Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/p7fbyjEBvBzcXBdq3msEqoah9lU.roa
File: p7fbyjEBvBzcXBdq3msEqoah9lU.roa (raw, json)
Hash identifier: JrazULfUy2muqjQVsxg4iRmRtOOrrrYKkEgdoIMdrl4=
Subject key identifier: A7:B7:DB:CA:31:01:BC:1C:DC:5C:17:6A:DE:6B:04:AA:86:A1:F6:55
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019302780A326C753957D7747329C232E3DE
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/p7fbyjEBvBzcXBdq3msEqoah9lU.roa
Signing time: Wed 06 Nov 2024 17:14:01 +0000
ROA not before: Wed 06 Nov 2024 17:14:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:342::/32 maxlen: 32
2a09:346::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a11:3900::/32 maxlen: 32
2a11:d680::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 19 Nov 2024 21:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:02:78:0a:32:6c:75:39:57:d7:74:73:29:c2:32:e3:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 6 17:14:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7b7dbca3101bc1cdc5c176ade6b04aa86a1f655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:00:d8:6c:4c:55:f0:f0:96:ee:55:33:89:0c:
38:c8:d1:76:a1:1b:3d:ee:71:50:5b:92:11:97:36:
87:ff:59:01:0a:63:67:52:1f:13:d8:9c:87:dd:bf:
15:ba:79:84:5e:7b:15:71:21:0d:69:4b:aa:d8:94:
79:01:83:9a:cc:aa:b0:4c:69:af:c3:0e:76:eb:8e:
c8:a0:76:6e:93:77:79:30:d8:55:28:c1:7c:5e:06:
ed:bd:b9:df:8f:d8:40:aa:9a:50:13:06:b4:7c:62:
04:3a:db:2f:cf:75:09:fd:c4:12:3b:24:15:32:15:
8c:5a:29:f5:e1:42:3a:4c:98:ee:cf:5c:2e:33:bd:
76:32:cc:33:e1:d4:9c:96:43:f8:08:bc:2b:41:56:
5a:97:c0:6c:67:29:f8:d3:d0:80:0a:b1:3c:1a:50:
c0:0b:30:55:4b:f9:c7:1b:7c:30:0b:b2:e9:ef:ad:
a1:6c:8e:f0:a9:e1:44:16:ef:e1:ec:41:e4:33:cb:
38:2a:33:00:a5:6d:66:a7:85:a3:f6:37:62:25:e2:
66:17:36:d0:a7:0b:07:1f:cc:c3:82:1b:b3:1f:09:
12:90:fb:5a:c1:81:8a:92:90:6b:65:fc:01:e9:9f:
78:ba:61:a4:13:3a:62:f3:7a:43:99:c3:54:09:f7:
1d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:B7:DB:CA:31:01:BC:1C:DC:5C:17:6A:DE:6B:04:AA:86:A1:F6:55
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/p7fbyjEBvBzcXBdq3msEqoah9lU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.81.115.0/24
45.88.136.0/24
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.93.0-195.177.94.255
195.211.188.0/23
195.211.191.0/24
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:342::/32
2a09:346::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
2a11:3900::/32
2a11:d680::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
56:8c:f8:57:0e:ab:f1:a8:74:85:46:6a:f2:83:0c:55:e0:cd:
