Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/td2NMIgi-YZFaSH3DK-qq7o6BuQ.roa
File: td2NMIgi-YZFaSH3DK-qq7o6BuQ.roa (raw, json)
Hash identifier: zhYp5L5271CCZ5g4T3xi1G8ufo+n7OLSSBnEm4cN7NE=
Subject key identifier: B5:DD:8D:30:88:22:F9:86:45:69:21:F7:0C:AF:AA:AB:BA:3A:06:E4
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A46C056A5414C8C34FC71CCC91990FDA0
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/td2NMIgi-YZFaSH3DK-qq7o6BuQ.roa
Signing time: Wed 30 Aug 2023 14:02:04 +0000
ROA not before: Wed 30 Aug 2023 14:02:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
45.81.112.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.81.114.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:c0:56:a5:41:4c:8c:34:fc:71:cc:c9:19:90:fd:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 30 14:02:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5dd8d308822f986456921f70cafaaabba3a06e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a5:8b:cb:ca:97:c8:d1:d5:f8:f1:0a:f3:d6:
a3:9f:62:c9:65:0e:52:4f:40:86:f2:11:d6:d9:78:
7c:1c:65:b8:c2:11:56:77:c3:0b:b1:eb:4f:3b:9f:
3f:85:ca:b8:99:63:88:99:7c:2f:ce:37:5b:f3:9e:
87:ac:67:7e:08:1b:0a:15:d1:25:aa:a5:0a:8d:e0:
cf:59:e5:7a:af:6a:83:67:e0:8f:39:d5:e7:8d:ff:
41:16:f2:9e:89:29:a1:8e:b3:ab:9a:43:65:9b:5c:
c1:14:4c:66:e5:d1:07:bb:c0:89:0b:e5:f6:46:e3:
2c:1c:89:8f:0d:bf:25:c6:36:93:f1:b9:3b:49:27:
48:bb:95:5a:18:cd:d6:8b:43:71:0d:2b:c4:79:4e:
fb:1f:ea:7e:f1:fd:6d:e4:92:05:9e:27:26:72:e8:
50:43:3b:fc:90:4d:dd:cc:ee:38:4d:5f:2a:f8:50:
13:e9:21:73:c6:3d:fa:7b:38:00:cc:7a:42:00:39:
1b:49:36:5f:23:c5:1b:35:1d:c3:ca:bf:5c:24:2e:
c9:c9:c5:77:1b:8c:d4:99:a2:6b:82:a9:c7:d6:b6:
d0:08:dc:aa:5b:ed:34:b1:01:f0:c4:c4:5d:56:19:
8c:0e:cd:14:73:bb:00:c8:82:bd:e1:5c:d1:03:3d:
ea:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:DD:8D:30:88:22:F9:86:45:69:21:F7:0C:AF:AA:AB:BA:3A:06:E4
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/td2NMIgi-YZFaSH3DK-qq7o6BuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
4a:fa:05:a7:a1:ab:9e:ac:38:6b:08:5a:fe:9e:91:ce:23:b4:
42:1e:d2:b4:15:8c:77:8f:bd:6b:20:5f:6a:c1:cb:cf:3f:e7:
72:47:27:12:ed:a8:23:89:ae:e3:c4:f7:e6:87:df:04:98:67:
d6:5f:be:df:2e:91:fe:42:3d:c2:09:11:11:6c:c5:55:04:7d:
c2:55:e1:75:7b:e2:1f:3d:5a:c7:8c:c1:a2:e3:bd:cf:e4:63:
3c:d0:f2:6b:a0:02:de:a7:84:8d:ce:95:85:2e:16:e2:e1:e9:
a4:4c:a7:cf:f9:fb:f8:de:9f:d4:dd:b8:10:76:e0:79:c5:7e:
c5:54:47:b2:ad:02:59:b6:af:47:d8:c1:c7:1b:80:73:4a:c6:
a4:1a:69:3e:79:a6:be:29:fe:ac:12:d5:e6:77:f9:ff:44:44:
ac:29:e8:09:42:d6:52:53:17:9f:9c:36:48:b9:8c:2c:9a:51:
36:56:56:73:7e:d7:57:f2:a0:c6:14:19:cf:bb:64:4b:ca:29:
f9:d5:86:75:57:54:2e:db:b3:d9:0d:81:f6:18:3c:8a:42:3f:
13:7a:77:14:b9:da:0d:13:bc:ac:2e:61:6e:ca:59:6e:40:6c:
8a:8f:dc:ff:18:19:ce:24:5c:c9:d5:bc:f0:09:1a:bb:6b:3e:
72:f6:b8:33
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYpGwFalQUyMNPxxzMkZkP2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODMwMTQwMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWRkOGQzMDg4MjJmOTg2NDU2OTIxZjcwY2FmYWFhYmJhM2EwNmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6WLy8qXyNHV+PEK89ajn2LJZQ5S
T0CG8hHW2Xh8HGW4whFWd8MLsetPO58/hcq4mWOImXwvzjdb856HrGd+CBsKFdEl
qqUKjeDPWeV6r2qDZ+CPOdXnjf9BFvKeiSmhjrOrmkNlm1zBFExm5dEHu8CJC+X2
RuMsHImPDb8lxjaT8bk7SSdIu5VaGM3Wi0NxDSvEeU77H+p+8f1t5JIFnicmcuhQ
Qzv8kE3dzO44TV8q+FAT6SFzxj36ezgAzHpCADkbSTZfI8UbNR3Dyr9cJC7JycV3
G4zUmaJrgqnH1rbQCNyqW+00sQHwxMRdVhmMDs0Uc7sAyIK94VzRAz3qlwIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFLXdjTCIIvmGRWkh9wyvqqu6OgbkMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvdGQyTk1JZ2ktWVpGYVNIM0RLLXFxN282QnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBmwQCAAEwgZQDBAAF
tVcDBAAtCR0DBAItUXADBAAtWIgDBAEtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AS2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AMEe8AMEAcEe8gMEAME5KQMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8
MCkEAgACMCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkq
hkiG9w0BAQsFAAOCAQEASvoFp6Grnqw4awha/p6RziO0Qh7StBWMd4+9ayBfasHL
zz/nckcnEu2oI4mu48T35offBJhn1l++3y6R/kI9wgkREWzFVQR9wlXhdXviHz1a
x4zBouO9z+RjPNDya6AC3qeEjc6VhS4W4uHppEynz/n7+N6f1N24EHbgecV+xVRH
sq0CWbavR9jBxxuAc0rGpBppPnmmvin+rBLV5nf5/0RErCnoCULWUlMXn5w2SLmM
LJpRNlZWc37XV/KgxhQZz7tkS8op+dWGdVdULtuz2Q2B9hg8ikI/E3p3FLnaDRO8
rC5hbspZbkBsio/c/xgZziRcydW88Akau2s+cva4Mw==
-----END CERTIFICATE-----
Generated at Wed Aug 30 18:59:24 2023 by rpki-client on console-ams.rpki-client.org