Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-bXGsRnzUnvxdnSunqkMrhDN7lg.roa
File: 1-bXGsRnzUnvxdnSunqkMrhDN7lg.roa (raw, json)
Hash identifier: C0I4TQmJnyBRSU+EkVpPD30+riNFHT49eUxr068cJII=
Subject key identifier: F9:B5:C6:B1:19:F3:52:7B:F1:76:74:AE:9E:A9:0C:AE:10:CD:EE:58
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A655696B97CCFB813FAE2BC8E6CBBA343
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-bXGsRnzUnvxdnSunqkMrhDN7lg.roa
Signing time: Tue 05 Sep 2023 12:34:48 +0000
ROA not before: Tue 05 Sep 2023 12:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.114.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 07 Sep 2023 12:53:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:56:96:b9:7c:cf:b8:13:fa:e2:bc:8e:6c:bb:a3:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 5 12:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9b5c6b119f3527bf17674ae9ea90cae10cdee58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a8:26:c4:c3:34:e7:93:34:76:9c:aa:62:26:
02:99:34:f1:db:92:65:d5:b0:c4:b1:82:ff:3a:cf:
cd:94:4f:1b:15:82:ec:bf:d3:1a:ae:93:14:45:a3:
3e:bb:0c:b8:ea:95:91:30:b3:e2:11:e8:5d:5c:87:
7a:7a:67:dd:4a:3f:1c:1a:a8:c0:60:d1:8a:b3:b3:
f2:fe:23:d4:a2:4d:33:c2:59:b1:02:96:91:57:49:
e0:7d:81:26:f6:8a:ef:d7:41:89:7c:54:c2:b4:85:
0f:b4:97:8a:71:05:dd:c9:7e:8c:ca:91:c2:a0:18:
d1:2c:f5:2e:94:60:a1:85:a6:93:33:72:19:5f:52:
10:90:5a:b9:ba:b1:7f:f3:11:e6:7b:17:4a:e2:5f:
69:09:f0:a3:58:19:6b:94:27:ae:36:94:8a:cd:4d:
d6:0d:08:bd:9f:8a:ba:4a:28:85:14:4a:ce:9b:4d:
2b:dd:1b:d9:a1:50:bb:9f:d5:d2:1e:b2:e6:8d:bb:
5a:2a:bf:00:a1:2a:f7:f7:4b:a5:ab:a9:68:95:2d:
38:d3:d3:2d:3f:96:a0:37:e2:0b:42:72:9d:28:cc:
c0:19:38:39:fb:ef:12:b6:82:4e:a7:43:32:cd:f3:
b4:d4:c3:e4:d5:d4:6e:01:cc:da:35:a8:6a:6a:b2:
22:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B5:C6:B1:19:F3:52:7B:F1:76:74:AE:9E:A9:0C:AE:10:CD:EE:58
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-bXGsRnzUnvxdnSunqkMrhDN7lg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
33:b2:84:48:9e:78:f7:28:64:6d:04:29:26:0b:03:88:9a:43:
cb:71:94:2a:ea:8a:d9:81:3a:ea:1b:90:fe:bd:a4:57:86:48:
33:13:b9:63:44:1f:02:47:3f:52:7a:a5:b6:4c:05:73:4f:ad:
e7:0c:fd:13:e9:20:03:2d:21:58:77:f9:b2:6f:70:3d:ed:65:
2f:de:5e:b6:b4:70:34:16:63:28:07:f3:88:47:9e:12:55:b3:
dd:23:50:8a:5a:d4:23:a2:58:e8:cc:c4:35:a2:3a:ee:77:6d:
46:b8:c3:0f:1b:9e:d1:81:00:e6:0f:8f:da:6c:d1:db:17:ed:
88:5b:d6:84:75:55:67:61:2a:41:61:50:06:a5:d9:86:08:25:
b7:55:35:4c:22:69:6f:13:c5:70:67:ac:fb:e5:6b:31:c3:76:
92:66:4e:63:18:f8:4c:25:48:5c:ad:7b:ad:d4:e8:1d:78:98:
21:fd:8c:ca:97:b1:71:b3:19:27:8f:e0:e8:4b:e6:3c:6f:0f:
ee:92:65:9c:bb:3f:2f:69:3b:22:bf:6d:82:1b:88:1b:d7:32:
87:9f:4b:e9:1f:47:b3:92:43:f4:e1:4e:37:62:29:51:8b:9c:
10:17:87:54:4e:ac:48:ba:86:ac:a6:90:97:39:59:66:ef:56:
d9:27:56:68
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAYplVpa5fM+4E/rivI5su6NDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTA1MTIzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWI1YzZiMTE5ZjM1MjdiZjE3Njc0YWU5ZWE5MGNhZTEwY2RlZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKgmxMM055M0dpyqYiYCmTTx25Jl
1bDEsYL/Os/NlE8bFYLsv9MarpMURaM+uwy46pWRMLPiEehdXId6emfdSj8cGqjA
YNGKs7Py/iPUok0zwlmxApaRV0ngfYEm9orv10GJfFTCtIUPtJeKcQXdyX6MypHC
oBjRLPUulGChhaaTM3IZX1IQkFq5urF/8xHmexdK4l9pCfCjWBlrlCeuNpSKzU3W
DQi9n4q6SiiFFErOm00r3RvZoVC7n9XSHrLmjbtaKr8AoSr390ulq6lolS0409Mt
P5agN+ILQnKdKMzAGTg5++8StoJOp0MyzfO01MPk1dRuAczaNahqarIiRQIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFPm1xrEZ81J78XZ0rp6pDK4Qze5YMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMS1iWEdzUm56VW52eGRuU3VucWtNcmhETjdsZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2
MC8xL25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB1AYIKwYBBQUHAQcBAf8EgcQwgcEwgZMEAgABMIGMAwQA
BbVXAwQALQkdAwQCLVFwAwQALViIAwQBLViKAwQCLV6oMAwDBAAthLUDBAMthLAD
BAEtkNQDBABNUyUDBABNUycDBAJV0XgDBABb324DBAG5K/gDBAC5K/sDBAG5yD4D
BALBHvADBADBOSkDBADBOSsDBALC8mADBADDPhgDBALDsVwDBALD07wwKQQCAAIw
IwMFACoBcSADBQMqB5IAAwUDKgylgAMFAyoQ38ADBQMqEQWAMA0GCSqGSIb3DQEB
CwUAA4IBAQAzsoRInnj3KGRtBCkmCwOImkPLcZQq6orZgTrqG5D+vaRXhkgzE7lj
RB8CRz9SeqW2TAVzT63nDP0T6SADLSFYd/myb3A97WUv3l62tHA0FmMoB/OIR54S
VbPdI1CKWtQjoljozMQ1ojrud21GuMMPG57RgQDmD4/abNHbF+2IW9aEdVVnYSpB
YVAGpdmGCCW3VTVMImlvE8VwZ6z75Wsxw3aSZk5jGPhMJUhcrXut1OgdeJgh/YzK
l7Fxsxknj+DoS+Y8bw/ukmWcuz8vaTsiv22CG4gb1zKHn0vpH0ezkkP04U43YilR
i5wQF4dUTqxIuoasppCXOVlm71bZJ1Zo
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org