Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/dylWE48s9YrgcTuQ-_bTL2e9fpY.roa
File: dylWE48s9YrgcTuQ-_bTL2e9fpY.roa (raw, json)
Hash identifier: Bmx880bBGhWCcleDa9MkG4a/tqvbnrVjMpK34Du5xHQ=
Subject key identifier: 77:29:56:13:8F:2C:F5:8A:E0:71:3B:90:FB:F6:D3:2F:67:BD:7E:96
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A75EF9DF004AAB53ADF86B75C4F9177A4
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/dylWE48s9YrgcTuQ-_bTL2e9fpY.roa
Signing time: Fri 08 Sep 2023 17:55:52 +0000
ROA not before: Fri 08 Sep 2023 17:55:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.114.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 10 Sep 2023 17:04:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:75:ef:9d:f0:04:aa:b5:3a:df:86:b7:5c:4f:91:77:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 8 17:55:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=772956138f2cf58ae0713b90fbf6d32f67bd7e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2e:7b:7d:a3:c6:3d:54:bc:5a:a6:c0:14:0e:
55:da:0d:d3:b6:86:de:fa:46:f9:0a:8e:25:e7:46:
26:c2:97:99:6d:1d:f8:6b:06:be:a6:7a:9a:a9:f2:
41:9d:94:66:9c:a9:59:4e:aa:0f:a4:d1:0f:c5:bb:
f2:5f:13:f6:19:84:e9:76:f2:56:39:22:5e:99:48:
c4:a3:52:99:ce:b5:7e:97:a2:5b:41:4e:ee:55:b2:
30:9d:31:9f:c6:d4:d9:57:91:4d:b4:71:7c:0c:4c:
80:95:57:fb:19:c1:43:5d:8f:97:d6:e4:89:d4:25:
1a:de:3a:de:40:18:4d:f6:5e:46:0f:f7:79:35:a9:
2e:73:08:71:9c:16:37:06:7c:23:f1:6d:19:26:2b:
79:ca:25:49:c9:6b:48:9b:9c:27:1d:4e:03:f5:9a:
05:1d:bc:a0:ab:b5:30:b6:35:34:13:40:c5:68:77:
16:74:bb:4f:28:89:80:b8:f6:9f:41:87:74:cb:93:
9e:6d:de:db:de:e0:dd:25:cc:6a:38:0f:50:62:9e:
ea:6b:22:5c:e7:d5:bc:a5:51:62:c0:bb:23:bb:40:
65:86:48:3a:65:99:a5:9e:ba:a1:d6:0f:fd:e0:72:
7f:df:e1:96:c7:cc:95:fe:c2:f5:1b:a4:db:3d:7d:
23:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:29:56:13:8F:2C:F5:8A:E0:71:3B:90:FB:F6:D3:2F:67:BD:7E:96
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/dylWE48s9YrgcTuQ-_bTL2e9fpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
08:10:08:7d:01:b0:22:ea:89:5e:ef:e8:8d:34:f5:ae:85:0e:
a8:10:41:60:a4:a4:5a:c1:e8:fc:83:80:db:04:35:b1:8c:d6:
dd:92:c7:69:f3:6f:73:81:a8:d3:41:6f:cf:9d:ab:4b:f8:c8:
f3:3a:77:4a:8f:68:a8:d3:5f:3c:83:23:fa:97:b5:0c:60:41:
f8:ec:cb:dd:10:ce:e5:01:1b:cf:3f:a3:f9:67:c4:3e:d0:5b:
45:5a:53:39:f0:6e:8f:9f:a7:06:f4:10:20:b7:15:27:f6:24:
51:c9:92:e0:31:53:e0:ff:b2:50:8d:07:cc:bd:48:0c:5c:d8:
3f:66:22:3a:09:3d:b6:a5:0b:f4:fc:2e:04:19:04:9a:d6:25:
4c:b3:95:ec:e4:dd:59:d2:05:f4:6e:36:da:6b:99:17:0f:9e:
60:b8:d0:3a:ff:72:af:75:84:b4:ac:09:16:22:49:7c:9b:62:
5b:ba:24:8a:c5:04:1b:ea:e4:d7:2d:a3:58:d5:bf:b4:92:bf:
06:36:30:e6:8d:fc:3e:91:81:4b:b6:9d:03:09:6c:be:25:87:
29:47:6f:ad:80:67:28:4b:56:fa:c4:d1:86:26:00:c4:e8:49:
c6:7f:21:e6:6e:95:30:99:06:f4:ea:d9:93:15:7e:70:4c:44:
8e:0f:27:2f
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYp1753wBKq1Ot+Gt1xPkXekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTA4MTc1NTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzI5NTYxMzhmMmNmNThhZTA3MTNiOTBmYmY2ZDMyZjY3YmQ3ZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsC57faPGPVS8WqbAFA5V2g3Ttobe
+kb5Co4l50YmwpeZbR34awa+pnqaqfJBnZRmnKlZTqoPpNEPxbvyXxP2GYTpdvJW
OSJemUjEo1KZzrV+l6JbQU7uVbIwnTGfxtTZV5FNtHF8DEyAlVf7GcFDXY+X1uSJ
1CUa3jreQBhN9l5GD/d5NakucwhxnBY3Bnwj8W0ZJit5yiVJyWtIm5wnHU4D9ZoF
Hbygq7UwtjU0E0DFaHcWdLtPKImAuPafQYd0y5Oebd7b3uDdJcxqOA9QYp7qayJc
59W8pVFiwLsju0Blhkg6ZZmlnrqh1g/94HJ/3+GWx8yV/sL1G6TbPX0jKwIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFHcpVhOPLPWK4HE7kPv20y9nvX6WMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZHlsV0U0OHM5WXJnY1R1US1fYlRMMmU5ZnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBmwQCAAEwgZQDBAAF
tVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AS2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AMEe8AMEAcEe8gMEAME5KQMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8
MCkEAgACMCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkq
hkiG9w0BAQsFAAOCAQEACBAIfQGwIuqJXu/ojTT1roUOqBBBYKSkWsHo/IOA2wQ1
sYzW3ZLHafNvc4Go00Fvz52rS/jI8zp3So9oqNNfPIMj+pe1DGBB+OzL3RDO5QEb
zz+j+WfEPtBbRVpTOfBuj5+nBvQQILcVJ/YkUcmS4DFT4P+yUI0HzL1IDFzYP2Yi
Ogk9tqUL9PwuBBkEmtYlTLOV7OTdWdIF9G422muZFw+eYLjQOv9yr3WEtKwJFiJJ
fJtiW7okisUEG+rk1y2jWNW/tJK/BjYw5o38PpGBS7adAwlsviWHKUdvrYBnKEtW
+sTRhiYAxOhJxn8h5m6VMJkG9OrZkxV+cExEjg8nLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org