Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/szVOYHyDVVv8ooVMIckfKRnn70w.roa
File: szVOYHyDVVv8ooVMIckfKRnn70w.roa (raw, json)
Hash identifier: UYTE9oUl0KWmt8r1UZ9AveVb5lS4NHH8xqABSYlEWYY=
Subject key identifier: B3:35:4E:60:7C:83:55:5B:FC:A2:85:4C:21:C9:1F:29:19:E7:EF:4C
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0190E4DB2394D0A510940B30C8547ECE66C4
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/szVOYHyDVVv8ooVMIckfKRnn70w.roa
Signing time: Wed 24 Jul 2024 13:08:04 +0000
ROA not before: Wed 24 Jul 2024 13:08:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a07:9200::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a10:dfc0::/29 maxlen: 29
2a11:580::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 31 Jul 2024 15:06:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e4:db:23:94:d0:a5:10:94:0b:30:c8:54:7e:ce:66:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jul 24 13:08:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3354e607c83555bfca2854c21c91f2919e7ef4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:46:2e:15:6e:e2:5f:be:fe:06:90:63:04:6c:
3e:2c:1a:af:a9:63:d0:fb:65:a8:13:07:61:96:6a:
4b:5d:75:01:d3:94:24:8d:07:7c:d8:58:27:78:38:
59:78:11:83:e1:5a:1c:b3:b5:3d:5f:00:88:05:60:
8f:b7:25:ab:75:84:1e:0d:c8:2f:7f:b7:2d:3a:13:
05:ed:96:66:c3:11:5e:68:c6:5b:36:07:4d:08:51:
c0:85:84:c8:85:a1:67:45:11:6a:f6:f9:d7:30:d2:
64:60:78:a7:e9:85:59:6d:b3:63:8f:8b:d2:d1:f4:
d0:15:9f:3e:89:a7:b0:97:ae:3d:00:91:51:71:f3:
82:15:1b:87:89:7c:b4:85:a2:02:44:e8:fa:54:5b:
3f:0c:a4:00:8e:2d:fd:23:b6:8d:ea:6d:10:e5:15:
33:33:97:44:25:f4:c8:da:d0:ae:cb:0b:87:7f:8f:
46:42:ef:c7:ea:30:89:62:28:24:29:f9:5b:ee:f3:
7e:01:5c:d2:d9:e5:39:50:df:32:8d:6d:0b:f7:18:
e4:65:df:c4:d8:59:ae:1d:ae:7a:71:e1:42:e1:9b:
a4:8f:36:71:16:b9:7a:96:f6:f6:57:8e:bf:5a:17:
69:c0:fa:49:eb:ff:e2:81:ea:87:65:a0:55:65:78:
b8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:35:4E:60:7C:83:55:5B:FC:A2:85:4C:21:C9:1F:29:19:E7:EF:4C
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/szVOYHyDVVv8ooVMIckfKRnn70w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.81.115.0/24
45.88.136.0/24
45.88.138.0/24
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.93.0-195.177.95.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
28:bc:d7:ed:b6:2c:d9:d7:26:c5:0a:69:ca:a0:e6:bb:87:16:
31:5b:37:c1:42:20:fb:b8:72:50:a4:e3:85:7e:01:08:ed:a6:
4c:6c:ad:36:7c:cb:eb:ef:70:ec:9f:6b:8b:ec:1f:30:fd:89:
c3:16:e3:40:ff:3d:7d:86:29:d0:06:7a:00:01:5f:72:02:e3:
91:45:bb:93:22:27:ab:cf:1a:41:59:b5:f8:fe:74:6c:c9:8b:
0a:64:ab:2d:27:ad:a8:6c:dd:3f:e4:84:9d:71:4c:fe:e9:25:
c3:ea:77:84:a2:e1:26:7e:ce:a8:db:12:58:ca:95:33:ab:e9:
02:b1:7c:2c:0b:ad:00:ef:11:d2:d0:6a:04:43:ea:26:2d:40:
74:91:db:d3:2c:e6:2f:44:4a:21:86:ee:bd:58:b9:e3:2e:0f:
c8:7c:24:9b:ad:90:cb:11:1e:f2:9b:54:27:6b:ea:e7:c4:5e:
90:01:d3:df:6d:4a:d9:2c:9e:37:72:dc:26:f6:21:ca:73:e6:
f7:9e:29:5c:99:23:89:f1:6f:cf:7b:82:0e:da:55:e2:da:e0:
8e:cc:61:36:ca:7a:8f:2e:5c:b8:01:3b:43:d6:70:dd:d9:f8:
05:e7:21:e6:61:84:50:8d:45:bb:73:e4:7f:55:27:ae:be:1c:
be:3c:55:0b
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgISAZDk2yOU0KUQlAswyFR+zmbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNzI0MTMwODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzM1NGU2MDdjODM1NTViZmNhMjg1NGMyMWM5MWYyOTE5ZTdlZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUYuFW7iX77+BpBjBGw+LBqvqWPQ
+2WoEwdhlmpLXXUB05QkjQd82FgneDhZeBGD4Vocs7U9XwCIBWCPtyWrdYQeDcgv
f7ctOhMF7ZZmwxFeaMZbNgdNCFHAhYTIhaFnRRFq9vnXMNJkYHin6YVZbbNjj4vS
0fTQFZ8+iaewl649AJFRcfOCFRuHiXy0haICROj6VFs/DKQAji39I7aN6m0Q5RUz
M5dEJfTI2tCuywuHf49GQu/H6jCJYigkKflb7vN+AVzS2eU5UN8yjW0L9xjkZd/E
2FmuHa56ceFC4ZukjzZxFrl6lvb2V46/WhdpwPpJ6//igeqHZaBVZXi48wIDAQAB
o4ICxTCCAsEwHQYDVR0OBBYEFLM1TmB8g1Vb/KKFTCHJHykZ5+9MMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvc3pWT1lIeURWVnY4b29WTUlja2ZLUm5uNzB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHaBggrBgEFBQcBBwEB/wSByjCBxzCBmQQCAAEwgZIDBAAC
OG0DBAAFtVQDBAAFtVcDBAAtCR0DBAAtUXMDBAAtWIgDBAAtWIoDBAAtXqsDBAIt
hLQDBAAtkNQDBAAtlwMDBABNUyUDBACSE30DBAG5K/gDBAC5K/sDBAG5yD4DBADB
HvADBAHBHvIDBADBOSsDBADC8mADBAHC8mIwDAMEAMOxXQMEBcOxQAMEAsPTvDAp
BAIAAjAjAwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZI
hvcNAQELBQADggEBACi81+22LNnXJsUKacqg5ruHFjFbN8FCIPu4clCk44V+AQjt
pkxsrTZ8y+vvcOyfa4vsHzD9icMW40D/PX2GKdAGegABX3IC45FFu5MiJ6vPGkFZ
tfj+dGzJiwpkqy0nrahs3T/khJ1xTP7pJcPqd4Si4SZ+zqjbEljKlTOr6QKxfCwL
rQDvEdLQagRD6iYtQHSR29Ms5i9ESiGG7r1YueMuD8h8JJutkMsRHvKbVCdr6ufE
XpAB099tStksnjdy3Cb2Icpz5veeKVyZI4nxb897gg7aVeLa4I7MYTbKeo8uXLgB
O0PWcN3Z+AXnIeZhhFCNRbtz5H9VJ66+HL48VQs=
-----END CERTIFICATE-----
Generated at Wed Jul 31 18:24:55 2024 by rpki-client on console-fra.rpki-client.org