Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/2bJODSQ6cWZQVqvCYBAgG3dAUSQ.roa
File: 2bJODSQ6cWZQVqvCYBAgG3dAUSQ.roa (raw, json)
Hash identifier: IceFcgCb7yaL8Zwq6/tf82WLJc1i8wBooHqRzrtQOVc=
Subject key identifier: D9:B2:4E:0D:24:3A:71:66:50:56:AB:C2:60:10:20:1B:77:40:51:24
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018C50CA3F73404D2C27BF6A6C6C4C84580D
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/2bJODSQ6cWZQVqvCYBAgG3dAUSQ.roa
Signing time: Sat 09 Dec 2023 22:54:40 +0000
ROA not before: Sat 09 Dec 2023 22:54:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 11 Dec 2023 15:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:50:ca:3f:73:40:4d:2c:27:bf:6a:6c:6c:4c:84:58:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 9 22:54:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9b24e0d243a71665056abc26010201b77405124
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3e:c7:b4:27:14:a1:3c:18:3b:9e:9c:84:02:
75:84:1a:c6:49:be:fd:bb:1f:9a:7e:55:49:3a:57:
cb:9a:6f:64:63:65:85:81:8d:ff:bd:d6:34:e2:e2:
dd:01:34:a6:fd:74:f2:eb:9f:f2:d1:07:61:69:0e:
d7:b1:a5:3c:f4:de:9a:76:d3:06:6a:1f:e8:2e:c8:
df:de:7f:a1:4c:d1:42:9d:be:bf:4e:a5:15:09:16:
8c:e5:09:ba:b1:20:64:99:15:1e:92:fb:1f:bd:70:
10:89:4b:49:8a:b8:f5:1d:8d:fb:0f:85:3f:2a:f4:
33:d6:0f:fc:ce:c5:c8:30:04:c2:5c:66:15:61:41:
d7:7c:f6:d9:32:26:c5:cb:9f:4f:5e:bd:4f:bf:03:
3e:a1:3c:ed:49:fa:c5:0d:a4:a8:db:dd:60:ad:d3:
0f:ee:17:64:b7:c4:aa:7a:86:71:5f:fc:ec:1a:c1:
da:3f:a9:d8:ff:fd:a8:cb:42:69:e4:38:12:46:32:
14:f0:5e:fa:11:c4:54:6b:78:5b:ed:de:78:07:23:
13:af:08:9d:95:44:4f:ca:2a:af:13:f8:79:79:db:
67:af:6b:1e:8a:0e:6a:b8:88:cf:59:18:47:65:84:
37:ef:61:93:e9:91:6b:c8:30:67:22:71:db:12:f6:
ad:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B2:4E:0D:24:3A:71:66:50:56:AB:C2:60:10:20:1B:77:40:51:24
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/2bJODSQ6cWZQVqvCYBAgG3dAUSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.115.0/24
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
9b:54:dd:d7:0e:12:8e:25:37:55:be:96:f0:38:fd:84:3b:76:
3d:7c:4e:90:87:a0:2c:2c:20:1d:db:bf:6e:e6:d4:25:54:48:
28:1c:fd:20:83:1e:1a:76:16:22:5e:76:57:22:e7:c6:01:fa:
a6:cf:28:b6:27:bc:62:e1:f0:34:3a:5a:cf:c8:09:66:9e:bf:
19:40:84:bb:7e:c0:77:50:ff:ad:d4:5e:71:93:77:5a:6d:62:
b4:5e:1a:95:fb:a4:bf:b8:bf:31:b0:18:7d:10:f8:c0:42:13:
5a:84:e2:c1:f5:7d:5c:09:81:60:cf:aa:f6:99:52:43:18:38:
97:a7:9d:33:97:79:b0:23:8a:93:6d:16:c8:78:16:ef:e3:c1:
e8:2e:f9:ea:18:70:55:e1:79:e6:c3:47:f8:27:96:d7:06:56:
21:0a:77:3a:52:af:95:a5:e3:f2:de:c3:09:d6:56:e4:a0:c0:
25:0b:76:a5:9f:ab:fa:1e:10:fb:60:8c:9f:78:ee:60:b0:6d:
3e:ac:21:82:dc:69:7f:8a:1b:30:c6:89:42:58:0d:0a:62:58:
7f:55:cf:83:b9:92:2a:4f:b5:b1:2c:90:94:d5:3f:5a:ba:97:
85:c8:92:73:ef:30:1a:cc:5f:7f:c4:a0:26:d5:36:61:ce:c4:
ee:70:25:d2
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAYxQyj9zQE0sJ79qbGxMhFgNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMjA5MjI1NDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWIyNGUwZDI0M2E3MTY2NTA1NmFiYzI2MDEwMjAxYjc3NDA1MTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiD7HtCcUoTwYO56chAJ1hBrGSb79
ux+aflVJOlfLmm9kY2WFgY3/vdY04uLdATSm/XTy65/y0QdhaQ7XsaU89N6adtMG
ah/oLsjf3n+hTNFCnb6/TqUVCRaM5Qm6sSBkmRUekvsfvXAQiUtJirj1HY37D4U/
KvQz1g/8zsXIMATCXGYVYUHXfPbZMibFy59PXr1PvwM+oTztSfrFDaSo291grdMP
7hdkt8SqeoZxX/zsGsHaP6nY//2oy0Jp5DgSRjIU8F76EcRUa3hb7d54ByMTrwid
lURPyiqvE/h5edtnr2seig5quIjPWRhHZYQ372GT6ZFryDBnInHbEvat5wIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFNmyTg0kOnFmUFarwmAQIBt3QFEkMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMmJKT0RTUTZjV1pRVnF2Q1lCQWdHM2RBVVNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHWBggrBgEFBQcBBwEB/wSBxjCBwzCBlQQCAAEwgY4DBAAF
tVcDBAAtCR0DBAAtUXMDBAAtWIgDBAEtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AC2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAMEe8AME
AcEe8gMEAME5KQMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgAC
MCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0B
AQsFAAOCAQEAm1Td1w4SjiU3Vb6W8Dj9hDt2PXxOkIegLCwgHdu/bubUJVRIKBz9
IIMeGnYWIl52VyLnxgH6ps8otie8YuHwNDpaz8gJZp6/GUCEu37Ad1D/rdRecZN3
Wm1itF4alfukv7i/MbAYfRD4wEITWoTiwfV9XAmBYM+q9plSQxg4l6edM5d5sCOK
k20WyHgW7+PB6C756hhwVeF55sNH+CeW1wZWIQp3OlKvlaXj8t7DCdZW5KDAJQt2
pZ+r+h4Q+2CMn3juYLBtPqwhgtxpf4obMMaJQlgNCmJYf1XPg7mSKk+1sSyQlNU/
WrqXhciSc+8wGsxff8SgJtU2Yc7E7nAl0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org