Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/4rY8ybi3CUvHmEYWP_fzlWK-XcI.roa
File: 4rY8ybi3CUvHmEYWP_fzlWK-XcI.roa (raw, json)
Hash identifier: vU0hxRBS415GttJfRdcdfI/ZNg+KuJYr187XxkAq8PA=
Subject key identifier: E2:B6:3C:C9:B8:B7:09:4B:C7:98:46:16:3F:F7:F3:95:62:BE:5D:C2
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0191FF2261FE7F69FDDE861F28C19959C843
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/4rY8ybi3CUvHmEYWP_fzlWK-XcI.roa
Signing time: Tue 17 Sep 2024 08:38:49 +0000
ROA not before: Tue 17 Sep 2024 08:38:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a11:3900::/32 maxlen: 32
2a11:d680::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 06 Oct 2024 19:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:22:61:fe:7f:69:fd:de:86:1f:28:c1:99:59:c8:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 17 08:38:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2b63cc9b8b7094bc79846163ff7f39562be5dc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e4:da:f0:37:78:67:e0:14:1e:9a:5d:e4:c7:
a3:2f:e6:6a:87:19:c0:24:7b:d2:13:08:9c:3f:75:
ec:93:af:be:4f:82:8a:5b:4c:43:53:3f:f5:72:2d:
62:71:1a:3d:29:69:0c:97:68:d2:38:f0:66:38:0d:
66:b6:3f:e3:3a:24:67:35:55:6a:85:f7:de:b1:4d:
bf:8a:fe:f2:4a:4e:53:90:46:83:ce:81:67:71:1a:
bc:60:f3:08:e5:94:f6:38:bb:c7:a7:77:fc:b4:a1:
54:bd:77:20:2d:93:47:2a:9c:d3:05:ce:5b:4d:16:
ab:12:5e:cb:67:01:0e:28:5a:3c:6e:17:bf:55:fa:
78:4c:b6:3b:78:05:5c:54:01:07:2e:6e:88:53:6c:
77:40:3a:b5:01:7a:1b:43:c6:ea:81:5a:61:f2:cf:
c0:bc:e8:86:f3:1e:a3:fe:00:40:e7:c6:d2:09:5a:
60:1a:7f:ec:9c:38:37:19:e5:b0:5f:10:50:a1:8c:
09:46:19:8f:a2:bc:9e:f7:75:38:8b:dd:d4:20:a3:
ed:d7:07:d9:c6:67:ad:8f:9e:ba:3e:9c:b4:dc:e2:
ef:e3:74:c7:7b:ae:46:11:76:0d:fd:d8:62:d8:38:
9b:ef:21:39:b9:ac:3c:95:f0:e8:f8:e5:fb:c5:b5:
11:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:B6:3C:C9:B8:B7:09:4B:C7:98:46:16:3F:F7:F3:95:62:BE:5D:C2
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/4rY8ybi3CUvHmEYWP_fzlWK-XcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.81.115.0/24
45.88.136.0/24
45.88.138.0/24
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.93.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
2a11:3900::/32
2a11:d680::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
42:2c:8a:49:9d:98:03:83:f8:11:55:9d:e6:48:70:13:93:16:
84:84:47:8f:ed:0d:85:fa:b3:d3:46:e8:fc:8e:a8:84:50:c5:
