Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/hV5AA_OQ0aU7ZhHagNdA9XflCT8.roa
File: hV5AA_OQ0aU7ZhHagNdA9XflCT8.roa (raw, json)
Hash identifier: EFzaMgQHDaqIHjmxuiWQaF3SXu2TxBY9s0PcehBvOh8=
Subject key identifier: 85:5E:40:03:F3:90:D1:A5:3B:66:11:DA:80:D7:40:F5:77:E5:09:3F
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01929791DE2D01DBEF7777CE57EC6E0A4CF1
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/hV5AA_OQ0aU7ZhHagNdA9XflCT8.roa
Signing time: Wed 16 Oct 2024 23:02:51 +0000
ROA not before: Wed 16 Oct 2024 23:02:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:342::/32 maxlen: 32
2a09:346::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a11:3900::/32 maxlen: 32
2a11:d680::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Oct 2024 14:45:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:97:91:de:2d:01:db:ef:77:77:ce:57:ec:6e:0a:4c:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 16 23:02:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=855e4003f390d1a53b6611da80d740f577e5093f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:34:93:1c:ac:65:63:58:c0:25:80:e0:02:50:
4c:c3:07:10:96:ca:b3:e0:b3:e8:b3:5a:14:25:05:
1b:1b:28:ab:82:03:7f:26:b1:bb:70:98:d4:a2:f0:
d6:f2:ab:4c:5f:a7:07:46:e3:e2:f4:a3:8c:8d:6a:
7f:a8:6e:d9:fb:ec:c5:06:ad:4b:d6:7a:c1:b0:68:
46:87:17:7c:6d:c5:7b:2d:15:0e:99:ab:40:f6:b2:
e2:e2:19:1f:f5:d7:3d:48:69:8d:be:8b:74:99:55:
21:c5:f1:42:23:57:82:17:6d:3d:3c:b5:1f:6a:9b:
5f:97:1c:67:53:11:9c:6a:dc:8b:22:e3:b8:c9:0f:
26:f9:1f:0f:be:21:13:fc:ac:ca:41:45:0b:c1:91:
de:b3:57:76:68:c6:6d:7f:7c:9e:29:60:4a:d7:c9:
6b:8b:dc:3e:e9:d4:97:61:96:fe:19:d6:22:70:4c:
44:39:1e:a3:25:d2:db:5f:03:39:76:8e:93:47:38:
72:6a:8e:f1:2b:4c:ee:ff:83:83:e8:e9:3c:56:68:
87:20:c5:41:09:67:14:e9:49:4c:9f:2d:5e:e6:54:
24:c4:5b:22:07:f2:63:77:67:2e:49:cf:5e:41:a2:
b9:5d:ce:c2:ce:a4:33:75:4e:84:e2:71:39:a5:5f:
39:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:5E:40:03:F3:90:D1:A5:3B:66:11:DA:80:D7:40:F5:77:E5:09:3F
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/hV5AA_OQ0aU7ZhHagNdA9XflCT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.81.115.0/24
45.88.136.0/24
45.88.138.0/24
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.93.0-195.177.94.255
195.211.188.0/23
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:342::/32
2a09:346::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
2a11:3900::/32
2a11:d680::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
42:8c:59:5e:33:7d:63:43:7b:fa:04:3c:fd:f0:9d:1a:60:04:
