Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/4StINnN-oNDUsoOLoIYlSCP6-Js.roa
File: 4StINnN-oNDUsoOLoIYlSCP6-Js.roa (raw, json)
Hash identifier: 4K2Lo6ydG3FGvppTkJNUGojJ4YWn9dmiVEkKhSsPl3g=
Subject key identifier: E1:2B:48:36:73:7E:A0:D0:D4:B2:83:8B:A0:86:25:48:23:FA:F8:9B
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CCFD9372F07C15C9CFA596E4EBDDF6F39
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/4StINnN-oNDUsoOLoIYlSCP6-Js.roa
Signing time: Wed 03 Jan 2024 15:02:48 +0000
ROA not before: Wed 03 Jan 2024 15:02:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 04 Jan 2024 20:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cf:d9:37:2f:07:c1:5c:9c:fa:59:6e:4e:bd:df:6f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 3 15:02:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e12b4836737ea0d0d4b2838ba086254823faf89b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4a:37:67:2c:b8:7d:f8:0f:fc:cc:a5:bd:48:
1b:8f:4b:d5:fe:a0:8b:37:87:93:50:73:2c:fe:0e:
15:9c:7c:13:c4:d1:e8:69:3e:7e:df:75:17:6c:3f:
7c:59:ac:a0:d2:6f:75:0c:30:d3:d5:80:db:5b:d1:
06:d7:f5:8e:2b:21:9e:72:22:65:cb:6e:2a:53:da:
7a:0d:1d:b2:cb:42:08:74:43:cc:a7:1c:10:4f:2d:
a7:07:fe:3e:4e:ca:ea:15:38:d4:19:79:0b:8d:48:
43:5b:5e:f6:d8:03:63:8f:6e:67:57:9c:23:72:92:
ed:27:48:80:79:06:79:7d:81:38:5c:86:07:37:0a:
71:d8:54:4d:ff:6a:6d:e7:f7:24:69:d5:5e:20:2a:
5e:ee:28:9c:1a:2d:e4:52:a2:69:3d:3a:25:8b:dc:
15:6f:bb:be:14:64:aa:e2:e2:6c:82:f0:3c:05:9d:
ef:9a:2d:78:87:44:d7:aa:3f:f7:c5:bd:3f:c7:fe:
8a:ea:96:44:0b:d5:94:de:89:58:65:b5:06:4a:a4:
ec:a8:fb:40:aa:22:ba:c7:ba:bc:1f:02:07:31:01:
be:8c:4d:4a:a6:1c:e1:c3:f4:91:93:06:22:6d:18:
59:2c:68:7d:d8:07:aa:d9:a7:45:9a:25:ba:97:48:
0c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:2B:48:36:73:7E:A0:D0:D4:B2:83:8B:A0:86:25:48:23:FA:F8:9B
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/4StINnN-oNDUsoOLoIYlSCP6-Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.87.0/24
45.9.29.0/24
45.81.112.0/24
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
27:b0:80:65:46:7b:4a:fb:08:03:ac:26:f6:bd:c2:47:80:c5:
ef:05:aa:6c:2c:63:1e:9b:d8:d0:a6:5c:1d:79:04:22:a1:72:
87:93:2c:05:1f:7e:13:9b:80:cf:31:41:d1:8a:7f:da:1a:a7:
37:98:73:9f:04:54:05:b6:bb:cd:fa:47:d0:ac:14:d7:46:c8:
db:92:c6:af:c6:b6:83:25:a6:d3:b1:2b:22:fa:74:b3:ce:ca:
6d:fb:78:c1:80:bf:4f:91:b4:a0:f0:01:7e:ce:a5:03:cf:92:
fe:3c:e7:fd:fe:4a:38:cc:05:1c:83:4f:a6:bd:3c:15:41:92:
cb:1f:b5:ec:07:e3:6b:bd:00:a2:e6:03:5a:c4:0e:0b:62:cf:
b9:7a:15:24:49:d9:c8:7a:4b:36:25:9c:95:77:e7:0e:db:8e:
14:a8:62:5b:4b:04:e3:82:ab:61:f9:ca:25:7a:5e:b0:cd:aa:
e7:b6:81:93:91:56:df:3c:ec:85:0e:7a:c2:02:bc:f3:f2:29:
b0:e5:c1:67:7c:71:07:3c:2c:0b:6f:e0:24:7e:bc:43:0a:23:
46:1a:1e:27:ce:00:d7:d3:35:13:9e:97:64:70:12:4c:68:67:
77:a6:07:96:f4:a3:5b:4d:d3:8e:c7:2d:36:06:94:2e:6a:1f:
1a:ff:8c:ab
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAYzP2TcvB8FcnPpZbk693285MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTAzMTUwMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTJiNDgzNjczN2VhMGQwZDRiMjgzOGJhMDg2MjU0ODIzZmFmODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxko3Zyy4ffgP/MylvUgbj0vV/qCL
N4eTUHMs/g4VnHwTxNHoaT5+33UXbD98Wayg0m91DDDT1YDbW9EG1/WOKyGeciJl
y24qU9p6DR2yy0IIdEPMpxwQTy2nB/4+TsrqFTjUGXkLjUhDW1722ANjj25nV5wj
cpLtJ0iAeQZ5fYE4XIYHNwpx2FRN/2pt5/ckadVeICpe7iicGi3kUqJpPToli9wV
b7u+FGSq4uJsgvA8BZ3vmi14h0TXqj/3xb0/x/6K6pZEC9WU3olYZbUGSqTsqPtA
qiK6x7q8HwIHMQG+jE1Kphzhw/SRkwYibRhZLGh92Aeq2adFmiW6l0gMOwIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFOErSDZzfqDQ1LKDi6CGJUgj+vibMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvNFN0SU5uTi1vTkRVc29PTG9JWWxTQ1A2LUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHWBggrBgEFBQcBBwEB/wSBxjCBwzCBlQQCAAEwgY4DBAAC
OG0DBAAFtVcDBAAtCR0DBAAtUXADBAAtWIgDBAEtWIoDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAC2Q1AMEAE1TJQMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAMEe8AME
AcEe8gMEAME5KQMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgAC
MCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0B
AQsFAAOCAQEAJ7CAZUZ7SvsIA6wm9r3CR4DF7wWqbCxjHpvY0KZcHXkEIqFyh5Ms
BR9+E5uAzzFB0Yp/2hqnN5hznwRUBba7zfpH0KwU10bI25LGr8a2gyWm07ErIvp0
s87Kbft4wYC/T5G0oPABfs6lA8+S/jzn/f5KOMwFHINPpr08FUGSyx+17Afja70A
ouYDWsQOC2LPuXoVJEnZyHpLNiWclXfnDtuOFKhiW0sE44KrYfnKJXpesM2q57aB
k5FW3zzshQ56wgK88/IpsOXBZ3xxBzwsC2/gJH68QwojRhoeJ84A19M1E56XZHAS
TGhnd6YHlvSjW03TjsctNgaULmofGv+Mqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org