Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/59aDgDRkQlNFM6BFdC-7Jj0aghA.roa
File: 59aDgDRkQlNFM6BFdC-7Jj0aghA.roa (raw, json)
Hash identifier: iPPaATmjCMW7WAsXdHj2i87WaGOyjKrx333hXXbeuCQ=
Subject key identifier: E7:D6:83:80:34:64:42:53:45:33:A0:45:74:2F:BB:26:3D:1A:82:10
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018AD080339B07D7FD0E85E8E493CAB5D170
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/59aDgDRkQlNFM6BFdC-7Jj0aghA.roa
Signing time: Tue 26 Sep 2023 07:59:37 +0000
ROA not before: Tue 26 Sep 2023 07:59:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d0:80:33:9b:07:d7:fd:0e:85:e8:e4:93:ca:b5:d1:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 26 07:59:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7d68380346442534533a045742fbb263d1a8210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c1:4b:88:cb:d3:e7:07:ae:71:0c:0c:a1:f4:
1b:9d:20:1d:33:77:c8:82:1e:2d:02:2b:93:32:be:
66:91:14:07:4e:62:20:1a:98:c4:89:b8:a0:eb:8e:
4d:98:0f:97:e6:f9:49:39:2e:d9:b6:f1:ae:77:f3:
f6:cd:cd:e3:8b:3c:1f:df:85:5f:92:4f:94:5a:53:
cd:8c:9c:a6:d9:be:82:dd:1b:2b:3f:6e:71:88:36:
0f:ec:59:ad:55:63:de:81:b3:74:1f:25:08:0b:60:
4c:47:f8:b3:6f:24:f3:47:0c:26:dd:21:e3:8c:fe:
c7:ad:16:51:5e:ba:94:47:8f:ed:d6:4e:cd:86:28:
d2:71:27:01:62:09:fb:fa:ed:ce:66:1c:24:d4:ea:
dd:74:0d:2f:88:f5:47:2e:15:4b:d3:fa:7e:95:ef:
5e:91:81:88:7f:77:6e:6c:ec:02:44:90:3b:2d:fe:
a2:37:ef:88:ae:87:dd:53:c3:ac:a4:2c:18:23:99:
cc:87:d1:47:bf:52:b8:e8:f5:d0:e3:c8:6b:ed:59:
f8:93:32:b7:0d:e8:ab:f5:ff:d7:57:9b:bb:a6:42:
ef:e4:38:21:3c:7c:5b:b4:69:94:fd:0d:a4:fa:1e:
d9:77:21:bb:97:43:83:4e:a4:c6:cd:c8:49:8c:f9:
57:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:D6:83:80:34:64:42:53:45:33:A0:45:74:2F:BB:26:3D:1A:82:10
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/59aDgDRkQlNFM6BFdC-7Jj0aghA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
b9:2e:f6:61:af:3d:a1:83:25:e7:4e:4d:e3:a8:fa:db:d9:9b:
7b:87:bb:26:ba:f4:03:c1:37:f9:e1:d6:a5:49:7c:64:94:97:
95:a8:ce:5e:f7:70:aa:a0:68:01:6e:1c:f7:57:96:02:c5:89:
ee:fc:3e:a7:ad:ec:90:91:04:2d:b0:4f:ee:fa:f4:4a:61:b6:
51:0c:5a:04:44:da:e8:66:41:3c:cb:e8:41:d4:83:09:9f:da:
dc:4f:72:5e:51:a2:15:b9:a9:7d:6b:20:29:9d:56:22:0e:c1:
1b:2c:4a:0a:1b:3d:39:8e:cc:b9:38:97:e5:f7:0f:61:cf:af:
59:31:b0:02:a0:66:4d:fc:33:1b:fe:4a:cb:4f:e4:50:85:3a:
4e:4a:70:4c:ee:a4:be:67:de:d8:cc:cd:9c:df:f9:4e:10:26:
5a:51:61:93:17:07:99:2d:a7:78:d0:61:0c:f0:6a:d2:60:9c:
d7:f2:c6:24:57:3d:0e:b9:75:f5:a5:8e:26:a0:4a:e4:b3:d0:
b0:cd:7d:c2:ff:3e:c1:16:77:b0:81:68:6c:32:ac:9f:d4:71:
be:3a:a6:f1:b6:bf:7e:e4:5e:ec:ba:d1:0b:6f:7d:a6:14:a7:
97:da:8b:c6:1d:9c:d0:b0:9d:c1:8b:92:73:4c:db:ce:3f:14:
cc:06:6f:52
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYrQgDObB9f9DoXo5JPKtdFwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTI2MDc1OTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2Q2ODM4MDM0NjQ0MjUzNDUzM2EwNDU3NDJmYmIyNjNkMWE4MjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8FLiMvT5weucQwMofQbnSAdM3fI
gh4tAiuTMr5mkRQHTmIgGpjEibig645NmA+X5vlJOS7ZtvGud/P2zc3jizwf34Vf
kk+UWlPNjJym2b6C3RsrP25xiDYP7FmtVWPegbN0HyUIC2BMR/izbyTzRwwm3SHj
jP7HrRZRXrqUR4/t1k7NhijScScBYgn7+u3OZhwk1OrddA0viPVHLhVL0/p+le9e
kYGIf3dubOwCRJA7Lf6iN++IrofdU8OspCwYI5nMh9FHv1K46PXQ48hr7Vn4kzK3
Deir9f/XV5u7pkLv5DghPHxbtGmU/Q2k+h7ZdyG7l0ODTqTGzchJjPlXBQIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFOfWg4A0ZEJTRTOgRXQvuyY9GoIQMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvNTlhRGdEUmtRbE5GTTZCRmRDLTdKajBhZ2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBmwQCAAEwgZQDBAAF
tVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AS2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AMEe8AMEAcEe8gMEAME5KQMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8
MCkEAgACMCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkq
hkiG9w0BAQsFAAOCAQEAuS72Ya89oYMl505N46j629mbe4e7Jrr0A8E3+eHWpUl8
ZJSXlajOXvdwqqBoAW4c91eWAsWJ7vw+p63skJEELbBP7vr0SmG2UQxaBETa6GZB
PMvoQdSDCZ/a3E9yXlGiFbmpfWsgKZ1WIg7BGyxKChs9OY7MuTiX5fcPYc+vWTGw
AqBmTfwzG/5Ky0/kUIU6TkpwTO6kvmfe2MzNnN/5ThAmWlFhkxcHmS2neNBhDPBq
0mCc1/LGJFc9Drl19aWOJqBK5LPQsM19wv8+wRZ3sIFobDKsn9Rxvjqm8ba/fuRe
7LrRC299phSnl9qLxh2c0LCdwYuSc0zbzj8UzAZvUg==
-----END CERTIFICATE-----
Generated at Tue Sep 26 12:47:04 2023 by rpki-client on console-fra.rpki-client.org