Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/S3qHk3nJ8Ujbu5wEAdk4jdVlHXI.roa
File: S3qHk3nJ8Ujbu5wEAdk4jdVlHXI.roa (raw, json)
Hash identifier: dE2GUUTw5cYHADiw9eJA+2ZzwkotYFMThkfZpW1spTU=
Subject key identifier: 4B:7A:87:93:79:C9:F1:48:DB:BB:9C:04:01:D9:38:8D:D5:65:1D:72
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018AE1D8DB4688254464B15557800FE03B5D
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/S3qHk3nJ8Ujbu5wEAdk4jdVlHXI.roa
Signing time: Fri 29 Sep 2023 16:50:00 +0000
ROA not before: Fri 29 Sep 2023 16:50:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
45.81.112.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 30 Sep 2023 13:44:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e1:d8:db:46:88:25:44:64:b1:55:57:80:0f:e0:3b:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 29 16:50:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b7a879379c9f148dbbb9c0401d9388dd5651d72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:46:cf:49:08:a9:9b:17:9e:53:bf:77:4e:ac:
4e:3f:2e:32:cf:14:39:2d:d7:f5:89:60:39:35:e4:
64:99:53:7f:20:03:46:d1:98:b9:3f:27:9e:ff:92:
05:99:55:bd:e6:4c:43:be:7f:a8:7e:f4:f1:41:a6:
6a:8f:70:ac:ba:30:d5:d7:7d:14:36:fc:1d:ed:a9:
da:11:c5:6b:c8:11:c0:47:ef:9d:f2:3d:ae:e6:a4:
5a:47:1e:e6:c7:78:f5:f1:a8:1e:66:8a:23:7b:27:
30:b1:2f:06:25:c0:e0:dc:cb:02:6d:09:f3:8d:7b:
8a:3d:b7:82:12:38:9b:b9:3b:e6:15:07:9a:13:1d:
d7:aa:56:eb:ed:fe:ef:b0:eb:e2:43:68:ea:1f:a6:
de:16:30:4e:01:b5:3e:26:3e:9a:e3:3f:de:53:cb:
51:87:67:43:e7:9c:27:7b:a3:e4:c5:55:b2:45:09:
f3:cf:71:6e:59:45:b0:78:4f:23:57:97:e6:de:af:
a1:e3:6f:79:72:c1:b5:90:88:79:2d:ea:6f:cb:f7:
57:e1:28:f2:04:4b:d6:60:55:e3:5e:80:61:7f:8e:
42:44:f5:66:25:ff:86:c3:62:ab:a2:ed:d9:59:54:
c9:fe:42:6a:02:4e:f3:55:85:bf:09:52:a9:44:a4:
ab:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7A:87:93:79:C9:F1:48:DB:BB:9C:04:01:D9:38:8D:D5:65:1D:72
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/S3qHk3nJ8Ujbu5wEAdk4jdVlHXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
bd:cb:ab:32:ff:95:b2:48:95:9b:4f:b6:9b:d4:2d:81:2b:5d:
86:45:96:5b:84:c1:11:5b:aa:db:05:92:3c:91:aa:da:86:eb:
89:9e:43:a9:de:d0:b6:46:5c:cf:56:4b:e7:4a:9f:f5:38:81:
05:8e:d8:40:83:f1:45:5a:91:5c:2e:53:f6:cc:07:36:f6:68:
78:e7:a9:a9:48:0f:89:7d:0f:42:3e:47:e9:65:db:85:ae:c7:
73:78:c2:bc:78:48:d0:53:4c:b0:e6:bc:e4:d6:ba:1d:c4:1e:
0c:0f:9a:3d:52:f7:02:6a:a6:6e:f8:6a:1f:da:2d:c4:d4:de:
d8:d6:b0:5a:3b:8d:91:c4:dd:af:10:22:ce:51:96:11:22:43:
05:8b:c9:d3:6e:37:50:24:1b:a5:73:e0:6b:10:67:20:93:ea:
da:76:52:15:fc:d8:5c:32:0d:3b:10:46:21:99:b3:d1:d2:81:
09:7c:de:8f:3f:d2:9c:b7:3c:7f:b4:31:e2:6c:bc:e2:e5:0a:
a2:ae:e6:cd:9a:e0:39:02:cb:c2:e0:eb:69:41:c8:4d:11:e0:
c5:1b:39:7b:ce:d1:51:05:ed:f9:2f:5b:d5:65:e3:0d:fb:ba:
58:cf:ff:a0:e5:b8:0b:41:ea:53:81:2b:b9:01:85:ea:22:c6:
a5:6f:89:48
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYrh2NtGiCVEZLFVV4AP4DtdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTI5MTY1MDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjdhODc5Mzc5YzlmMTQ4ZGJiYjljMDQwMWQ5Mzg4ZGQ1NjUxZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0bPSQipmxeeU793TqxOPy4yzxQ5
Ldf1iWA5NeRkmVN/IANG0Zi5Pyee/5IFmVW95kxDvn+ofvTxQaZqj3CsujDV130U
Nvwd7anaEcVryBHAR++d8j2u5qRaRx7mx3j18ageZoojeycwsS8GJcDg3MsCbQnz
jXuKPbeCEjibuTvmFQeaEx3Xqlbr7f7vsOviQ2jqH6beFjBOAbU+Jj6a4z/eU8tR
h2dD55wne6PkxVWyRQnzz3FuWUWweE8jV5fm3q+h4295csG1kIh5Lepvy/dX4Sjy
BEvWYFXjXoBhf45CRPVmJf+Gw2Krou3ZWVTJ/kJqAk7zVYW/CVKpRKSr4wIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFEt6h5N5yfFI27ucBAHZOI3VZR1yMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUzNxSGszbko4VWpidTV3RUFkazRqZFZsSFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBkwQCAAEwgYwDBAAC
OG0DBAAFtVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAC2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wME
AbnIPgMEAMEe8AMEAcEe8gMEAME5KwMEAsLyYAMEAsOxXAMEAsPTvDApBAIAAjAj
AwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQEL
BQADggEBAL3LqzL/lbJIlZtPtpvULYErXYZFlluEwRFbqtsFkjyRqtqG64meQ6ne
0LZGXM9WS+dKn/U4gQWO2ECD8UVakVwuU/bMBzb2aHjnqalID4l9D0I+R+ll24Wu
x3N4wrx4SNBTTLDmvOTWuh3EHgwPmj1S9wJqpm74ah/aLcTU3tjWsFo7jZHE3a8Q
Is5RlhEiQwWLydNuN1AkG6Vz4GsQZyCT6tp2UhX82FwyDTsQRiGZs9HSgQl83o8/
0py3PH+0MeJsvOLlCqKu5s2a4DkCy8Lg62lByE0R4MUbOXvO0VEF7fkvW9Vl4w37
uljP/6DluAtB6lOBK7kBheoixqVviUg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org