Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/95PCfNVY7oTyYHU2-I-bqsMwUZk.roa
File: 95PCfNVY7oTyYHU2-I-bqsMwUZk.roa (raw, json)
Hash identifier: V3nEtVcGsnmxIQq+zywElZgFYRmo6t7z8McdNBb2ABY=
Subject key identifier: F7:93:C2:7C:D5:58:EE:84:F2:60:75:36:F8:8F:9B:AA:C3:30:51:99
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018BA8FD557E4AA198521592ADEB43CCF0B6
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/95PCfNVY7oTyYHU2-I-bqsMwUZk.roa
Signing time: Tue 07 Nov 2023 08:54:16 +0000
ROA not before: Tue 07 Nov 2023 08:54:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 07 Nov 2023 17:52:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:fd:55:7e:4a:a1:98:52:15:92:ad:eb:43:cc:f0:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 7 08:54:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f793c27cd558ee84f2607536f88f9baac3305199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f5:21:f3:ff:64:4c:5a:d1:8e:44:c4:67:3b:
b1:b8:b9:0c:0d:65:d1:70:d2:9b:85:db:c7:ed:28:
d1:3b:7d:7e:c6:05:ba:2d:d1:c8:d8:a5:70:8d:af:
aa:16:54:27:e7:d0:ba:39:38:48:7f:bb:c7:3a:6e:
98:56:7e:1d:7f:85:a3:e6:a1:b7:7c:b6:79:4c:cf:
a2:9b:87:80:68:54:3f:b0:68:3b:f4:a1:bd:32:25:
a3:8e:6b:77:e6:49:db:6a:a4:ef:53:84:b1:ae:6d:
bb:40:19:9e:56:9c:ba:98:de:1f:14:54:6c:b5:8a:
cd:83:19:6e:22:6a:b9:32:7f:0b:98:b7:83:86:0d:
35:7a:6b:9b:11:04:b4:2e:d1:19:66:7c:f0:06:a6:
19:c9:c0:e1:ec:56:41:80:28:d1:3c:e0:6f:be:0e:
b3:b0:34:f5:31:0e:30:d3:a7:18:f0:25:95:7b:3f:
98:a9:e7:a8:20:e2:94:cc:48:42:2b:f9:b7:2e:62:
f7:16:bb:1a:fb:e1:91:d4:7b:a1:70:23:e4:19:30:
01:f9:90:f7:65:d9:b6:ac:99:5e:63:d4:ee:c0:05:
d8:ea:08:b1:4d:33:c4:0d:60:a4:5d:4b:74:72:ef:
87:8a:25:1a:09:91:ec:2e:61:e8:fd:aa:2f:61:1c:
02:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:93:C2:7C:D5:58:EE:84:F2:60:75:36:F8:8F:9B:AA:C3:30:51:99
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/95PCfNVY7oTyYHU2-I-bqsMwUZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
4d:85:6a:a5:ff:85:be:7c:a3:1b:2d:41:22:4f:70:b0:ed:1c:
58:78:b0:47:77:51:8b:3d:18:fc:1e:c0:5d:91:96:b4:0c:b8:
25:4b:25:7b:16:08:84:73:08:b7:81:48:66:49:8b:40:d4:93:
fd:c5:17:0d:25:8e:f2:a2:87:80:1b:b3:1b:91:a3:71:b5:cb:
8e:9d:82:1b:0c:88:e0:ea:60:97:65:25:89:b7:7e:4e:43:48:
aa:07:f7:0d:2c:73:a9:20:4b:36:50:41:d1:68:e9:20:c9:ed:
d9:94:71:c2:ee:04:46:8e:2c:23:7f:57:35:73:7e:38:4c:ae:
0e:3f:10:8e:6a:22:64:c4:8a:9f:95:71:72:57:ae:f6:f5:8f:
b0:6d:b0:dd:8a:de:27:fc:72:b9:a1:da:f0:54:8d:76:78:c1:
05:d0:2f:e8:26:0d:b9:77:b5:98:36:6e:27:74:d8:8c:b8:64:
17:ed:00:72:df:b4:e6:25:ef:36:10:ab:da:ad:3a:2e:1c:f6:
b5:c4:68:c2:ca:7f:9c:e0:52:e7:ab:58:0b:29:85:d6:e9:88:
8d:ae:fb:af:d4:15:3d:9d:7e:de:32:d2:c3:d0:12:6d:70:42:
73:15:37:43:36:ff:0d:77:7f:97:b5:fd:41:24:04:e4:ae:20:
2f:5c:aa:67
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYuo/VV+SqGYUhWSretDzPC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMTA3MDg1NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzkzYzI3Y2Q1NThlZTg0ZjI2MDc1MzZmODhmOWJhYWMzMzA1MTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPUh8/9kTFrRjkTEZzuxuLkMDWXR
cNKbhdvH7SjRO31+xgW6LdHI2KVwja+qFlQn59C6OThIf7vHOm6YVn4df4Wj5qG3
fLZ5TM+im4eAaFQ/sGg79KG9MiWjjmt35knbaqTvU4Sxrm27QBmeVpy6mN4fFFRs
tYrNgxluImq5Mn8LmLeDhg01emubEQS0LtEZZnzwBqYZycDh7FZBgCjRPOBvvg6z
sDT1MQ4w06cY8CWVez+YqeeoIOKUzEhCK/m3LmL3Frsa++GR1HuhcCPkGTAB+ZD3
Zdm2rJleY9TuwAXY6gixTTPEDWCkXUt0cu+HiiUaCZHsLmHo/aovYRwC+wIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFPeTwnzVWO6E8mB1NviPm6rDMFGZMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvOTVQQ2ZOVlk3b1R5WUhVMi1JLWJxc013VVprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHKBggrBgEFBQcBBwEB/wSBujCBtzCBiQQCAAEwgYIDBAAF
tVcDBAAtCR0DBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAMEAS2Q1AME
AE1TJQMEAE1TJwMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAMEe8AMEAcEe8gME
AME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgACMCMDBQAqAXEgAwUD
KgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0BAQsFAAOCAQEATYVq
pf+FvnyjGy1BIk9wsO0cWHiwR3dRiz0Y/B7AXZGWtAy4JUslexYIhHMIt4FIZkmL
QNST/cUXDSWO8qKHgBuzG5GjcbXLjp2CGwyI4Opgl2Ulibd+TkNIqgf3DSxzqSBL
NlBB0WjpIMnt2ZRxwu4ERo4sI39XNXN+OEyuDj8QjmoiZMSKn5Vxcleu9vWPsG2w
3YreJ/xyuaHa8FSNdnjBBdAv6CYNuXe1mDZuJ3TYjLhkF+0Act+05iXvNhCr2q06
Lhz2tcRowsp/nOBS56tYCymF1umIja77r9QVPZ1+3jLSw9ASbXBCcxU3Qzb/DXd/
l7X9QSQE5K4gL1yqZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org