Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/OOryyIckB4PebdKa3uPzeKAq6NA.roa
File: OOryyIckB4PebdKa3uPzeKAq6NA.roa (raw, json)
Hash identifier: dbD8YY+RMQFO9pPDaYVe7ghYDuOdnPvuYU06PWbm/70=
Subject key identifier: 38:EA:F2:C8:87:24:07:83:DE:6D:D2:9A:DE:E3:F3:78:A0:2A:E8:D0
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0192778D74A980B6E632423DC1172F2FE392
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/OOryyIckB4PebdKa3uPzeKAq6NA.roa
Signing time: Thu 10 Oct 2024 17:50:12 +0000
ROA not before: Thu 10 Oct 2024 17:50:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:342::/32 maxlen: 32
2a09:346::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a11:3900::/32 maxlen: 32
2a11:d680::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 11 Oct 2024 13:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:77:8d:74:a9:80:b6:e6:32:42:3d:c1:17:2f:2f:e3:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 10 17:50:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38eaf2c887240783de6dd29adee3f378a02ae8d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:57:fe:bb:8f:2a:fb:32:78:9a:7f:f4:01:58:
9c:f3:73:f4:63:d9:e0:45:c7:b9:15:f3:d6:8b:0c:
d1:71:24:f3:db:49:65:b5:f1:32:98:43:1f:01:1e:
73:da:e7:2b:1c:92:b4:57:b6:f8:ff:d7:6c:8d:cb:
39:4b:b7:dc:1d:34:57:2b:98:b9:da:a2:4e:5c:b0:
df:98:35:e0:0b:74:a1:48:a0:c5:2a:a6:85:38:65:
b2:fa:01:01:5b:fd:65:75:82:57:12:68:ac:d8:c1:
9d:f9:9e:f7:95:ce:f4:a5:e0:1f:9c:a7:51:c6:f1:
91:78:48:c9:70:ae:62:b2:dd:1e:95:c9:79:ef:68:
84:fb:1e:a8:f0:35:37:f3:19:2c:3f:9f:47:fb:78:
1b:76:ac:61:1a:5b:cb:64:a1:42:bc:b3:df:07:f8:
1c:72:08:5f:c6:1d:cf:2a:80:16:24:00:1f:e6:e9:
d7:df:af:39:90:40:83:94:c9:02:26:75:dc:93:6a:
b1:1a:c0:d6:27:95:8a:9b:e2:c1:82:d0:32:f2:5b:
95:ab:7b:a9:2e:ca:b9:7d:0c:6e:b5:4c:96:3a:74:
8a:8d:17:58:a1:d6:b1:70:a3:5a:6d:ba:62:ae:86:
12:71:bd:ff:43:ea:ef:ea:99:3e:b2:48:cb:0c:17:
1a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:EA:F2:C8:87:24:07:83:DE:6D:D2:9A:DE:E3:F3:78:A0:2A:E8:D0
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/OOryyIckB4PebdKa3uPzeKAq6NA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.81.115.0/24
45.88.136.0/24
45.88.138.0/24
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.93.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:342::/32
2a09:346::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
2a11:3900::/32
2a11:d680::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
97:5c:bd:a0:e4:65:64:cb:94:82:67:a7:b6:31:d0:60:30:9e:
