Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/pwcXIY6jtVCM9jB8ZNrkMK_rw_8.roa
File: pwcXIY6jtVCM9jB8ZNrkMK_rw_8.roa (raw, json)
Hash identifier: RoUUxB9bTMYqharLsRTFggLRUVv0aEz01aYXDprg0w0=
Subject key identifier: A7:07:17:21:8E:A3:B5:50:8C:F6:30:7C:64:DA:E4:30:AF:EB:C3:FF
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01929AF0AC333EDFC758A76370EB8C1D1F0F
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/pwcXIY6jtVCM9jB8ZNrkMK_rw_8.roa
Signing time: Thu 17 Oct 2024 14:45:16 +0000
ROA not before: Thu 17 Oct 2024 14:45:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:342::/32 maxlen: 32
2a09:346::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a11:3900::/32 maxlen: 32
2a11:d680::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 06 Nov 2024 17:14:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9a:f0:ac:33:3e:df:c7:58:a7:63:70:eb:8c:1d:1f:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 17 14:45:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a70717218ea3b5508cf6307c64dae430afebc3ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:88:44:4c:0d:fd:ab:35:89:08:e5:d3:fe:55:
cf:0f:81:e7:10:cf:12:5e:db:49:d3:01:96:c4:a4:
01:8d:e2:17:e2:8f:ad:bc:bf:d5:48:0e:84:66:94:
93:57:7b:d2:9f:66:8b:f2:a3:b8:e2:5d:b2:ff:8e:
b0:37:2b:4a:15:17:a0:de:4a:45:73:e0:0d:e4:08:
57:41:1d:e0:64:06:af:68:86:fd:76:89:28:87:dd:
67:68:6b:ac:ff:4d:ea:49:de:8e:84:62:23:72:0d:
49:ea:b0:68:de:1c:52:d1:1d:bf:78:a1:44:33:7d:
aa:e8:2d:7d:5f:4d:a4:3c:62:2c:d4:9b:54:0b:85:
2e:f2:b4:18:95:06:dc:09:97:90:85:a1:8e:ea:61:
35:5d:9b:30:59:bc:8d:34:d1:3a:3b:d1:af:3d:0f:
7d:b4:e0:85:19:70:53:1d:0b:b7:b8:c3:c2:8a:b9:
30:43:56:1d:c9:91:dc:1a:bc:cb:fb:92:bf:6b:ff:
12:01:7c:3e:ef:bd:e3:e4:38:43:b0:0a:23:8b:5d:
7f:a5:fa:75:a4:55:6e:2a:3f:22:96:c4:e5:99:5f:
98:2e:aa:c1:7d:61:54:31:f7:da:53:e3:8f:7d:8a:
86:ee:c5:f1:be:c0:ea:30:d4:f3:22:bd:ad:ec:f0:
16:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:07:17:21:8E:A3:B5:50:8C:F6:30:7C:64:DA:E4:30:AF:EB:C3:FF
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/pwcXIY6jtVCM9jB8ZNrkMK_rw_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.81.115.0/24
45.88.136.0/24
45.88.138.0/24
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.93.0-195.177.94.255
195.211.188.0/23
195.211.191.0/24
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:342::/32
2a09:346::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
2a11:3900::/32
2a11:d680::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
b0:27:bb:c5:2f:fa:3e:96:43:7c:10:15:df:f5:dd:de:52:b2:
