Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1P9EVxmfj_TCDnwA_ljD156e9Cg.roa
File: 1P9EVxmfj_TCDnwA_ljD156e9Cg.roa (raw, json)
Hash identifier: jDzkXs2ebCzUga5nwdBaZZB0Fi7dmbKnhR1z2jpjuz0=
Subject key identifier: D4:FF:44:57:19:9F:8F:F4:C2:0E:7C:00:FE:58:C3:D7:9E:9E:F4:28
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01876B78F84114C498E7D5638C77E73EF486
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1P9EVxmfj_TCDnwA_ljD156e9Cg.roa
Signing time: Mon 10 Apr 2023 14:01:42 +0000
ROA not before: Mon 10 Apr 2023 14:01:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.139.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6b:78:f8:41:14:c4:98:e7:d5:63:8c:77:e7:3e:f4:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 10 14:01:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4ff4457199f8ff4c20e7c00fe58c3d79e9ef428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d0:ad:5d:ae:48:1e:53:cd:b1:c1:ca:29:c0:
7f:81:a3:a9:3b:47:de:b3:b1:27:03:a7:3d:7f:79:
aa:e5:f2:4c:09:26:2e:a7:8d:83:00:8d:a2:dc:20:
59:bc:cb:d0:1b:73:39:79:1c:87:cd:7e:d9:91:4f:
07:26:62:ca:83:8a:13:90:1f:89:68:32:2d:37:5e:
33:09:71:d6:2d:1d:10:a0:38:bc:63:e5:d6:8b:37:
86:a0:e8:2d:4d:23:b2:6c:9e:f8:05:11:1c:15:0a:
78:b2:9d:63:f3:78:0e:41:b0:22:8c:cd:69:9e:0e:
ad:e5:1d:f7:c7:45:2d:31:d0:14:4f:22:60:66:98:
56:69:c5:8d:46:99:a2:ed:b6:63:e0:56:6e:d0:78:
84:17:43:56:c0:a2:20:a3:77:3c:16:5f:dd:c9:a8:
65:3f:57:f7:4f:c5:cb:51:16:03:e1:5e:bd:9d:a5:
fa:a5:a6:76:3a:85:51:fd:fe:a2:c7:52:f7:45:29:
e5:1f:e1:4e:b0:c8:c2:a7:81:cc:12:34:f5:90:28:
02:3d:86:fe:67:b1:8e:64:f3:b7:79:08:0b:57:c0:
ec:7c:83:8a:25:a1:5c:6c:f9:03:f0:64:eb:36:05:
41:92:ea:cd:2f:b9:d3:46:2f:3b:66:54:6c:4a:68:
31:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:FF:44:57:19:9F:8F:F4:C2:0E:7C:00:FE:58:C3:D7:9E:9E:F4:28
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1P9EVxmfj_TCDnwA_ljD156e9Cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.13.189.0/24
45.81.112.0/22
45.88.136.0/24
45.88.139.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.38.0/23
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
10:5c:97:aa:f0:54:22:43:3e:32:45:30:ca:25:93:63:1c:17:
d1:1d:b1:83:c1:8f:3e:7c:93:f5:cb:d7:4c:7c:01:91:8d:2f:
cc:61:23:de:0c:c8:ad:32:1f:5a:a9:96:fb:83:05:38:52:55:
a5:15:b7:51:bc:c1:76:4f:34:96:37:4c:8b:07:d7:28:3f:8d:
02:b0:2c:7c:4f:f3:5d:87:3c:e0:19:33:ec:ec:ae:5d:46:ce:
d7:1a:29:82:c6:4b:04:ed:6f:13:a3:d4:06:36:3a:81:d6:eb:
85:08:c8:d9:d6:d6:c0:9b:15:f0:71:dc:0c:6f:91:66:69:b6:
3a:ad:c8:9f:d5:09:3c:65:f3:ef:dd:fc:b5:81:7e:80:6d:13:
cc:1d:ba:a4:d3:57:70:78:e2:7b:9b:78:83:d3:df:f7:3a:c3:
25:55:93:e8:cf:97:5f:39:50:ea:e8:25:d7:b3:8d:9d:42:22:
c8:8d:72:d2:82:50:33:98:a8:dd:c6:98:29:6e:0a:43:65:40:
41:10:04:2d:31:62:e3:65:77:25:9f:09:33:ae:87:a6:ce:92:
b3:87:86:1d:aa:76:90:72:c8:e5:65:2c:fd:ff:6b:79:01:86:
80:6c:3e:69:6a:bd:7c:ad:3a:5a:1a:8a:79:08:05:aa:fe:74:
7e:04:32:aa
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYdrePhBFMSY59VjjHfnPvSGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNDEwMTQwMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGZmNDQ1NzE5OWY4ZmY0YzIwZTdjMDBmZTU4YzNkNzllOWVmNDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9CtXa5IHlPNscHKKcB/gaOpO0fe
s7EnA6c9f3mq5fJMCSYup42DAI2i3CBZvMvQG3M5eRyHzX7ZkU8HJmLKg4oTkB+J
aDItN14zCXHWLR0QoDi8Y+XWizeGoOgtTSOybJ74BREcFQp4sp1j83gOQbAijM1p
ng6t5R33x0UtMdAUTyJgZphWacWNRpmi7bZj4FZu0HiEF0NWwKIgo3c8Fl/dyahl
P1f3T8XLURYD4V69naX6paZ2OoVR/f6ix1L3RSnlH+FOsMjCp4HMEjT1kCgCPYb+
Z7GOZPO3eQgLV8DsfIOKJaFcbPkD8GTrNgVBkurNL7nTRi87ZlRsSmgxswIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFNT/RFcZn4/0wg58AP5Yw9eenvQoMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMVA5RVZ4bWZqX1RDRG53QV9sakQxNTZlOUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBjQQCAAEwgYYDBAIC
OGwDBAAFtVcDBAAtCR0DBAAtDb0DBAItUXADBAAtWIgDBAAtWIsDBAItXqgwDAME
AC2EtQMEAy2EsAMEAC2Q1AMEAU1TJgMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAjAwUAKgFx
IAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEB
ABBcl6rwVCJDPjJFMMolk2McF9EdsYPBjz58k/XL10x8AZGNL8xhI94MyK0yH1qp
lvuDBThSVaUVt1G8wXZPNJY3TIsH1yg/jQKwLHxP812HPOAZM+zsrl1GztcaKYLG
SwTtbxOj1AY2OoHW64UIyNnW1sCbFfBx3AxvkWZptjqtyJ/VCTxl8+/d/LWBfoBt
E8wduqTTV3B44nubeIPT3/c6wyVVk+jPl185UOroJdezjZ1CIsiNctKCUDOYqN3G
mCluCkNlQEEQBC0xYuNldyWfCTOuh6bOkrOHhh2qdpByyOVlLP3/a3kBhoBsPmlq
vXytOloainkIBar+dH4EMqo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-ams.rpki-client.org