Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/fhuXf-MP6lCkGmiLe-1xf61OqFc.roa
File: fhuXf-MP6lCkGmiLe-1xf61OqFc.roa (raw, json)
Hash identifier: 5theKh11Pv0Ci/zh5SwXw/vB1jrESIKsnh9qQv4CdVo=
Subject key identifier: 7E:1B:97:7F:E3:0F:EA:50:A4:1A:68:8B:7B:ED:71:7F:AD:4E:A8:57
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0188BE4EEE74A8DA0289047254BBAF97D216
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/fhuXf-MP6lCkGmiLe-1xf61OqFc.roa
Signing time: Thu 15 Jun 2023 09:07:03 +0000
ROA not before: Thu 15 Jun 2023 09:07:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 24
2.56.111.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 17 Jun 2023 07:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:be:4e:ee:74:a8:da:02:89:04:72:54:bb:af:97:d2:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jun 15 09:07:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e1b977fe30fea50a41a688b7bed717fad4ea857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:66:f4:6f:a7:fe:4c:98:8b:57:53:3f:db:cc:
0a:00:14:b1:17:ac:61:61:54:10:43:8a:93:a8:9e:
5d:ba:0a:44:ca:2e:d0:29:2b:17:09:a0:eb:5f:cf:
fc:53:25:23:f3:ed:55:56:80:bf:b3:e2:12:bd:75:
65:87:f1:2c:a9:23:6f:5a:f7:de:db:98:bd:31:56:
f9:fc:fd:a6:e3:3e:44:fc:81:fc:df:83:4d:98:24:
e8:ce:1f:db:bf:3e:de:3e:e1:63:b4:03:c7:84:96:
14:a1:17:47:f8:00:11:88:d3:c7:0d:0a:e0:cb:c0:
bd:22:63:97:c8:db:67:c1:08:9b:5c:ac:d6:4c:6b:
36:9e:a3:f0:cd:e0:df:1b:4a:c1:b0:2a:b0:cd:e5:
b5:8d:7f:01:94:44:94:85:6c:88:e8:c4:b7:28:24:
71:db:8b:9e:8b:0d:3c:ce:dd:00:bc:81:14:3f:1f:
c6:c9:84:e7:1b:65:c2:a8:09:c1:85:f7:97:2b:4a:
7e:16:28:58:02:c6:a1:43:d6:06:36:ed:3c:61:ad:
91:e1:56:d2:79:da:1f:fd:73:fa:50:d5:cb:05:23:
d4:57:78:aa:a2:47:86:23:c1:67:ad:e6:45:c5:39:
67:b5:30:b9:58:18:1b:13:2e:9d:eb:5b:1f:86:1d:
cc:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:1B:97:7F:E3:0F:EA:50:A4:1A:68:8B:7B:ED:71:7F:AD:4E:A8:57
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/fhuXf-MP6lCkGmiLe-1xf61OqFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.38.0/23
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
ba:a0:06:c1:f7:75:55:ce:06:8e:e6:86:c1:e7:c8:d3:01:f9:
e4:59:b3:d6:e8:d3:bd:b9:df:e7:0f:7e:da:02:05:ac:eb:10:
29:17:21:5b:a3:ca:4c:58:fa:ba:0c:47:cc:d2:3c:d0:db:38:
02:59:9d:ca:2a:e6:65:ea:a9:f3:5c:1c:30:f7:a8:3f:f6:e8:
54:4a:b7:7c:cc:be:d5:72:38:ac:7a:82:b1:a7:06:d3:f3:3a:
25:91:a5:42:62:72:96:f7:78:36:d2:57:fb:76:2e:6b:5b:03:
d2:df:fd:87:8f:17:26:a4:d0:a9:06:b7:49:32:44:33:ae:cc:
0c:3e:5a:cc:4b:ab:70:ae:29:8a:1f:dc:aa:1e:46:62:41:0a:
94:90:b5:63:1a:d6:ec:a4:11:42:12:b9:dd:e5:c3:5f:6f:80:
c3:3d:aa:b2:15:fa:1c:02:a1:b8:97:03:e7:fd:94:05:6f:7d:
ed:88:77:a6:7a:80:04:9b:67:95:69:df:b2:d0:e1:ef:54:6c:
d7:ef:36:1d:e4:e6:0c:a9:79:3e:ab:53:58:74:a4:81:bb:c4:
14:99:1f:a8:af:69:01:9f:7f:15:7d:49:a3:52:65:16:7b:96:
d7:e2:0b:5c:a8:7c:00:62:72:59:09:7d:af:6b:17:01:f5:58:
4a:d5:e6:e8
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAYi+Tu50qNoCiQRyVLuvl9IWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNjE1MDkwNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTFiOTc3ZmUzMGZlYTUwYTQxYTY4OGI3YmVkNzE3ZmFkNGVhODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2b0b6f+TJiLV1M/28wKABSxF6xh
YVQQQ4qTqJ5dugpEyi7QKSsXCaDrX8/8UyUj8+1VVoC/s+ISvXVlh/EsqSNvWvfe
25i9MVb5/P2m4z5E/IH834NNmCTozh/bvz7ePuFjtAPHhJYUoRdH+AARiNPHDQrg
y8C9ImOXyNtnwQibXKzWTGs2nqPwzeDfG0rBsCqwzeW1jX8BlESUhWyI6MS3KCRx
24ueiw08zt0AvIEUPx/GyYTnG2XCqAnBhfeXK0p+FihYAsahQ9YGNu08Ya2R4VbS
edof/XP6UNXLBSPUV3iqokeGI8FnreZFxTlntTC5WBgbEy6d61sfhh3MLwIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFH4bl3/jD+pQpBpoi3vtcX+tTqhXMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZmh1WGYtTVA2bENrR21pTGUtMXhmNjFPcUZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTCBhwQCAAEwgYADBAIC
OGwDBAAFtVcDBAAtCR0DBAItUXADBAAtWIgDBAEtWIoDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAC2Q1AMEAU1TJgMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAsEe8AME
AME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAjAwUAKgFxIAMFAyoH
kgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEBALqgBsH3
dVXOBo7mhsHnyNMB+eRZs9bo07253+cPftoCBazrECkXIVujykxY+roMR8zSPNDb
OAJZncoq5mXqqfNcHDD3qD/26FRKt3zMvtVyOKx6grGnBtPzOiWRpUJicpb3eDbS
V/t2LmtbA9Lf/YePFyak0KkGt0kyRDOuzAw+WsxLq3CuKYof3KoeRmJBCpSQtWMa
1uykEUISud3lw19vgMM9qrIV+hwCobiXA+f9lAVvfe2Id6Z6gASbZ5Vp37LQ4e9U
bNfvNh3k5gypeT6rU1h0pIG7xBSZH6ivaQGffxV9SaNSZRZ7ltfiC1yofABiclkJ
fa9rFwH1WErV5ug=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org