Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/9knowY4nZhl9GyEtVcEC_FPc5Hw.roa
File: 9knowY4nZhl9GyEtVcEC_FPc5Hw.roa (raw, json)
Hash identifier: LfPHwJ855dUH9g/pyo7QWEs80RrZ0EtWlqD+K8iN/k0=
Subject key identifier: F6:49:E8:C1:8E:27:66:19:7D:1B:21:2D:55:C1:02:FC:53:DC:E4:7C
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A707165D4D8430DD4BFF448EF6A6CE186
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/9knowY4nZhl9GyEtVcEC_FPc5Hw.roa
Signing time: Thu 07 Sep 2023 16:19:54 +0000
ROA not before: Thu 07 Sep 2023 16:19:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.114.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 08 Sep 2023 17:55:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:70:71:65:d4:d8:43:0d:d4:bf:f4:48:ef:6a:6c:e1:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 7 16:19:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f649e8c18e2766197d1b212d55c102fc53dce47c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2e:4c:75:65:0a:e0:6d:ae:74:fb:40:a3:7e:
41:6e:e7:51:61:a3:96:fb:88:70:62:59:4f:3a:4f:
60:fe:a4:df:71:a7:c8:1f:41:6c:67:8a:92:db:39:
66:59:b8:ac:26:1a:18:31:64:e3:7f:75:a9:c4:85:
ee:4a:4c:09:47:96:fc:22:8b:1b:ce:38:dc:e5:bc:
4e:bd:ed:3d:38:5a:12:2a:10:ad:09:2f:bf:7e:e8:
f9:29:64:18:02:60:6b:f0:33:c8:59:77:cf:ef:6a:
d7:39:66:db:3f:1e:c3:6d:08:ea:0c:4e:5f:22:b9:
d7:14:54:f7:4c:2a:53:d8:e7:f7:7a:54:f2:ab:69:
68:2f:6e:ce:4e:41:f5:7f:d0:bf:e5:a1:d0:4e:bc:
57:fa:be:33:07:4c:7d:3c:a6:5e:7d:eb:04:06:fd:
b9:72:c6:bd:4c:f1:2d:64:2c:d5:f2:81:b8:6f:dc:
be:19:3d:9e:69:f2:19:a2:06:a4:6d:e4:81:3e:b0:
d1:d9:ef:bc:10:8e:ab:8f:da:b9:b2:46:7f:6d:a4:
f2:d7:9f:81:b8:ef:86:36:8d:fa:3a:00:27:9b:16:
26:c6:fb:f7:9d:0e:71:76:2d:35:23:dd:b3:78:fa:
76:83:f9:45:0b:ea:bd:a4:e7:16:8f:e3:70:99:06:
5e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:49:E8:C1:8E:27:66:19:7D:1B:21:2D:55:C1:02:FC:53:DC:E4:7C
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/9knowY4nZhl9GyEtVcEC_FPc5Hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
1a:5e:b2:70:98:c6:6d:4e:59:01:7a:43:90:ff:90:68:22:74:
22:ae:13:d2:69:aa:f0:b5:13:85:2d:d8:c5:b6:99:0c:65:a3:
d0:44:30:f1:15:6c:4e:7f:6e:31:ea:31:5f:b6:22:2a:da:9f:
d2:52:8b:80:a0:c7:19:e2:d3:73:c6:8d:e2:a0:1b:48:4a:38:
b7:86:8d:b7:23:e0:81:44:37:9c:e6:4f:d0:05:ea:00:17:82:
5c:64:9a:a9:d9:aa:1f:9d:4b:5f:48:7b:51:77:39:70:20:58:
f2:ed:8e:59:f0:59:4b:23:02:8d:97:a4:b9:eb:56:90:9f:c0:
df:c4:98:1d:db:d8:ac:5c:03:51:6d:c3:53:8d:25:70:be:b5:
ff:fa:eb:62:99:91:c9:0b:a4:7c:b9:f0:cc:b0:6f:36:8c:a7:
2e:f6:a3:71:6c:5f:29:a5:4f:6d:f9:b3:3c:00:35:64:e1:15:
53:c5:97:37:06:c1:c1:1a:c3:95:aa:cf:5a:3f:11:69:ab:24:
7c:3e:f8:ba:36:8a:73:98:25:0c:b7:8d:c5:83:18:a9:f2:c2:
20:0a:fc:8d:70:b4:7f:ee:88:e3:33:bd:fa:81:4f:fb:91:28:
74:1c:0f:7a:84:38:6e:be:6c:fa:da:e0:26:69:0b:ab:ee:82:
35:e2:ca:40
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYpwcWXU2EMN1L/0SO9qbOGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTA3MTYxOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjQ5ZThjMThlMjc2NjE5N2QxYjIxMmQ1NWMxMDJmYzUzZGNlNDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi5MdWUK4G2udPtAo35BbudRYaOW
+4hwYllPOk9g/qTfcafIH0FsZ4qS2zlmWbisJhoYMWTjf3WpxIXuSkwJR5b8Iosb
zjjc5bxOve09OFoSKhCtCS+/fuj5KWQYAmBr8DPIWXfP72rXOWbbPx7DbQjqDE5f
IrnXFFT3TCpT2Of3elTyq2loL27OTkH1f9C/5aHQTrxX+r4zB0x9PKZefesEBv25
csa9TPEtZCzV8oG4b9y+GT2eafIZogakbeSBPrDR2e+8EI6rj9q5skZ/baTy15+B
uO+GNo36OgAnmxYmxvv3nQ5xdi01I92zePp2g/lFC+q9pOcWj+NwmQZecwIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFPZJ6MGOJ2YZfRshLVXBAvxT3OR8MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvOWtub3dZNG5aaGw5R3lFdFZjRUNfRlBjNUh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBmwQCAAEwgZQDBAAF
tVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AS2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KQMEAME5KwMEAsLyYAMEAMM+GDAMAwQCw7FcAwQAw7FeAwQCw9O8
MCkEAgACMCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkq
hkiG9w0BAQsFAAOCAQEAGl6ycJjGbU5ZAXpDkP+QaCJ0Iq4T0mmq8LUThS3YxbaZ
DGWj0EQw8RVsTn9uMeoxX7YiKtqf0lKLgKDHGeLTc8aN4qAbSEo4t4aNtyPggUQ3
nOZP0AXqABeCXGSaqdmqH51LX0h7UXc5cCBY8u2OWfBZSyMCjZekuetWkJ/A38SY
HdvYrFwDUW3DU40lcL61//rrYpmRyQukfLnwzLBvNoynLvajcWxfKaVPbfmzPAA1
ZOEVU8WXNwbBwRrDlarPWj8RaaskfD74ujaKc5glDLeNxYMYqfLCIAr8jXC0f+6I
4zO9+oFP+5EodBwPeoQ4br5s+trgJmkLq+6CNeLKQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org