Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/8e_YyUn4HnGseGULtrafIXKLXwQ.roa
File: 8e_YyUn4HnGseGULtrafIXKLXwQ.roa (raw, json)
Hash identifier: P2gMkBHovXlwU9TxCyfp2XQ2UL05WYnH6wS/TQSZYBk=
Subject key identifier: F1:EF:D8:C9:49:F8:1E:71:AC:78:65:0B:B6:B6:9F:21:72:8B:5F:04
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018AD6EF14D593FBC97195032A6C7C2C5819
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/8e_YyUn4HnGseGULtrafIXKLXwQ.roa
Signing time: Wed 27 Sep 2023 13:58:27 +0000
ROA not before: Wed 27 Sep 2023 13:58:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 29 Sep 2023 07:43:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d6:ef:14:d5:93:fb:c9:71:95:03:2a:6c:7c:2c:58:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 27 13:58:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1efd8c949f81e71ac78650bb6b69f21728b5f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:89:34:e1:30:35:84:71:c7:61:55:92:1b:f7:
0a:95:e2:94:53:9f:8c:cd:63:e2:94:c2:34:66:09:
f2:42:ee:81:2e:d4:c7:98:bb:6f:39:62:08:a1:16:
5f:89:0b:a3:6e:ca:10:86:05:75:81:72:df:23:3c:
ec:01:02:1c:d2:f4:31:85:ad:e5:d0:e0:da:4f:a7:
a9:54:d7:4f:88:47:f8:a0:fd:61:96:49:5f:1a:84:
03:7f:d1:f0:26:75:01:d4:e9:b4:0c:42:f5:39:b0:
17:87:6a:18:4b:73:48:dd:73:9d:23:fd:8d:17:45:
44:19:a3:67:8a:b0:dc:3c:6d:64:a9:ef:4d:be:c0:
f7:29:8e:8c:4e:76:d9:33:a4:a8:be:4d:e4:d7:08:
b0:24:5d:53:fb:0c:35:03:3a:57:85:2c:0b:95:00:
f6:b7:20:f1:bb:4c:97:19:5c:6e:9f:62:55:c4:1d:
b9:e0:1d:e5:47:b4:d3:3f:c5:1d:37:4b:61:9f:57:
f5:b1:43:f6:2f:c5:db:85:5b:c2:7e:77:97:ab:c0:
6c:27:21:90:86:7a:88:38:80:6f:9c:c9:9c:a6:c4:
63:87:bb:80:8c:a5:ed:65:63:4c:61:86:e0:93:d5:
55:81:67:cd:8e:59:51:51:52:4b:68:09:bd:aa:88:
fd:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:EF:D8:C9:49:F8:1E:71:AC:78:65:0B:B6:B6:9F:21:72:8B:5F:04
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/8e_YyUn4HnGseGULtrafIXKLXwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
54:de:24:db:d8:70:89:dc:e1:69:4c:21:e3:85:f5:14:de:33:
a1:44:6d:b7:5f:6f:6e:98:02:04:ae:d2:7b:59:75:ad:09:1c:
2f:fb:14:92:c7:10:04:5f:b2:bb:72:10:21:c5:1c:46:d7:e2:
27:d7:93:bb:70:e0:e6:98:df:8b:95:47:3f:58:fb:6c:82:eb:
e0:d3:17:13:2d:be:cb:3f:99:4f:ed:8a:38:eb:86:a6:37:c8:
d9:31:ba:9e:b1:ec:ac:2c:47:2c:2a:ce:03:21:f9:1d:25:e8:
f8:52:7c:58:60:33:c5:97:a3:2f:8f:0f:3f:ef:20:25:1f:36:
a5:c8:8f:89:00:1d:16:9b:87:21:a9:80:be:fb:04:07:8d:00:
6d:2f:9b:f1:f2:2a:8b:2c:09:59:eb:a1:c8:e7:22:cb:b4:58:
ed:55:ce:78:21:be:69:b2:a8:97:e4:43:29:c4:8f:e6:c0:b6:
e2:3e:78:d2:8b:e8:87:36:0a:1a:db:85:57:76:50:9a:92:89:
3e:f5:b7:68:5a:f2:50:a0:c9:2e:54:eb:1e:57:85:92:71:a7:
fd:e9:54:c6:a7:61:b9:6d:71:91:2b:c5:25:5e:13:b3:03:1a:
f9:a3:d8:67:f5:1a:24:fb:be:54:f8:b6:b8:38:1a:f5:ab:2d:
b2:ae:4f:f1
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAYrW7xTVk/vJcZUDKmx8LFgZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTI3MTM1ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWVmZDhjOTQ5ZjgxZTcxYWM3ODY1MGJiNmI2OWYyMTcyOGI1ZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4k04TA1hHHHYVWSG/cKleKUU5+M
zWPilMI0ZgnyQu6BLtTHmLtvOWIIoRZfiQujbsoQhgV1gXLfIzzsAQIc0vQxha3l
0ODaT6epVNdPiEf4oP1hlklfGoQDf9HwJnUB1Om0DEL1ObAXh2oYS3NI3XOdI/2N
F0VEGaNnirDcPG1kqe9NvsD3KY6MTnbZM6Sovk3k1wiwJF1T+ww1AzpXhSwLlQD2
tyDxu0yXGVxun2JVxB254B3lR7TTP8UdN0thn1f1sUP2L8XbhVvCfneXq8BsJyGQ
hnqIOIBvnMmcpsRjh7uAjKXtZWNMYYbgk9VVgWfNjllRUVJLaAm9qoj9lwIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFPHv2MlJ+B5xrHhlC7a2nyFyi18EMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvOGVfWXlVbjRIbkdzZUdVTHRyYWZJWEtMWHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHWBggrBgEFBQcBBwEB/wSBxjCBwzCBlQQCAAEwgY4DBAAF
tVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AC2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AMEe8AMEAcEe8gMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgAC
MCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0B
AQsFAAOCAQEAVN4k29hwidzhaUwh44X1FN4zoURtt19vbpgCBK7Se1l1rQkcL/sU
kscQBF+yu3IQIcUcRtfiJ9eTu3Dg5pjfi5VHP1j7bILr4NMXEy2+yz+ZT+2KOOuG
pjfI2TG6nrHsrCxHLCrOAyH5HSXo+FJ8WGAzxZejL48PP+8gJR82pciPiQAdFpuH
IamAvvsEB40AbS+b8fIqiywJWeuhyOciy7RY7VXOeCG+abKol+RDKcSP5sC24j54
0ovohzYKGtuFV3ZQmpKJPvW3aFryUKDJLlTrHleFknGn/elUxqdhuW1xkSvFJV4T
swMa+aPYZ/UaJPu+VPi2uDga9astsq5P8Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org