Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/AgLC3QXcoii0PJ-e_RZyG7zTfQk.roa
File: AgLC3QXcoii0PJ-e_RZyG7zTfQk.roa (raw, json)
Hash identifier: 7mwzPJi+ebDcihudR/BmTiwYro2SHUrD2cnY37621Pg=
Subject key identifier: 02:02:C2:DD:05:DC:A2:28:B4:3C:9F:9E:FD:16:72:1B:BC:D3:7D:09
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0189F2F4844F7540514578AAA1A585A9B10E
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/AgLC3QXcoii0PJ-e_RZyG7zTfQk.roa
Signing time: Mon 14 Aug 2023 07:30:58 +0000
ROA not before: Mon 14 Aug 2023 07:30:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 24
2.56.111.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 16 Aug 2023 07:28:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f2:f4:84:4f:75:40:51:45:78:aa:a1:a5:85:a9:b1:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 14 07:30:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0202c2dd05dca228b43c9f9efd16721bbcd37d09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8e:78:f9:0b:0d:c0:01:8a:82:1f:88:7c:39:
cc:6e:b6:e5:b0:b9:90:5a:46:b8:68:c2:5a:97:6a:
f7:58:78:33:00:07:2e:d2:76:98:ea:8c:1f:17:d1:
a2:04:ac:20:32:dd:9c:e8:3c:c3:b3:00:5f:fd:c9:
bd:92:2e:04:02:3d:f0:10:32:1c:ee:55:ca:ff:fa:
e5:9d:d5:fb:68:30:af:e0:95:6d:cf:57:ab:19:8a:
a5:d0:7f:68:79:fe:7d:21:5d:83:94:aa:e7:e5:76:
9f:51:f9:61:e3:90:cf:f7:de:4b:d6:36:39:7f:14:
fe:27:0d:bf:96:f1:03:ba:b9:eb:50:4c:05:10:16:
9f:84:ff:68:d0:61:3a:dc:48:75:1e:14:7e:7f:dd:
8e:3a:18:db:c6:83:f6:b1:59:32:ca:d2:81:ed:d1:
63:c2:ea:8c:7a:6b:f7:8d:2b:26:78:80:02:f3:d7:
3b:3d:01:d8:3b:66:c8:ba:61:1e:34:e5:9f:05:4d:
39:06:10:f1:2c:0d:8f:18:de:00:d4:50:ff:ef:bc:
92:32:f8:be:e0:90:12:6c:72:bc:0a:6e:d4:2f:1c:
0f:07:67:59:a3:22:65:1a:11:4c:d7:7b:e1:f3:92:
79:7c:e0:94:f1:dc:d3:70:96:35:fe:9a:9d:88:1a:
ec:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:02:C2:DD:05:DC:A2:28:B4:3C:9F:9E:FD:16:72:1B:BC:D3:7D:09
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/AgLC3QXcoii0PJ-e_RZyG7zTfQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
89:95:81:d9:14:13:4f:84:50:86:7a:91:e6:c8:1c:9e:e1:09:
19:55:6c:5a:28:b1:42:63:84:13:1f:1c:64:56:61:e8:d5:17:
b3:b6:26:ca:f5:38:7d:95:b6:e6:50:25:38:e8:d3:32:0a:4a:
fc:cf:e6:78:5a:55:2b:11:30:cb:a7:ee:05:a2:c9:23:65:37:
5c:3c:de:f2:1e:39:79:16:fd:70:bb:d7:c4:5a:c0:d0:17:9c:
49:56:46:9e:43:03:dd:7e:24:24:a5:a7:60:dd:d4:e7:88:29:
46:1f:b7:c1:e9:41:96:ad:c8:03:1f:70:be:c0:a0:f1:4e:de:
15:2b:5d:7c:49:6e:62:11:5b:7d:8f:f3:c4:2c:9e:63:0a:a5:
e8:65:45:8d:4f:7b:6f:b1:0e:7c:e4:98:01:fd:36:95:f3:bc:
2a:7a:3e:c8:ac:76:aa:c7:79:a5:36:1f:38:4c:62:27:b8:27:
f5:22:03:a5:bf:b3:67:2f:59:ae:a7:70:2b:cd:69:29:71:1e:
d3:eb:55:2f:24:3e:79:4f:ed:c1:d8:bc:75:a6:62:f5:de:bc:
3a:e5:c5:24:32:eb:3e:91:56:cd:82:6c:45:d3:ac:ad:60:a4:
a5:66:52:81:98:a8:d0:6f:87:18:02:c4:77:41:50:e6:3d:42:
42:93:3b:7d
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYny9IRPdUBRRXiqoaWFqbEOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODE0MDczMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjAyYzJkZDA1ZGNhMjI4YjQzYzlmOWVmZDE2NzIxYmJjZDM3ZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAro54+QsNwAGKgh+IfDnMbrblsLmQ
Wka4aMJal2r3WHgzAAcu0naY6owfF9GiBKwgMt2c6DzDswBf/cm9ki4EAj3wEDIc
7lXK//rlndX7aDCv4JVtz1erGYql0H9oef59IV2DlKrn5XafUflh45DP995L1jY5
fxT+Jw2/lvEDurnrUEwFEBafhP9o0GE63Eh1HhR+f92OOhjbxoP2sVkyytKB7dFj
wuqMemv3jSsmeIAC89c7PQHYO2bIumEeNOWfBU05BhDxLA2PGN4A1FD/77ySMvi+
4JASbHK8Cm7ULxwPB2dZoyJlGhFM13vh85J5fOCU8dzTcJY1/pqdiBrs7QIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFAICwt0F3KIotDyfnv0Wchu8030JMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvQWdMQzNRWGNvaWkwUEotZV9SWnlHN3pUZlFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBkwQCAAEwgYwDBAIC
OGwDBAAFtVcDBAAtCR0DBAItUXADBAAtWIgDBAEtWIoDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAC2Q1AMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KQMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAj
AwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQEL
BQADggEBAImVgdkUE0+EUIZ6kebIHJ7hCRlVbFoosUJjhBMfHGRWYejVF7O2Jsr1
OH2VtuZQJTjo0zIKSvzP5nhaVSsRMMun7gWiySNlN1w83vIeOXkW/XC718RawNAX
nElWRp5DA91+JCSlp2Dd1OeIKUYft8HpQZatyAMfcL7AoPFO3hUrXXxJbmIRW32P
88QsnmMKpehlRY1Pe2+xDnzkmAH9NpXzvCp6PsisdqrHeaU2HzhMYie4J/UiA6W/
s2cvWa6ncCvNaSlxHtPrVS8kPnlP7cHYvHWmYvXevDrlxSQy6z6RVs2CbEXTrK1g
pKVmUoGYqNBvhxgCxHdBUOY9QkKTO30=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org