Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/XhiPOTOFPESoMlGHtOoIYYq-Bz0.roa
File: XhiPOTOFPESoMlGHtOoIYYq-Bz0.roa (raw, json)
Hash identifier: V1ZKvsv3+xt7jIoyx+FLH44Ri3iGZ+1mdowweVgr6ds=
Subject key identifier: 5E:18:8F:39:33:85:3C:44:A8:32:51:87:B4:EA:08:61:8A:BE:07:3D
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018F6C47D0325B3FED9CF592CC74A55A189B
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/XhiPOTOFPESoMlGHtOoIYYq-Bz0.roa
Signing time: Sun 12 May 2024 10:09:56 +0000
ROA not before: Sun 12 May 2024 10:09:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.9.30.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.96.0/24 maxlen: 24
194.242.97.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a07:9200::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a10:dfc0::/29 maxlen: 29
2a11:580::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 12 May 2024 17:22:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:6c:47:d0:32:5b:3f:ed:9c:f5:92:cc:74:a5:5a:18:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: May 12 10:09:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e188f3933853c44a8325187b4ea08618abe073d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:fa:0c:b6:26:3d:d6:25:a1:b2:49:9d:ef:2d:
40:cc:cb:03:bb:9a:d2:1f:b0:19:be:be:aa:ff:73:
9b:6a:8d:f3:f0:6a:88:30:ac:49:cb:87:63:bc:ab:
51:59:82:cc:f0:d8:65:e3:60:a4:c8:9c:c2:76:df:
11:f4:67:72:65:76:cf:73:53:30:0e:9f:19:a0:dd:
11:a7:e3:da:9c:f7:7e:e4:63:d2:81:4b:c4:f0:12:
97:37:8e:87:b6:12:4a:d5:bc:c7:12:13:ad:9c:83:
55:1e:8f:09:50:04:c9:8e:95:e3:d8:35:77:d4:0a:
64:2c:89:0b:22:3b:55:23:15:3e:87:62:21:56:57:
89:37:c3:7d:61:26:7b:6b:91:69:63:9b:5f:da:e2:
35:84:85:ac:e5:37:90:3e:8e:78:18:dc:6a:10:8e:
23:be:15:64:33:0b:cd:97:b5:2e:13:7c:af:a1:9c:
e9:8f:ce:f6:5a:0c:23:f1:1d:16:96:1d:79:60:a7:
f6:38:2e:24:c4:e4:40:1b:73:21:48:54:1c:93:76:
a1:ad:4e:4d:35:34:c1:5a:7e:54:2b:8a:95:a7:46:
e0:f2:05:97:51:e8:aa:b4:6a:35:bc:bd:25:c2:70:
78:dc:57:89:76:b2:f0:9e:21:d3:5a:78:62:2a:71:
53:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:18:8F:39:33:85:3C:44:A8:32:51:87:B4:EA:08:61:8A:BE:07:3D
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/XhiPOTOFPESoMlGHtOoIYYq-Bz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0-45.9.30.255
45.81.115.0/24
45.88.136.0/24
45.88.138.0/24
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.93.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
7b:af:b5:17:de:b1:ad:93:00:96:47:31:9f:26:c6:f6:4d:38:
0e:2c:dd:5d:49:48:a4:d4:54:06:4b:6e:e5:96:a3:cd:a8:a3:
4d:5b:98:9a:b4:b0:59:14:37:f8:dd:75:0b:c6:ba:26:59:90:
f4:fd:fd:0e:d6:4a:b2:98:27:50:39:a2:c5:8d:bd:d0:fd:5d:
26:03:fa:1c:7f:65:dd:5d:9a:5d:f2:87:4c:a9:61:f8:57:9d:
4a:94:c8:74:0d:a2:80:9d:52:6c:4d:50:f1:73:6d:fb:a5:b1:
77:6b:47:26:d1:3f:d6:77:fc:ae:18:d3:71:59:1c:bd:db:8e:
51:a9:39:dd:8f:fc:02:f4:ec:71:3e:e2:9f:19:22:8c:ff:ef:
2f:d9:8e:b5:90:51:df:d9:e9:3b:03:b9:f8:60:f0:2b:91:dc:
f2:0a:0b:a3:2e:e0:fd:31:6d:7d:98:95:5e:da:99:4e:80:2c:
e7:24:42:4d:54:46:42:22:70:b0:2a:60:18:16:53:99:19:c9:
2d:ee:22:fc:1d:3d:3b:49:a3:80:4f:c8:45:1b:f6:22:ec:ff:
4e:01:67:38:22:f8:5a:34:5d:71:4d:12:ee:5a:49:9e:fa:f5:
c6:4f:21:da:30:49:40:09:7b:12:06:7e:4c:13:4f:00:c0:f5:
a4:cf:cb:6c
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAY9sR9AyWz/tnPWSzHSlWhibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNTEyMTAwOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTE4OGYzOTMzODUzYzQ0YTgzMjUxODdiNGVhMDg2MThhYmUwNzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5PoMtiY91iWhskmd7y1AzMsDu5rS
H7AZvr6q/3Obao3z8GqIMKxJy4djvKtRWYLM8Nhl42CkyJzCdt8R9GdyZXbPc1Mw
Dp8ZoN0Rp+PanPd+5GPSgUvE8BKXN46HthJK1bzHEhOtnINVHo8JUATJjpXj2DV3
1ApkLIkLIjtVIxU+h2IhVleJN8N9YSZ7a5FpY5tf2uI1hIWs5TeQPo54GNxqEI4j
vhVkMwvNl7UuE3yvoZzpj872Wgwj8R0Wlh15YKf2OC4kxORAG3MhSFQck3ahrU5N
NTTBWn5UK4qVp0bg8gWXUeiqtGo1vL0lwnB43FeJdrLwniHTWnhiKnFT/wIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFF4YjzkzhTxEqDJRh7TqCGGKvgc9MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvWGhpUE9UT0ZQRVNvTWxHSHRPb0lZWXEtQnowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHWBggrBgEFBQcBBwEB/wSBxjCBwzCBlQQCAAEwgY4DBAAC
OG0DBAAFtVQDBAAFtVcwDAMEAC0JHQMEAC0JHgMEAC1RcwMEAC1YiAMEAC1YigME
AC1eqwMEAi2EtAMEAC2Q1AMEAC2XAwMEAE1TJQMEAbkr+AMEALkr+wMEAbnIPgME
AMEe8AMEAcEe8gMEAME5KwMEAsLyYDAMAwQAw7FdAwQAw7FeAwQCw9O8MCkEAgAC
MCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0B
AQsFAAOCAQEAe6+1F96xrZMAlkcxnybG9k04DizdXUlIpNRUBktu5ZajzaijTVuY
mrSwWRQ3+N11C8a6JlmQ9P39DtZKspgnUDmixY290P1dJgP6HH9l3V2aXfKHTKlh
+FedSpTIdA2igJ1SbE1Q8XNt+6Wxd2tHJtE/1nf8rhjTcVkcvduOUak53Y/8AvTs
cT7inxkijP/vL9mOtZBR39npOwO5+GDwK5Hc8goLoy7g/TFtfZiVXtqZToAs5yRC
TVRGQiJwsCpgGBZTmRnJLe4i/B09O0mjgE/IRRv2Iuz/TgFnOCL4WjRdcU0S7lpJ
nvr1xk8h2jBJQAl7EgZ+TBNPAMD1pM/LbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org