Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/S-FpnfflhVl2rA8FPZCOqvT0bdA.roa
File: S-FpnfflhVl2rA8FPZCOqvT0bdA.roa (raw, json)
Hash identifier: OunDAzKsOdQSjJflYKetjqjKsZyLbRJqeLxzvlf4+28=
Subject key identifier: 4B:E1:69:9D:F7:E5:85:59:76:AC:0F:05:3D:90:8E:AA:F4:F4:6D:D0
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018C3F3D0DE3B410081D874E4783BFF7FE7B
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/S-FpnfflhVl2rA8FPZCOqvT0bdA.roa
Signing time: Wed 06 Dec 2023 13:06:54 +0000
ROA not before: Wed 06 Dec 2023 13:06:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:3d:0d:e3:b4:10:08:1d:87:4e:47:83:bf:f7:fe:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 6 13:06:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4be1699df7e5855976ac0f053d908eaaf4f46dd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:2b:93:2f:af:f3:90:ea:bc:44:f2:7c:19:30:
b6:56:f2:48:b0:ab:ae:12:66:1e:ef:64:fb:00:67:
37:61:91:22:c4:ce:27:f9:74:d4:e9:90:25:a5:65:
33:0d:8e:78:4a:d5:31:d2:a8:46:57:c8:8f:41:50:
e0:b3:ef:46:f9:4c:a4:02:66:9e:a2:8a:71:66:a3:
ea:2e:03:3b:74:55:4a:f3:8c:2b:34:7d:df:03:2a:
c1:21:41:33:af:e0:58:37:83:e2:a5:9b:8a:45:d4:
56:5b:f5:20:f0:d7:c6:a0:1a:44:97:9b:db:47:ca:
c6:d2:f6:ed:89:d6:a9:a3:5b:40:19:04:28:a5:0c:
c5:e4:ac:f2:b6:f1:11:e2:89:e5:ef:5e:33:b0:e6:
ff:de:d6:9e:e0:88:a7:41:0a:2e:50:cc:b4:99:ea:
a8:bc:07:24:bd:c4:57:37:19:37:2e:fe:98:53:de:
a2:01:54:e7:96:d4:c2:13:83:56:eb:5d:bd:d6:47:
a3:4c:a3:a2:bd:6e:33:c4:c8:ca:a9:5f:69:c3:45:
01:cc:14:f0:82:c6:4b:21:8b:3f:47:b3:de:d4:a5:
52:9a:6f:e3:b5:78:07:c7:e6:5c:f5:ab:20:0e:42:
1e:cb:69:4b:8e:85:c7:88:a4:f7:85:a0:0e:de:5c:
35:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E1:69:9D:F7:E5:85:59:76:AC:0F:05:3D:90:8E:AA:F4:F4:6D:D0
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/S-FpnfflhVl2rA8FPZCOqvT0bdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
ae:46:bd:96:2f:f0:eb:ab:f1:46:1f:5b:a4:2d:c2:78:51:cc:
7a:58:ba:6e:0c:7e:04:a0:6f:af:c1:f2:b7:d0:ef:cc:d2:1d:
0c:73:04:0e:95:df:97:66:5b:bd:89:ba:6f:e0:8c:9e:30:fc:
f7:9d:e4:70:c5:e0:dd:3e:47:93:26:0f:f7:0d:87:12:37:e8:
9b:01:e4:17:06:be:f9:11:5a:7c:01:c0:15:08:96:b1:46:c3:
b2:02:7b:b9:1d:06:7e:cc:7a:77:f9:e8:39:70:d7:d6:19:44:
cb:f5:19:43:6b:9d:eb:36:49:4e:3c:23:19:7f:9e:1c:7b:8b:
6e:cd:0f:8a:8c:93:f2:91:c2:09:3f:ad:7a:10:7c:b5:52:12:
19:c0:70:b3:82:d9:5c:d8:2f:e6:a9:b0:aa:e5:24:c2:1a:fb:
ae:2e:0b:26:d2:09:fe:48:56:d8:73:8c:6f:21:03:0e:48:c5:
af:68:f4:6c:6c:73:65:0b:72:06:fd:75:9e:55:2b:12:0f:3a:
b2:aa:95:05:a3:43:01:1e:50:19:f0:68:b0:4f:1d:89:ab:ea:
3e:72:b6:7c:6d:4e:8f:28:79:45:29:fe:f0:52:c0:c8:08:03:
28:b2:91:9c:bd:64:47:28:6a:8d:9b:94:cd:54:22:2c:a0:e4:
06:9b:30:9c
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAYw/PQ3jtBAIHYdOR4O/9/57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMjA2MTMwNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmUxNjk5ZGY3ZTU4NTU5NzZhYzBmMDUzZDkwOGVhYWY0ZjQ2ZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyuTL6/zkOq8RPJ8GTC2VvJIsKuu
EmYe72T7AGc3YZEixM4n+XTU6ZAlpWUzDY54StUx0qhGV8iPQVDgs+9G+UykAmae
oopxZqPqLgM7dFVK84wrNH3fAyrBIUEzr+BYN4PipZuKRdRWW/Ug8NfGoBpEl5vb
R8rG0vbtidapo1tAGQQopQzF5KzytvER4onl714zsOb/3tae4IinQQouUMy0meqo
vAckvcRXNxk3Lv6YU96iAVTnltTCE4NW61291kejTKOivW4zxMjKqV9pw0UBzBTw
gsZLIYs/R7Pe1KVSmm/jtXgHx+Zc9asgDkIey2lLjoXHiKT3haAO3lw1OwIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFEvhaZ335YVZdqwPBT2Qjqr09G3QMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUy1GcG5mZmxoVmwyckE4RlBaQ09xdlQwYmRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHQBggrBgEFBQcBBwEB/wSBwDCBvTCBjwQCAAEwgYgDBAAF
tVcDBAAtCR0DBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAMEAC2Q1AME
AE1TJQMEAE1TJwMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAMEe8AMEAcEe8gME
AME5KQMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgACMCMDBQAq
AXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0BAQsFAAOC
AQEArka9li/w66vxRh9bpC3CeFHMeli6bgx+BKBvr8Hyt9DvzNIdDHMEDpXfl2Zb
vYm6b+CMnjD8953kcMXg3T5HkyYP9w2HEjfomwHkFwa++RFafAHAFQiWsUbDsgJ7
uR0Gfsx6d/noOXDX1hlEy/UZQ2ud6zZJTjwjGX+eHHuLbs0PioyT8pHCCT+tehB8
tVISGcBws4LZXNgv5qmwquUkwhr7ri4LJtIJ/khW2HOMbyEDDkjFr2j0bGxzZQty
Bv11nlUrEg86sqqVBaNDAR5QGfBosE8diavqPnK2fG1Ojyh5RSn+8FLAyAgDKLKR
nL1kRyhqjZuUzVQiLKDkBpswnA==
-----END CERTIFICATE-----
Generated at Thu Dec 7 16:39:46 2023 by rpki-client on console-fra.rpki-client.org