Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tZfxy__B505PLw3qSzIr3V6axx8.roa
File: tZfxy__B505PLw3qSzIr3V6axx8.roa (raw, json)
Hash identifier: 0OI43gjrVAJakwkIMwE9nN7H0ERFlxtRWPjLAN2vmsw=
Subject key identifier: B5:97:F1:CB:FF:C1:E7:4E:4F:2F:0D:EA:4B:32:2B:DD:5E:9A:C7:1F
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01858736519887596782D5F4E99D9AD577CA
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tZfxy__B505PLw3qSzIr3V6axx8.roa
Signing time: Fri 06 Jan 2023 13:12:41 +0000
ROA not before: Fri 06 Jan 2023 13:12:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.139.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.188.0/24 maxlen: 24
45.94.168.0/22 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 08 Jan 2023 22:09:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:87:36:51:98:87:59:67:82:d5:f4:e9:9d:9a:d5:77:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 6 13:12:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b597f1cbffc1e74e4f2f0dea4b322bdd5e9ac71f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:67:8d:69:ac:1a:5c:44:b3:f9:f8:d7:63:4d:
79:c9:8c:3e:fb:3e:ea:6f:bc:46:82:23:ff:1c:6b:
57:7e:65:f4:7e:5a:b0:ad:41:1a:a2:81:28:d1:b1:
6b:90:fd:6c:79:e8:fe:d5:f5:09:0d:91:c9:b6:fa:
c3:3f:ff:85:c8:16:05:06:65:da:c5:ba:92:8f:32:
5c:55:cc:6f:9e:f1:66:ca:54:16:d0:72:6c:49:b4:
ed:91:81:f6:07:aa:8e:65:8a:fc:c4:69:7b:dc:25:
aa:67:63:6d:97:9c:f0:9e:cc:42:d4:6d:f8:76:aa:
2b:aa:7e:5f:77:d5:fb:e5:d3:c9:87:ad:11:8b:a3:
1f:8a:56:bd:f4:d3:6c:45:b7:83:ba:9b:47:5b:2a:
66:aa:64:09:d8:04:0a:59:db:27:9b:33:a9:6f:42:
d0:e3:c6:ac:f9:be:7d:db:4a:ea:bb:b0:52:de:ae:
54:e0:d0:5c:31:0a:d0:f2:5a:b5:d9:37:e5:eb:5b:
78:f3:6f:b0:75:df:83:0b:98:7c:ed:ab:01:4a:8a:
e6:e4:c1:28:3d:9e:8d:8c:46:ba:94:55:ea:08:cf:
78:57:8c:99:46:4b:b1:00:fd:c3:bc:a1:d3:24:05:
f6:d8:6d:d1:03:70:78:7f:0b:40:bb:7b:d2:f4:31:
7a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:97:F1:CB:FF:C1:E7:4E:4F:2F:0D:EA:4B:32:2B:DD:5E:9A:C7:1F
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tZfxy__B505PLw3qSzIr3V6axx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.13.188.0/24
45.81.112.0/22
45.88.136.0/24
45.88.139.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.38.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
b5:bb:8a:1f:ec:69:09:ab:43:88:53:56:34:7f:28:11:11:ed:
13:92:d6:94:68:38:e4:8a:68:4b:38:11:1b:aa:cf:94:0a:18:
57:dd:10:40:1d:d0:19:29:c4:df:8a:38:5b:27:cc:5f:e6:6e:
6f:0a:19:2e:e1:8d:93:4b:85:8f:3e:c8:99:e4:f1:ee:15:df:
62:b2:a2:59:03:e6:9d:b2:28:65:ee:11:da:ea:18:9a:bf:14:
0a:5a:6f:49:02:7a:88:84:5c:06:9e:9e:d5:90:e1:e1:f5:da:
9d:0b:09:3f:6f:13:b1:b8:39:71:e7:94:42:4b:d4:c1:49:ca:
83:ef:42:24:5a:41:ac:c6:e8:25:c4:cb:77:cf:4e:8e:f0:3c:
db:eb:9d:25:e1:54:c4:f7:b0:16:3d:67:4b:7d:51:a2:12:f8:
81:ba:7f:af:9a:a8:fb:17:cd:eb:76:e2:9a:90:49:25:b3:9a:
ca:ef:1c:b0:4a:78:6f:00:57:21:5f:be:30:ee:fc:11:1e:59:
6c:8b:44:37:d4:2f:bd:35:ab:29:6e:19:35:13:a7:a7:44:4a:
c3:47:3f:a7:27:b8:0f:8a:36:9a:cc:f4:7c:11:0e:4c:14:15:
75:c5:45:b1:a2:e3:e3:87:19:21:dd:c4:00:32:64:70:f1:37:
53:32:1a:8c
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYWHNlGYh1lngtX06Z2a1XfKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTA2MTMxMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTk3ZjFjYmZmYzFlNzRlNGYyZjBkZWE0YjMyMmJkZDVlOWFjNzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmeNaawaXESz+fjXY015yYw++z7q
b7xGgiP/HGtXfmX0flqwrUEaooEo0bFrkP1seej+1fUJDZHJtvrDP/+FyBYFBmXa
xbqSjzJcVcxvnvFmylQW0HJsSbTtkYH2B6qOZYr8xGl73CWqZ2Ntl5zwnsxC1G34
dqorqn5fd9X75dPJh60Ri6Mfila99NNsRbeDuptHWypmqmQJ2AQKWdsnmzOpb0LQ
48as+b5920rqu7BS3q5U4NBcMQrQ8lq12Tfl61t482+wdd+DC5h87asBSorm5MEo
PZ6NjEa6lFXqCM94V4yZRkuxAP3DvKHTJAX22G3RA3B4fwtAu3vS9DF6HwIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFLWX8cv/wedOTy8N6ksyK91emscfMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvdFpmeHlfX0I1MDVQTHczcVN6SXIzVjZheHg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBjQQCAAEwgYYDBAIC
OGwDBAAFtVcDBAAtCR0DBAAtDbwDBAItUXADBAAtWIgDBAAtWIsDBAItXqgwDAME
AC2EtQMEAy2EsAMEAC2Q1AMEAE1TJgMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAjAwUAKgFx
IAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEB
ALW7ih/saQmrQ4hTVjR/KBER7ROS1pRoOOSKaEs4ERuqz5QKGFfdEEAd0BkpxN+K
OFsnzF/mbm8KGS7hjZNLhY8+yJnk8e4V32KyolkD5p2yKGXuEdrqGJq/FApab0kC
eoiEXAaentWQ4eH12p0LCT9vE7G4OXHnlEJL1MFJyoPvQiRaQazG6CXEy3fPTo7w
PNvrnSXhVMT3sBY9Z0t9UaIS+IG6f6+aqPsXzet24pqQSSWzmsrvHLBKeG8AVyFf
vjDu/BEeWWyLRDfUL701qyluGTUTp6dESsNHP6cnuA+KNprM9HwRDkwUFXXFRbGi
4+OHGSHdxAAyZHDxN1MyGow=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org