Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/k5tMNbr9IBfe-CW-jpXO7j5jgeA.roa
File: k5tMNbr9IBfe-CW-jpXO7j5jgeA.roa (raw, json)
Hash identifier: jiFgOUFYuKLVCBBQ+7CR8YJqWMyVCIltZRaxrzNDzrg=
Subject key identifier: 93:9B:4C:35:BA:FD:20:17:DE:F8:25:BE:8E:95:CE:EE:3E:63:81:E0
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0185936EABE8F9A18997F820E065BC0CDDA0
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/k5tMNbr9IBfe-CW-jpXO7j5jgeA.roa
Signing time: Sun 08 Jan 2023 22:09:41 +0000
ROA not before: Sun 08 Jan 2023 22:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.139.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.188.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:93:6e:ab:e8:f9:a1:89:97:f8:20:e0:65:bc:0c:dd:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 8 22:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=939b4c35bafd2017def825be8e95ceee3e6381e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:59:61:b7:f3:c0:e6:7b:78:5e:4a:3a:cd:84:
e7:61:e5:df:07:29:66:b9:76:8d:cc:59:22:28:42:
a6:29:3c:cb:36:e3:fb:2f:c2:5f:38:cc:c7:12:78:
7c:89:d5:31:78:55:45:c7:74:a2:c1:49:81:81:2b:
16:4c:3a:80:05:0f:45:4f:ac:9b:ac:21:32:5c:80:
12:79:83:bd:0a:9e:97:53:91:f1:20:20:8b:8b:9b:
bf:d8:25:cd:1d:49:48:09:e6:8c:e4:f8:b9:91:20:
97:c0:32:71:f0:d7:66:08:74:ff:be:de:ce:1a:14:
fd:d1:24:b9:43:35:29:dc:05:6e:56:e7:f5:09:64:
71:30:79:e5:4e:ee:ed:14:28:ff:53:c8:b5:e5:b6:
f0:59:e5:4c:5a:86:ce:b4:53:10:97:5c:d7:34:39:
8d:9b:01:b6:d3:3e:ca:d9:65:a7:2e:9b:e9:d4:6b:
d7:a2:22:cb:a4:9b:65:68:f6:a9:27:48:f2:56:11:
13:98:e6:21:13:b5:0f:20:22:70:0c:17:f2:55:2c:
85:42:f9:b5:ff:38:37:c5:13:87:2c:8f:2a:75:be:
6b:3f:83:4e:0e:0f:d5:bb:bf:09:6a:6a:bc:2d:e5:
80:86:ac:9e:36:89:58:56:7d:48:2b:4b:37:fa:92:
be:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:9B:4C:35:BA:FD:20:17:DE:F8:25:BE:8E:95:CE:EE:3E:63:81:E0
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/k5tMNbr9IBfe-CW-jpXO7j5jgeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.13.188.0/24
45.81.112.0/22
45.88.136.0/24
45.88.139.0/24
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.38.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
4c:ef:47:7b:73:af:7c:c5:c0:56:28:cb:c2:fe:d7:aa:f2:73:
ef:4c:4e:d7:22:91:c7:1f:1b:72:dd:c9:7f:5d:68:6d:0b:96:
5e:94:34:de:3c:ca:d0:ea:8e:46:f6:22:a0:20:fa:a5:63:fa:
85:cf:77:65:de:75:25:5c:6f:00:dd:d4:57:d3:15:68:07:2c:
66:f2:1e:76:6e:b7:b3:33:da:f7:4e:43:45:41:6e:f2:aa:22:
43:15:30:4c:f7:34:ac:ef:6f:c1:b1:ed:5d:ee:e2:b5:cd:4e:
26:33:3e:f2:07:30:35:0b:78:d4:66:3e:df:27:2e:10:30:04:
67:71:d0:b0:23:89:db:af:59:e6:b0:27:8c:f5:18:16:26:3f:
73:75:6f:38:79:93:53:f8:8e:7a:af:13:81:a1:ca:af:d8:82:
72:2e:12:93:6f:0b:ce:20:20:f2:97:15:80:0f:f6:30:e0:31:
fa:c2:ba:98:35:72:d4:9f:17:e2:5b:10:3e:8d:f2:87:ae:2c:
ca:5e:f9:5f:25:90:75:26:64:ef:57:29:9d:bf:d1:13:6e:5f:
71:f6:9d:2e:da:a9:c4:7f:22:b1:fc:dd:80:b9:77:73:aa:a1:
3c:b0:c8:ed:df:72:df:22:ad:69:4b:1a:b4:c0:e0:8a:81:8b:
c1:53:78:bf
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAYWTbqvo+aGJl/gg4GW8DN2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTA4MjIwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzliNGMzNWJhZmQyMDE3ZGVmODI1YmU4ZTk1Y2VlZTNlNjM4MWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1lht/PA5nt4Xko6zYTnYeXfBylm
uXaNzFkiKEKmKTzLNuP7L8JfOMzHEnh8idUxeFVFx3SiwUmBgSsWTDqABQ9FT6yb
rCEyXIASeYO9Cp6XU5HxICCLi5u/2CXNHUlICeaM5Pi5kSCXwDJx8NdmCHT/vt7O
GhT90SS5QzUp3AVuVuf1CWRxMHnlTu7tFCj/U8i15bbwWeVMWobOtFMQl1zXNDmN
mwG20z7K2WWnLpvp1GvXoiLLpJtlaPapJ0jyVhETmOYhE7UPICJwDBfyVSyFQvm1
/zg3xROHLI8qdb5rP4NODg/Vu78Jamq8LeWAhqyeNolYVn1IK0s3+pK+2wIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFJObTDW6/SAX3vglvo6Vzu4+Y4HgMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvazV0TU5icjlJQmZlLUNXLWpwWE83ajVqZ2VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTCBhwQCAAEwgYADBAIC
OGwDBAAFtVcDBAAtCR0DBAAtDbwDBAItUXADBAAtWIgDBAAtWIswDAMEAC2EtQME
Ay2EsAMEAC2Q1AMEAE1TJgMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAsEe8AME
AME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAjAwUAKgFxIAMFAyoH
kgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEBAEzvR3tz
r3zFwFYoy8L+16ryc+9MTtcikccfG3LdyX9daG0Lll6UNN48ytDqjkb2IqAg+qVj
+oXPd2XedSVcbwDd1FfTFWgHLGbyHnZut7Mz2vdOQ0VBbvKqIkMVMEz3NKzvb8Gx
7V3u4rXNTiYzPvIHMDULeNRmPt8nLhAwBGdx0LAjiduvWeawJ4z1GBYmP3N1bzh5
k1P4jnqvE4Ghyq/YgnIuEpNvC84gIPKXFYAP9jDgMfrCupg1ctSfF+JbED6N8oeu
LMpe+V8lkHUmZO9XKZ2/0RNuX3H2nS7aqcR/IrH83YC5d3OqoTywyO3fct8irWlL
GrTA4IqBi8FTeL8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:32 2023 by rpki-client on console-fra.rpki-client.org