Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/gQxVC98yzOlNZ9BfDrt4ifGZWmE.roa
File: gQxVC98yzOlNZ9BfDrt4ifGZWmE.roa (raw, json)
Hash identifier: NX6hP+RPsIsgIyx2h5aA+k9Ixk+Y9mPsLrNOjZYzyCc=
Subject key identifier: 81:0C:55:0B:DF:32:CC:E9:4D:67:D0:5F:0E:BB:78:89:F1:99:5A:61
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0189FD3F123D8764ADBCB4715F5F9565AC88
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/gQxVC98yzOlNZ9BfDrt4ifGZWmE.roa
Signing time: Wed 16 Aug 2023 07:28:36 +0000
ROA not before: Wed 16 Aug 2023 07:28:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 24
2.56.111.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fd:3f:12:3d:87:64:ad:bc:b4:71:5f:5f:95:65:ac:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 16 07:28:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=810c550bdf32cce94d67d05f0ebb7889f1995a61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e0:71:91:9e:b6:62:fe:c6:a8:ab:3d:8d:3e:
12:6b:7a:50:33:91:f4:4e:f5:0d:ea:fc:bb:0c:fe:
3b:e6:fe:ed:ed:e2:65:66:b7:d0:3f:6b:df:e7:76:
f6:d7:df:22:d5:4b:be:ee:d2:74:3f:65:9f:ce:87:
17:fc:dc:98:b2:a5:02:67:4c:f1:47:94:ab:be:01:
16:03:3c:e0:26:8c:6b:a4:d2:ab:3e:14:16:f9:f2:
2a:17:f5:77:97:ca:be:8e:7f:f1:ea:d5:47:ad:4c:
23:a6:32:07:52:18:41:c6:8b:ef:fb:0d:3d:3b:3d:
4f:6d:f1:43:65:98:17:67:96:7c:d0:a2:18:89:d9:
07:12:c6:e5:7c:51:04:1f:c5:49:85:14:42:27:35:
ef:20:41:f6:71:b5:2a:bb:5c:8a:42:29:b9:10:f3:
f2:fd:33:1c:cd:fc:c5:76:66:5a:41:6d:23:8b:33:
42:62:e5:42:88:93:8b:bb:ec:00:e4:61:00:cc:df:
a2:86:66:8b:a3:78:01:37:5f:13:59:ba:a3:8f:31:
34:55:1d:c8:a2:6a:e8:30:29:59:19:48:75:7e:24:
89:97:71:52:fc:d2:00:6f:a9:10:83:a7:ef:92:df:
f5:2d:b4:ac:13:5c:cc:26:0e:b9:66:76:63:58:fe:
83:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:0C:55:0B:DF:32:CC:E9:4D:67:D0:5F:0E:BB:78:89:F1:99:5A:61
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/gQxVC98yzOlNZ9BfDrt4ifGZWmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
10:77:8f:e9:42:b3:5e:cf:ea:6c:10:25:c6:98:19:ad:e6:59:
6d:a8:34:e6:f5:a3:c1:b0:b4:80:88:fb:2b:e4:e9:42:1d:bf:
d5:db:c2:e1:1e:f5:28:8f:6e:0a:ea:89:b7:bf:f8:af:1a:ab:
62:79:7f:80:71:cb:2f:82:68:81:76:d2:43:59:88:bb:7b:fc:
13:2d:3a:b8:e7:ce:a9:9a:2e:d6:af:b5:88:3e:b5:5e:ca:06:
df:dc:cd:2a:fb:c8:89:7c:70:f9:d7:34:3a:83:16:07:e7:c2:
9f:13:b8:75:ce:fe:d9:f5:f0:2b:dd:d2:17:8b:a8:5e:14:66:
ae:14:a4:e0:e3:5c:c3:2f:31:0a:50:31:9a:d6:3e:13:25:ca:
e5:62:ae:99:32:f0:cb:d9:3e:b0:08:38:58:ee:28:a4:43:46:
7c:c7:42:d2:b0:17:26:3d:cb:42:90:82:2b:a3:83:cc:eb:8e:
48:b8:c1:5a:dc:77:c4:4f:02:63:17:e1:7f:1a:26:9a:19:20:
86:dd:68:6f:32:37:3a:1d:b7:1d:a3:3f:85:bd:10:11:35:32:
11:23:ec:a7:17:92:ff:ab:af:31:48:1e:08:30:d9:98:1c:9d:
bd:21:ef:19:16:39:4f:27:2f:8e:56:d5:04:74:37:94:bc:7e:
a5:10:56:01
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYn9PxI9h2StvLRxX1+VZayIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODE2MDcyODM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTBjNTUwYmRmMzJjY2U5NGQ2N2QwNWYwZWJiNzg4OWYxOTk1YTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuBxkZ62Yv7GqKs9jT4Sa3pQM5H0
TvUN6vy7DP475v7t7eJlZrfQP2vf53b2198i1Uu+7tJ0P2WfzocX/NyYsqUCZ0zx
R5SrvgEWAzzgJoxrpNKrPhQW+fIqF/V3l8q+jn/x6tVHrUwjpjIHUhhBxovv+w09
Oz1PbfFDZZgXZ5Z80KIYidkHEsblfFEEH8VJhRRCJzXvIEH2cbUqu1yKQim5EPPy
/TMczfzFdmZaQW0jizNCYuVCiJOLu+wA5GEAzN+ihmaLo3gBN18TWbqjjzE0VR3I
omroMClZGUh1fiSJl3FS/NIAb6kQg6fvkt/1LbSsE1zMJg65ZnZjWP6DbwIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFIEMVQvfMszpTWfQXw67eInxmVphMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZ1F4VkM5OHl6T2xOWjlCZkRydDRpZkdaV21FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBkwQCAAEwgYwDBAIC
OGwDBAAFtVcDBAAtCR0DBAItUXADBAAtWIgDBAEtWIoDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAC2Q1AMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KQMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAj
AwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQEL
BQADggEBABB3j+lCs17P6mwQJcaYGa3mWW2oNOb1o8GwtICI+yvk6UIdv9XbwuEe
9SiPbgrqibe/+K8aq2J5f4Bxyy+CaIF20kNZiLt7/BMtOrjnzqmaLtavtYg+tV7K
Bt/czSr7yIl8cPnXNDqDFgfnwp8TuHXO/tn18Cvd0heLqF4UZq4UpODjXMMvMQpQ
MZrWPhMlyuVirpky8MvZPrAIOFjuKKRDRnzHQtKwFyY9y0KQgiujg8zrjki4wVrc
d8RPAmMX4X8aJpoZIIbdaG8yNzodtx2jP4W9EBE1MhEj7KcXkv+rrzFIHggw2Zgc
nb0h7xkWOU8nL45W1QR0N5S8fqUQVgE=
-----END CERTIFICATE-----
Generated at Mon Aug 21 07:35:50 2023 by rpki-client on console-ams.rpki-client.org