3:4b:78:80:58:68:
b3:eb:d6:cf:5d:9f:c0:07:57:17:59:17:0d:c2:f7:6e:9c:b8:
c1:8d:9d:31
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAYytUQk+PXWGLMjhSL6cBH0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMjI3MjIwNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjE3NjU5YjNjNjgyYzExNjY5MmFiNDYyZThkOTEzZDViMTI4Y2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWrUyWKr6x6R0oDUiairJy0G1Pd5
AqC1XfLWJs5ddM5/r9szQlY0WYuHVje+s2oHOb1lUTOSr2OtawXW8dNVzLgDEvmg
8V3qFXaJkTpKydpKlXhknHggRlt6bQfdYTQ/QswstSYbly//q5oAj81Y6awN0diH
AQeHv9NKyLxE71DRPvT35Oa+rkngHdAlqMV0taLHJ416PqFkKerDG/wvbeVo7J0F
RxDJQJ+JGucNBX+H0lurUcZ+z41esfdWXzvYnAlsZ9TB34cjM5P7Ti30JIDr0JHr
P93Y6REe6iNiQkQC93MWSnIqi1vYrJFedlevbbgeW0nGAVcmxZHCQN+duwIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFNIXZZs8aCwRZpKrRi6NkT1bEoyzMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMGhkbG16eG9MQkZta3F0R0xvMlJQVnNTakxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHWBggrBgEFBQcBBwEB/wSBxjCBwzCBlQQCAAEwgY4DBAAC
OG0DBAAFtVcDBAAtCR0DBAAtWIgDBAEtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AC2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAMEe8AME
AcEe8gMEAME5KQMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgAC
MCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0B
AQsFAAOCAQEAFw38sgZO/mJTtTzc5uX2urcJ7gxpEiw24Fw72W6vkcOlgbbGbn1W
1QhL4E1PbO1qpMwZCLmdF4kciBwPwKRqVEQw7uGdzd7NYo06KDTH6PymAuBdPGUz
NueiRgDMNakf9z+E6u2yD/PCTv0/RgQAump/JpLofrKdDI/9M3DhZTjdXN7Iu1EO
yqCPoxnf0sAIR73SXmYvcTagbovgsZ3ivwcATmKnKuxlfWFkz15NcsRAFaAnNtqf
Era8Vecsy2nflCoEwkloqMN40evNLSgUwTqsL3ZGcoxuUEQmc5zqBmn5TMdA40t4
gFhos+vWz12fwAdXF1kXDcL3bpy4wY2dMQ==
-----END CERTIFICATE-----
Generated at Thu Dec 28 22:11:25 2023 by rpki-client on console-fra.rpki-client.org