Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/5sjsJHGgfVcWV5hsGDqM1vRDc8o.roa
File: 5sjsJHGgfVcWV5hsGDqM1vRDc8o.roa (raw, json)
Hash identifier: 1wTQqtKVlztLk9Sx8BSqV20Kb40AdlZvBWt8EYveYUc=
Subject key identifier: E6:C8:EC:24:71:A0:7D:57:16:57:98:6C:18:3A:8C:D6:F4:43:73:CA
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018E6587D8C2A9D0168DBCB16955864FCEF1
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/5sjsJHGgfVcWV5hsGDqM1vRDc8o.roa
Signing time: Fri 22 Mar 2024 09:39:45 +0000
ROA not before: Fri 22 Mar 2024 09:39:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.96.0/24 maxlen: 24
194.242.97.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a07:9200::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a10:dfc0::/29 maxlen: 29
2a11:580::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 25 Mar 2024 15:52:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:65:87:d8:c2:a9:d0:16:8d:bc:b1:69:55:86:4f:ce:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 22 09:39:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6c8ec2471a07d571657986c183a8cd6f44373ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:32:50:8c:50:d1:fb:8f:eb:10:3e:3d:73:25:
29:52:04:7d:70:a3:fc:84:25:c8:9e:6b:0f:af:c0:
94:8b:ba:8a:05:ec:70:7b:35:49:06:d0:c3:ef:a0:
01:4b:83:83:e4:4d:54:3b:ec:b6:09:fa:61:c4:f9:
12:dd:99:3d:10:42:08:95:43:9b:d3:a7:50:e6:41:
45:53:0c:7a:94:c8:30:77:6b:b2:d2:65:a7:61:22:
64:b6:46:59:7b:50:03:24:ed:c6:27:2e:bb:ae:4f:
85:58:17:27:c8:fd:2a:40:65:79:a8:a4:20:b4:e6:
64:aa:a8:b9:56:9c:4b:93:98:1d:aa:80:6e:7e:db:
1f:4b:3d:c1:7c:82:15:f3:a2:01:1a:4e:49:17:06:
d6:5f:56:4f:61:fb:b4:b6:b3:85:da:35:0a:54:8f:
44:ab:3a:69:7b:58:ce:56:3b:92:f3:ba:41:fe:f6:
43:af:40:80:b9:93:29:05:79:d0:ae:b1:72:51:9a:
b7:6a:a2:93:fa:57:8e:61:cf:52:f5:50:e2:31:4d:
1e:2a:41:d1:4e:94:61:ae:2d:5d:4f:ac:c2:02:e7:
ab:d6:ab:57:35:2a:67:6f:f2:d7:c1:89:25:da:0f:
1a:db:9f:f7:86:bd:bc:a0:0e:c6:81:97:5d:91:a6:
75:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:C8:EC:24:71:A0:7D:57:16:57:98:6C:18:3A:8C:D6:F4:43:73:CA
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/5sjsJHGgfVcWV5hsGDqM1vRDc8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.81.115.0/24
45.88.136.0/24
45.88.138.0/23
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.177.93.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
9a:de:81:d3:bd:e7:4f:0c:40:e2:f4:b7:9c:65:8d:18:77:1b:
36:fd:a2:70:22:ee:c2:6d:a5:43:31:f6:8c:03:ec:0e:83:4e:
2c:44:9a:bf:cd:91:b7:70:79:e6:54:ed:34:55:c0:7d:ff:8e:
1c:dd:4f:17:59:e6:04:98:93:33:e1:55:a7:bb:0d:51:b6:2d:
b8:d1:21:a0:9f:93:8c:b4:49:5b:c2:b0:b4:19:60:29:f5:6c:
e8:a0:6b:56:f2:22:33:b6:1b:f6:03:e8:e5:70:0b:61:2c:ca:
af:b7:22:04:d6:a2:ef:97:9d:98:74:a8:02:b6:5d:0b:5f:de:
89:fa:9b:7c:66:f0:9f:99:ba:3d:66:81:59:08:d3:09:6d:44:
17:d0:4b:c5:d9:b7:a9:a8:c6:46:f3:5f:84:49:86:bd:68:39:
ac:22:ea:57:b8:c5:ce:17:1f:da:55:5d:93:f0:3e:cf:9f:52:
fd:ac:9f:cb:e2:f6:a8:f5:9d:ba:73:5a:fb:1f:d4:15:70:4e:
e2:2c:1f:ad:d2:7a:b8:95:2c:6f:dd:2a:1c:72:00:3b:51:dc:
1a:63:db:55:1a:8c:17:1e:a3:1d:48:c5:27:ad:47:e6:46:ad:
b8:6e:e6:a4:50:71:5f:eb:cd:c7:b0:d8:6a:78:f5:53:f5:e3:
96:50:05:e3
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAY5lh9jCqdAWjbyxaVWGT87xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMzIyMDkzOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmM4ZWMyNDcxYTA3ZDU3MTY1Nzk4NmMxODNhOGNkNmY0NDM3M2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDJQjFDR+4/rED49cyUpUgR9cKP8
hCXInmsPr8CUi7qKBexwezVJBtDD76ABS4OD5E1UO+y2CfphxPkS3Zk9EEIIlUOb
06dQ5kFFUwx6lMgwd2uy0mWnYSJktkZZe1ADJO3GJy67rk+FWBcnyP0qQGV5qKQg
tOZkqqi5VpxLk5gdqoBuftsfSz3BfIIV86IBGk5JFwbWX1ZPYfu0trOF2jUKVI9E
qzppe1jOVjuS87pB/vZDr0CAuZMpBXnQrrFyUZq3aqKT+leOYc9S9VDiMU0eKkHR
TpRhri1dT6zCAuer1qtXNSpnb/LXwYkl2g8a25/3hr28oA7GgZddkaZ1+wIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFObI7CRxoH1XFleYbBg6jNb0Q3PKMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvNXNqc0pIR2dmVmNXVjVoc0dEcU0xdlJEYzhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBkwQCAAEwgYwDBAAC
OG0DBAAFtVQDBAAFtVcDBAAtCR0DBAAtUXMDBAAtWIgDBAEtWIoDBAAtXqsDBAIt
hLQDBAAtkNQDBAAtlwMDBABNUyUDBAG5K/gDBAC5K/sDBAG5yD4DBADBHvADBAHB
HvIDBADBOSkDBADBOSsDBALC8mAwDAMEAMOxXQMEAMOxXgMEAsPTvDApBAIAAjAj
AwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQEL
BQADggEBAJregdO9508MQOL0t5xljRh3Gzb9onAi7sJtpUMx9owD7A6DTixEmr/N
kbdweeZU7TRVwH3/jhzdTxdZ5gSYkzPhVae7DVG2LbjRIaCfk4y0SVvCsLQZYCn1
bOiga1byIjO2G/YD6OVwC2Esyq+3IgTWou+XnZh0qAK2XQtf3on6m3xm8J+Zuj1m
gVkI0wltRBfQS8XZt6moxkbzX4RJhr1oOawi6le4xc4XH9pVXZPwPs+fUv2sn8vi
9qj1nbpzWvsf1BVwTuIsH63SeriVLG/dKhxyADtR3Bpj21UajBceox1IxSetR+ZG
rbhu5qRQcV/rzcew2Gp49VP145ZQBeM=
-----END CERTIFICATE-----
Generated at Mon Mar 25 20:37:35 2024 by rpki-client on console-ams.rpki-client.org