Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-u-s5Y1YLBhf_PtPRwQsla72N-I.roa
File: 1-u-s5Y1YLBhf_PtPRwQsla72N-I.roa (raw, json)
Hash identifier: /n6ADldyGuX1p98/conFT4FQXLtNeefcGYk+xc0WCdA=
Subject key identifier: FA:EF:AC:E5:8D:58:2C:18:5F:FC:FB:4F:47:04:2C:95:AE:F6:37:E2
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018B246C40695A5849BB78EC05368F0D7B8A
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-u-s5Y1YLBhf_PtPRwQsla72N-I.roa
Signing time: Thu 12 Oct 2023 15:05:55 +0000
ROA not before: Thu 12 Oct 2023 15:05:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:24:6c:40:69:5a:58:49:bb:78:ec:05:36:8f:0d:7b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 12 15:05:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=faeface58d582c185ffcfb4f47042c95aef637e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7e:cc:06:bb:74:85:88:9f:ca:46:2a:c1:17:
a9:7f:cd:71:db:83:5c:9d:59:ae:70:ad:91:06:b7:
1e:be:71:e5:92:40:3d:0c:a6:7e:c5:7e:28:f9:08:
6a:7b:cd:33:d0:7f:fd:83:bc:d6:26:15:bb:b9:8b:
de:d1:85:64:a4:f9:e4:61:7e:84:73:8a:3f:1b:5c:
b7:b1:6b:2d:a2:0b:9f:fa:6e:cd:01:4c:ad:d0:e4:
4b:cd:c5:60:e4:f9:e1:25:0f:33:3c:6a:94:cf:02:
37:0d:38:68:75:bd:2a:90:71:6a:24:7d:74:54:f9:
cf:6c:f9:4f:ce:d7:ae:19:fd:6f:26:6a:73:bd:06:
c0:d4:a6:e7:15:3b:67:e2:6a:b6:fc:43:b7:2b:04:
71:1a:79:24:9c:bc:11:f9:13:34:08:b1:0f:f0:5e:
c6:4f:04:55:c9:c8:c9:05:66:81:b0:d5:71:29:09:
90:be:7c:46:5a:76:91:a3:08:32:2f:66:0f:95:e7:
86:ae:a4:69:b8:44:af:cf:b5:63:f5:a2:80:7f:ed:
8d:37:28:4b:f8:fe:89:8b:16:1d:b1:81:27:68:6a:
08:bc:b7:29:d3:e1:92:a9:2b:fc:91:8b:e3:8e:4d:
01:2b:93:14:2b:59:04:e3:31:cf:ae:19:07:d7:70:
cb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:EF:AC:E5:8D:58:2C:18:5F:FC:FB:4F:47:04:2C:95:AE:F6:37:E2
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-u-s5Y1YLBhf_PtPRwQsla72N-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
0f:23:6d:40:20:76:13:ac:7b:67:36:a4:3b:d0:60:00:50:30:
a3:a4:c2:61:43:b7:0b:45:ba:90:3f:28:fe:03:b4:ac:b3:6f:
93:1a:48:a8:82:34:b2:dc:b8:90:e3:bd:0d:76:70:63:d4:98:
7e:1f:eb:52:e5:4b:16:1a:f6:12:44:2c:fc:d0:4b:71:30:79:
fa:73:bf:fb:2a:16:c7:14:39:33:53:87:02:b3:39:91:cf:3b:
29:f8:40:25:d3:1b:09:5a:54:9c:1b:27:d0:7f:dd:2c:f9:1f:
da:c7:61:1a:16:10:92:30:11:43:0b:bb:bf:f0:3a:e8:c3:d2:
ed:66:ea:da:e9:60:64:4b:7f:c4:20:ee:6c:2d:44:cd:fa:de:
59:c2:d9:6f:ea:9c:34:3f:62:db:1d:5e:9e:a5:b7:f5:e2:38:
14:44:c3:4e:15:e9:30:47:a2:c8:dd:8b:71:60:c3:64:20:1d:
1c:b7:28:ab:48:36:47:25:42:9a:92:00:18:cc:9d:5e:7f:0c:
09:f0:af:6b:8b:4d:bd:1a:96:6f:8b:b6:99:e5:ad:e9:d1:c7:
41:fa:f4:d6:17:60:f4:a2:9e:6c:07:60:07:08:85:5e:0a:8e:
8f:5c:42:38:70:79:9d:6f:f7:c7:17:bd:a3:d2:3f:99:e8:07:
3f:97:c1:d4
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAYskbEBpWlhJu3jsBTaPDXuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMDEyMTUwNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWVmYWNlNThkNTgyYzE4NWZmY2ZiNGY0NzA0MmM5NWFlZjYzN2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlH7MBrt0hYifykYqwRepf81x24Nc
nVmucK2RBrcevnHlkkA9DKZ+xX4o+Qhqe80z0H/9g7zWJhW7uYve0YVkpPnkYX6E
c4o/G1y3sWstoguf+m7NAUyt0ORLzcVg5PnhJQ8zPGqUzwI3DThodb0qkHFqJH10
VPnPbPlPzteuGf1vJmpzvQbA1KbnFTtn4mq2/EO3KwRxGnkknLwR+RM0CLEP8F7G
TwRVycjJBWaBsNVxKQmQvnxGWnaRowgyL2YPleeGrqRpuESvz7Vj9aKAf+2NNyhL
+P6JixYdsYEnaGoIvLcp0+GSqSv8kYvjjk0BK5MUK1kE4zHPrhkH13DLjwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFPrvrOWNWCwYX/z7T0cELJWu9jfiMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMS11LXM1WTFZTEJoZl9QdFBSd1FzbGE3Mk4tSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2
MC8xL25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBygYIKwYBBQUHAQcBAf8EgbowgbcwgYkEAgABMIGCAwQA
BbVXAwQALQkdAwQALViIAwQALViKAwQCLV6oMAwDBAAthLUDBAMthLADBAAtkNQD
BABNUyUDBABNUycDBAJV0XgDBABb324DBAG5K/gDBAC5K/sDBAG5yD4DBALBHvAD
BADBOSsDBALC8mAwDAMEAsOxXAMEAMOxXgMEAsPTvDApBAIAAjAjAwUAKgFxIAMF
AyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEBAA8j
bUAgdhOse2c2pDvQYABQMKOkwmFDtwtFupA/KP4DtKyzb5MaSKiCNLLcuJDjvQ12
cGPUmH4f61LlSxYa9hJELPzQS3Ewefpzv/sqFscUOTNThwKzOZHPOyn4QCXTGwla
VJwbJ9B/3Sz5H9rHYRoWEJIwEUMLu7/wOujD0u1m6trpYGRLf8Qg7mwtRM363lnC
2W/qnDQ/YtsdXp6lt/XiOBREw04V6TBHosjdi3Fgw2QgHRy3KKtINkclQpqSABjM
nV5/DAnwr2uLTb0alm+LtpnlrenRx0H69NYXYPSinmwHYAcIhV4Kjo9cQjhweZ1v
98cXvaPSP5noBz+XwdQ=
-----END CERTIFICATE-----
Generated at Tue Oct 17 08:42:59 2023 by rpki-client on console-fra.rpki-client.org