Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/li1xki_yIl39Ud1eIZyVDMEujps.roa
File: li1xki_yIl39Ud1eIZyVDMEujps.roa (raw, json)
Hash identifier: j4p4oxC8a/4NC6BM8rf7wgadsJpeTjUoK+meUSRaXu4=
Subject key identifier: 96:2D:71:92:2F:F2:22:5D:FD:51:DD:5E:21:9C:95:0C:C1:2E:8E:9B
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0190B70BAE868CD60E1D3ED287D6745424EE
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/li1xki_yIl39Ud1eIZyVDMEujps.roa
Signing time: Mon 15 Jul 2024 15:38:34 +0000
ROA not before: Mon 15 Jul 2024 15:38:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a07:9200::/29 maxlen: 29
2a07:9200::/32 maxlen: 32
2a07:9205::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a582::/32 maxlen: 32
2a0c:a583::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a11:580::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 24 Jul 2024 13:08:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b7:0b:ae:86:8c:d6:0e:1d:3e:d2:87:d6:74:54:24:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jul 15 15:38:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=962d71922ff2225dfd51dd5e219c950cc12e8e9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:3a:c2:e5:89:b4:1b:aa:81:00:5c:5b:43:b1:
b3:eb:a7:cb:e1:33:89:4c:e4:ba:01:19:a9:05:6c:
f5:20:c6:18:c2:51:6d:81:b9:d3:30:b3:ca:b9:81:
81:2e:3f:4a:b3:bb:77:78:1f:84:bb:bd:e0:1a:23:
47:86:e3:ec:73:71:d1:5c:c5:bb:be:cd:55:3e:20:
ff:93:34:3e:d2:18:c2:93:1b:0b:6d:c1:e5:fa:33:
26:78:41:0d:f2:df:af:06:af:1b:ad:b8:38:19:64:
7b:d5:6a:de:b8:9c:73:f1:b5:01:8d:f5:6f:33:d1:
e5:13:88:18:1c:c7:51:ff:d0:10:70:3c:c6:b0:df:
84:7a:35:90:eb:a8:4d:9d:07:17:f2:53:68:5d:32:
30:57:68:dd:1a:b2:84:51:d9:30:12:f2:3e:92:86:
23:ef:a0:3e:9e:82:2a:75:a4:53:0c:60:e2:46:cb:
00:9a:9c:2b:66:7b:ef:95:1e:c0:26:46:ec:05:f9:
d1:8e:3a:43:58:69:ee:d1:ec:9b:11:f9:f9:0d:3b:
08:be:45:dd:44:b7:53:2a:99:4e:10:66:5d:ea:26:
95:96:dd:53:89:45:71:70:92:30:9f:59:d1:8b:9c:
db:b8:f5:5b:15:07:b2:25:37:70:12:c5:b6:1f:11:
26:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2D:71:92:2F:F2:22:5D:FD:51:DD:5E:21:9C:95:0C:C1:2E:8E:9B
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/li1xki_yIl39Ud1eIZyVDMEujps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.81.115.0/24
45.88.136.0/24
45.88.138.0/24
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.93.0-195.177.95.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
