Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/kp3RpUt6_rzybg2UFMSetjKmFP8.roa
File: kp3RpUt6_rzybg2UFMSetjKmFP8.roa (raw, json)
Hash identifier: Va+F4gGwDtb/A2HDARSQqr0AUqAeGWeDwurKYB+DGIk=
Subject key identifier: 92:9D:D1:A5:4B:7A:FE:BC:F2:6E:0D:94:14:C4:9E:B6:32:A6:14:FF
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0191095B01E7025F382D1A8517C719AFF39E
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/kp3RpUt6_rzybg2UFMSetjKmFP8.roa
Signing time: Wed 31 Jul 2024 15:14:04 +0000
ROA not before: Wed 31 Jul 2024 15:14:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a07:9200::/29 maxlen: 29
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 31 Jul 2024 21:25:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:09:5b:01:e7:02:5f:38:2d:1a:85:17:c7:19:af:f3:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jul 31 15:14:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=929dd1a54b7afebcf26e0d9414c49eb632a614ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:90:8c:ed:f2:2f:d7:7a:ac:fa:d0:2e:04:13:
95:71:ac:97:0a:70:1b:4c:6d:e8:a9:9f:fa:60:6f:
54:9d:7d:21:8a:a9:2e:57:de:c5:3e:44:92:0f:74:
0d:7c:d6:61:57:fc:af:c7:a1:0e:84:43:f3:15:f3:
e3:6f:7b:ef:e3:8b:0e:db:f8:67:ed:2b:d2:00:21:
fe:02:78:08:5c:83:c3:10:5b:fd:35:f4:87:6d:e8:
66:24:16:6b:65:f6:7c:9b:f9:ca:43:9f:9a:a9:49:
06:0e:6d:7f:28:48:51:ba:36:7d:ea:d4:81:36:28:
91:ec:44:c5:1f:25:b2:e6:fa:67:6a:a7:78:86:22:
1f:e1:6f:10:b8:1e:3e:b6:48:6a:b2:87:81:72:72:
35:7f:92:8e:ad:5a:6c:53:fe:79:6e:64:4f:86:c0:
c3:ed:7e:ee:e3:5a:c1:f4:6d:7a:0a:a3:8a:45:84:
da:29:21:c6:c5:d7:67:b3:25:c6:d7:09:70:5c:b6:
f9:6b:90:ea:58:09:72:db:66:34:8f:ef:87:dd:bd:
d9:26:69:03:ba:fa:14:ae:65:42:d1:19:9b:2e:1f:
dc:7f:99:e4:ca:9e:1f:0e:16:86:7d:bb:9d:a4:98:
aa:77:c3:f3:12:d3:f4:43:61:b5:60:7f:c9:b1:35:
74:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:9D:D1:A5:4B:7A:FE:BC:F2:6E:0D:94:14:C4:9E:B6:32:A6:14:FF
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/kp3RpUt6_rzybg2UFMSetjKmFP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.81.115.0/24
45.88.136.0/24
45.88.138.0/24
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.93.0-195.177.95.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
Signature Algorithm: sha256WithRSAEncryption
63:60:0c:c8:ee:b3:29:f0:5b:31:0a:19:0f:7c:61:26:2e:88:
04:3c:f6:ed:a0:72:a0:b3:d0:ab:34:08:46:58:60:42:35:1c:
