Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/sJbzTBxNkaeuvnWY9ARJTNxOD0g.roa
File: sJbzTBxNkaeuvnWY9ARJTNxOD0g.roa (raw, json)
Hash identifier: 5ApCrkM3U33LGbvD5iQoHJlgeBwAk68svp3rneqT7Ac=
Subject key identifier: B0:96:F3:4C:1C:4D:91:A7:AE:BE:75:98:F4:04:49:4C:DC:4E:0F:48
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A3C644730FABE0791956AF8841074A425
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/sJbzTBxNkaeuvnWY9ARJTNxOD0g.roa
Signing time: Mon 28 Aug 2023 13:45:19 +0000
ROA not before: Mon 28 Aug 2023 13:45:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.81.114.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:64:47:30:fa:be:07:91:95:6a:f8:84:10:74:a4:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 28 13:45:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b096f34c1c4d91a7aebe7598f404494cdc4e0f48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:10:20:fc:7c:2f:41:c6:ec:43:73:1a:e8:ea:
74:6a:b8:c1:5d:a2:87:84:3a:b2:ce:73:92:e0:33:
c0:1c:17:27:06:82:f0:fb:9e:bf:a7:02:36:77:06:
8c:ad:97:aa:78:ea:fc:d4:0e:90:e2:78:c8:a5:ba:
01:c4:f2:be:b1:d4:36:7b:95:10:35:cc:68:cd:db:
22:a2:dd:e9:89:92:65:ec:f5:e8:7e:0c:df:70:c7:
6c:9b:d8:ba:be:5e:64:ae:e0:06:b7:a6:d8:27:4f:
26:5f:27:94:8e:ab:16:98:aa:53:ae:21:ca:33:8c:
4d:79:ff:6c:cf:dc:d8:0d:1a:26:17:b2:37:e2:8a:
68:b7:23:f1:cb:ea:74:ef:90:ec:cc:75:54:be:0d:
ea:46:e7:8d:d8:c1:20:ad:5b:91:c1:87:be:3c:7d:
4a:0e:d8:a6:79:7f:fe:55:8c:7b:49:e7:74:3f:9d:
da:68:ff:78:d6:dc:98:c5:03:ab:79:6f:de:5c:99:
2b:c8:13:fb:25:8a:53:e7:c3:92:47:9b:81:bc:06:
06:09:38:a4:18:3c:96:e4:6f:da:7c:6f:ef:3c:3a:
cd:6e:93:1a:d4:e2:02:3b:cf:0d:9c:9d:40:1d:65:
af:50:0d:8c:ac:5c:45:88:ac:83:61:f3:03:9e:de:
c3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:96:F3:4C:1C:4D:91:A7:AE:BE:75:98:F4:04:49:4C:DC:4E:0F:48
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/sJbzTBxNkaeuvnWY9ARJTNxOD0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
13:37:86:1c:67:7b:59:26:51:55:cf:ce:79:4d:69:7b:41:f9:
d8:43:e7:e5:e7:1d:f7:36:f4:5d:36:69:d4:23:8e:73:81:a5:
1d:1f:1b:e0:8b:3f:1c:2a:70:8b:99:d2:2b:ee:5a:30:49:db:
24:86:15:3a:ea:bf:13:d6:52:a5:93:74:8c:d0:e7:59:44:8c:
34:0a:9a:2b:96:d6:19:34:16:08:84:c4:2c:93:53:ba:55:9b:
ed:3b:d8:9f:8f:f3:10:8a:7b:4e:b8:a9:95:99:50:55:88:ce:
a5:68:37:b3:c5:81:0d:5e:30:4e:e8:ca:00:f6:37:dc:7e:f5:
26:a7:4a:18:c1:b9:56:2c:71:4f:5e:8d:fb:05:62:e5:cc:65:
a7:54:1e:95:52:16:fc:de:d6:71:4c:2b:b2:64:8d:2a:24:6d:
2f:43:ae:84:c6:c2:e0:38:85:f9:5f:d9:59:d6:a6:de:fb:7e:
b8:4e:f0:00:66:cf:68:94:a2:3b:d1:0f:1b:f0:08:3b:8b:d0:
0b:35:df:66:b9:2b:09:0a:f1:47:4e:01:c0:d2:75:31:58:9a:
45:5f:95:8f:a4:b9:94:91:84:da:b4:9e:0f:93:b8:07:82:43:
1c:27:14:33:a9:35:7f:b3:ba:34:ce:3a:23:86:be:46:0f:c2:
b0:a6:a9:f6
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYo8ZEcw+r4HkZVq+IQQdKQlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODI4MTM0NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDk2ZjM0YzFjNGQ5MWE3YWViZTc1OThmNDA0NDk0Y2RjNGUwZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxAg/HwvQcbsQ3Ma6Op0arjBXaKH
hDqyznOS4DPAHBcnBoLw+56/pwI2dwaMrZeqeOr81A6Q4njIpboBxPK+sdQ2e5UQ
Ncxozdsiot3piZJl7PXofgzfcMdsm9i6vl5kruAGt6bYJ08mXyeUjqsWmKpTriHK
M4xNef9sz9zYDRomF7I34opotyPxy+p075DszHVUvg3qRueN2MEgrVuRwYe+PH1K
DtimeX/+VYx7Sed0P53aaP941tyYxQOreW/eXJkryBP7JYpT58OSR5uBvAYGCTik
GDyW5G/afG/vPDrNbpMa1OICO88NnJ1AHWWvUA2MrFxFiKyDYfMDnt7D+QIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFLCW80wcTZGnrr51mPQESUzcTg9IMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvc0pielRCeE5rYWV1dm5XWTlBUkpUTnhPRDBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBkwQCAAEwgYwDBAAF
tVcDBAAtCR0DBAItUXADBAAtWIgDBAEtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AS2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KQMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAj
AwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQEL
BQADggEBABM3hhxne1kmUVXPznlNaXtB+dhD5+XnHfc29F02adQjjnOBpR0fG+CL
PxwqcIuZ0ivuWjBJ2ySGFTrqvxPWUqWTdIzQ51lEjDQKmiuW1hk0FgiExCyTU7pV
m+072J+P8xCKe064qZWZUFWIzqVoN7PFgQ1eME7oygD2N9x+9SanShjBuVYscU9e
jfsFYuXMZadUHpVSFvze1nFMK7JkjSokbS9DroTGwuA4hflf2VnWpt77frhO8ABm
z2iUojvRDxvwCDuL0As132a5KwkK8UdOAcDSdTFYmkVflY+kuZSRhNq0ng+TuAeC
QxwnFDOpNX+zujTOOiOGvkYPwrCmqfY=
-----END CERTIFICATE-----
Generated at Wed Aug 30 11:22:27 2023 by rpki-client on console-ams.rpki-client.org