Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/4MNSHwEjbrAD5xyMq6KePiczYME.roa
File: 4MNSHwEjbrAD5xyMq6KePiczYME.roa (raw, json)
Hash identifier: Lk/wdM9+lYOF9oGD2mrf50WzJoZBCH9OYHFQpEccDAg=
Subject key identifier: E0:C3:52:1F:01:23:6E:B0:03:E7:1C:8C:AB:A2:9E:3E:27:33:60:C1
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0187107B45304B1BC6EEE70A830F78F8C3D5
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/4MNSHwEjbrAD5xyMq6KePiczYME.roa
Signing time: Thu 23 Mar 2023 21:58:46 +0000
ROA not before: Thu 23 Mar 2023 21:58:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.139.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:10:7b:45:30:4b:1b:c6:ee:e7:0a:83:0f:78:f8:c3:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 23 21:58:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0c3521f01236eb003e71c8caba29e3e273360c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:07:b2:ce:6b:b0:41:3b:07:b4:1b:b7:e5:2f:
d3:c9:a4:9f:cd:84:7c:70:8f:05:59:73:d5:83:46:
94:66:36:dd:6b:71:eb:98:44:e1:47:d2:29:55:f3:
0e:85:c5:86:42:22:98:56:72:98:97:3e:bf:c9:c0:
e8:a4:b7:61:3d:89:81:8a:f5:24:bb:36:2f:01:32:
a5:a4:de:b3:d9:26:ec:53:b8:95:ff:16:e5:8d:db:
53:05:ae:8c:b1:5b:18:92:a5:cf:df:84:c7:57:8f:
81:c9:4b:4b:24:4c:ff:c6:2b:1f:e2:d0:92:9a:9d:
4a:04:6c:f9:54:b9:6c:97:0f:26:8e:c4:07:dd:25:
a6:77:e4:42:c2:f5:4d:87:0e:ab:82:f5:42:ad:86:
04:17:30:05:2f:ef:91:44:dd:17:47:54:51:8e:e4:
bf:af:1b:4f:56:dd:3c:97:b3:7f:58:f8:e5:bf:e5:
a2:a8:89:f8:30:f1:57:c1:59:9e:d8:c0:30:e1:72:
42:ca:30:b2:dd:a3:1b:ba:0a:5f:03:ba:a4:e6:c8:
c2:41:97:66:32:7c:3f:74:a8:b3:23:5e:48:2a:c6:
34:dd:55:15:85:39:e4:8a:bb:a1:7c:01:c7:c4:11:
1f:15:dd:44:13:9a:f6:c2:10:a2:63:9c:eb:9b:9d:
f8:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:C3:52:1F:01:23:6E:B0:03:E7:1C:8C:AB:A2:9E:3E:27:33:60:C1
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/4MNSHwEjbrAD5xyMq6KePiczYME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.139.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.38.0/23
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
a0:d7:98:35:4d:85:fb:c8:44:0b:dc:d4:4e:39:26:fa:03:ec:
66:ac:76:8c:f3:7c:76:a7:73:28:a3:36:d3:96:f9:68:88:37:
8e:96:b3:bc:dd:0d:c7:99:b7:79:d6:48:2f:8b:3d:d1:e4:d9:
12:77:06:be:d4:c6:6c:cc:c2:19:36:21:f4:d9:57:a8:14:7e:
3d:c5:68:05:03:03:87:72:50:2b:c0:61:db:a8:df:7d:1c:72:
91:4e:d5:3b:5a:3a:6a:55:51:25:d9:9e:05:8a:d6:0d:2f:11:
72:60:b3:c6:c0:3b:28:9d:3d:6b:4f:cb:b3:11:93:7f:e7:db:
e4:ab:2f:8a:44:15:a0:25:e7:b2:42:1a:be:d1:04:b7:59:9b:
26:d9:99:fb:d3:96:0a:01:bd:02:fa:5b:0e:72:0f:08:54:cc:
2a:cc:17:cc:60:20:08:10:89:40:be:ed:f9:d4:a3:51:be:b6:
51:8c:29:f1:7f:50:db:ed:97:81:27:7f:9f:66:c4:24:55:75:
c0:4c:88:d2:47:fa:69:28:94:a8:07:9d:5c:e8:61:0f:62:e6:
05:bd:f5:48:64:fe:0a:0f:da:3c:59:6b:fb:62:e1:a1:dd:d0:
44:5c:bd:3b:35:4b:75:1b:35:7b:2c:c5:b0:c3:7a:1c:24:16:
35:df:05:75
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAYcQe0UwSxvG7ucKgw94+MPVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMzIzMjE1ODQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGMzNTIxZjAxMjM2ZWIwMDNlNzFjOGNhYmEyOWUzZTI3MzM2MGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQeyzmuwQTsHtBu35S/TyaSfzYR8
cI8FWXPVg0aUZjbda3HrmEThR9IpVfMOhcWGQiKYVnKYlz6/ycDopLdhPYmBivUk
uzYvATKlpN6z2SbsU7iV/xbljdtTBa6MsVsYkqXP34THV4+ByUtLJEz/xisf4tCS
mp1KBGz5VLlslw8mjsQH3SWmd+RCwvVNhw6rgvVCrYYEFzAFL++RRN0XR1RRjuS/
rxtPVt08l7N/WPjlv+WiqIn4MPFXwVme2MAw4XJCyjCy3aMbugpfA7qk5sjCQZdm
Mnw/dKizI15IKsY03VUVhTnkiruhfAHHxBEfFd1EE5r2whCiY5zrm534YQIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFODDUh8BI26wA+ccjKuinj4nM2DBMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvNE1OU0h3RWpickFENXh5TXE2S2VQaWN6WU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTCBhwQCAAEwgYADBAIC
OGwDBAAFtVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIsDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAC2Q1AMEAU1TJgMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAsEe8AME
AME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAjAwUAKgFxIAMFAyoH
kgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEBAKDXmDVN
hfvIRAvc1E45JvoD7GasdozzfHancyijNtOW+WiIN46Ws7zdDceZt3nWSC+LPdHk
2RJ3Br7UxmzMwhk2IfTZV6gUfj3FaAUDA4dyUCvAYduo330ccpFO1TtaOmpVUSXZ
ngWK1g0vEXJgs8bAOyidPWtPy7MRk3/n2+SrL4pEFaAl57JCGr7RBLdZmybZmfvT
lgoBvQL6Ww5yDwhUzCrMF8xgIAgQiUC+7fnUo1G+tlGMKfF/UNvtl4Enf59mxCRV
dcBMiNJH+mkolKgHnVzoYQ9i5gW99Uhk/goP2jxZa/ti4aHd0ERcvTs1S3UbNXss
xbDDehwkFjXfBXU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:32 2023 by rpki-client on console-fra.rpki-client.org