Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/VOIk5PZgcrw5IUGS9vKvwjEN_hI.roa
File: VOIk5PZgcrw5IUGS9vKvwjEN_hI.roa (raw, json)
Hash identifier: bfBms1BPu/k6Gs1iK1ivuOjCe6t80PUnmY71wX8pTWM=
Subject key identifier: 54:E2:24:E4:F6:60:72:BC:39:21:41:92:F6:F2:AF:C2:31:0D:FE:12
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018B04EB2F780766CA65F5B8DEC770A1FA32
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/VOIk5PZgcrw5IUGS9vKvwjEN_hI.roa
Signing time: Fri 06 Oct 2023 12:16:43 +0000
ROA not before: Fri 06 Oct 2023 12:16:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:04:eb:2f:78:07:66:ca:65:f5:b8:de:c7:70:a1:fa:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 6 12:16:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54e224e4f66072bc39214192f6f2afc2310dfe12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:19:2e:c2:19:4c:62:ee:fd:da:2b:94:b9:ed:
fc:86:1e:45:ff:70:18:40:94:62:05:36:32:de:96:
27:0f:98:c3:5b:e0:fb:f4:c9:79:2e:6b:c7:eb:ce:
2f:89:33:4c:e7:94:d5:e0:6b:b9:fa:03:3d:14:0b:
02:70:0a:4e:3b:86:a1:00:09:c5:e6:d3:fb:1e:a5:
89:92:1f:6f:90:a0:d8:4e:07:63:ae:13:ce:06:7a:
d7:44:f4:e6:ed:48:fa:b4:9b:fa:33:c5:f4:d9:b5:
c3:fe:a6:f3:ff:c2:ed:b3:d8:9d:27:ab:ab:2a:26:
8d:45:9e:00:99:8b:c8:03:c7:5c:78:e6:aa:c2:c4:
ea:15:c1:42:bf:6d:b1:07:18:92:6f:43:a5:7a:0f:
e7:0b:7b:d9:4c:85:fe:1b:69:db:01:31:45:c9:2f:
34:e7:8b:ba:03:c0:d8:74:f8:23:21:44:86:bc:d8:
e3:a3:0d:9a:02:51:e8:85:0a:ab:e6:58:28:bf:b1:
f6:3c:13:a1:19:0d:ea:1f:a3:b2:5b:b9:32:81:bb:
c6:13:c6:b1:72:af:67:1c:bc:a5:f8:90:8d:89:d1:
90:5c:d9:12:59:2a:e4:19:36:51:9a:76:e6:c4:25:
67:25:6b:84:be:35:39:3b:ed:55:e2:da:f9:d8:52:
7d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:E2:24:E4:F6:60:72:BC:39:21:41:92:F6:F2:AF:C2:31:0D:FE:12
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/VOIk5PZgcrw5IUGS9vKvwjEN_hI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
91:2a:f5:c0:82:96:9f:4b:6d:87:e5:93:43:0c:45:0b:e1:00:
6c:90:8b:c0:6b:8c:e4:52:e1:19:1a:dc:3a:45:12:60:69:5f:
61:bc:5a:0a:a1:b6:e3:9b:48:ee:c5:65:c7:8f:53:ac:9b:a2:
d5:eb:47:90:55:a1:3f:e0:80:1a:ad:71:43:55:8a:e5:11:06:
82:a2:ae:25:88:53:ed:e2:18:b9:56:30:e2:67:0f:16:31:e1:
7c:77:1c:72:6e:0c:c2:59:d7:8d:e2:32:5b:d8:5d:54:35:7b:
6b:33:9a:b0:d3:a4:60:ce:b8:b0:c3:b5:52:dd:d8:fe:6a:bd:
6b:dd:68:ac:42:69:e7:bd:d0:9b:b4:9d:7b:2f:4a:b9:d9:9a:
d5:95:b3:d5:5b:94:1d:69:f4:db:36:6c:05:85:50:05:f7:3d:
63:a6:e5:c7:71:3b:c6:05:d2:6f:f0:c1:bd:37:aa:85:93:43:
84:36:b8:fa:f4:35:91:67:83:82:2f:19:35:5c:b6:d7:91:91:
81:77:a0:a1:45:bb:86:fa:3b:0b:38:8b:fe:6c:b7:7d:b8:ec:
ad:8a:17:f2:b4:56:e1:14:61:2f:df:ed:8f:96:80:42:da:5e:
25:33:8f:20:f7:75:4b:4a:fd:23:5b:90:a3:b2:b5:fe:0d:3b:
9a:0b:df:63
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAYsE6y94B2bKZfW43sdwofoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMDA2MTIxNjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGUyMjRlNGY2NjA3MmJjMzkyMTQxOTJmNmYyYWZjMjMxMGRmZTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRkuwhlMYu792iuUue38hh5F/3AY
QJRiBTYy3pYnD5jDW+D79Ml5LmvH684viTNM55TV4Gu5+gM9FAsCcApOO4ahAAnF
5tP7HqWJkh9vkKDYTgdjrhPOBnrXRPTm7Uj6tJv6M8X02bXD/qbz/8Lts9idJ6ur
KiaNRZ4AmYvIA8dceOaqwsTqFcFCv22xBxiSb0Oleg/nC3vZTIX+G2nbATFFyS80
54u6A8DYdPgjIUSGvNjjow2aAlHohQqr5lgov7H2PBOhGQ3qH6OyW7kygbvGE8ax
cq9nHLyl+JCNidGQXNkSWSrkGTZRmnbmxCVnJWuEvjU5O+1V4tr52FJ9iwIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFFTiJOT2YHK8OSFBkvbyr8IxDf4SMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvVk9JazVQWmdjcnc1SVVHUzl2S3Z3akVOX2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHQBggrBgEFBQcBBwEB/wSBwDCBvTCBjwQCAAEwgYgDBAAF
tVcDBAAtCR0DBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAMEAC2Q1AME
AE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgMEAMEe8AME
AcEe8gMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgACMCMDBQAq
AXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0BAQsFAAOC
AQEAkSr1wIKWn0tth+WTQwxFC+EAbJCLwGuM5FLhGRrcOkUSYGlfYbxaCqG245tI
7sVlx49TrJui1etHkFWhP+CAGq1xQ1WK5REGgqKuJYhT7eIYuVYw4mcPFjHhfHcc
cm4MwlnXjeIyW9hdVDV7azOasNOkYM64sMO1Ut3Y/mq9a91orEJp573Qm7Sdey9K
udma1ZWz1VuUHWn02zZsBYVQBfc9Y6blx3E7xgXSb/DBvTeqhZNDhDa4+vQ1kWeD
gi8ZNVy215GRgXegoUW7hvo7CziL/my3fbjsrYoX8rRW4RRhL9/tj5aAQtpeJTOP
IPd1S0r9I1uQo7K1/g07mgvfYw==
-----END CERTIFICATE-----
Generated at Sun Oct 8 16:32:06 2023 by rpki-client on console-fra.rpki-client.org