Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Z96RsT5T8c1nrw_q-sHCLfV9emM.roa
File: Z96RsT5T8c1nrw_q-sHCLfV9emM.roa (raw, json)
Hash identifier: mp3n3MCSjlHLNZo833baTIHsROapPQwmtfNHXNTbewM=
Subject key identifier: 67:DE:91:B1:3E:53:F1:CD:67:AF:0F:EA:FA:C1:C2:2D:F5:7D:7A:63
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018571E88C80568F387D39CE27B55EC7C165
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Z96RsT5T8c1nrw_q-sHCLfV9emM.roa
Signing time: Mon 02 Jan 2023 09:55:43 +0000
ROA not before: Mon 02 Jan 2023 09:55:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.139.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.188.0/24 maxlen: 24
45.94.168.0/22 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 02 Jan 2023 10:56:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:e8:8c:80:56:8f:38:7d:39:ce:27:b5:5e:c7:c1:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 09:55:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67de91b13e53f1cd67af0feafac1c22df57d7a63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fe:fa:99:7e:01:f0:7d:a6:c0:ff:c1:a5:bd:
6f:a9:08:1a:67:93:82:b9:81:34:1e:95:33:a8:da:
39:a5:90:f2:ba:29:04:ff:ec:37:51:53:4b:94:70:
75:15:16:2a:fb:47:fa:10:c3:ca:84:95:28:03:73:
df:76:ce:b2:c1:99:40:6b:20:a9:23:69:d3:88:e1:
86:1f:44:a8:48:1e:c1:3f:6c:65:25:72:d6:45:94:
26:5d:aa:56:44:15:92:04:70:d5:51:ce:79:93:e3:
db:f8:07:9f:68:a9:7c:41:af:77:ed:bf:63:5f:a0:
fd:0e:e4:23:c6:de:59:25:dc:fe:04:e9:ff:0b:ca:
1b:c8:11:9d:d7:98:fd:62:16:41:75:f2:87:57:68:
0b:8f:de:74:62:ed:5b:61:da:cd:96:00:06:a8:b0:
d8:81:30:29:30:0f:83:d9:45:c9:ec:1f:85:e4:94:
54:e2:51:e8:f3:de:40:94:b9:d3:5f:4f:ce:88:f6:
91:9a:15:71:88:10:54:b1:dc:84:fb:f5:1e:ff:c6:
05:c4:c1:d0:d9:6d:bf:c6:52:7f:73:f5:43:c2:2f:
a0:03:66:34:49:33:fd:89:b9:a9:4a:88:09:c9:dc:
6a:76:04:e1:ef:cf:0d:80:4e:c1:38:53:58:0a:5f:
ed:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DE:91:B1:3E:53:F1:CD:67:AF:0F:EA:FA:C1:C2:2D:F5:7D:7A:63
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Z96RsT5T8c1nrw_q-sHCLfV9emM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.13.188.0/24
45.81.112.0/22
45.88.136.0/24
45.88.139.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.38.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
18:82:c0:a1:93:92:01:d2:7d:3c:68:1c:55:a0:fa:05:39:bf:
33:06:41:18:c9:dd:fa:7d:57:cc:05:2e:8c:01:ea:df:a7:b7:
e1:09:60:e5:58:44:d6:8c:0a:8a:d2:31:47:78:9f:c8:72:2f:
72:41:6e:00:0f:09:bc:e5:d2:c5:0d:f4:e1:53:c4:3e:f7:92:
8a:4b:d1:d6:fd:d7:1a:7c:90:4d:33:3f:89:45:d3:bb:d4:54:
41:8b:3e:8a:83:7a:f4:cc:75:57:44:81:37:25:9e:a2:1b:aa:
81:17:6c:58:c4:8d:c2:c8:bc:1e:9c:d1:dd:3e:16:f7:4b:58:
c6:b9:16:ee:38:18:b6:b1:ac:1a:91:c6:e6:35:d0:c7:55:4d:
01:b1:3e:d8:59:c4:46:fa:2c:a8:a0:13:1c:3a:65:85:c4:ee:
4e:43:d1:06:d3:4f:88:fb:bc:c5:20:b5:d9:8c:4d:ae:c9:78:
aa:ab:9f:9c:51:35:83:69:8c:fb:b3:8c:8e:e5:d7:46:29:9e:
69:4c:b9:80:d2:ba:b7:94:bf:fb:5a:4d:4f:fc:1e:f2:a7:1f:
bb:df:33:4f:8b:31:9d:05:ee:54:04:39:02:e6:12:8e:78:91:
ce:85:83:3e:8b:32:4f:33:31:02:8b:ae:d5:f4:6b:a3:2a:1b:
a3:23:4c:dd
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYVx6IyAVo84fTnOJ7Vex8FlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTAyMDk1NTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2RlOTFiMTNlNTNmMWNkNjdhZjBmZWFmYWMxYzIyZGY1N2Q3YTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnv76mX4B8H2mwP/Bpb1vqQgaZ5OC
uYE0HpUzqNo5pZDyuikE/+w3UVNLlHB1FRYq+0f6EMPKhJUoA3Pfds6ywZlAayCp
I2nTiOGGH0SoSB7BP2xlJXLWRZQmXapWRBWSBHDVUc55k+Pb+AefaKl8Qa937b9j
X6D9DuQjxt5ZJdz+BOn/C8obyBGd15j9YhZBdfKHV2gLj950Yu1bYdrNlgAGqLDY
gTApMA+D2UXJ7B+F5JRU4lHo895AlLnTX0/OiPaRmhVxiBBUsdyE+/Ue/8YFxMHQ
2W2/xlJ/c/VDwi+gA2Y0STP9ibmpSogJydxqdgTh788NgE7BOFNYCl/t8QIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFGfekbE+U/HNZ68P6vrBwi31fXpjMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvWjk2UnNUNVQ4YzFucndfcS1zSENMZlY5ZW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBjQQCAAEwgYYDBAIC
OGwDBAAFtVcDBAAtCR0DBAAtDbwDBAItUXADBAAtWIgDBAAtWIsDBAItXqgwDAME
AC2EtQMEAy2EsAMEAC2Q1AMEAE1TJgMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAjAwUAKgFx
IAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEB
ABiCwKGTkgHSfTxoHFWg+gU5vzMGQRjJ3fp9V8wFLowB6t+nt+EJYOVYRNaMCorS
MUd4n8hyL3JBbgAPCbzl0sUN9OFTxD73kopL0db91xp8kE0zP4lF07vUVEGLPoqD
evTMdVdEgTclnqIbqoEXbFjEjcLIvB6c0d0+FvdLWMa5Fu44GLaxrBqRxuY10MdV
TQGxPthZxEb6LKigExw6ZYXE7k5D0QbTT4j7vMUgtdmMTa7JeKqrn5xRNYNpjPuz
jI7l10YpnmlMuYDSureUv/taTU/8HvKnH7vfM0+LMZ0F7lQEOQLmEo54kc6Fgz6L
Mk8zMQKLrtX0a6MqG6MjTN0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org