Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/7cRLJwDOjjtNHECtcaonep8V8cc.roa
File: 7cRLJwDOjjtNHECtcaonep8V8cc.roa (raw, json)
Hash identifier: Kt0rLg57oSpLvIBZAuVfVJsAUvw8Aw0SZNorceA9Ztc=
Subject key identifier: ED:C4:4B:27:00:CE:8E:3B:4D:1C:40:AD:71:AA:27:7A:9F:15:F1:C7
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0187675C1B6783F433E6F84570F23CAE3E4E
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/7cRLJwDOjjtNHECtcaonep8V8cc.roa
Signing time: Sun 09 Apr 2023 18:51:42 +0000
ROA not before: Sun 09 Apr 2023 18:51:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.139.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Apr 2023 06:51:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:67:5c:1b:67:83:f4:33:e6:f8:45:70:f2:3c:ae:3e:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 9 18:51:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=edc44b2700ce8e3b4d1c40ad71aa277a9f15f1c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4f:5a:fe:fc:3b:2a:46:05:77:26:f3:12:77:
e7:ef:86:39:57:77:59:12:ba:ec:8c:89:b5:a2:f5:
95:b9:ea:1d:a7:e8:8f:c4:59:65:f3:86:df:0b:79:
a8:b6:3f:b4:bf:17:8b:66:14:3d:e8:96:90:f1:0b:
2a:18:b7:49:47:d8:5f:f9:3a:cc:73:b9:33:af:08:
26:db:07:4e:0d:e7:ce:32:27:b9:e9:8e:b4:a2:ce:
78:24:c1:c2:55:c5:57:60:d6:bb:74:99:2e:a0:1a:
90:58:50:ac:5c:f7:81:c8:2b:9a:ba:d6:05:97:3f:
98:f1:e6:87:d2:ab:1a:12:f1:a3:27:6f:26:bb:d5:
0d:f9:75:7d:46:e2:4d:3b:44:a2:44:ee:54:50:fe:
a1:bc:59:c7:d6:04:06:39:f4:d2:97:75:31:21:b2:
57:31:81:87:70:5c:9a:7c:bb:bf:c4:52:5b:b1:d5:
59:ad:67:e0:a9:2d:fa:28:b5:30:53:b1:a6:5c:df:
8d:6c:fc:52:07:27:2d:3a:72:52:e5:41:ff:45:b4:
26:62:8f:d9:ab:82:06:83:7e:aa:97:ce:a4:ee:9d:
de:8e:bd:46:7e:38:50:c7:67:ff:4d:fd:e4:62:75:
53:c8:e3:c4:e1:2d:0c:05:6c:1f:3e:5a:06:df:63:
b2:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:C4:4B:27:00:CE:8E:3B:4D:1C:40:AD:71:AA:27:7A:9F:15:F1:C7
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/7cRLJwDOjjtNHECtcaonep8V8cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.139.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.38.0/23
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
4c:72:a5:0f:94:10:dd:dc:4b:da:5b:68:13:d3:5b:9a:95:41:
75:66:78:55:f7:ed:58:33:12:9c:8a:14:ef:f0:de:2b:9a:2e:
72:00:86:73:90:05:c6:72:6a:7b:0a:58:8a:7c:0d:bb:7b:8a:
6f:ee:5d:9d:9f:8e:f5:43:31:3b:01:e7:8e:00:c5:09:7f:e4:
06:06:ea:ef:fe:6a:ff:30:08:17:78:5a:1e:3c:84:be:c2:03:
b9:93:ef:6e:a7:28:04:db:d1:bf:d8:88:94:42:d4:0e:97:b7:
38:30:33:2d:2b:50:77:74:37:8e:03:41:b5:a4:c4:66:33:50:
59:54:1b:d5:4a:6d:ec:37:b2:d7:46:8e:97:69:b2:24:fb:d1:
a8:0d:47:50:5e:98:b9:b6:aa:b7:fa:f7:89:df:c7:17:45:bf:
8c:53:91:07:49:96:70:1c:30:bf:48:c3:ec:54:e0:82:6d:4b:
19:a7:09:99:12:d0:7b:22:fe:46:d9:54:72:0a:1d:c3:ba:e4:
c5:4d:1b:7c:da:98:64:c0:be:e7:1b:88:33:c2:3f:c1:f3:e8:
57:fe:d8:e1:f0:2c:6b:30:91:72:c7:23:2f:a1:9c:c3:e7:86:
8b:19:1f:9a:82:a0:38:c5:c8:6d:f9:05:3c:68:fb:a3:9a:7d:
58:e1:a6:b5
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAYdnXBtng/Qz5vhFcPI8rj5OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNDA5MTg1MTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGM0NGIyNzAwY2U4ZTNiNGQxYzQwYWQ3MWFhMjc3YTlmMTVmMWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw09a/vw7KkYFdybzEnfn74Y5V3dZ
ErrsjIm1ovWVueodp+iPxFll84bfC3motj+0vxeLZhQ96JaQ8QsqGLdJR9hf+TrM
c7kzrwgm2wdODefOMie56Y60os54JMHCVcVXYNa7dJkuoBqQWFCsXPeByCuautYF
lz+Y8eaH0qsaEvGjJ28mu9UN+XV9RuJNO0SiRO5UUP6hvFnH1gQGOfTSl3UxIbJX
MYGHcFyafLu/xFJbsdVZrWfgqS36KLUwU7GmXN+NbPxSByctOnJS5UH/RbQmYo/Z
q4IGg36ql86k7p3ejr1GfjhQx2f/Tf3kYnVTyOPE4S0MBWwfPloG32OyFQIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFO3ESycAzo47TRxArXGqJ3qfFfHHMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvN2NSTEp3RE9qanROSEVDdGNhb25lcDhWOGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTCBhwQCAAEwgYADBAIC
OGwDBAAFtVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIsDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAC2Q1AMEAU1TJgMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAsEe8AME
AME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAjAwUAKgFxIAMFAyoH
kgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEBAExypQ+U
EN3cS9pbaBPTW5qVQXVmeFX37VgzEpyKFO/w3iuaLnIAhnOQBcZyansKWIp8Dbt7
im/uXZ2fjvVDMTsB544AxQl/5AYG6u/+av8wCBd4Wh48hL7CA7mT726nKATb0b/Y
iJRC1A6XtzgwMy0rUHd0N44DQbWkxGYzUFlUG9VKbew3stdGjpdpsiT70agNR1Be
mLm2qrf694nfxxdFv4xTkQdJlnAcML9Iw+xU4IJtSxmnCZkS0Hsi/kbZVHIKHcO6
5MVNG3zamGTAvucbiDPCP8Hz6Ff+2OHwLGswkXLHIy+hnMPnhosZH5qCoDjFyG35
BTxo+6OafVjhprU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org