Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/h4OyiAdeaij8tCbnAD8wYjTOFdU.roa
File: h4OyiAdeaij8tCbnAD8wYjTOFdU.roa (raw, json)
Hash identifier: hF+uAKaX23GH1yIvhA8YBzx+hIWZYee9J8el/A0aznI=
Subject key identifier: 87:83:B2:88:07:5E:6A:28:FC:B4:26:E7:00:3F:30:62:34:CE:15:D5
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018BD2850EEF5AB744678B11CE2E5234108E
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/h4OyiAdeaij8tCbnAD8wYjTOFdU.roa
Signing time: Wed 15 Nov 2023 10:26:57 +0000
ROA not before: Wed 15 Nov 2023 10:26:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.114.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:85:0e:ef:5a:b7:44:67:8b:11:ce:2e:52:34:10:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 15 10:26:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8783b288075e6a28fcb426e7003f306234ce15d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:26:1b:29:d7:f3:00:2b:95:54:28:0e:40:06:
0b:96:ac:d0:c4:5c:da:e2:ac:33:36:8b:44:cd:8e:
2b:e0:81:87:f2:06:8b:bc:c0:63:5f:04:dd:9d:74:
4d:50:06:01:02:f5:44:8a:e6:fe:d8:32:7a:0a:30:
0b:9c:31:13:1b:22:45:cb:66:1e:06:2b:41:ac:dc:
af:6a:18:a3:0f:1a:97:91:68:31:d9:2b:d1:91:7e:
e3:af:09:88:f1:f1:c4:a3:51:bd:e5:34:4d:74:d9:
1b:6b:04:9a:06:18:3e:a4:3f:24:a5:92:5c:98:36:
7f:d3:1f:d1:a6:61:a0:0b:b0:87:fa:16:a9:08:0e:
78:56:3f:a8:b9:20:1b:9e:4e:2d:b3:26:2d:da:e2:
ae:28:4c:79:a2:0b:23:16:fb:5e:65:cf:e7:48:bc:
c8:eb:50:00:62:14:d8:12:8e:67:ed:97:d2:61:dd:
d1:74:fd:13:22:05:e2:57:8f:db:ca:1f:d4:2f:ab:
5a:c3:e5:bb:f1:91:09:a0:bc:d5:6b:5f:e8:6a:3f:
25:37:0c:71:02:9f:ae:38:12:ce:58:32:04:46:d0:
fb:55:2d:5f:b4:9d:ec:b8:da:d8:af:e5:b5:9c:2f:
3f:9a:1a:ec:f1:b7:c8:37:e3:9e:14:52:91:c5:ea:
de:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:83:B2:88:07:5E:6A:28:FC:B4:26:E7:00:3F:30:62:34:CE:15:D5
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/h4OyiAdeaij8tCbnAD8wYjTOFdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/24
5.181.87.0/24
45.9.29.0/24
45.81.114.0/24
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.180.0/22
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
7e:1a:c7:36:13:fc:a7:f5:18:f1:ba:e9:e1:c1:7d:a1:0a:e3:
e4:e8:9c:d5:b4:97:10:ef:a1:fe:29:f2:7f:46:cc:df:ab:5c:
5e:91:0d:34:17:c4:15:dd:62:59:38:5a:f6:25:f2:98:56:5b:
d4:49:74:a2:f9:5e:77:53:1b:f3:ae:f1:7b:f0:1a:fa:79:ce:
c8:b8:f2:a4:8e:be:a0:ab:93:9f:ba:ea:e6:ba:22:88:2e:dc:
30:2e:4d:c5:49:46:52:6b:b5:41:83:bd:3d:d2:39:d4:62:a8:
84:82:20:af:f1:43:60:b2:03:8d:57:e1:42:3a:39:ca:89:27:
3d:4c:0c:bd:11:bb:2f:dc:9b:e8:21:95:cd:32:eb:07:b4:be:
e3:5c:bf:32:9f:17:7c:3b:08:04:c0:ce:4a:f3:37:5d:90:ea:
eb:35:8e:03:04:d0:69:c0:55:ca:7a:e7:5c:65:7d:de:3a:c7:
cf:54:f4:21:99:1f:15:15:a0:c2:b2:66:37:56:1c:76:fd:90:
03:e4:c9:3f:d7:fd:fd:fa:e1:fe:45:e6:6c:2e:d1:fb:3a:12:
6d:1a:7b:72:7e:f6:03:14:e1:d9:97:ae:79:bb:15:a9:28:fd:
34:d9:a0:e4:70:22:8f:87:9c:df:58:52:8b:9c:95:ef:40:5a:
61:95:c7:d9
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYvShQ7vWrdEZ4sRzi5SNBCOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMTE1MTAyNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzgzYjI4ODA3NWU2YTI4ZmNiNDI2ZTcwMDNmMzA2MjM0Y2UxNWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCYbKdfzACuVVCgOQAYLlqzQxFza
4qwzNotEzY4r4IGH8gaLvMBjXwTdnXRNUAYBAvVEiub+2DJ6CjALnDETGyJFy2Ye
BitBrNyvahijDxqXkWgx2SvRkX7jrwmI8fHEo1G95TRNdNkbawSaBhg+pD8kpZJc
mDZ/0x/RpmGgC7CH+hapCA54Vj+ouSAbnk4tsyYt2uKuKEx5ogsjFvteZc/nSLzI
61AAYhTYEo5n7ZfSYd3RdP0TIgXiV4/byh/UL6taw+W78ZEJoLzVa1/oaj8lNwxx
Ap+uOBLOWDIERtD7VS1ftJ3suNrYr+W1nC8/mhrs8bfIN+OeFFKRxereywIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFIeDsogHXmoo/LQm5wA/MGI0zhXVMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvaDRPeWlBZGVhaWo4dENibkFEOHdZalRPRmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBjQQCAAEwgYYDBAAC
OGwDBAAFtVcDBAAtCR0DBAAtUXIDBAAtWIgDBAAtWIoDBAItXqgDBAIthLQDBAAt
kNQDBABNUyUDBABNUycDBAJV0XgDBAG5K/gDBAC5K/sDBAG5yD4DBADBHvADBAHB
HvIDBADBOSsDBALC8mAwDAMEAsOxXAMEAMOxXgMEAsPTvDApBAIAAjAjAwUAKgFx
IAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEB
AH4axzYT/Kf1GPG66eHBfaEK4+TonNW0lxDvof4p8n9GzN+rXF6RDTQXxBXdYlk4
WvYl8phWW9RJdKL5XndTG/Ou8XvwGvp5zsi48qSOvqCrk5+66ua6Iogu3DAuTcVJ
RlJrtUGDvT3SOdRiqISCIK/xQ2CyA41X4UI6OcqJJz1MDL0Ruy/cm+ghlc0y6we0
vuNcvzKfF3w7CATAzkrzN12Q6us1jgME0GnAVcp651xlfd46x89U9CGZHxUVoMKy
ZjdWHHb9kAPkyT/X/f364f5F5mwu0fs6Em0ae3J+9gMU4dmXrnm7Fako/TTZoORw
Io+HnN9YUoucle9AWmGVx9k=
-----END CERTIFICATE-----
Generated at Wed Nov 15 11:54:32 2023 by rpki-client on console-ams.rpki-client.org