Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/2OmLLP6_6hDbcQUNUboVim0b8HQ.roa
File: 2OmLLP6_6hDbcQUNUboVim0b8HQ.roa (raw, json)
Hash identifier: fkQu8ondB9sR7o5KRty33gtTaCPEv0ydDSTD4bG+uVQ=
Subject key identifier: D8:E9:8B:2C:FE:BF:EA:10:DB:71:05:0D:51:BA:15:8A:6D:1B:F0:74
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018B1991A0863F7777F9EE0593242A979B05
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/2OmLLP6_6hDbcQUNUboVim0b8HQ.roa
Signing time: Tue 10 Oct 2023 12:30:56 +0000
ROA not before: Tue 10 Oct 2023 12:30:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:91:a0:86:3f:77:77:f9:ee:05:93:24:2a:97:9b:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 10 12:30:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8e98b2cfebfea10db71050d51ba158a6d1bf074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8a:88:16:66:6e:ba:7d:fb:70:53:2d:26:be:
d9:aa:ab:9d:a6:59:30:02:b1:20:2c:53:0b:c5:15:
cc:5b:28:63:d6:0e:05:f2:5a:ca:c8:50:29:32:f1:
17:c4:66:2d:3c:35:30:d2:09:c8:ba:36:b9:c9:99:
1c:d8:99:5c:1e:87:3a:ca:fc:cb:cf:2a:60:09:a4:
c3:56:42:65:0c:47:a6:aa:dd:02:38:10:21:f0:06:
57:b5:b7:5d:72:76:4f:a0:8c:35:50:85:f2:13:05:
76:7c:f9:70:83:e2:db:e9:ea:03:74:de:9f:52:31:
7c:68:fb:a6:05:77:09:23:bf:2f:81:10:fb:ab:25:
87:57:73:59:59:d8:95:ea:68:e9:5e:3c:6e:93:c0:
6e:8f:4d:97:0b:3c:32:f0:f0:48:b7:7f:cf:b1:9e:
b5:f5:8f:39:98:3d:df:60:e5:08:43:57:35:bc:0c:
db:ca:01:08:60:47:b1:0e:7e:37:ec:b8:63:9c:60:
eb:ac:87:17:34:2b:5b:f8:fd:9c:44:e5:f0:78:6e:
9e:5a:4b:a8:7f:b7:36:1f:f7:31:4f:33:cb:81:03:
f2:f5:3e:a9:3f:0a:5a:c5:5a:9c:44:76:c8:63:0a:
57:b8:2c:86:57:fa:85:b5:4c:d2:c1:ea:2c:8d:86:
26:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:E9:8B:2C:FE:BF:EA:10:DB:71:05:0D:51:BA:15:8A:6D:1B:F0:74
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/2OmLLP6_6hDbcQUNUboVim0b8HQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
2f:9c:56:44:36:c9:55:68:fa:6b:7b:83:7f:ab:d1:51:f7:ee:
9b:8d:5c:f6:73:aa:6a:bf:ff:be:4e:ac:5b:40:26:45:18:60:
6b:af:e6:2d:8c:d2:71:36:cf:bc:d9:8e:2c:c3:9f:71:e9:a4:
f0:08:d9:2f:bf:b7:d5:94:e5:10:e5:e7:2a:09:e9:06:1c:eb:
db:0a:90:3d:c9:59:03:f6:6f:45:90:53:5c:74:b7:1b:36:45:
51:fc:3f:96:3c:c7:98:6a:c6:58:71:24:7e:9d:cd:aa:43:17:
b7:0b:b6:d1:72:39:6e:0c:0e:58:0b:ed:f2:0f:b9:b5:0e:b4:
35:3c:9e:bc:49:03:48:09:af:f4:5e:cc:88:0c:9c:3d:5d:13:
6e:ce:c4:d0:a7:dc:da:a7:3c:bc:9c:e5:9a:f4:49:b5:39:b6:
10:75:16:ff:be:18:84:f8:16:00:40:59:a2:cd:a1:b6:30:c8:
29:ad:fd:d3:60:1d:7c:e6:fd:92:d2:fe:71:9a:3a:a1:f6:26:
7a:74:b9:9c:27:d5:2a:9d:77:0f:92:65:72:45:67:1f:fd:99:
c4:73:98:80:ff:fa:f8:c0:8d:95:ee:e9:58:3c:f2:46:1e:89:
38:ea:f9:49:7e:b8:ae:49:ec:c8:83:7f:56:01:79:52:1a:80:
13:a3:e6:8b
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAYsZkaCGP3d3+e4FkyQql5sFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMDEwMTIzMDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGU5OGIyY2ZlYmZlYTEwZGI3MTA1MGQ1MWJhMTU4YTZkMWJmMDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIqIFmZuun37cFMtJr7Zqqudplkw
ArEgLFMLxRXMWyhj1g4F8lrKyFApMvEXxGYtPDUw0gnIuja5yZkc2JlcHoc6yvzL
zypgCaTDVkJlDEemqt0COBAh8AZXtbddcnZPoIw1UIXyEwV2fPlwg+Lb6eoDdN6f
UjF8aPumBXcJI78vgRD7qyWHV3NZWdiV6mjpXjxuk8Buj02XCzwy8PBIt3/PsZ61
9Y85mD3fYOUIQ1c1vAzbygEIYEexDn437LhjnGDrrIcXNCtb+P2cROXweG6eWkuo
f7c2H/cxTzPLgQPy9T6pPwpaxVqcRHbIYwpXuCyGV/qFtUzSweosjYYm2wIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFNjpiyz+v+oQ23EFDVG6FYptG/B0MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMk9tTExQNl82aERiY1FVTlVib1ZpbTBiOEhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHQBggrBgEFBQcBBwEB/wSBwDCBvTCBjwQCAAEwgYgDBAAF
tVcDBAAtCR0DBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAMEAC2Q1AME
AE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgMEAMEe8AME
AcEe8gMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgACMCMDBQAq
AXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0BAQsFAAOC
AQEAL5xWRDbJVWj6a3uDf6vRUffum41c9nOqar//vk6sW0AmRRhga6/mLYzScTbP
vNmOLMOfcemk8AjZL7+31ZTlEOXnKgnpBhzr2wqQPclZA/ZvRZBTXHS3GzZFUfw/
ljzHmGrGWHEkfp3NqkMXtwu20XI5bgwOWAvt8g+5tQ60NTyevEkDSAmv9F7MiAyc
PV0Tbs7E0Kfc2qc8vJzlmvRJtTm2EHUW/74YhPgWAEBZos2htjDIKa3902AdfOb9
ktL+cZo6ofYmenS5nCfVKp13D5JlckVnH/2ZxHOYgP/6+MCNle7pWDzyRh6JOOr5
SX64rknsyIN/VgF5UhqAE6Pmiw==
-----END CERTIFICATE-----
Generated at Thu Oct 12 15:33:45 2023 by rpki-client on console-ams.rpki-client.org