Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/kW6k0uS-T-vuZZX5kq7gQzJQnf0.roa
File: kW6k0uS-T-vuZZX5kq7gQzJQnf0.roa (raw, json)
Hash identifier: +t3PBdI46BUa/hK2/wZ3VLVmbKGhMhiqB1HItvtJCg8=
Subject key identifier: 91:6E:A4:D2:E4:BE:4F:EB:EE:65:95:F9:92:AE:E0:43:32:50:9D:FD
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A92B32B6E4C136BDAA63B27E674114267
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/kW6k0uS-T-vuZZX5kq7gQzJQnf0.roa
Signing time: Thu 14 Sep 2023 07:58:50 +0000
ROA not before: Thu 14 Sep 2023 07:58:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 14 Sep 2023 08:39:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:92:b3:2b:6e:4c:13:6b:da:a6:3b:27:e6:74:11:42:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 14 07:58:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=916ea4d2e4be4febee6595f992aee04332509dfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:23:91:be:1b:38:2a:bf:56:87:5b:99:0a:4b:
b9:b5:29:93:ea:e2:40:12:97:fa:53:69:86:73:33:
4d:9d:38:07:b5:4e:1d:6e:a3:05:b6:d5:2e:71:19:
a5:b2:75:d6:a1:cd:87:79:3f:b4:30:45:e5:a3:3c:
e5:43:99:43:58:cb:2a:33:6e:de:fb:12:6e:3f:d2:
8d:f6:a5:7e:23:97:d2:75:27:19:06:52:72:a0:de:
d4:84:be:3a:77:fc:09:da:62:cc:37:11:aa:44:1d:
68:05:b9:8f:79:16:4a:41:20:d9:f5:99:b1:8f:30:
89:92:ec:ca:33:96:be:76:3b:ef:dc:c8:d1:f5:d1:
20:b8:9b:ff:6b:43:e9:e1:a1:24:85:82:2a:09:10:
d7:74:1a:ed:23:d7:a5:61:6a:da:d9:66:f0:e0:e4:
47:d5:68:be:e1:c8:71:ef:37:9a:c7:84:8e:b6:43:
69:ff:dd:e0:ae:a6:18:ae:84:6a:b2:de:23:58:ef:
9a:dd:1d:bf:e5:ae:71:79:d5:74:7c:34:c6:32:49:
0b:28:08:29:a2:a5:55:67:6b:60:23:c8:18:de:41:
db:70:3b:4d:59:3e:77:06:0f:90:fc:71:22:e5:1f:
8e:a4:cb:e7:11:9c:aa:34:b9:ab:71:2d:02:cd:17:
bd:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:6E:A4:D2:E4:BE:4F:EB:EE:65:95:F9:92:AE:E0:43:32:50:9D:FD
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/kW6k0uS-T-vuZZX5kq7gQzJQnf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
47:ee:a6:d6:58:28:5e:f7:c5:78:97:26:8d:94:90:c3:d6:a2:
4f:54:d1:31:7f:a8:65:88:e0:ab:3e:f2:6b:8d:bb:3a:dc:aa:
34:e1:47:f6:a8:53:21:21:04:e1:45:72:77:ae:5e:52:0a:2d:
46:4a:5c:0a:a0:1e:36:fe:51:7f:df:56:8c:d6:9d:54:22:2c:
e3:82:62:99:80:8f:60:d7:35:f3:80:fe:a4:72:d5:30:63:2c:
d5:70:72:b7:46:82:bf:89:dc:50:da:c9:e3:99:de:f6:c5:61:
d4:6c:85:cb:2a:9f:95:1e:d4:6e:9b:41:ce:c6:be:f3:b6:2a:
8c:89:f2:df:a5:1f:41:22:cd:1c:08:1a:69:b4:3a:5b:89:d4:
e8:76:e7:8f:a8:69:c6:54:3f:e3:63:31:0c:d7:1c:66:46:88:
67:1c:8f:e1:91:db:0d:48:a4:40:03:cd:64:76:8b:05:fa:19:
49:bb:37:5f:4d:3d:ee:de:c4:5a:8b:fb:14:61:07:cc:81:d9:
a5:f6:ba:ff:7d:c0:77:3e:48:ac:2f:79:f9:ba:88:0e:f0:c9:
a2:bc:f0:1d:a7:7e:7f:0a:d4:85:be:17:ed:c0:40:a6:b5:d5:
11:20:ef:cc:04:3a:d3:b6:c4:ac:26:8b:34:46:50:c3:7b:4a:
ec:26:63:cd
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAYqSsytuTBNr2qY7J+Z0EUJnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTE0MDc1ODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTZlYTRkMmU0YmU0ZmViZWU2NTk1Zjk5MmFlZTA0MzMyNTA5ZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSORvhs4Kr9Wh1uZCku5tSmT6uJA
Epf6U2mGczNNnTgHtU4dbqMFttUucRmlsnXWoc2HeT+0MEXlozzlQ5lDWMsqM27e
+xJuP9KN9qV+I5fSdScZBlJyoN7UhL46d/wJ2mLMNxGqRB1oBbmPeRZKQSDZ9Zmx
jzCJkuzKM5a+djvv3MjR9dEguJv/a0Pp4aEkhYIqCRDXdBrtI9elYWra2Wbw4ORH
1Wi+4chx7zeax4SOtkNp/93grqYYroRqst4jWO+a3R2/5a5xedV0fDTGMkkLKAgp
oqVVZ2tgI8gY3kHbcDtNWT53Bg+Q/HEi5R+OpMvnEZyqNLmrcS0CzRe9EwIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFJFupNLkvk/r7mWV+ZKu4EMyUJ39MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEva1c2azB1Uy1ULXZ1WlpYNWtxN2dRekpRbmYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHWBggrBgEFBQcBBwEB/wSBxjCBwzCBlQQCAAEwgY4DBAAF
tVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AS2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AMEe8AMEAcEe8gMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgAC
MCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0B
AQsFAAOCAQEAR+6m1lgoXvfFeJcmjZSQw9aiT1TRMX+oZYjgqz7ya427OtyqNOFH
9qhTISEE4UVyd65eUgotRkpcCqAeNv5Rf99WjNadVCIs44JimYCPYNc184D+pHLV
MGMs1XByt0aCv4ncUNrJ45ne9sVh1GyFyyqflR7UbptBzsa+87YqjIny36UfQSLN
HAgaabQ6W4nU6Hbnj6hpxlQ/42MxDNccZkaIZxyP4ZHbDUikQAPNZHaLBfoZSbs3
X0097t7EWov7FGEHzIHZpfa6/33Adz5IrC95+bqIDvDJorzwHad+fwrUhb4X7cBA
prXVESDvzAQ607bErCaLNEZQw3tK7CZjzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org