Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/qH4BN0dAb8WU6dwmahQbi8PBfEw.roa
File: qH4BN0dAb8WU6dwmahQbi8PBfEw.roa (raw, json)
Hash identifier: XRv2aoSi4jSYqb1EuU1PudPONeOox0tis2VlKDPcTNU=
Subject key identifier: A8:7E:01:37:47:40:6F:C5:94:E9:DC:26:6A:14:1B:8B:C3:C1:7C:4C
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A3BC23C79659CB11C777F644129581454
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/qH4BN0dAb8WU6dwmahQbi8PBfEw.roa
Signing time: Mon 28 Aug 2023 10:48:19 +0000
ROA not before: Mon 28 Aug 2023 10:48:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.81.114.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:c2:3c:79:65:9c:b1:1c:77:7f:64:41:29:58:14:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 28 10:48:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a87e013747406fc594e9dc266a141b8bc3c17c4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a1:25:62:09:07:d4:0f:17:52:a6:bc:5f:71:
ac:17:87:37:e4:35:68:96:d9:67:09:79:8c:b2:64:
a1:bb:08:24:a4:92:69:5c:e2:b6:da:7b:a2:66:26:
0d:af:cb:88:36:66:ad:83:74:c2:78:e6:4e:0f:6a:
fd:2f:4d:30:d5:f2:15:dc:27:0a:c9:72:35:37:c1:
1f:9f:da:0c:fe:78:ec:e3:19:6e:d3:5f:2d:0c:fc:
34:72:51:fd:73:f3:a6:75:bd:94:b9:55:30:2c:3a:
42:19:a9:c4:76:7c:00:64:77:bc:73:86:01:f1:a4:
fe:f7:ae:a4:f4:c0:1c:ae:80:66:73:15:50:e1:e5:
84:84:3f:e5:f6:66:36:10:47:5e:80:c7:60:cd:d9:
d1:06:ee:55:30:86:05:73:38:48:99:6e:25:d3:76:
8b:60:f5:4f:6e:96:5e:f5:f7:e2:1f:22:e0:63:d5:
21:41:f9:4d:c3:40:46:15:0e:c9:0f:0b:13:09:a0:
32:66:59:47:e4:ad:c3:17:60:43:3e:28:0a:2c:99:
9a:7c:39:b2:53:63:f8:3e:44:b2:ff:c2:8c:14:f3:
32:53:fc:d8:28:66:5e:b4:41:63:b1:07:32:e3:04:
42:02:03:51:7b:95:7c:7d:41:17:d7:fa:a8:51:20:
18:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:7E:01:37:47:40:6F:C5:94:E9:DC:26:6A:14:1B:8B:C3:C1:7C:4C
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/qH4BN0dAb8WU6dwmahQbi8PBfEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
30:a1:94:5e:cb:cd:c6:4f:20:92:1b:cf:72:93:a9:90:71:5f:
45:9b:d8:51:fd:11:98:59:8b:c3:53:34:41:6b:ba:f5:c0:33:
68:be:80:82:78:f8:64:56:d9:19:ec:ab:b5:5f:0c:f3:fa:72:
d9:ba:90:c2:a7:b0:81:e3:e2:2e:9e:d1:ac:7c:d8:99:52:98:
09:8a:8b:2a:ee:9c:6c:fc:ab:f7:4d:6f:be:b9:55:63:16:d4:
24:c9:c5:ff:03:8a:ea:8e:6d:c5:0f:91:4a:51:56:60:33:57:
c9:02:c5:a6:48:14:01:de:55:9d:04:ef:25:12:29:55:e7:6e:
79:78:c5:ee:19:55:55:00:05:b0:22:f0:a2:52:60:8c:28:aa:
7d:60:8a:6f:3d:f2:89:ab:3a:57:87:c3:d9:37:1a:dc:2b:21:
d2:2d:57:26:14:16:ac:5a:02:75:f5:cb:bc:fa:db:48:e4:09:
13:86:11:7e:3e:c6:4c:d3:ee:28:7e:82:b1:13:79:a7:50:26:
27:99:fd:1d:1c:17:a8:a3:83:d8:de:fe:2b:2b:52:a2:c9:c5:
5c:db:21:19:22:08:6b:dc:a5:31:7d:4b:86:b9:ce:ff:06:e7:
88:77:67:0e:1d:d3:eb:5b:4e:06:55:4c:0a:30:7c:0f:dc:f5:
7e:8e:a9:8e
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYo7wjx5ZZyxHHd/ZEEpWBRUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODI4MTA0ODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODdlMDEzNzQ3NDA2ZmM1OTRlOWRjMjY2YTE0MWI4YmMzYzE3YzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaElYgkH1A8XUqa8X3GsF4c35DVo
ltlnCXmMsmShuwgkpJJpXOK22nuiZiYNr8uINmatg3TCeOZOD2r9L00w1fIV3CcK
yXI1N8Efn9oM/njs4xlu018tDPw0clH9c/Omdb2UuVUwLDpCGanEdnwAZHe8c4YB
8aT+966k9MAcroBmcxVQ4eWEhD/l9mY2EEdegMdgzdnRBu5VMIYFczhImW4l03aL
YPVPbpZe9ffiHyLgY9UhQflNw0BGFQ7JDwsTCaAyZllH5K3DF2BDPigKLJmafDmy
U2P4PkSy/8KMFPMyU/zYKGZetEFjsQcy4wRCAgNRe5V8fUEX1/qoUSAYDQIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFKh+ATdHQG/FlOncJmoUG4vDwXxMMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvcUg0Qk4wZEFiOFdVNmR3bWFoUWJpOFBCZkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBkwQCAAEwgYwDBAAF
tVcDBAAtCR0DBAItUXADBAAtWIgDBAEtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AS2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KQMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAj
AwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQEL
BQADggEBADChlF7LzcZPIJIbz3KTqZBxX0Wb2FH9EZhZi8NTNEFruvXAM2i+gIJ4
+GRW2Rnsq7VfDPP6ctm6kMKnsIHj4i6e0ax82JlSmAmKiyrunGz8q/dNb765VWMW
1CTJxf8DiuqObcUPkUpRVmAzV8kCxaZIFAHeVZ0E7yUSKVXnbnl4xe4ZVVUABbAi
8KJSYIwoqn1gim898omrOleHw9k3GtwrIdItVyYUFqxaAnX1y7z620jkCROGEX4+
xkzT7ih+grETeadQJieZ/R0cF6ijg9je/isrUqLJxVzbIRkiCGvcpTF9S4a5zv8G
54h3Zw4d0+tbTgZVTAowfA/c9X6OqY4=
-----END CERTIFICATE-----
Generated at Mon Aug 28 14:07:15 2023 by rpki-client on console-fra.rpki-client.org