Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/IFc2GexFfotKn31viOVvaWREXVY.roa
File: IFc2GexFfotKn31viOVvaWREXVY.roa (raw, json)
Hash identifier: IdjUB4KClZ9PoCr8+tV6ZQdWXAODb2l2Dd6M5JQSp8w=
Subject key identifier: 20:57:36:19:EC:45:7E:8B:4A:9F:7D:6F:88:E5:6F:69:64:44:5D:56
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A86118883AAE71741A7D056A38DD03DB7
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/IFc2GexFfotKn31viOVvaWREXVY.roa
Signing time: Mon 11 Sep 2023 21:06:50 +0000
ROA not before: Mon 11 Sep 2023 21:06:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.114.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:86:11:88:83:aa:e7:17:41:a7:d0:56:a3:8d:d0:3d:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 11 21:06:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20573619ec457e8b4a9f7d6f88e56f6964445d56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:02:cc:2c:7e:01:0e:40:8e:f4:b8:af:ea:cd:
6e:65:d7:aa:f1:78:ea:96:b3:44:88:eb:20:8e:d3:
4c:b4:8d:9d:ea:71:3f:ac:11:5f:f3:d7:b9:7a:5c:
bb:32:fb:68:26:b9:1f:52:04:a0:2f:68:ad:c3:17:
21:0c:45:89:cc:81:e5:89:18:1a:f8:5f:29:f8:00:
63:16:de:2e:09:0b:10:24:ec:7e:30:e5:cf:28:73:
45:2b:64:d7:c1:aa:dd:b4:e1:88:44:a0:f8:02:8c:
db:ae:bb:83:11:10:bd:06:72:41:42:8f:0a:6c:7a:
3d:e1:9d:b2:7a:ed:76:fe:17:fe:ab:6a:7e:fb:84:
3f:9a:8f:b0:63:20:34:da:ab:04:31:23:96:48:80:
80:f2:ab:5a:d3:ed:2c:dc:29:a0:bd:0b:fc:1b:95:
9e:60:c5:32:80:07:45:d3:f9:b6:17:35:df:3f:72:
c2:57:0a:1a:cc:8a:44:d1:4b:fb:61:02:9c:be:f5:
5a:07:81:e2:44:45:ef:00:3b:f1:5f:32:a6:f0:8b:
2b:db:09:50:7d:59:4b:a1:6b:27:34:4b:2e:9a:b4:
e6:f7:a5:c3:7e:65:45:38:81:1a:93:1f:95:eb:bd:
1c:3e:69:58:3a:72:b6:d8:7f:45:f0:32:97:4d:3a:
a7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:57:36:19:EC:45:7E:8B:4A:9F:7D:6F:88:E5:6F:69:64:44:5D:56
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/IFc2GexFfotKn31viOVvaWREXVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
a4:c4:59:8c:65:58:10:60:06:93:84:2b:c7:fe:9f:7b:81:25:
e3:0a:66:ab:e0:d4:fc:0e:87:61:3c:51:cf:0a:f4:51:2b:4e:
a4:40:36:be:f4:16:7c:89:77:92:4c:86:7a:42:82:6d:b7:b8:
25:26:c9:04:59:d4:76:6f:68:75:ac:a3:fa:40:b0:ad:03:d7:
43:ec:2e:93:30:3b:3a:b0:f4:64:11:69:59:4a:f4:f7:c9:ae:
80:ef:8c:e0:94:6f:fc:19:d9:88:e5:27:57:dd:e4:e0:1a:d9:
af:6c:a3:f5:33:c3:7d:ff:4c:6f:64:a5:25:74:35:60:6d:fc:
80:53:c2:2a:a9:23:bb:80:a7:1d:45:ab:5e:8d:b5:f5:db:4e:
21:c9:67:9f:29:9e:b6:3f:ab:e6:9d:57:6b:78:52:ca:d7:8e:
be:e8:19:2c:b4:1d:f4:e6:4d:e3:aa:55:71:80:10:a7:6d:84:
15:4c:cd:2d:81:26:4a:00:3c:35:bf:93:ef:04:c7:3e:1a:de:
00:db:de:64:34:92:6a:a9:b8:1a:1f:c4:6e:31:45:0e:db:e8:
d6:28:99:d9:0e:60:13:83:4a:ce:4d:7f:a6:3e:7b:6a:6b:39:
a0:a2:d7:1a:e4:df:33:8d:23:ed:a6:2f:2a:c3:08:2f:d3:e2:
d7:6c:db:07
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYqGEYiDqucXQafQVqON0D23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTExMjEwNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDU3MzYxOWVjNDU3ZThiNGE5ZjdkNmY4OGU1NmY2OTY0NDQ1ZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwLMLH4BDkCO9Liv6s1uZdeq8Xjq
lrNEiOsgjtNMtI2d6nE/rBFf89e5ely7MvtoJrkfUgSgL2itwxchDEWJzIHliRga
+F8p+ABjFt4uCQsQJOx+MOXPKHNFK2TXwardtOGIRKD4AozbrruDERC9BnJBQo8K
bHo94Z2yeu12/hf+q2p++4Q/mo+wYyA02qsEMSOWSICA8qta0+0s3CmgvQv8G5We
YMUygAdF0/m2FzXfP3LCVwoazIpE0Uv7YQKcvvVaB4HiREXvADvxXzKm8Isr2wlQ
fVlLoWsnNEsumrTm96XDfmVFOIEakx+V670cPmlYOnK22H9F8DKXTTqnfQIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFCBXNhnsRX6LSp99b4jlb2lkRF1WMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvSUZjMkdleEZmb3RLbjMxdmlPVnZhV1JFWFZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBmwQCAAEwgZQDBAAF
tVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AS2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AMEe8AMEAcEe8gMEAME5KQMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8
MCkEAgACMCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkq
hkiG9w0BAQsFAAOCAQEApMRZjGVYEGAGk4Qrx/6fe4El4wpmq+DU/A6HYTxRzwr0
UStOpEA2vvQWfIl3kkyGekKCbbe4JSbJBFnUdm9odayj+kCwrQPXQ+wukzA7OrD0
ZBFpWUr098mugO+M4JRv/BnZiOUnV93k4BrZr2yj9TPDff9Mb2SlJXQ1YG38gFPC
Kqkju4CnHUWrXo219dtOIclnnymetj+r5p1Xa3hSyteOvugZLLQd9OZN46pVcYAQ
p22EFUzNLYEmSgA8Nb+T7wTHPhreANveZDSSaqm4Gh/EbjFFDtvo1iiZ2Q5gE4NK
zk1/pj57ams5oKLXGuTfM40j7aYvKsMIL9Pi12zbBw==
-----END CERTIFICATE-----
Generated at Tue Sep 12 18:34:53 2023 by rpki-client on console-fra.rpki-client.org