Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/YIi-0DKB7cMhNtHRQRB5AP33we8.roa
File: YIi-0DKB7cMhNtHRQRB5AP33we8.roa (raw, json)
Hash identifier: Qklkl7RveGKllUWmJ/2IUPUdV9i9OHgEIjGrQdPRO14=
Subject key identifier: 60:88:BE:D0:32:81:ED:C3:21:36:D1:D1:41:10:79:00:FD:F7:C1:EF
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018BEC4C8D86A3CC2B7847BE3ACB84306E46
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/YIi-0DKB7cMhNtHRQRB5AP33we8.roa
Signing time: Mon 20 Nov 2023 10:35:21 +0000
ROA not before: Mon 20 Nov 2023 10:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.110.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:4c:8d:86:a3:cc:2b:78:47:be:3a:cb:84:30:6e:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 20 10:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6088bed03281edc32136d1d141107900fdf7c1ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bc:fd:16:ae:6f:fb:43:3f:ef:8c:28:4c:70:
5c:30:67:db:41:cb:95:5c:9a:8d:35:41:bc:17:ce:
a9:e5:01:cc:bf:25:6c:6e:b6:9e:10:45:86:fa:11:
87:aa:a0:f4:3e:9f:e0:60:39:24:b4:b1:8a:36:93:
61:ef:e7:46:90:74:5d:35:f1:b7:4c:77:4f:f9:db:
2c:1c:f0:25:79:ba:a4:90:c4:b0:05:a7:d4:50:aa:
1d:ed:9d:59:6e:d9:90:bb:c6:a7:c9:9c:73:ea:04:
59:ee:40:cd:74:bd:78:f1:b7:dc:36:b9:19:8d:67:
f7:82:3e:0c:73:b6:b8:d1:f9:e6:58:0a:e3:aa:e9:
88:bf:2e:3a:0b:e5:f6:04:cf:80:26:3b:8a:4a:cc:
35:d7:ed:d5:76:d6:a2:53:77:24:42:41:17:39:f6:
ac:cf:74:d2:de:df:db:2b:61:c2:30:44:1b:aa:b9:
37:31:43:8d:49:fa:1e:39:a4:64:fd:c7:f9:6a:1e:
5f:e3:d7:74:50:9a:2e:40:92:a6:8c:d1:fe:14:8d:
5f:74:08:ee:20:bc:12:dd:4d:02:74:34:01:85:85:
38:e7:15:bb:f2:82:e6:bf:48:00:c4:fb:9c:ff:7b:
19:38:a7:ed:f3:f9:38:eb:44:7a:0d:31:17:5f:a5:
0e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:88:BE:D0:32:81:ED:C3:21:36:D1:D1:41:10:79:00:FD:F7:C1:EF
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/YIi-0DKB7cMhNtHRQRB5AP33we8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.110.0/24
5.181.87.0/24
45.9.29.0/24
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
37:51:b7:d5:24:c5:9b:79:b7:aa:0b:57:28:e7:3a:2c:06:05:
6f:bf:85:59:ea:31:e9:12:0e:fa:41:6b:7d:d2:59:52:35:06:
69:03:b6:f6:13:01:88:e9:6b:d9:7a:ec:1b:9d:ec:ba:dc:fa:
1b:55:38:ec:74:19:ab:35:bc:4e:4a:0f:6c:d8:0e:2a:7d:75:
8e:fc:48:11:1b:05:32:06:16:d9:75:46:22:a2:7f:81:91:04:
e0:09:d0:c4:fc:4a:da:f1:40:f3:f5:e1:97:fd:61:fa:48:45:
35:13:62:1a:85:af:c6:86:9f:50:bc:f8:87:2d:77:30:4a:73:
e5:12:4c:9f:d7:0c:ac:8f:e6:17:f6:de:1f:9b:58:68:a6:47:
12:49:c9:47:bb:2f:82:59:df:89:82:b8:ba:e5:ba:33:18:35:
7d:03:f8:67:bf:c7:89:57:ba:66:87:84:ed:4a:f2:5d:06:31:
62:90:34:51:53:87:8b:14:ea:bd:dc:3d:4c:7c:8c:9d:73:e7:
13:4b:13:ce:60:67:71:ce:0e:21:21:bf:2b:61:ca:be:0d:a5:
61:2b:98:5d:7a:80:49:d5:36:6b:eb:a8:b3:d9:59:0c:1b:8f:
df:74:5d:d6:9f:3d:5e:52:63:db:43:f3:ff:77:d2:8e:97:0b:
1a:e5:b2:dd
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAYvsTI2Go8wreEe+OsuEMG5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMTIwMTAzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDg4YmVkMDMyODFlZGMzMjEzNmQxZDE0MTEwNzkwMGZkZjdjMWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7z9Fq5v+0M/74woTHBcMGfbQcuV
XJqNNUG8F86p5QHMvyVsbraeEEWG+hGHqqD0Pp/gYDkktLGKNpNh7+dGkHRdNfG3
THdP+dssHPAlebqkkMSwBafUUKod7Z1ZbtmQu8anyZxz6gRZ7kDNdL148bfcNrkZ
jWf3gj4Mc7a40fnmWArjqumIvy46C+X2BM+AJjuKSsw11+3VdtaiU3ckQkEXOfas
z3TS3t/bK2HCMEQbqrk3MUONSfoeOaRk/cf5ah5f49d0UJouQJKmjNH+FI1fdAju
ILwS3U0CdDQBhYU45xW78oLmv0gAxPuc/3sZOKft8/k460R6DTEXX6UODwIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFGCIvtAyge3DITbR0UEQeQD998HvMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvWUlpLTBES0I3Y01oTnRIUlFSQjVBUDMzd2U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHWBggrBgEFBQcBBwEB/wSBxjCBwzCBlQQCAAEwgY4DBAAC
OG4DBAAFtVcDBAAtCR0DBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AC2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAMEe8AME
AcEe8gMEAME5KwMEAsLyYAMEAMM+GDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgAC
MCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0B
AQsFAAOCAQEAN1G31STFm3m3qgtXKOc6LAYFb7+FWeox6RIO+kFrfdJZUjUGaQO2
9hMBiOlr2XrsG53sutz6G1U47HQZqzW8TkoPbNgOKn11jvxIERsFMgYW2XVGIqJ/
gZEE4AnQxPxK2vFA8/Xhl/1h+khFNRNiGoWvxoafULz4hy13MEpz5RJMn9cMrI/m
F/beH5tYaKZHEknJR7svglnfiYK4uuW6Mxg1fQP4Z7/HiVe6ZoeE7UryXQYxYpA0
UVOHixTqvdw9THyMnXPnE0sTzmBncc4OISG/K2HKvg2lYSuYXXqASdU2a+uos9lZ
DBuP33Rd1p89XlJj20Pz/3fSjpcLGuWy3Q==
-----END CERTIFICATE-----
Generated at Wed Nov 22 20:09:14 2023 by rpki-client on console-ams.rpki-client.org