02:48:52:17:26:96:13:78:9d:cb:07:dc:b6:23:09:fa:3b:d2:
bb:73:f4:20:44:f0:c0:1e:98:91:59:9b:d9:21:44:15:df:19:
cf:74:b1:1c:a2:1c:cf:49:b3:a1:ff:d7:98:83:1c:20:06:4d:
60:71:95:c6:d0:77:7a:38:1c:64:5b:63:7a:43:96:3b:c4:a4:
89:c9:a4:3c:a3:ed:3d:d2:d6:bd:94:45:c8:a0:77:f5:41:d3:
3c:df:ff:a5:bf:57:01:fd:f8:b0:03:9c:36:40:b0:2e:3f:fb:
26:92:1c:fa:78:a6:a3:b6:0e:5b:4b:45:ac:fd:c9:3c:75:10:
b8:3b:57:09:b0:a8:e7:29:2f:fe:1d:86:82:e3:f6:89:f0:f9:
ac:ca:70:c6:26:7c:0d:c1:6f:8e:33:66:db:25:3b:16:90:15:
f2:bb:ff:ac:05:98:d5:65:22:49:36:53:99:2a:fc:b7:13:5c:
60:83:15:a3:c3:1e:12:7f:d9:23:db:44:08:f1:a4:41:10:bb:
70:23:3d:d5:c3:77:87:16:76:ac:14:9b:41:de:ef:eb:93:8a:
47:57:42:41
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAZEJWwHnAl84LRqFF8cZr/OeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNzMxMTUxNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjlkZDFhNTRiN2FmZWJjZjI2ZTBkOTQxNGM0OWViNjMyYTYxNGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9pCM7fIv13qs+tAuBBOVcayXCnAb
TG3oqZ/6YG9UnX0hiqkuV97FPkSSD3QNfNZhV/yvx6EOhEPzFfPjb3vv44sO2/hn
7SvSACH+AngIXIPDEFv9NfSHbehmJBZrZfZ8m/nKQ5+aqUkGDm1/KEhRujZ96tSB
NiiR7ETFHyWy5vpnaqd4hiIf4W8QuB4+tkhqsoeBcnI1f5KOrVpsU/55bmRPhsDD
7X7u41rB9G16CqOKRYTaKSHGxddnsyXG1wlwXLb5a5DqWAly22Y0j++H3b3ZJmkD
uvoUrmVC0RmbLh/cf5nkyp4fDhaGfbudpJiqd8PzEtP0Q2G1YH/JsTV0qwIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFJKd0aVLev688m4NlBTEnrYyphT/MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEva3AzUnBVdDZfcnp5YmcyVUZNU2V0akttRlA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwgZkEAgABMIGSAwQA
AjhtAwQABbVUAwQABbVXAwQALQkdAwQALVFzAwQALViIAwQALViKAwQALV6rAwQC
LYS0AwQALZDUAwQALZcDAwQATVMlAwQAkhN9AwQBuSv4AwQAuSv7AwQBucg+AwQA
wR7wAwQBwR7yAwQAwTkrAwQAwvJgAwQBwvJiMAwDBADDsV0DBAXDsUADBALD07ww
UwQCAAIwTQMFACoBcSADBQMqB5IAAwUAKgkDQAMFACoJxEADBQAqDF1AAwUDKgyl
gAMFAyoQ38ADBQAqEPrAAwUDKhEFgAMFACoRFgADBQAqESqAMA0GCSqGSIb3DQEB
CwUAA4IBAQBjYAzI7rMp8FsxChkPfGEmLogEPPbtoHKgs9CrNAhGWGBCNRwCSFIX
JpYTeJ3LB9y2Iwn6O9K7c/QgRPDAHpiRWZvZIUQV3xnPdLEcohzPSbOh/9eYgxwg
Bk1gcZXG0Hd6OBxkW2N6Q5Y7xKSJyaQ8o+090ta9lEXIoHf1QdM83/+lv1cB/fiw
A5w2QLAuP/smkhz6eKajtg5bS0Ws/ck8dRC4O1cJsKjnKS/+HYaC4/aJ8PmsynDG
JnwNwW+OM2bbJTsWkBXyu/+sBZjVZSJJNlOZKvy3E1xggxWjwx4Sf9kj20QI8aRB
ELtwIz3Vw3eHFnasFJtB3u/rk4pHV0JB
-----END CERTIFICATE-----
Generated at Thu Aug 1 00:01:36 2024 by rpki-client on console-ams.rpki-client.org