Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/r-bmIjcRaDo492hXD-EN_ouZYs8.roa
File: r-bmIjcRaDo492hXD-EN_ouZYs8.roa (raw, json)
Hash identifier: vle+9y4JS5uh583OJc1d99TnjSTQdgF7uFmP2C2Xzh8=
Subject key identifier: AF:E6:E6:22:37:11:68:3A:38:F7:68:57:0F:E1:0D:FE:8B:99:62:CF
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018572205F0726D2A0E4EF9FB2317DD47560
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/r-bmIjcRaDo492hXD-EN_ouZYs8.roa
Signing time: Mon 02 Jan 2023 10:56:42 +0000
ROA not before: Mon 02 Jan 2023 10:56:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.139.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.188.0/24 maxlen: 24
45.94.168.0/22 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
45.138.180.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:20:5f:07:26:d2:a0:e4:ef:9f:b2:31:7d:d4:75:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 10:56:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afe6e6223711683a38f768570fe10dfe8b9962cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a1:a9:9b:1c:fc:64:fa:e8:96:5d:af:4d:ea:
71:4b:28:d8:46:61:9d:fa:f6:40:05:1c:c1:93:47:
a8:c4:b3:16:34:9a:1c:aa:18:18:df:b7:aa:9e:75:
ba:49:0d:76:a2:10:70:db:32:ec:8a:36:8e:06:34:
63:7f:d2:e5:de:38:b7:1a:4d:1e:fb:3d:ed:ff:61:
e8:90:94:44:f4:4a:df:7d:59:e7:d0:49:ca:e8:10:
99:f8:77:01:15:98:77:19:4f:da:76:ee:6b:87:ba:
3c:31:dd:df:dc:25:ce:41:51:5f:00:de:69:7c:48:
c2:74:4d:e2:bf:5c:68:df:1a:d2:e8:0a:e5:ba:61:
43:93:1d:b4:9c:6e:8b:36:64:8e:b9:83:36:2f:79:
fa:76:6b:48:38:d7:6d:88:5b:8c:8c:af:f7:19:88:
ae:1e:48:08:40:61:fe:d8:59:4e:1b:d4:22:6d:cc:
ac:be:cf:a0:a2:77:be:6f:10:ea:21:c9:6c:98:ab:
e3:c1:cb:a1:c3:50:7b:2d:0a:b0:2f:ee:89:f1:31:
95:9a:ab:7c:24:e8:e5:e2:7c:df:11:89:b3:80:af:
f4:44:ba:d3:0a:ef:4e:94:54:f7:20:70:4c:92:da:
db:76:46:3d:e2:a2:76:46:79:8c:15:f6:2f:5d:c4:
26:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:E6:E6:22:37:11:68:3A:38:F7:68:57:0F:E1:0D:FE:8B:99:62:CF
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/r-bmIjcRaDo492hXD-EN_ouZYs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.13.188.0/24
45.81.112.0/22
45.88.136.0/24
45.88.139.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.138.180.0/24
45.144.212.0/24
77.83.38.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
2d:74:d6:14:8b:55:db:4c:92:6a:49:5e:62:04:27:bb:74:99:
e3:9b:4a:78:c5:c3:11:d5:cb:c1:5c:25:f2:70:52:f1:b8:f6:
84:ba:b1:82:d5:97:da:f8:f6:7c:47:13:bc:98:a1:db:dc:84:
bc:62:12:c3:36:10:09:46:68:72:41:1c:a2:cc:5c:52:94:e5:
4a:d2:a8:65:c1:65:12:c8:f7:3b:41:aa:b4:b5:3a:32:60:da:
30:e4:f4:11:59:04:d7:5a:1c:24:f0:59:06:4f:41:3a:b4:4b:
aa:7f:52:3d:44:c9:1a:80:91:9d:b6:6e:3f:cf:90:b7:55:cc:
2e:6b:5e:b6:dd:28:fd:25:47:03:e3:2d:c9:ee:7e:54:4e:44:
c2:80:12:19:32:cf:e3:2a:7b:0e:0e:4a:b1:ee:b8:15:ad:02:
70:af:eb:53:af:87:88:fa:49:62:83:1f:fc:de:cf:61:a4:bd:
9c:18:2d:2e:e5:95:e6:e2:5a:69:6f:d5:2c:fe:35:f7:ef:b4:
6a:9f:37:12:d2:ef:90:8e:74:87:3a:28:6d:a0:46:ab:5c:58:
45:58:2c:83:df:dc:c2:4f:19:a7:6f:fa:bd:da:50:ea:b0:c6:
2a:2f:5c:af:26:e4:ec:c0:db:99:c3:ac:95:3b:8b:2f:43:77:
88:b0:cb:43
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYVyIF8HJtKg5O+fsjF91HVgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTAyMTA1NjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmU2ZTYyMjM3MTE2ODNhMzhmNzY4NTcwZmUxMGRmZThiOTk2MmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqGpmxz8ZProll2vTepxSyjYRmGd
+vZABRzBk0eoxLMWNJocqhgY37eqnnW6SQ12ohBw2zLsijaOBjRjf9Ll3ji3Gk0e
+z3t/2HokJRE9ErffVnn0EnK6BCZ+HcBFZh3GU/adu5rh7o8Md3f3CXOQVFfAN5p
fEjCdE3iv1xo3xrS6ArlumFDkx20nG6LNmSOuYM2L3n6dmtIONdtiFuMjK/3GYiu
HkgIQGH+2FlOG9Qibcysvs+gone+bxDqIclsmKvjwcuhw1B7LQqwL+6J8TGVmqt8
JOjl4nzfEYmzgK/0RLrTCu9OlFT3IHBMktrbdkY94qJ2RnmMFfYvXcQm3wIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFK/m5iI3EWg6OPdoVw/hDf6LmWLPMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvci1ibUlqY1JhRG80OTJoWEQtRU5fb3VaWXM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBkwQCAAEwgYwDBAIC
OGwDBAAFtVcDBAAtCR0DBAAtDbwDBAItUXADBAAtWIgDBAAtWIsDBAItXqgwDAME
AC2EtQMEAy2EsAMEAC2KtAMEAC2Q1AMEAE1TJgMEAlXReAMEAbkr+AMEALkr+wME
AbnIPgMEAsEe8AMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAj
AwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQEL
BQADggEBAC101hSLVdtMkmpJXmIEJ7t0meObSnjFwxHVy8FcJfJwUvG49oS6sYLV
l9r49nxHE7yYodvchLxiEsM2EAlGaHJBHKLMXFKU5UrSqGXBZRLI9ztBqrS1OjJg
2jDk9BFZBNdaHCTwWQZPQTq0S6p/Uj1EyRqAkZ22bj/PkLdVzC5rXrbdKP0lRwPj
LcnuflRORMKAEhkyz+Mqew4OSrHuuBWtAnCv61Ovh4j6SWKDH/zez2GkvZwYLS7l
lebiWmlv1Sz+NffvtGqfNxLS75COdIc6KG2gRqtcWEVYLIPf3MJPGadv+r3aUOqw
xiovXK8m5OzA25nDrJU7iy9Dd4iwy0M=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:21 2023 by rpki-client on console-ams.rpki-client.org