11:72:c8:83:96:f6:d7:bf:25:1b:35:92:57:03:8c:fb:5e:19:
42:a7:e4:a8:93:26:7b:8c:8a:76:fc:77:47:e8:35:3c:30:26:
d4:64:3b:ed:fb:64:03:c2:ae:bf:db:cc:32:9f:16:08:69:54:
3c:68:dc:b4:32:8b:bc:91:1e:bd:85:78:fe:24:61:ef:05:91:
c6:a8:6e:72:1d:80:c5:c6:ff:59:2e:ec:e4:9e:9c:a4:fc:a4:
a0:a0:91:2c:2d:3f:fc:91:51:9c:81:3a:57:7d:8b:89:b7:88:
c5:cc:fd:58:fc:78:1c:3e:1b:28:2e:42:22:77:ee:e2:0a:b8:
c6:bf:2f:97:de:15:67:75:1a:71:19:e0:55:09:64:f5:f9:ee:
fa:8f:2d:e3:5b:c1:eb:c0:3f:92:43:ab:5b:47:8d:83:72:a0:
d6:b5:7e:df:74:e8:94:5f:c8:61:0d:a1:e0:a4:1f:f3:29:22:
0a:1c:72:76:9e:4a:f8:8a:c5:ea:14:96:cc:2a:a7:9a:82:ec:
b3:3e:d8:83:03:8e:51:d5:d2:94:ce:80:bf:ae:d6:e9:6f:b9:
44:80:3c:53
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAZH/ImH+f2n93oYfKMGZWchDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwOTE3MDgzODQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmI2M2NjOWI4YjcwOTRiYzc5ODQ2MTYzZmY3ZjM5NTYyYmU1ZGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuTa8Dd4Z+AUHppd5MejL+ZqhxnA
JHvSEwicP3Xsk6++T4KKW0xDUz/1ci1icRo9KWkMl2jSOPBmOA1mtj/jOiRnNVVq
hffesU2/iv7ySk5TkEaDzoFncRq8YPMI5ZT2OLvHp3f8tKFUvXcgLZNHKpzTBc5b
TRarEl7LZwEOKFo8bhe/Vfp4TLY7eAVcVAEHLm6IU2x3QDq1AXobQ8bqgVph8s/A
vOiG8x6j/gBA58bSCVpgGn/snDg3GeWwXxBQoYwJRhmPorye93U4i93UIKPt1wfZ
xmetj566Ppy03OLv43THe65GEXYN/dhi2Dib7yE5uaw8lfDo+OX7xbURbQIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFOK2PMm4twlLx5hGFj/385Vivl3CMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvNHJZOHliaTNDVXZIbUVZV1BfZnpsV0stWGNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCBpwQCAAEwgaAD
BAACOG0DBAAFtVQDBAAFtVcDBAAtCR0wDAMEAC0NvQMEAC0NvgMEAC1RcwMEAC1Y
iAMEAC1YigMEAC1eqwMEAi2EtAMEAC2Q1AMEAC2XAwMEAE1TJQMEAJITfQMEAbkr
+AMEALkr+wMEAbnIPgMEAMEe8AMEAcEe8gMEAME5KwMEAMLyYAMEAcLyYjAMAwQA
w7FdAwQAw7FeAwQCw9O8MGgEAgACMGIDBQAqAXEgAwUDKgeSAAMFACoJA0ADBQAq
CcRAAwUAKgxdQAMFAyoMpYADBQMqEN/AAwUAKhD6wAMFAyoRBYADBQAqERYAAwUA
KhEqgAMFACoROQADBQAqEdaAAwUAKhKfADANBgkqhkiG9w0BAQsFAAOCAQEAQiyK
SZ2YA4P4EVWd5khwE5MWhIRHj+0Nhfqz00bo/I6ohFDFEXLIg5b2178lGzWSVwOM
+14ZQqfkqJMme4yKdvx3R+g1PDAm1GQ77ftkA8Kuv9vMMp8WCGlUPGjctDKLvJEe
vYV4/iRh7wWRxqhuch2Axcb/WS7s5J6cpPykoKCRLC0//JFRnIE6V32LibeIxcz9
WPx4HD4bKC5CInfu4gq4xr8vl94VZ3UacRngVQlk9fnu+o8t41vB68A/kkOrW0eN
g3Kg1rV+33TolF/IYQ2h4KQf8ykiChxydp5K+IrF6hSWzCqnmoLssz7YgwOOUdXS
lM6Av67W6W+5RIA8Uw==
-----END CERTIFICATE-----
Generated at Sun Oct 6 21:05:55 2024 by rpki-client on console-ams.rpki-client.org