Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/duQq1tECXhZC_sg6QakrWus_A_I.roa
File: duQq1tECXhZC_sg6QakrWus_A_I.roa (raw, json)
Hash identifier: QxOs73LZYz3/tMH1ctm+NPf7DZBT53vbICrlmaMmCiE=
Subject key identifier: 76:E4:2A:D6:D1:02:5E:16:42:FE:C8:3A:41:A9:2B:5A:EB:3F:03:F2
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018BB5E9C13D52CC4EF1AE95A7345E50AEB6
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/duQq1tECXhZC_sg6QakrWus_A_I.roa
Signing time: Thu 09 Nov 2023 21:07:57 +0000
ROA not before: Thu 09 Nov 2023 21:07:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
45.138.180.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 10 Nov 2023 14:22:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b5:e9:c1:3d:52:cc:4e:f1:ae:95:a7:34:5e:50:ae:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 9 21:07:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76e42ad6d1025e1642fec83a41a92b5aeb3f03f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0e:41:c3:a7:de:74:69:f8:92:f8:df:8d:cc:
18:53:ef:27:c3:6a:f4:a0:28:f7:83:cf:c0:2f:37:
46:9e:7b:83:11:8f:64:b2:37:81:e8:08:36:aa:0b:
2f:bc:7a:e7:c1:f7:8a:14:40:3e:5f:be:7a:4e:09:
58:ee:9d:01:a7:ed:1a:b2:ed:e6:38:a6:23:9a:05:
b3:12:22:07:d3:7d:75:80:5b:a6:60:79:1a:6b:22:
0a:26:6b:bf:53:34:c5:3d:aa:5a:1b:9c:24:4c:8e:
79:6e:dd:47:a0:9b:79:82:86:f4:09:1d:74:1e:68:
cc:ce:bd:3f:e8:93:b9:82:57:4d:eb:2f:62:ad:7b:
a7:01:56:d1:c5:a4:d6:e7:00:23:db:0b:93:97:eb:
76:66:17:03:60:1d:51:9d:43:5b:69:1c:7d:13:05:
96:5c:3d:4f:2a:a6:44:bf:36:d9:10:1c:63:e5:6d:
81:c1:a9:81:62:6e:92:0a:f6:41:8a:f5:22:85:c9:
b7:d5:14:87:0c:a7:7f:ae:9d:18:4f:24:23:48:48:
98:7b:4e:c3:ee:fc:2c:eb:d7:48:de:2d:7d:70:c8:
2f:36:44:cf:fa:6b:c3:71:13:71:a8:49:02:0d:56:
8a:b6:1f:48:29:55:11:10:fd:99:98:ad:b1:15:e4:
44:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E4:2A:D6:D1:02:5E:16:42:FE:C8:3A:41:A9:2B:5A:EB:3F:03:F2
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/duQq1tECXhZC_sg6QakrWus_A_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.138.180.0/24
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
3b:eb:d1:51:2e:bc:ab:91:2b:2b:46:7a:a0:7b:30:c4:5f:ac:
58:9d:f7:51:ec:83:25:d7:b5:15:cb:f3:c3:bf:82:ff:2e:a4:
8e:1b:16:85:65:96:e5:fc:d9:b2:ca:ff:35:c0:66:0d:fe:56:
44:e5:26:ee:72:18:51:91:f5:05:bc:e9:69:dc:99:83:c0:66:
bd:50:87:9e:8b:b1:fd:e7:70:f0:81:9e:b2:0c:62:96:7d:53:
06:ae:c9:0f:d3:92:16:56:0a:55:dd:29:6f:d0:28:63:54:90:
1a:2b:df:ca:da:51:c2:17:65:7f:3a:61:fd:3b:55:1b:5d:87:
f3:ee:e8:92:5a:fd:2b:50:86:b0:8f:11:ae:a7:8e:76:b9:c2:
8d:1d:f8:93:e9:9f:1f:c3:40:bf:87:1a:ce:3f:fc:f9:c1:5d:
ff:94:dc:fe:2b:9e:c9:5b:8b:be:1d:e3:97:9f:8e:f9:a7:2b:
85:fb:29:53:33:28:33:46:16:13:4d:ee:12:bc:b7:fb:d8:ea:
b2:ab:aa:3a:17:95:e2:3b:b2:db:9f:43:6c:54:7d:97:78:ec:
7a:80:d3:53:c3:f3:bb:7c:ef:b1:bb:92:6a:f7:70:8d:1f:28:
6f:82:b9:27:3e:be:bb:3a:0f:b2:93:ec:e8:6c:9b:e4:c8:93:
57:a7:6f:1d
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAYu16cE9UsxO8a6VpzReUK62MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMTA5MjEwNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmU0MmFkNmQxMDI1ZTE2NDJmZWM4M2E0MWE5MmI1YWViM2YwM2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnA5Bw6fedGn4kvjfjcwYU+8nw2r0
oCj3g8/ALzdGnnuDEY9ksjeB6Ag2qgsvvHrnwfeKFEA+X756TglY7p0Bp+0asu3m
OKYjmgWzEiIH0311gFumYHkaayIKJmu/UzTFPapaG5wkTI55bt1HoJt5gob0CR10
HmjMzr0/6JO5gldN6y9irXunAVbRxaTW5wAj2wuTl+t2ZhcDYB1RnUNbaRx9EwWW
XD1PKqZEvzbZEBxj5W2BwamBYm6SCvZBivUihcm31RSHDKd/rp0YTyQjSEiYe07D
7vws69dI3i19cMgvNkTP+mvDcRNxqEkCDVaKth9IKVUREP2ZmK2xFeREnwIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFHbkKtbRAl4WQv7IOkGpK1rrPwPyMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZHVRcTF0RUNYaFpDX3NnNlFha3JXdXNfQV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHQBggrBgEFBQcBBwEB/wSBwDCBvTCBjwQCAAEwgYgDBAAF
tVcDBAAtCR0DBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAMEAC2KtAME
AC2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAMEe8AME
AcEe8gMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgACMCMDBQAq
AXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0BAQsFAAOC
AQEAO+vRUS68q5ErK0Z6oHswxF+sWJ33UeyDJde1Fcvzw7+C/y6kjhsWhWWW5fzZ
ssr/NcBmDf5WROUm7nIYUZH1BbzpadyZg8BmvVCHnoux/edw8IGesgxiln1TBq7J
D9OSFlYKVd0pb9AoY1SQGivfytpRwhdlfzph/TtVG12H8+7oklr9K1CGsI8RrqeO
drnCjR34k+mfH8NAv4cazj/8+cFd/5Tc/iueyVuLvh3jl5+O+acrhfspUzMoM0YW
E03uEry3+9jqsquqOheV4juy259DbFR9l3jseoDTU8Pzu3zvsbuSavdwjR8ob4K5
Jz6+uzoPspPs6Gyb5MiTV6dvHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org