b3:16:15:85:ed:0c:bd:1f:22:bc:a8:97:75:d0:e0:8a:67:e3:
3e:9f:c6:a4:6b:b5:88:02:c8:3d:02:8e:64:30:fb:14:ba:a8:
65:49:77:b3:83:15:14:eb:51:57:8f:97:3e:a2:13:a3:55:62:
c1:b0:32:12:35:86:5b:83:80:2d:22:a5:c0:72:3a:b1:49:28:
27:04:9e:8e:99:f0:3f:7f:a2:14:f6:d9:22:65:cd:ad:7e:33:
5a:a3:b9:2c:76:6d:f9:a4:45:f1:f1:04:d7:cc:cf:96:aa:26:
9e:d6:32:44:b6:83:e3:78:77:5c:20:51:b4:77:7f:d1:ef:7a:
73:72:c3:41:dd:72:a0:f0:92:a3:08:28:e8:6a:b3:08:94:1c:
a8:40:d4:cc:36:81:54:e5:b0:51:40:d6:d5:0a:d2:72:50:d6:
ed:0d:2a:8f:81:a8:af:3d:91:44:16:32:37:f7:db:aa:76:f4:
69:82:43:c4:46:95:0f:06:2b:54:50:0c:ba:ae:49:dd:80:07:
6a:e5:9b:2f:4a:7a:b0:76:f1:7c:b8:f8:7e:9e:3d:78:90:2e:
d5:d2:1b:46:d6:4b:84:41:a5:f0:7d:31:23:03:79:be:88:43:
1e:b8:57:5c
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgISAZJ3jXSpgLbmMkI9wRcvL+OSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQxMDEwMTc1MDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGVhZjJjODg3MjQwNzgzZGU2ZGQyOWFkZWUzZjM3OGEwMmFlOGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVf+u48q+zJ4mn/0AVic83P0Y9ng
Rce5FfPWiwzRcSTz20lltfEymEMfAR5z2ucrHJK0V7b4/9dsjcs5S7fcHTRXK5i5
2qJOXLDfmDXgC3ShSKDFKqaFOGWy+gEBW/1ldYJXEmis2MGd+Z73lc70peAfnKdR
xvGReEjJcK5ist0elcl572iE+x6o8DU38xksP59H+3gbdqxhGlvLZKFCvLPfB/gc
cghfxh3PKoAWJAAf5unX3685kECDlMkCJnXck2qxGsDWJ5WKm+LBgtAy8luVq3up
Lsq5fQxutUyWOnSKjRdYodaxcKNabbpiroYScb3/Q+rv6pk+skjLDBca7wIDAQAB
o4IDIzCCAx8wHQYDVR0OBBYEFDjq8siHJAeD3m3Smt7j83igKujQMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvT09yeXlJY2tCNFBlYmRLYTN1UHplS0FxNk5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNwYIKwYBBQUHAQcBAf8EggEmMIIBIjCBpwQCAAEwgaAD
BAACOG0DBAAFtVQDBAAFtVcDBAAtCR0wDAMEAC0NvQMEAC0NvgMEAC1RcwMEAC1Y
iAMEAC1YigMEAC1eqwMEAi2EtAMEAC2Q1AMEAC2XAwMEAE1TJQMEAJITfQMEAbkr
+AMEALkr+wMEAbnIPgMEAMEe8AMEAcEe8gMEAME5KwMEAMLyYAMEAcLyYjAMAwQA
w7FdAwQAw7FeAwQCw9O8MHYEAgACMHADBQAqAXEgAwUDKgeSAAMFACoJA0ADBQAq
CQNCAwUAKgkDRgMFACoJxEADBQAqDF1AAwUDKgylgAMFAyoQ38ADBQAqEPrAAwUD
KhEFgAMFACoRFgADBQAqESqAAwUAKhE5AAMFACoR1oADBQAqEp8AMA0GCSqGSIb3
DQEBCwUAA4IBAQCXXL2g5GVky5SCZ6e2MdBgMJ6zFhWF7Qy9HyK8qJd10OCKZ+M+
n8aka7WIAsg9Ao5kMPsUuqhlSXezgxUU61FXj5c+ohOjVWLBsDISNYZbg4AtIqXA
cjqxSSgnBJ6OmfA/f6IU9tkiZc2tfjNao7ksdm35pEXx8QTXzM+Wqiae1jJEtoPj
eHdcIFG0d3/R73pzcsNB3XKg8JKjCCjoarMIlByoQNTMNoFU5bBRQNbVCtJyUNbt
DSqPgaivPZFEFjI399uqdvRpgkPERpUPBitUUAy6rkndgAdq5ZsvSnqwdvF8uPh+
nj14kC7V0htG1kuEQaXwfTEjA3m+iEMeuFdc
-----END CERTIFICATE-----
Generated at Fri Oct 11 17:42:55 2024 by rpki-client on console-ams.rpki-client.org