Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/DyGnYGBMSE7T5mJQkrCdm6Fyy3A.roa
File: DyGnYGBMSE7T5mJQkrCdm6Fyy3A.roa (raw, json)
Hash identifier: 7qH6e2AV92nztUTztkDb7oL3owFMZcInJUPPNhN1DBM=
Subject key identifier: 0F:21:A7:60:60:4C:48:4E:D3:E6:62:50:92:B0:9D:9B:A1:72:CB:70
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018BD7F26AB296E67CBE036712E4BC127DC5
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/DyGnYGBMSE7T5mJQkrCdm6Fyy3A.roa
Signing time: Thu 16 Nov 2023 11:44:30 +0000
ROA not before: Thu 16 Nov 2023 11:44:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
45.138.180.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:f2:6a:b2:96:e6:7c:be:03:67:12:e4:bc:12:7d:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 16 11:44:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f21a760604c484ed3e6625092b09d9ba172cb70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:17:4c:3d:56:65:7f:4c:99:4d:35:26:7b:ac:
00:a7:df:96:a9:2f:1c:bf:d9:27:c1:ae:74:22:20:
cb:39:80:2b:2c:55:5a:31:8b:48:f9:ef:cf:fd:91:
ad:3f:02:43:4f:a4:64:22:e2:3a:bd:0a:c2:2f:ef:
60:64:6c:ca:e8:3e:6c:a1:2b:b5:ca:91:22:f0:ec:
ac:64:0f:98:8d:04:92:bd:e0:05:87:86:94:6c:9f:
a7:87:f5:e1:41:fb:64:6b:0c:88:fd:1b:ec:37:05:
1b:06:0a:f6:ad:e0:27:dd:3b:77:04:70:d3:9c:d9:
26:14:44:c5:f3:24:47:c5:e1:20:55:1a:dc:15:3e:
e5:44:57:82:d7:04:d5:6d:4e:06:83:cc:9e:94:8d:
d2:ea:94:c0:ef:0e:90:7e:27:7a:7e:e7:78:d3:19:
3b:ae:61:7f:59:b5:13:3b:a2:a0:3d:2f:2d:40:6c:
dd:80:61:f5:46:ce:c8:0a:d8:74:07:ab:f7:53:17:
10:80:87:e6:63:1a:9f:a0:1a:af:d9:f9:ed:00:ad:
71:c9:12:c7:0e:f9:c1:2f:e6:b8:06:42:c9:57:07:
55:27:73:d8:43:13:a9:4a:24:ac:b4:ca:0c:74:0d:
f6:59:ad:c1:ec:bf:09:1e:ee:bb:e1:3f:ae:6c:b9:
58:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:21:A7:60:60:4C:48:4E:D3:E6:62:50:92:B0:9D:9B:A1:72:CB:70
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/DyGnYGBMSE7T5mJQkrCdm6Fyy3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.138.180.0/24
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
4f:0d:88:f3:4e:25:a6:a9:41:f9:da:74:8f:a8:3f:4b:33:56:
6d:14:fe:60:65:8f:2f:e9:d8:06:1b:09:be:76:17:72:96:0d:
3f:ab:09:27:5d:b2:be:b3:1d:22:24:ae:6f:7e:e2:9c:d5:fd:
bc:29:fd:cb:1d:40:a1:3f:63:f8:7d:87:81:2f:09:41:81:a2:
e5:d7:5f:a8:3f:54:50:61:24:16:01:e0:d4:62:8d:03:f8:32:
67:e5:38:e8:7b:35:7a:75:5f:64:03:79:00:e2:17:7e:66:e9:
f3:4a:1b:5c:7d:84:cc:d2:50:75:a1:4b:58:a6:23:5e:9d:ae:
46:f9:bd:48:c7:73:a6:eb:7a:f1:71:f9:f2:c2:f9:9e:a2:92:
b0:42:51:08:ef:49:4c:e0:5c:51:16:5c:7a:17:9d:f4:e0:0d:
2a:8b:fa:0c:43:b8:fa:ba:11:a7:50:8e:13:08:0f:f8:53:d5:
f5:30:88:5a:f7:5f:cd:24:0d:4c:b9:6f:16:e7:35:db:02:b9:
88:27:be:db:69:1f:54:3d:69:60:9e:70:9b:90:6a:82:b8:ab:
fa:5a:65:d4:97:3e:04:83:00:d8:18:2f:52:16:38:24:f9:3f:
a3:55:28:c4:6e:fd:8b:a0:ba:66:b4:cf:02:84:8b:97:a1:2d:
2a:03:e0:00
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAYvX8mqyluZ8vgNnEuS8En3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMTE2MTE0NDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjIxYTc2MDYwNGM0ODRlZDNlNjYyNTA5MmIwOWQ5YmExNzJjYjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghdMPVZlf0yZTTUme6wAp9+WqS8c
v9knwa50IiDLOYArLFVaMYtI+e/P/ZGtPwJDT6RkIuI6vQrCL+9gZGzK6D5soSu1
ypEi8OysZA+YjQSSveAFh4aUbJ+nh/XhQftkawyI/RvsNwUbBgr2reAn3Tt3BHDT
nNkmFETF8yRHxeEgVRrcFT7lRFeC1wTVbU4Gg8yelI3S6pTA7w6Qfid6fud40xk7
rmF/WbUTO6KgPS8tQGzdgGH1Rs7ICth0B6v3UxcQgIfmYxqfoBqv2fntAK1xyRLH
DvnBL+a4BkLJVwdVJ3PYQxOpSiSstMoMdA32Wa3B7L8JHu674T+ubLlYBwIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFA8hp2BgTEhO0+ZiUJKwnZuhcstwMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvRHlHbllHQk1TRTdUNW1KUWtyQ2RtNkZ5eTNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHQBggrBgEFBQcBBwEB/wSBwDCBvTCBjwQCAAEwgYgDBAAF
tVcDBAAtCR0DBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAMEAC2KtAME
AC2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAMEe8AME
AcEe8gMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgACMCMDBQAq
AXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0BAQsFAAOC
AQEATw2I804lpqlB+dp0j6g/SzNWbRT+YGWPL+nYBhsJvnYXcpYNP6sJJ12yvrMd
IiSub37inNX9vCn9yx1AoT9j+H2HgS8JQYGi5ddfqD9UUGEkFgHg1GKNA/gyZ+U4
6Hs1enVfZAN5AOIXfmbp80obXH2EzNJQdaFLWKYjXp2uRvm9SMdzput68XH58sL5
nqKSsEJRCO9JTOBcURZcehed9OANKov6DEO4+roRp1COEwgP+FPV9TCIWvdfzSQN
TLlvFuc12wK5iCe+22kfVD1pYJ5wm5Bqgrir+lpl1Jc+BIMA2BgvUhY4JPk/o1Uo
xG79i6C6ZrTPAoSLl6EtKgPgAA==
-----END CERTIFICATE-----
Generated at Sat Nov 18 13:43:50 2023 by rpki-client on console-ams.rpki-client.org