Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BayT7zuHBpKTYfujjCnH8ekrR2E.roa
File: BayT7zuHBpKTYfujjCnH8ekrR2E.roa (raw, json)
Hash identifier: 5wmlfv/LNf1c6lv1elKJ78lmtW/UubZfS7eondIKm1k=
Subject key identifier: 05:AC:93:EF:3B:87:06:92:93:61:FB:A3:8C:29:C7:F1:E9:2B:47:61
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01919928A2C71324CA8AB953CEBB5822056C
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BayT7zuHBpKTYfujjCnH8ekrR2E.roa
Signing time: Wed 28 Aug 2024 13:24:22 +0000
ROA not before: Wed 28 Aug 2024 13:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 05 Sep 2024 20:16:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:99:28:a2:c7:13:24:ca:8a:b9:53:ce:bb:58:22:05:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 28 13:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05ac93ef3b8706929361fba38c29c7f1e92b4761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:03:3e:0a:d6:99:1e:bc:60:d9:0c:75:08:b0:
69:3b:34:d9:6b:2d:47:67:09:45:3f:12:b0:23:75:
20:3e:2b:68:5e:0c:41:91:d9:0e:17:e5:53:33:93:
4d:99:54:5f:ea:95:b2:16:cb:58:d1:c3:ff:df:31:
46:b9:3a:b8:81:df:41:7e:6e:76:2e:25:ab:d5:da:
86:a3:51:86:f6:ad:5d:30:c3:00:fd:1a:2a:c3:b7:
30:d4:fa:4b:a5:d8:3f:7b:3f:4e:e7:82:47:ae:47:
23:f5:9b:db:86:3f:65:49:de:80:ad:c4:58:c5:0d:
20:2f:b7:da:af:72:72:1c:8f:73:5b:76:ac:e4:2a:
4a:7a:22:76:a8:f8:6d:58:e8:19:30:de:6f:c7:af:
d9:3e:0e:14:7e:24:ea:db:95:3a:88:bf:47:40:a7:
d5:cc:4c:9a:fe:80:50:81:7a:2c:9b:6d:af:3b:d0:
a3:da:60:81:fc:28:d0:80:e6:71:3e:8e:65:12:03:
15:02:91:85:c2:18:61:fa:c8:2c:dc:aa:97:83:6d:
1c:51:d5:5b:fb:6f:23:43:01:69:45:41:e0:7a:b6:
0b:b0:9c:45:f1:97:fd:40:b7:b0:77:3f:a2:3a:66:
df:d4:7c:21:60:e3:e0:a6:31:02:7b:9d:73:c8:46:
43:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:AC:93:EF:3B:87:06:92:93:61:FB:A3:8C:29:C7:F1:E9:2B:47:61
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BayT7zuHBpKTYfujjCnH8ekrR2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.81.115.0/24
45.88.136.0/24
45.88.138.0/24
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.93.0-195.177.95.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
Signature Algorithm: sha256WithRSAEncryption
10:fb:12:be:5e:9c:71:ff:46:6c:38:1a:7b:f9:08:3e:90:eb:
3e:fa:ed:af:be:7a:a8:7d:cf:70:f8:05:af:3f:6f:7a:4b:b9:
55:95:32:13:79:cc:80:5b:fd:3b:6a:ac:5b:69:b0:c5:a5:65:
95:0c:89:64:b8:43:0f:28:f4:81:2d:9c:63:af:81:b4:de:dd:
f2:bc:6f:16:9f:55:04:de:8c:5d:ff:2e:3b:ea:37:a4:fe:0d:
90:6a:e6:14:75:22:98:b5:db:f6:09:b2:d7:5a:a3:19:87:55:
c6:e7:ef:8a:08:1d:13:09:2f:0a:ee:e6:3f:d7:2f:9b:60:85:
95:5d:da:2d:70:95:bf:4c:b3:17:de:af:58:3f:c9:d1:f7:c6:
6e:7a:35:ac:75:69:b0:78:11:18:6a:31:19:be:b3:7f:9f:36:
96:16:fe:9e:a3:e6:90:94:8f:ab:fa:88:e4:4c:d7:d7:e9:75:
ff:05:8c:8d:2d:29:49:f7:f2:93:56:e7:c2:2d:37:28:cc:49:
17:20:02:0d:9d:9d:29:74:d8:85:4f:2d:39:c6:8d:d3:33:b9:
a8:ec:9a:9b:96:9e:55:ef:57:61:62:39:f3:94:ce:6c:2c:35:
fb:c1:c1:a8:c1:46:a2:48:d4:4d:a3:7e:c1:f0:4f:80:19:9b:
cb:a8:c7:78
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAZGZKKLHEyTKirlTzrtYIgVsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwODI4MTMyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWFjOTNlZjNiODcwNjkyOTM2MWZiYTM4YzI5YzdmMWU5MmI0NzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswM+CtaZHrxg2Qx1CLBpOzTZay1H
ZwlFPxKwI3UgPitoXgxBkdkOF+VTM5NNmVRf6pWyFstY0cP/3zFGuTq4gd9Bfm52
LiWr1dqGo1GG9q1dMMMA/Roqw7cw1PpLpdg/ez9O54JHrkcj9Zvbhj9lSd6ArcRY
xQ0gL7far3JyHI9zW3as5CpKeiJ2qPhtWOgZMN5vx6/ZPg4UfiTq25U6iL9HQKfV
zEya/oBQgXosm22vO9Cj2mCB/CjQgOZxPo5lEgMVApGFwhhh+sgs3KqXg20cUdVb
+28jQwFpRUHgerYLsJxF8Zf9QLewdz+iOmbf1HwhYOPgpjECe51zyEZDpwIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFAWsk+87hwaSk2H7o4wpx/HpK0dhMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvQmF5VDd6dUhCcEtUWWZ1ampDbkg4ZWtyUjJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwgZkEAgABMIGSAwQA
AjhtAwQABbVUAwQABbVXAwQALQkdAwQALVFzAwQALViIAwQALViKAwQALV6rAwQC
LYS0AwQALZDUAwQALZcDAwQATVMlAwQAkhN9AwQBuSv4AwQAuSv7AwQBucg+AwQA
wR7wAwQBwR7yAwQAwTkrAwQAwvJgAwQBwvJiMAwDBADDsV0DBAXDsUADBALD07ww
UwQCAAIwTQMFACoBcSADBQMqB5IAAwUAKgkDQAMFACoJxEADBQAqDF1AAwUDKgyl
gAMFAyoQ38ADBQAqEPrAAwUDKhEFgAMFACoRFgADBQAqESqAMA0GCSqGSIb3DQEB
CwUAA4IBAQAQ+xK+Xpxx/0ZsOBp7+Qg+kOs++u2vvnqofc9w+AWvP296S7lVlTIT
ecyAW/07aqxbabDFpWWVDIlkuEMPKPSBLZxjr4G03t3yvG8Wn1UE3oxd/y476jek
/g2QauYUdSKYtdv2CbLXWqMZh1XG5++KCB0TCS8K7uY/1y+bYIWVXdotcJW/TLMX
3q9YP8nR98ZuejWsdWmweBEYajEZvrN/nzaWFv6eo+aQlI+r+ojkTNfX6XX/BYyN
LSlJ9/KTVufCLTcozEkXIAINnZ0pdNiFTy05xo3TM7mo7Jqblp5V71dhYjnzlM5s
LDX7wcGowUaiSNRNo37B8E+AGZvLqMd4
-----END CERTIFICATE-----
Generated at Thu Sep 5 20:59:19 2024 by rpki-client on console-fra.rpki-client.org