Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/DCdzTmyBPvSojKOAiDDstxPcdP4.roa
File: DCdzTmyBPvSojKOAiDDstxPcdP4.roa (raw, json)
Hash identifier: 6TmX6XQ+X7NGiYwpzJ+jsp7my9dmhqJKca10BYzgUDU=
Subject key identifier: 0C:27:73:4E:6C:81:3E:F4:A8:8C:A3:80:88:30:EC:B7:13:DC:74:FE
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018AF4D719AC77D4529E46DD89F26A72EDC6
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/DCdzTmyBPvSojKOAiDDstxPcdP4.roa
Signing time: Tue 03 Oct 2023 09:20:51 +0000
ROA not before: Tue 03 Oct 2023 09:20:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:d7:19:ac:77:d4:52:9e:46:dd:89:f2:6a:72:ed:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 3 09:20:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c27734e6c813ef4a88ca3808830ecb713dc74fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5b:30:8b:af:a8:90:11:d0:a8:be:d4:94:09:
f3:00:56:87:aa:20:d6:ba:54:48:51:9d:14:5a:cb:
59:3c:c4:6c:41:b6:bd:ca:71:1a:4e:6f:b0:1e:ae:
50:ff:30:16:e6:16:4c:31:22:7f:e3:e3:ae:dd:23:
06:37:46:89:02:c6:55:f7:c9:f5:0e:e7:7b:85:d7:
7f:4e:fe:b5:35:3d:1d:20:29:16:1b:e0:49:00:f4:
01:e7:ab:50:45:e5:a7:bb:61:ef:15:c3:0a:4b:da:
0c:e2:d2:b6:82:32:17:de:07:7a:e4:92:60:13:40:
40:ab:01:23:20:03:ca:22:8b:2a:68:8c:8e:00:10:
74:fe:2f:85:78:46:b0:9a:95:5b:3d:52:b0:4d:eb:
72:55:95:46:77:be:42:2f:66:2a:30:53:c7:2b:6e:
f8:e9:ac:89:c7:54:25:2b:c0:65:bc:2c:5b:25:50:
2f:c0:4e:08:09:a3:5d:ea:0a:71:c7:c9:c1:34:48:
19:73:01:2f:47:30:db:df:4c:59:1e:2c:d3:55:3e:
45:9c:95:d4:27:67:73:ef:49:a2:04:cb:86:85:59:
42:d7:6e:9f:d8:f5:ae:97:96:4e:d5:0c:e9:06:fa:
6d:60:f1:14:22:4a:f8:9d:59:1e:2d:0f:e2:f2:f2:
3f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:27:73:4E:6C:81:3E:F4:A8:8C:A3:80:88:30:EC:B7:13:DC:74:FE
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/DCdzTmyBPvSojKOAiDDstxPcdP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
1c:2d:c8:6e:83:d3:4e:13:06:6c:c8:f1:73:ed:b3:af:43:8c:
06:83:dd:41:07:4c:2c:73:f3:23:f2:53:ee:1b:11:85:30:72:
b9:3e:70:3c:02:f4:03:7e:9b:0a:6e:19:cc:09:d3:5b:35:f6:
5d:aa:c5:77:14:af:7b:2e:08:5d:74:d9:32:21:4c:81:a8:55:
a6:73:75:1f:4d:65:0b:f7:79:50:d8:b2:d8:22:51:f9:25:84:
1b:bb:11:83:7d:9d:9f:2f:89:3c:0d:42:8f:75:e8:5b:55:aa:
1e:9d:79:00:6e:81:f2:65:12:4a:86:4e:93:fb:02:0e:61:29:
e5:0d:d3:f8:fe:2c:48:b4:64:7b:37:cd:c0:c0:f2:71:4a:f3:
47:fa:f7:a6:08:b9:d1:97:e5:0d:23:b3:40:9f:24:5c:26:76:
4d:3f:2f:3e:47:a3:a1:18:18:9b:97:f4:da:9a:31:70:5a:e0:
af:a9:1d:18:84:46:1e:15:90:76:b1:8f:c9:1e:3e:28:2a:eb:
69:52:10:e9:8b:72:56:81:f8:ac:c2:ed:d0:67:5e:78:7d:17:
32:0c:2c:c0:06:9f:f8:9a:f8:bf:da:06:80:43:cf:e1:7b:4e:
d6:80:8d:aa:77:48:27:6b:db:5a:97:ce:a7:5a:f5:1e:fc:46:
37:7b:a5:f6
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAYr01xmsd9RSnkbdifJqcu3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMDAzMDkyMDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzI3NzM0ZTZjODEzZWY0YTg4Y2EzODA4ODMwZWNiNzEzZGM3NGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVswi6+okBHQqL7UlAnzAFaHqiDW
ulRIUZ0UWstZPMRsQba9ynEaTm+wHq5Q/zAW5hZMMSJ/4+Ou3SMGN0aJAsZV98n1
Dud7hdd/Tv61NT0dICkWG+BJAPQB56tQReWnu2HvFcMKS9oM4tK2gjIX3gd65JJg
E0BAqwEjIAPKIosqaIyOABB0/i+FeEawmpVbPVKwTetyVZVGd75CL2YqMFPHK274
6ayJx1QlK8BlvCxbJVAvwE4ICaNd6gpxx8nBNEgZcwEvRzDb30xZHizTVT5FnJXU
J2dz70miBMuGhVlC126f2PWul5ZO1QzpBvptYPEUIkr4nVkeLQ/i8vI/CwIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFAwnc05sgT70qIyjgIgw7LcT3HT+MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvRENkelRteUJQdlNvaktPQWlERHN0eFBjZFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHWBggrBgEFBQcBBwEB/wSBxjCBwzCBlQQCAAEwgY4DBAAF
tVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AC2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AMEe8AMEAcEe8gMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgAC
MCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0B
AQsFAAOCAQEAHC3IboPTThMGbMjxc+2zr0OMBoPdQQdMLHPzI/JT7hsRhTByuT5w
PAL0A36bCm4ZzAnTWzX2XarFdxSvey4IXXTZMiFMgahVpnN1H01lC/d5UNiy2CJR
+SWEG7sRg32dny+JPA1Cj3XoW1WqHp15AG6B8mUSSoZOk/sCDmEp5Q3T+P4sSLRk
ezfNwMDycUrzR/r3pgi50ZflDSOzQJ8kXCZ2TT8vPkejoRgYm5f02poxcFrgr6kd
GIRGHhWQdrGPyR4+KCrraVIQ6YtyVoH4rMLt0GdeeH0XMgwswAaf+Jr4v9oGgEPP
4XtO1oCNqndIJ2vbWpfOp1r1HvxGN3ul9g==
-----END CERTIFICATE-----
Generated at Tue Oct 3 15:52:43 2023 by rpki-client on console-fra.rpki-client.org