8a:52:ac:cd:3a:7f:64:22:ce:4d:54:48:84:31:70:45:ff:28:
bf:47:36:0d:15:28:5e:2b:14:2a:cf:0c:af:6e:2c:24:fc:12:
64:cb:31:04:63:10:89:d3:b3:3f:de:57:35:d2:2b:d7:4b:df:
d0:03:d6:36:a3:48:89:6c:06:5b:2f:46:d6:af:f1:12:d9:d6:
4a:45:6e:60:e1:62:13:ee:a7:ec:7b:2e:39:dd:da:5e:ea:f1:
87:47:0c:62:ef:84:64:2e:47:b1:3c:c9:7c:30:7a:d0:8f:41:
ec:08:22:2b:fc:eb:c6:6c:6e:5e:7b:1b:7e:93:28:fa:2e:a3:
95:25:ab:ee:fc:ba:44:52:46:52:23:67:fd:f3:36:3a:11:3d:
87:61:f7:6b:87:d5:e5:fd:99:6f:d4:5e:22:a9:bb:86:fb:11:
9d:3d:1a:3b:cd:1b:a4:4d:0e:a4:8d:31:0c:f6:7d:98:b9:46:
71:59:7e:20:69:5f:da:47:70:63:7a:7f:7d:5e:50:50:bc:2b:
1d:37:d3:97:99:fb:3b:0f:e2:5a:8a:97:cd:0c:01:69:c5:e9:
14:0a:0f:c8:26:38:d8:e8:e4:b3:54:2d:fe:9a:42:b1:3f:5c:
d4:53:0f:d1
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgISAZMCeAoybHU5V9d0cynCMuPeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQxMTA2MTcxNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2I3ZGJjYTMxMDFiYzFjZGM1YzE3NmFkZTZiMDRhYTg2YTFmNjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgDYbExV8PCW7lUziQw4yNF2oRs9
7nFQW5IRlzaH/1kBCmNnUh8T2JyH3b8VunmEXnsVcSENaUuq2JR5AYOazKqwTGmv
ww52647IoHZuk3d5MNhVKMF8Xgbtvbnfj9hAqppQEwa0fGIEOtsvz3UJ/cQSOyQV
MhWMWin14UI6TJjuz1wuM712Mswz4dSclkP4CLwrQVZal8BsZyn409CACrE8GlDA
CzBVS/nHG3wwC7Lp762hbI7wqeFEFu/h7EHkM8s4KjMApW1mp4Wj9jdiJeJmFzbQ
pwsHH8zDghuzHwkSkPtawYGKkpBrZfwB6Z94umGkEzpi83pDmcNUCfcdxwIDAQAB
o4IDIzCCAx8wHQYDVR0OBBYEFKe328oxAbwc3FwXat5rBKqGofZVMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvcDdmYnlqRUJ2QnpjWEJkcTNtc0Vxb2FoOWxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNwYIKwYBBQUHAQcBAf8EggEmMIIBIjCBpwQCAAEwgaAD
BAACOG0DBAAFtVQDBAAFtVcDBAAtCR0wDAMEAC0NvQMEAC0NvgMEAC1RcwMEAC1Y
iAMEAC1eqwMEAi2EtAMEAC2Q1AMEAC2XAwMEAE1TJQMEAJITfQMEAbkr+AMEALkr
+wMEAbnIPgMEAMEe8AMEAcEe8gMEAME5KwMEAMLyYAMEAcLyYjAMAwQAw7FdAwQA
w7FeAwQBw9O8AwQAw9O/MHYEAgACMHADBQAqAXEgAwUDKgeSAAMFACoJA0ADBQAq
CQNCAwUAKgkDRgMFACoJxEADBQAqDF1AAwUDKgylgAMFAyoQ38ADBQAqEPrAAwUD
KhEFgAMFACoRFgADBQAqESqAAwUAKhE5AAMFACoR1oADBQAqEp8AMA0GCSqGSIb3
DQEBCwUAA4IBAQBWjPhXDqvxqHSFRmrygwxV4M2KUqzNOn9kIs5NVEiEMXBF/yi/
RzYNFSheKxQqzwyvbiwk/BJkyzEEYxCJ07M/3lc10ivXS9/QA9Y2o0iJbAZbL0bW
r/ES2dZKRW5g4WIT7qfsey453dpe6vGHRwxi74RkLkexPMl8MHrQj0HsCCIr/OvG
bG5eext+kyj6LqOVJavu/LpEUkZSI2f98zY6ET2HYfdrh9Xl/Zlv1F4iqbuG+xGd
PRo7zRukTQ6kjTEM9n2YuUZxWX4gaV/aR3Bjen99XlBQvCsdN9OXmfs7D+JaipfN
DAFpxekUCg/IJjjY6OSzVC3+mkKxP1zUUw/R
-----END CERTIFICATE-----
Generated at Wed Nov 20 00:06:56 2024 by rpki-client on console-ams.rpki-client.org