Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/8Hpm7a6Kv3V7D8S9_Xgb1DkVRAI.roa
File: 8Hpm7a6Kv3V7D8S9_Xgb1DkVRAI.roa (raw, json)
Hash identifier: a/uCjWDFH7dTKrMlqiRBXxtDMGAYEzVv2pEnec+WoAQ=
Subject key identifier: F0:7A:66:ED:AE:8A:BF:75:7B:0F:C4:BD:FD:78:1B:D4:39:15:44:02
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018C59690E3AE77DA0AD0AD1E2B9084262A5
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/8Hpm7a6Kv3V7D8S9_Xgb1DkVRAI.roa
Signing time: Mon 11 Dec 2023 15:05:06 +0000
ROA not before: Mon 11 Dec 2023 15:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:59:69:0e:3a:e7:7d:a0:ad:0a:d1:e2:b9:08:42:62:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 11 15:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f07a66edae8abf757b0fc4bdfd781bd439154402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:93:5a:79:7f:19:cb:28:6a:06:c1:db:d8:5f:
ae:c8:53:74:d1:ec:25:65:3f:12:0e:8c:8b:4b:ef:
11:7c:ab:c0:ee:a9:db:86:d3:f3:d9:b1:b4:f6:d1:
b6:2d:c7:2a:bf:d3:b3:2e:2e:7b:90:46:86:28:46:
2d:e3:de:49:de:56:50:ba:72:92:96:c9:05:5c:c2:
bf:87:20:eb:6a:46:40:47:75:47:53:d4:5f:cf:d0:
64:df:12:c5:0a:a6:2a:bc:90:9b:fb:85:fb:df:1f:
31:a1:a3:e0:b3:e1:f4:8a:83:3e:4c:2e:f5:71:45:
0e:ca:c1:d0:f9:01:a7:10:86:b6:65:66:08:30:ce:
fa:a0:ef:ae:04:38:1a:1d:09:8f:e1:1b:8c:f0:02:
01:fa:84:e4:d1:1e:5f:8e:74:c7:ca:20:90:ad:9f:
27:40:86:c4:43:5b:6c:63:a6:52:cf:34:a0:ba:5f:
4f:1f:3f:64:80:0b:39:69:71:d7:26:ed:e6:57:f6:
4e:7c:8a:54:7f:f8:89:00:3f:0f:b8:cb:3d:a5:11:
f3:06:43:2d:9b:88:cd:9e:73:08:2c:d1:42:ae:5c:
78:43:b8:13:0a:d6:8e:a2:5a:6f:70:b5:7a:73:63:
b7:d5:4e:a6:ff:78:83:19:72:f5:18:06:57:c7:5d:
de:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:7A:66:ED:AE:8A:BF:75:7B:0F:C4:BD:FD:78:1B:D4:39:15:44:02
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/8Hpm7a6Kv3V7D8S9_Xgb1DkVRAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
11:ad:34:f9:51:c7:36:7e:19:e1:65:4e:62:10:e8:38:ae:6f:
56:a9:c0:5c:5f:e0:95:25:08:0b:fe:eb:d4:48:ed:9b:62:18:
06:52:9a:20:c9:fc:d4:48:9a:ce:7f:a4:d0:68:28:c5:aa:eb:
8d:8d:f2:81:37:44:4b:d5:7d:2e:5e:aa:4b:a4:74:b7:16:88:
19:b8:fc:1c:d0:8a:2f:50:af:63:a0:5c:84:0d:51:e9:30:e5:
db:39:c4:3b:cf:76:09:8e:4a:7a:07:3a:43:e7:2d:c4:b7:27:
3e:a0:f8:91:d1:30:ec:37:ad:4c:27:30:42:91:26:e1:a4:37:
7b:a8:e9:aa:a0:1e:c5:62:c4:6c:51:a6:22:8b:bb:26:13:ad:
a9:7e:6b:21:f9:8b:db:8f:8f:7a:96:8a:e2:6f:9a:77:27:d6:
d6:28:8c:7b:99:a2:98:16:c1:b4:74:69:d4:90:a4:d1:21:e2:
f6:ad:f9:26:88:1d:74:39:97:68:11:94:f0:fe:33:8d:59:8c:
20:ee:78:cb:d8:93:77:7b:56:d2:a4:3d:ae:fe:a2:b6:53:85:
ee:41:d6:7d:d8:81:0f:70:31:65:93:19:33:d7:5b:66:f8:ed:
ea:4b:2b:70:7f:94:52:4d:25:62:1b:fc:1c:81:f1:05:64:e0:
da:26:00:ca
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAYxZaQ46532grQrR4rkIQmKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMjExMTUwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDdhNjZlZGFlOGFiZjc1N2IwZmM0YmRmZDc4MWJkNDM5MTU0NDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZNaeX8ZyyhqBsHb2F+uyFN00ewl
ZT8SDoyLS+8RfKvA7qnbhtPz2bG09tG2Lccqv9OzLi57kEaGKEYt495J3lZQunKS
lskFXMK/hyDrakZAR3VHU9Rfz9Bk3xLFCqYqvJCb+4X73x8xoaPgs+H0ioM+TC71
cUUOysHQ+QGnEIa2ZWYIMM76oO+uBDgaHQmP4RuM8AIB+oTk0R5fjnTHyiCQrZ8n
QIbEQ1tsY6ZSzzSgul9PHz9kgAs5aXHXJu3mV/ZOfIpUf/iJAD8PuMs9pRHzBkMt
m4jNnnMILNFCrlx4Q7gTCtaOolpvcLV6c2O31U6m/3iDGXL1GAZXx13e7QIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFPB6Zu2uir91ew/Evf14G9Q5FUQCMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvOEhwbTdhNkt2M1Y3RDhTOV9YZ2IxRGtWUkFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHQBggrBgEFBQcBBwEB/wSBwDCBvTCBjwQCAAEwgYgDBAAF
tVcDBAAtCR0DBAAtWIgDBAEtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAMEAC2Q1AME
AE1TJQMEAE1TJwMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAMEe8AMEAcEe8gME
AME5KQMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgACMCMDBQAq
AXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0BAQsFAAOC
AQEAEa00+VHHNn4Z4WVOYhDoOK5vVqnAXF/glSUIC/7r1Ejtm2IYBlKaIMn81Eia
zn+k0GgoxarrjY3ygTdES9V9Ll6qS6R0txaIGbj8HNCKL1CvY6BchA1R6TDl2znE
O892CY5Kegc6Q+ctxLcnPqD4kdEw7DetTCcwQpEm4aQ3e6jpqqAexWLEbFGmIou7
JhOtqX5rIfmL24+PepaK4m+adyfW1iiMe5mimBbBtHRp1JCk0SHi9q35JogddDmX
aBGU8P4zjVmMIO54y9iTd3tW0qQ9rv6itlOF7kHWfdiBD3AxZZMZM9dbZvjt6ksr
cH+UUk0lYhv8HIHxBWTg2iYAyg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 23:03:02 2023 by rpki-client on console-fra.rpki-client.org