Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/94LLAp-NLNZYR8kHKcXUILGQ-K4.roa
File: 94LLAp-NLNZYR8kHKcXUILGQ-K4.roa (raw, json)
Hash identifier: JTS6YGRBw6QCGe42dBdrPtqCdOPEHAOKmjSC+R4wMOA=
Subject key identifier: F7:82:CB:02:9F:8D:2C:D6:58:47:C9:07:29:C5:D4:20:B1:90:F8:AE
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018E566554E94E74FB759E32452EC9739C7B
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/94LLAp-NLNZYR8kHKcXUILGQ-K4.roa
Signing time: Tue 19 Mar 2024 11:07:45 +0000
ROA not before: Tue 19 Mar 2024 11:07:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a07:9200::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a10:dfc0::/29 maxlen: 29
2a11:580::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 20 Mar 2024 18:55:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:65:54:e9:4e:74:fb:75:9e:32:45:2e:c9:73:9c:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 19 11:07:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f782cb029f8d2cd65847c90729c5d420b190f8ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:85:ee:d7:f2:e1:b2:b3:66:0b:fb:db:a5:61:
a4:b0:66:a9:82:5f:09:7b:98:42:f1:63:80:e1:94:
bc:74:6e:a6:fc:fc:59:2f:aa:97:2a:6f:ea:d1:10:
71:e0:f6:1f:f2:09:cd:82:73:80:6c:d5:2a:b0:5c:
4c:58:cf:a7:29:ea:71:71:34:fc:5d:d6:3d:86:69:
67:27:3a:c9:c2:85:3f:b6:8d:9a:93:f5:ae:3a:18:
a8:8b:04:ee:6a:90:52:3f:65:a6:72:c2:8f:06:57:
7f:2b:74:ad:3d:13:a9:8f:a4:d8:75:b0:a2:1b:53:
78:bf:08:d3:7c:dd:30:6b:f6:c5:9a:1f:d6:5b:f6:
1c:c6:62:7c:27:bf:d8:cb:96:14:89:b9:fe:0a:02:
9a:84:a4:4f:50:87:9f:93:8a:a2:6a:35:95:f7:5b:
38:b3:1c:68:4e:0b:33:c1:6c:70:3c:83:8c:18:81:
3d:dc:c1:5c:00:2d:be:49:30:d5:2a:31:4c:4d:d4:
c4:a9:54:2b:dd:89:8b:a3:7a:37:b9:fc:b2:af:45:
9c:77:23:87:24:55:67:de:86:26:36:b6:27:ea:0e:
13:22:77:6e:ed:31:09:11:f2:86:38:ac:5c:fd:87:
25:5d:dd:85:91:85:b1:10:1b:12:58:82:47:fe:8e:
ff:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:82:CB:02:9F:8D:2C:D6:58:47:C9:07:29:C5:D4:20:B1:90:F8:AE
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/94LLAp-NLNZYR8kHKcXUILGQ-K4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.81.115.0/24
45.88.136.0/24
45.88.138.0/23
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
a5:4c:cb:4e:e4:59:8c:c0:a4:4a:60:d5:00:23:63:91:63:c9:
2c:99:83:84:c8:04:ee:20:a3:75:d5:38:dc:e9:33:b6:ed:0d:
22:2c:14:7f:c0:63:bb:a2:6b:8f:90:0d:c9:99:dc:79:11:be:
51:0f:c9:85:f4:fb:12:c0:6f:0a:b8:ef:24:b4:38:fe:90:a7:
2c:93:bd:93:c3:20:26:75:08:f2:38:27:2c:d6:bc:82:4c:6c:
0f:f7:04:24:64:50:5f:56:6e:20:a4:47:46:1e:1f:f1:48:ed:
ac:82:15:a3:8b:fe:77:c1:e1:b0:89:e2:d8:84:06:f7:02:61:
8d:9a:67:1c:4c:0d:c3:4b:b3:a2:e7:25:b6:31:93:2d:b8:1a:
3c:33:2c:0c:55:f4:eb:db:73:11:c0:78:9f:96:78:5f:e2:d3:
6a:9e:f3:3d:28:2d:61:9e:b2:24:a8:26:fe:89:a9:38:9d:6c:
0d:10:46:ee:e9:71:b4:40:d4:45:9d:85:bb:dc:df:2d:97:dd:
ac:6f:2d:dd:86:d2:b4:f4:bf:60:78:03:e0:fc:82:86:a4:52:
ca:09:58:14:ab:b7:45:d7:dd:fd:34:6c:54:47:39:ab:cf:aa:
5b:2c:c4:fb:48:72:86:86:71:b8:f1:1e:94:ee:7e:41:05:62:
f2:1d:61:57
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAY5WZVTpTnT7dZ4yRS7Jc5x7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMzE5MTEwNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzgyY2IwMjlmOGQyY2Q2NTg0N2M5MDcyOWM1ZDQyMGIxOTBmOGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4Xu1/LhsrNmC/vbpWGksGapgl8J
e5hC8WOA4ZS8dG6m/PxZL6qXKm/q0RBx4PYf8gnNgnOAbNUqsFxMWM+nKepxcTT8
XdY9hmlnJzrJwoU/to2ak/WuOhioiwTuapBSP2WmcsKPBld/K3StPROpj6TYdbCi
G1N4vwjTfN0wa/bFmh/WW/YcxmJ8J7/Yy5YUibn+CgKahKRPUIefk4qiajWV91s4
sxxoTgszwWxwPIOMGIE93MFcAC2+STDVKjFMTdTEqVQr3YmLo3o3ufyyr0WcdyOH
JFVn3oYmNrYn6g4TIndu7TEJEfKGOKxc/YclXd2FkYWxEBsSWIJH/o7/twIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFPeCywKfjSzWWEfJBynF1CCxkPiuMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvOTRMTEFwLU5MTlpZUjhrSEtjWFVJTEdRLUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBkwQCAAEwgYwDBAAC
OG0DBAAFtVQDBAAFtVcDBAAtCR0DBAAtUXMDBAAtWIgDBAEtWIoDBAAtXqsDBAIt
hLQDBAAtkNQDBAAtlwMDBABNUyUDBAG5K/gDBAC5K/sDBAG5yD4DBADBHvADBAHB
HvIDBADBOSkDBADBOSsDBALC8mAwDAMEAsOxXAMEAMOxXgMEAsPTvDApBAIAAjAj
AwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQEL
BQADggEBAKVMy07kWYzApEpg1QAjY5FjySyZg4TIBO4go3XVONzpM7btDSIsFH/A
Y7uia4+QDcmZ3HkRvlEPyYX0+xLAbwq47yS0OP6QpyyTvZPDICZ1CPI4JyzWvIJM
bA/3BCRkUF9WbiCkR0YeH/FI7ayCFaOL/nfB4bCJ4tiEBvcCYY2aZxxMDcNLs6Ln
JbYxky24GjwzLAxV9OvbcxHAeJ+WeF/i02qe8z0oLWGesiSoJv6JqTidbA0QRu7p
cbRA1EWdhbvc3y2X3axvLd2G0rT0v2B4A+D8goakUsoJWBSrt0XX3f00bFRHOavP
qlssxPtIcoaGcbjxHpTufkEFYvIdYVc=
-----END CERTIFICATE-----
Generated at Wed Mar 20 21:55:30 2024 by rpki-client on console-fra.rpki-client.org