a2:48:0e:51:e5:74:3d:a8:88:aa:de:06:15:b3:50:15:03:48:
d9:4e:be:33:2a:11:83:88:93:17:0a:2e:7e:60:c9:83:e6:00:
a6:f3:c6:da:a1:5b:27:17:aa:b1:8c:7e:73:4f:13:93:01:c8:
b4:c2:12:b4:1f:21:6e:a0:8b:8a:4a:1e:4e:9e:6d:a0:52:95:
bf:2e:b0:1c:7a:c7:c8:78:53:c4:c5:47:b9:43:f9:ce:65:39:
5d:69:a5:f9:fb:44:e5:72:f2:7e:5c:45:4e:dc:fd:08:08:b0:
1e:5d:bf:d3:cd:3a:52:8b:5d:25:98:e1:1d:1b:0f:9e:87:63:
8b:89:b8:2c:95:cb:e6:e4:50:b9:10:68:6e:46:f9:d2:3e:be:
ef:1d:be:37:40:79:3d:2b:b9:0c:56:a0:b9:f6:c6:75:4a:c6:
f2:79:d7:a1:9a:67:40:3a:d6:b5:1b:b7:e7:26:e2:f8:9d:9c:
ca:f9:5f:74:23:13:2f:9e:61:a0:c1:53:2b:54:77:ca:f7:48:
4b:46:34:34:3f:cb:f8:28:47:b4:98:27:ed:d5:8e:88:10:09:
00:9c:81:c8:77:3a:40:63:be:61:9b:81:f7:b2:3b:86:82:34:
1d:d9:44:4b
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgISAZKa8KwzPt/HWKdjcOuMHR8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQxMDE3MTQ0NTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzA3MTcyMThlYTNiNTUwOGNmNjMwN2M2NGRhZTQzMGFmZWJjM2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnohETA39qzWJCOXT/lXPD4HnEM8S
XttJ0wGWxKQBjeIX4o+tvL/VSA6EZpSTV3vSn2aL8qO44l2y/46wNytKFReg3kpF
c+AN5AhXQR3gZAavaIb9dokoh91naGus/03qSd6OhGIjcg1J6rBo3hxS0R2/eKFE
M32q6C19X02kPGIs1JtUC4Uu8rQYlQbcCZeQhaGO6mE1XZswWbyNNNE6O9GvPQ99
tOCFGXBTHQu3uMPCirkwQ1YdyZHcGrzL+5K/a/8SAXw+773j5DhDsAoji11/pfp1
pFVuKj8ilsTlmV+YLqrBfWFUMffaU+OPfYqG7sXxvsDqMNTzIr2t7PAWhwIDAQAB
o4IDKTCCAyUwHQYDVR0OBBYEFKcHFyGOo7VQjPYwfGTa5DCv68P/MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvcHdjWElZNmp0VkNNOWpCOFpOcmtNS19yd184LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPQYIKwYBBQUHAQcBAf8EggEsMIIBKDCBrQQCAAEwgaYD
BAACOG0DBAAFtVQDBAAFtVcDBAAtCR0wDAMEAC0NvQMEAC0NvgMEAC1RcwMEAC1Y
iAMEAC1YigMEAC1eqwMEAi2EtAMEAC2Q1AMEAC2XAwMEAE1TJQMEAJITfQMEAbkr
+AMEALkr+wMEAbnIPgMEAMEe8AMEAcEe8gMEAME5KwMEAMLyYAMEAcLyYjAMAwQA
w7FdAwQAw7FeAwQBw9O8AwQAw9O/MHYEAgACMHADBQAqAXEgAwUDKgeSAAMFACoJ
A0ADBQAqCQNCAwUAKgkDRgMFACoJxEADBQAqDF1AAwUDKgylgAMFAyoQ38ADBQAq
EPrAAwUDKhEFgAMFACoRFgADBQAqESqAAwUAKhE5AAMFACoR1oADBQAqEp8AMA0G
CSqGSIb3DQEBCwUAA4IBAQCwJ7vFL/o+lkN8EBXf9d3eUrKiSA5R5XQ9qIiq3gYV
s1AVA0jZTr4zKhGDiJMXCi5+YMmD5gCm88baoVsnF6qxjH5zTxOTAci0whK0HyFu
oIuKSh5Onm2gUpW/LrAcesfIeFPExUe5Q/nOZTldaaX5+0TlcvJ+XEVO3P0ICLAe
Xb/TzTpSi10lmOEdGw+eh2OLibgslcvm5FC5EGhuRvnSPr7vHb43QHk9K7kMVqC5
9sZ1SsbyedehmmdAOta1G7fnJuL4nZzK+V90IxMvnmGgwVMrVHfK90hLRjQ0P8v4
KEe0mCft1Y6IEAkAnIHIdzpAY75hm4H3sjuGgjQd2URL
-----END CERTIFICATE-----
Generated at Wed Nov 6 20:24:34 2024 by rpki-client on console-fra.rpki-client.org