Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tdKqL8LFxJshW2WmltkJKlNayV8.roa
File: tdKqL8LFxJshW2WmltkJKlNayV8.roa (raw, json)
Hash identifier: 10n+6oYWxofkbrwM/8qB8lqinySW9p032S5nStwd5S4=
Subject key identifier: B5:D2:AA:2F:C2:C5:C4:9B:21:5B:65:A6:96:D9:09:2A:53:5A:C9:5F
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A92D8B4F0327C90FD4A2FF225546CCC25
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tdKqL8LFxJshW2WmltkJKlNayV8.roa
Signing time: Thu 14 Sep 2023 08:39:50 +0000
ROA not before: Thu 14 Sep 2023 08:39:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.110.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 20 Sep 2023 10:25:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:92:d8:b4:f0:32:7c:90:fd:4a:2f:f2:25:54:6c:cc:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 14 08:39:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5d2aa2fc2c5c49b215b65a696d9092a535ac95f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f2:ed:7f:1f:b3:47:36:59:65:27:3f:a7:e0:
d0:3a:de:b0:11:de:57:9c:f5:b0:0d:b7:66:c0:79:
82:04:35:90:cd:e1:e8:ca:6d:ea:52:fe:7b:de:d2:
61:7e:f7:e5:bc:81:21:7a:93:05:ef:c1:a2:6d:92:
9a:bf:1f:b1:d6:aa:07:8f:2a:25:d6:55:08:1d:70:
c2:bf:0f:38:1b:a1:6e:7d:ca:b0:b4:b2:cb:31:e0:
0b:94:05:1d:25:60:63:0b:8e:bf:76:27:7d:d2:31:
e5:0b:ab:bd:f1:60:0d:78:1f:a9:da:da:89:6c:2b:
7c:51:3a:23:a2:7a:54:ec:1e:48:c7:27:8a:86:3f:
3d:2f:6b:86:e8:f9:85:fe:bd:28:60:39:9b:72:da:
93:a7:56:37:ef:a0:f6:9d:3f:22:d4:b6:91:6a:24:
8b:13:35:e3:0b:16:ee:d1:fd:b1:b7:28:71:df:00:
ef:a7:b4:5f:3c:4d:4d:ce:f1:69:3b:66:6d:71:d4:
bf:c0:7e:7f:8d:b0:6e:3e:99:aa:4d:ed:2d:ee:33:
b9:e9:97:3c:6f:ea:e1:84:42:49:c9:16:3b:ad:dc:
0b:fe:b8:ed:d8:5f:c5:e1:9f:af:e7:f3:76:45:7f:
7e:a0:be:77:0a:02:a4:9b:e4:a3:ce:b5:e6:ae:b3:
20:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:D2:AA:2F:C2:C5:C4:9B:21:5B:65:A6:96:D9:09:2A:53:5A:C9:5F
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tdKqL8LFxJshW2WmltkJKlNayV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.110.0/24
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
56:a8:e1:e4:22:f8:9c:46:e5:6d:09:c8:33:62:94:c4:f5:9f:
94:64:0f:53:b7:b5:08:bf:a4:a3:e4:74:1e:eb:7d:73:e8:ca:
da:40:fb:36:f0:b7:19:1c:ac:b2:df:a1:62:3a:1c:19:d5:f5:
e1:9b:00:88:c1:df:13:5b:43:1e:f8:bc:ec:30:a8:1a:d0:ec:
37:a0:2a:a5:b9:7c:25:88:01:37:88:ff:86:04:d3:87:c0:14:
f7:ae:1a:4a:70:8e:21:1c:3a:9e:6a:0e:2f:5e:5c:40:5a:1c:
8c:6a:55:49:54:2a:52:d3:7f:f5:52:aa:06:9b:60:1f:4c:9c:
69:01:8b:07:58:4c:41:03:f2:31:ef:f0:40:82:3b:86:7d:b1:
e2:05:ab:55:f4:aa:5b:d6:c9:43:93:fc:96:bf:cb:8c:27:50:
2f:28:8d:aa:24:36:18:6a:db:f9:78:f1:01:be:e5:d1:31:3f:
27:1e:5d:3f:63:39:42:5f:83:88:f6:ce:d3:39:00:60:6d:97:
f5:97:b2:5e:6e:ea:fe:a7:99:c2:66:61:36:e0:eb:43:28:6a:
45:73:7e:d6:48:f4:4a:ca:c0:3d:ff:45:2d:02:34:74:86:18:
c6:7b:fb:ee:0c:96:4f:ca:c1:6d:e0:9d:4a:77:9c:54:41:fd:
6a:9d:d0:8a
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYqS2LTwMnyQ/Uov8iVUbMwlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTE0MDgzOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWQyYWEyZmMyYzVjNDliMjE1YjY1YTY5NmQ5MDkyYTUzNWFjOTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPLtfx+zRzZZZSc/p+DQOt6wEd5X
nPWwDbdmwHmCBDWQzeHoym3qUv573tJhfvflvIEhepMF78GibZKavx+x1qoHjyol
1lUIHXDCvw84G6FufcqwtLLLMeALlAUdJWBjC46/did90jHlC6u98WANeB+p2tqJ
bCt8UTojonpU7B5IxyeKhj89L2uG6PmF/r0oYDmbctqTp1Y376D2nT8i1LaRaiSL
EzXjCxbu0f2xtyhx3wDvp7RfPE1NzvFpO2ZtcdS/wH5/jbBuPpmqTe0t7jO56Zc8
b+rhhEJJyRY7rdwL/rjt2F/F4Z+v5/N2RX9+oL53CgKkm+SjzrXmrrMg9QIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFLXSqi/CxcSbIVtlppbZCSpTWslfMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvdGRLcUw4TEZ4SnNoVzJXbWx0a0pLbE5heVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBmwQCAAEwgZQDBAAC
OG4DBAAFtVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAS2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wME
AbnIPgMEAMEe8AMEAcEe8gMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8
MCkEAgACMCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkq
hkiG9w0BAQsFAAOCAQEAVqjh5CL4nEblbQnIM2KUxPWflGQPU7e1CL+ko+R0Hut9
c+jK2kD7NvC3GRysst+hYjocGdX14ZsAiMHfE1tDHvi87DCoGtDsN6Aqpbl8JYgB
N4j/hgTTh8AU964aSnCOIRw6nmoOL15cQFocjGpVSVQqUtN/9VKqBptgH0ycaQGL
B1hMQQPyMe/wQII7hn2x4gWrVfSqW9bJQ5P8lr/LjCdQLyiNqiQ2GGrb+XjxAb7l
0TE/Jx5dP2M5Ql+DiPbO0zkAYG2X9ZeyXm7q/qeZwmZhNuDrQyhqRXN+1kj0SsrA
Pf9FLQI0dIYYxnv77gyWT8rBbeCdSnecVEH9ap3Qig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org