bd:ed:34:39:4e:2c:4e:1f:25:4d:6c:b6:94:da:67:82:b4:73:
a6:65:e5:d3:b6:e0:8e:c3:fc:be:20:13:53:e1:66:f5:9b:f3:
28:bc:4c:1f:0f:14:7f:fd:ef:1b:54:c3:46:59:68:0c:08:52:
dc:ea:ae:36:1a:01:5b:5f:e6:7f:aa:5d:8e:9e:13:ab:d5:8c:
ef:b8:6a:18:c0:89:8b:b3:60:d1:ed:6b:45:84:e6:f6:e5:80:
03:06:83:43:2b:c0:7d:bd:32:96:2f:67:3a:59:85:e9:09:30:
05:35:6f:a9:33:35:9c:13:58:f5:ff:11:d6:87:65:dd:93:36:
89:91:8b:23:53:39:dc:5a:38:d1:7c:92:54:15:a1:68:26:6d:
ac:06:0f:ae:a3:3f:80:92:0c:c5:e3:05:c3:14:81:40:4b:ee:
16:93:e9:df:7b:6e:c4:04:a9:06:44:4c:78:7b:b3:59:3a:e0:
a1:8b:e3:21:74:b2:5f:55:cb:6c:b3:22:1d:5c:22:e6:01:f3:
c2:ad:29:a8:c0:7a:91:45:31:33:38:bc:67:0b:c3:11:2e:00:
18:f7:2e:9b:a1:5d:69:62:c0:9e:e9:e9:f3:67:7c:ee:38:e6:
15:f6:3f:60:f6:ea:3d:a0:86:a7:92:22:22:a2:b2:d7:21:65:
e6:df:6f:f6
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgISAZC3C66GjNYOHT7Sh9Z0VCTuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNzE1MTUzODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjJkNzE5MjJmZjIyMjVkZmQ1MWRkNWUyMTljOTUwY2MxMmU4ZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4zrC5Ym0G6qBAFxbQ7Gz66fL4TOJ
TOS6ARmpBWz1IMYYwlFtgbnTMLPKuYGBLj9Ks7t3eB+Eu73gGiNHhuPsc3HRXMW7
vs1VPiD/kzQ+0hjCkxsLbcHl+jMmeEEN8t+vBq8brbg4GWR71WreuJxz8bUBjfVv
M9HlE4gYHMdR/9AQcDzGsN+EejWQ66hNnQcX8lNoXTIwV2jdGrKEUdkwEvI+koYj
76A+noIqdaRTDGDiRssAmpwrZnvvlR7AJkbsBfnRjjpDWGnu0eybEfn5DTsIvkXd
RLdTKplOEGZd6iaVlt1TiUVxcJIwn1nRi5zbuPVbFQeyJTdwEsW2HxEm4QIDAQAB
o4ICxTCCAsEwHQYDVR0OBBYEFJYtcZIv8iJd/VHdXiGclQzBLo6bMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvbGkxeGtpX3lJbDM5VWQxZUlaeVZETUV1anBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHaBggrBgEFBQcBBwEB/wSByjCBxzCBmQQCAAEwgZIDBAAC
OG0DBAAFtVQDBAAFtVcDBAAtCR0DBAAtUXMDBAAtWIgDBAAtWIoDBAAtXqsDBAIt
hLQDBAAtkNQDBAAtlwMDBABNUyUDBACSE30DBAG5K/gDBAC5K/sDBAG5yD4DBADB
HvADBAHBHvIDBADBOSsDBADC8mADBAHC8mIwDAMEAMOxXQMEBcOxQAMEAsPTvDAp
BAIAAjAjAwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZI
hvcNAQELBQADggEBAL3tNDlOLE4fJU1stpTaZ4K0c6Zl5dO24I7D/L4gE1PhZvWb
8yi8TB8PFH/97xtUw0ZZaAwIUtzqrjYaAVtf5n+qXY6eE6vVjO+4ahjAiYuzYNHt
a0WE5vblgAMGg0MrwH29MpYvZzpZhekJMAU1b6kzNZwTWPX/EdaHZd2TNomRiyNT
OdxaONF8klQVoWgmbawGD66jP4CSDMXjBcMUgUBL7haT6d97bsQEqQZETHh7s1k6
4KGL4yF0sl9Vy2yzIh1cIuYB88KtKajAepFFMTM4vGcLwxEuABj3LpuhXWliwJ7p
6fNnfO445hX2P2D26j2ghqeSIiKistchZebfb/Y=
-----END CERTIFICATE-----
Generated at Wed Jul 24 16:28:32 2024 by rpki-client on console-fra.rpki-client.org