Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Yr6AqfR872qWtUZW7J5v3suTSwI.roa
File: Yr6AqfR872qWtUZW7J5v3suTSwI.roa (raw, json)
Hash identifier: NYav5K3Mk6wwprQgdSJTlIRvVyIQlnqc/ODNmYzJmMY=
Subject key identifier: 62:BE:80:A9:F4:7C:EF:6A:96:B5:46:56:EC:9E:6F:DE:CB:93:4B:02
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CD6466A57F020130D0A19C91381381856
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Yr6AqfR872qWtUZW7J5v3suTSwI.roa
Signing time: Thu 04 Jan 2024 20:59:48 +0000
ROA not before: Thu 04 Jan 2024 20:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 05 Jan 2024 08:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d6:46:6a:57:f0:20:13:0d:0a:19:c9:13:81:38:18:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 4 20:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62be80a9f47cef6a96b54656ec9e6fdecb934b02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5e:c2:8f:7e:eb:0c:0d:a2:6a:77:b4:5b:c3:
1c:3a:04:8f:7f:f8:89:0a:21:e1:70:36:3b:28:4e:
cc:97:18:58:b9:c0:ab:8d:fe:94:55:fb:38:ed:36:
21:75:33:0f:10:6d:7b:4b:f4:52:64:18:a6:c4:b9:
d3:7d:89:5b:4c:6c:06:2f:88:65:ad:45:66:df:3d:
f6:f2:79:12:30:fb:cd:7e:4f:4c:4b:c6:7e:04:ea:
53:c1:78:35:5d:a8:8c:a4:e3:9f:af:ba:ce:56:78:
ef:cc:95:c7:4c:88:bd:0b:ff:af:b4:a2:65:b9:c7:
b7:cb:f1:37:27:7d:89:bd:bc:ad:ea:96:d2:39:0d:
5f:6e:83:78:17:9f:ea:4d:c9:c3:8f:79:24:4f:1e:
1e:e7:d4:42:c2:2f:13:12:62:d8:e0:7c:bb:8f:be:
98:24:44:93:64:de:4f:f0:91:bc:ec:7d:a0:8a:65:
f5:21:2a:73:ac:3a:65:3f:c5:8b:db:cf:00:6f:ea:
85:f0:37:26:77:4a:69:70:39:02:6c:25:b3:94:86:
90:ed:fb:80:cc:3f:7c:08:b0:26:83:1b:20:06:4c:
27:fb:2d:3e:ad:35:96:80:da:a3:78:84:df:89:af:
15:3a:31:a3:e1:11:70:2a:2f:c9:64:3f:41:a2:4d:
96:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:BE:80:A9:F4:7C:EF:6A:96:B5:46:56:EC:9E:6F:DE:CB:93:4B:02
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Yr6AqfR872qWtUZW7J5v3suTSwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.87.0/24
45.9.29.0/24
45.81.112.0/24
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
80:7d:f0:01:bf:1f:43:72:37:2a:cd:a6:b6:e7:c4:ad:45:fb:
43:50:63:b8:7a:9a:78:f9:72:db:09:ac:f2:f0:d7:03:58:8b:
6a:e6:04:12:79:70:9d:b7:c3:1d:7c:60:c4:7a:fe:ea:6c:46:
5d:77:62:c1:13:3e:11:8c:c9:19:e2:59:88:98:bd:d1:86:84:
9d:eb:78:42:c3:86:ed:08:7d:6e:49:7f:c0:d7:19:b3:29:b5:
30:b4:4f:4a:6d:fd:8d:63:64:00:db:9a:a7:33:32:14:54:62:
4f:e9:c0:23:67:22:a7:8f:53:f2:e7:d2:7a:98:d8:0f:83:e2:
c8:87:d5:67:6f:b4:ee:8c:36:e7:17:3e:ad:7f:1c:27:77:c4:
d2:81:db:4e:d3:28:03:16:10:62:b6:ce:70:44:e0:fa:20:c1:
90:ee:af:f7:bb:85:d5:5c:da:b2:8a:e3:20:e4:68:19:bb:86:
5e:30:06:f7:04:16:f1:90:ec:79:6e:51:b5:26:08:c1:0d:7b:
ff:b2:e6:63:ab:1c:7b:7e:4c:d6:88:4f:a5:bb:83:8c:c4:74:
3d:fa:41:03:85:39:ba:12:34:ef:40:41:a7:95:25:bc:ab:48:
6c:31:2d:49:a1:90:c1:a8:a9:96:a9:32:0c:9a:69:a3:3a:0e:
01:6f:6e:89
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAYzWRmpX8CATDQoZyROBOBhWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTA0MjA1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmJlODBhOWY0N2NlZjZhOTZiNTQ2NTZlYzllNmZkZWNiOTM0YjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt17Cj37rDA2iane0W8McOgSPf/iJ
CiHhcDY7KE7MlxhYucCrjf6UVfs47TYhdTMPEG17S/RSZBimxLnTfYlbTGwGL4hl
rUVm3z328nkSMPvNfk9MS8Z+BOpTwXg1XaiMpOOfr7rOVnjvzJXHTIi9C/+vtKJl
uce3y/E3J32Jvbyt6pbSOQ1fboN4F5/qTcnDj3kkTx4e59RCwi8TEmLY4Hy7j76Y
JESTZN5P8JG87H2gimX1ISpzrDplP8WL288Ab+qF8Dcmd0ppcDkCbCWzlIaQ7fuA
zD98CLAmgxsgBkwn+y0+rTWWgNqjeITfia8VOjGj4RFwKi/JZD9Bok2W9wIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFGK+gKn0fO9qlrVGVuyeb97Lk0sCMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvWXI2QXFmUjg3MnFXdFVaVzdKNXYzc3VUU3dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHWBggrBgEFBQcBBwEB/wSBxjCBwzCBlQQCAAEwgY4DBAAC
OG0DBAAFtVcDBAAtCR0DBAAtUXADBAAtWIgDBAEtWIoDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAC2Q1AMEAE1TJQMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAMEe8AME
AcEe8gMEAME5KQMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgAC
MCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0B
AQsFAAOCAQEAgH3wAb8fQ3I3Ks2mtufErUX7Q1BjuHqaePly2wms8vDXA1iLauYE
EnlwnbfDHXxgxHr+6mxGXXdiwRM+EYzJGeJZiJi90YaEnet4QsOG7Qh9bkl/wNcZ
sym1MLRPSm39jWNkANuapzMyFFRiT+nAI2cip49T8ufSepjYD4PiyIfVZ2+07ow2
5xc+rX8cJ3fE0oHbTtMoAxYQYrbOcETg+iDBkO6v97uF1VzasorjIORoGbuGXjAG
9wQW8ZDseW5RtSYIwQ17/7LmY6sce35M1ohPpbuDjMR0PfpBA4U5uhI070BBp5Ul
vKtIbDEtSaGQwaiplqkyDJppozoOAW9uiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org