67:9f:da:88:bd:ab:75:73:92:50:be:10:c9:57:e5:6f:b1:47:
bc:a6:0d:d7:c4:3a:fb:21:e8:52:b1:f6:5a:a1:aa:49:57:64:
31:66:ae:64:cd:49:3a:b0:db:44:8e:4d:55:4f:cf:07:98:44:
e6:69:54:b5:9d:1d:90:d7:9f:04:b9:ff:52:24:66:27:1c:e3:
21:62:06:c3:3f:35:20:e3:cf:0c:42:14:b5:e9:d4:a8:b9:26:
12:88:d4:94:e1:d2:55:11:b9:e6:31:d4:c5:f1:db:af:56:c7:
2c:6f:54:96:99:3d:62:68:90:76:cf:0f:fd:82:3a:94:60:f3:
0a:a7:bd:43:78:84:5f:b7:11:40:f6:d8:3e:1b:fe:90:48:51:
ec:82:82:eb:1c:92:ba:02:99:4f:fe:01:10:81:74:b8:9f:51:
d4:d3:f1:19:ad:e5:d3:fd:ff:20:06:c5:b0:c1:c5:4d:05:0d:
da:9c:3f:b1:29:81:45:bc:fb:42:8b:b7:61:9d:de:95:cb:24:
ce:a5:2f:8f:ee:ed:0c:fe:07:62:53:a5:7d:7b:8c:57:66:a5:
2b:71:1b:da:3f:f9:57:fa:a0:69:5e:65:14:e9:9a:0d:9c:11:
99:3a:1d:72
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgISAZKXkd4tAdvvd3fOV+xuCkzxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQxMDE2MjMwMjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTVlNDAwM2YzOTBkMWE1M2I2NjExZGE4MGQ3NDBmNTc3ZTUwOTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8jSTHKxlY1jAJYDgAlBMwwcQlsqz
4LPos1oUJQUbGyirggN/JrG7cJjUovDW8qtMX6cHRuPi9KOMjWp/qG7Z++zFBq1L
1nrBsGhGhxd8bcV7LRUOmatA9rLi4hkf9dc9SGmNvot0mVUhxfFCI1eCF209PLUf
aptflxxnUxGcatyLIuO4yQ8m+R8PviET/KzKQUULwZHes1d2aMZtf3yeKWBK18lr
i9w+6dSXYZb+GdYicExEOR6jJdLbXwM5do6TRzhyao7xK0zu/4OD6Ok8VmiHIMVB
CWcU6UlMny1e5lQkxFsiB/Jjd2cuSc9eQaK5Xc7CzqQzdU6E4nE5pV85JwIDAQAB
o4IDIzCCAx8wHQYDVR0OBBYEFIVeQAPzkNGlO2YR2oDXQPV35Qk/MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvaFY1QUFfT1EwYVU3WmhIYWdOZEE5WGZsQ1Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNwYIKwYBBQUHAQcBAf8EggEmMIIBIjCBpwQCAAEwgaAD
BAACOG0DBAAFtVQDBAAFtVcDBAAtCR0wDAMEAC0NvQMEAC0NvgMEAC1RcwMEAC1Y
iAMEAC1YigMEAC1eqwMEAi2EtAMEAC2Q1AMEAC2XAwMEAE1TJQMEAJITfQMEAbkr
+AMEALkr+wMEAbnIPgMEAMEe8AMEAcEe8gMEAME5KwMEAMLyYAMEAcLyYjAMAwQA
w7FdAwQAw7FeAwQBw9O8MHYEAgACMHADBQAqAXEgAwUDKgeSAAMFACoJA0ADBQAq
CQNCAwUAKgkDRgMFACoJxEADBQAqDF1AAwUDKgylgAMFAyoQ38ADBQAqEPrAAwUD
KhEFgAMFACoRFgADBQAqESqAAwUAKhE5AAMFACoR1oADBQAqEp8AMA0GCSqGSIb3
DQEBCwUAA4IBAQBCjFleM31jQ3v6BDz98J0aYARnn9qIvat1c5JQvhDJV+VvsUe8
pg3XxDr7IehSsfZaoapJV2QxZq5kzUk6sNtEjk1VT88HmETmaVS1nR2Q158Euf9S
JGYnHOMhYgbDPzUg488MQhS16dSouSYSiNSU4dJVEbnmMdTF8duvVscsb1SWmT1i
aJB2zw/9gjqUYPMKp71DeIRftxFA9tg+G/6QSFHsgoLrHJK6AplP/gEQgXS4n1HU
0/EZreXT/f8gBsWwwcVNBQ3anD+xKYFFvPtCi7dhnd6VyyTOpS+P7u0M/gdiU6V9
e4xXZqUrcRvaP/lX+qBpXmUU6ZoNnBGZOh1y
-----END CERTIFICATE-----
Generated at Thu Oct 17 19:48:48 2024 by rpki-client on console-ams.rpki-client.org