Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jyhvgX3xDROzAsh2sSPmFQlEnXo.roa
File: jyhvgX3xDROzAsh2sSPmFQlEnXo.roa (raw, json)
Hash identifier: d0qTaJFAHRALoFstJMeMaMwseZi43EEd4GbB9nLzkTk=
Subject key identifier: 8F:28:6F:81:7D:F1:0D:13:B3:02:C8:76:B1:23:E6:15:09:44:9D:7A
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018C44F9A5D1875E0D7C6628D2A4A8C921DF
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jyhvgX3xDROzAsh2sSPmFQlEnXo.roa
Signing time: Thu 07 Dec 2023 15:51:00 +0000
ROA not before: Thu 07 Dec 2023 15:51:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:44:f9:a5:d1:87:5e:0d:7c:66:28:d2:a4:a8:c9:21:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 7 15:51:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f286f817df10d13b302c876b123e61509449d7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f2:29:7a:dd:fa:ee:b5:35:0e:6e:ad:fd:73:
84:95:da:d6:72:22:66:06:e3:9b:2a:45:20:be:11:
10:f7:7a:f1:0d:81:1a:0d:65:42:cd:db:d3:fb:5f:
af:e2:f4:54:50:5e:f6:9e:75:51:f7:aa:aa:14:a1:
7b:4f:d8:81:43:3a:f0:54:81:de:7a:4e:23:50:89:
ee:8a:dc:74:f2:04:76:71:ec:f2:4e:9f:47:3e:86:
8b:84:d6:88:19:23:0b:11:a8:bb:9d:54:db:0b:8d:
cb:82:46:c8:89:0a:4e:19:f7:e1:2b:19:6b:2c:86:
ad:b3:af:5e:b1:8f:d7:9f:95:36:ba:c5:25:22:5e:
13:b6:89:30:e0:c1:f8:dc:17:33:76:d5:f4:7e:0f:
6c:37:f5:9f:58:5e:8c:31:93:ab:ad:bc:3c:b0:f8:
fa:12:47:4d:e8:cc:c7:7c:c1:db:c7:a0:3a:9d:79:
37:8f:3b:15:05:00:8d:cd:d4:69:be:cc:13:bd:70:
ae:3a:d9:82:30:e7:62:67:25:6d:1b:82:5e:7f:03:
9f:0c:c4:06:3f:d1:8e:7f:cb:46:00:28:d3:b5:35:
5a:80:d3:44:0c:f3:e0:1b:90:b1:c9:25:13:77:c8:
66:cd:67:03:f2:d5:51:cd:76:a1:ac:9a:fd:ef:00:
bb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:28:6F:81:7D:F1:0D:13:B3:02:C8:76:B1:23:E6:15:09:44:9D:7A
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jyhvgX3xDROzAsh2sSPmFQlEnXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.113.0/24
45.81.115.0/24
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
29:68:ff:e8:da:61:aa:11:ec:a4:e3:8e:f0:ea:fb:31:3c:be:
ff:53:87:aa:88:f3:77:d8:c9:96:a7:77:05:10:82:f7:ae:7e:
85:98:f9:e7:71:f2:b3:a0:e4:40:3b:07:26:97:1f:63:db:89:
d1:92:fd:a8:28:7a:2b:e0:ed:73:94:b3:e2:76:7d:d3:aa:87:
b8:97:0f:6c:86:b5:f5:67:7a:b8:bf:2c:16:ba:b9:ce:e6:8b:
96:08:44:01:29:70:cd:73:93:22:23:98:b5:c3:ef:7a:41:38:
03:f2:83:d0:30:ef:a5:6f:a7:25:61:45:00:f9:2c:12:b7:a7:
0c:cb:b9:d5:c2:a3:e7:58:99:3c:d8:a8:5f:b0:be:c7:4b:e5:
d8:05:b8:58:11:6e:10:c4:83:f6:f7:3b:93:55:f2:fc:88:8f:
51:9f:e0:10:aa:5f:75:49:ae:b9:dd:d6:94:ea:f7:e5:4d:b4:
3a:74:05:dd:0b:4d:5a:c0:77:7c:a8:02:83:17:e8:03:4b:32:
d6:17:a8:ec:95:68:6a:c2:2f:94:9a:f3:62:55:dd:96:52:56:
a8:2e:1e:d5:47:1c:42:72:b9:22:64:b4:35:62:9a:6c:a6:b1:
26:2e:cc:3b:fe:29:70:2a:b5:7b:f2:8b:44:a3:68:44:70:48:
23:07:f3:a1
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYxE+aXRh14NfGYo0qSoySHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMjA3MTU1MTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjI4NmY4MTdkZjEwZDEzYjMwMmM4NzZiMTIzZTYxNTA5NDQ5ZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/Ipet367rU1Dm6t/XOEldrWciJm
BuObKkUgvhEQ93rxDYEaDWVCzdvT+1+v4vRUUF72nnVR96qqFKF7T9iBQzrwVIHe
ek4jUInuitx08gR2cezyTp9HPoaLhNaIGSMLEai7nVTbC43LgkbIiQpOGffhKxlr
LIats69esY/Xn5U2usUlIl4Ttokw4MH43BczdtX0fg9sN/WfWF6MMZOrrbw8sPj6
EkdN6MzHfMHbx6A6nXk3jzsVBQCNzdRpvswTvXCuOtmCMOdiZyVtG4JefwOfDMQG
P9GOf8tGACjTtTVagNNEDPPgG5CxySUTd8hmzWcD8tVRzXahrJr97wC76QIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFI8ob4F98Q0TswLIdrEj5hUJRJ16MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvanlodmdYM3hEUk96QXNoMnNTUG1GUWxFblhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBmwQCAAEwgZQDBAAF
tVcDBAAtCR0DBAAtUXEDBAAtUXMDBAAtWIgDBAEtWIoDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAC2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgME
AMEe8AMEAcEe8gMEAME5KQMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8
MCkEAgACMCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkq
hkiG9w0BAQsFAAOCAQEAKWj/6NphqhHspOOO8Or7MTy+/1OHqojzd9jJlqd3BRCC
965+hZj553Hys6DkQDsHJpcfY9uJ0ZL9qCh6K+Dtc5Sz4nZ906qHuJcPbIa19Wd6
uL8sFrq5zuaLlghEASlwzXOTIiOYtcPvekE4A/KD0DDvpW+nJWFFAPksErenDMu5
1cKj51iZPNioX7C+x0vl2AW4WBFuEMSD9vc7k1Xy/IiPUZ/gEKpfdUmuud3WlOr3
5U20OnQF3QtNWsB3fKgCgxfoA0sy1heo7JVoasIvlJrzYlXdllJWqC4e1UccQnK5
ImS0NWKabKaxJi7MO/4pcCq1e/KLRKNoRHBIIwfzoQ==
-----END CERTIFICATE-----
Generated at Sat Dec 9 23:35:05 2023 by rpki-client on console-fra.rpki-client.org