Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/vUuqeiIDyMIJnTLZsK9eMwUW5s0.roa
File: vUuqeiIDyMIJnTLZsK9eMwUW5s0.roa (raw, json)
Hash identifier: 3xwnftL94GfIaC63YHqExsoJbBF/mduw9u22Cz6yn2Y=
Subject key identifier: BD:4B:AA:7A:22:03:C8:C2:09:9D:32:D9:B0:AF:5E:33:05:16:E6:CD
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0189EDCC55FC15847996589E5FB5B6DC5B56
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/vUuqeiIDyMIJnTLZsK9eMwUW5s0.roa
Signing time: Sun 13 Aug 2023 07:28:58 +0000
ROA not before: Sun 13 Aug 2023 07:28:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 24
2.56.111.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 14 Aug 2023 07:30:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ed:cc:55:fc:15:84:79:96:58:9e:5f:b5:b6:dc:5b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 13 07:28:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd4baa7a2203c8c2099d32d9b0af5e330516e6cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:91:78:58:45:dc:c2:5c:9b:7f:0c:66:65:e0:
91:c4:f1:4c:06:c1:ac:30:cc:4a:a3:ce:f8:a0:7c:
55:31:43:e7:3e:1f:42:a2:b1:e6:b9:7f:5f:e9:7b:
98:28:59:ef:a1:08:56:58:59:fd:13:f2:0a:8b:06:
e7:8e:10:3d:11:24:1f:da:9d:a3:da:d3:80:6d:f4:
48:2f:3c:69:4c:85:e1:80:35:d3:ff:a1:d1:23:42:
4d:91:d2:29:3e:30:fa:3b:4e:06:6f:3a:d9:26:c3:
35:04:e0:cd:68:ec:ef:eb:61:d9:2c:49:8b:fe:dd:
08:33:4f:33:8e:f0:63:00:9c:4c:d4:42:29:ee:04:
d7:2f:1e:b6:e9:c0:a1:47:19:ea:71:76:97:d0:49:
78:59:b0:c5:13:1e:1e:ee:e1:bd:1a:d2:36:20:5b:
a2:79:26:c7:15:ee:49:b3:a2:83:64:5f:13:8c:21:
90:f3:f3:ca:0b:ed:06:a6:61:8d:c6:2e:81:8c:cb:
5d:30:4c:4d:c4:28:4d:9a:0d:15:0c:42:c4:0f:aa:
9e:57:87:df:25:f3:48:ca:8e:f6:d5:b8:76:92:39:
15:9e:82:59:cb:9f:b7:83:f9:be:d7:6f:3f:74:de:
df:9a:fe:c6:d8:fe:52:b1:5c:dd:29:5f:cf:02:58:
1d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:4B:AA:7A:22:03:C8:C2:09:9D:32:D9:B0:AF:5E:33:05:16:E6:CD
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/vUuqeiIDyMIJnTLZsK9eMwUW5s0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
89:35:9f:ab:30:ad:ed:fa:9b:8f:5f:88:7b:d2:d8:3c:64:ca:
7d:72:2c:8a:15:3e:41:0e:e9:c3:97:0f:18:a7:ec:e5:df:2f:
f9:c9:62:6d:2b:55:12:e5:4b:af:57:0a:a1:c6:22:6b:13:e0:
92:70:ae:a7:a3:61:16:b7:59:be:df:58:99:b2:de:4b:80:58:
84:c1:d7:9b:c4:01:3a:71:63:00:93:77:ad:db:92:3d:e7:83:
54:00:cb:8e:10:27:f6:65:93:b3:7c:87:49:88:2b:b6:38:ed:
d3:71:9c:14:84:5b:1e:11:29:46:d9:d4:37:a3:88:64:46:20:
60:80:47:9b:98:6f:ac:e2:fb:a4:f1:95:64:ed:72:07:b6:3b:
6f:fb:02:a5:08:2c:c0:12:2f:62:76:2e:6d:16:cf:69:df:3c:
63:10:74:cd:7c:36:8c:41:fa:e0:16:84:0f:79:70:f9:f0:6b:
96:8a:72:84:7e:df:44:55:84:f4:ba:0d:96:73:4b:2e:42:e3:
20:b4:5e:2c:09:3d:db:d4:cf:a4:b8:df:c5:d8:28:6d:1c:0e:
a8:3f:11:69:7e:5f:f0:05:ce:98:71:09:53:dc:93:c0:d8:e2:
88:35:74:d3:a5:60:d0:bd:cc:0a:ec:75:70:ee:23:ec:ed:9f:
e7:3f:4b:13
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYntzFX8FYR5llieX7W23FtWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODEzMDcyODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDRiYWE3YTIyMDNjOGMyMDk5ZDMyZDliMGFmNWUzMzA1MTZlNmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pF4WEXcwlybfwxmZeCRxPFMBsGs
MMxKo874oHxVMUPnPh9CorHmuX9f6XuYKFnvoQhWWFn9E/IKiwbnjhA9ESQf2p2j
2tOAbfRILzxpTIXhgDXT/6HRI0JNkdIpPjD6O04GbzrZJsM1BODNaOzv62HZLEmL
/t0IM08zjvBjAJxM1EIp7gTXLx626cChRxnqcXaX0El4WbDFEx4e7uG9GtI2IFui
eSbHFe5Js6KDZF8TjCGQ8/PKC+0GpmGNxi6BjMtdMExNxChNmg0VDELED6qeV4ff
JfNIyo721bh2kjkVnoJZy5+3g/m+128/dN7fmv7G2P5SsVzdKV/PAlgdLQIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFL1LqnoiA8jCCZ0y2bCvXjMFFubNMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvdlV1cWVpSUR5TUlKblRMWnNLOWVNd1VXNXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBkwQCAAEwgYwDBAIC
OGwDBAAFtVcDBAAtCR0DBAItUXADBAAtWIgDBAEtWIoDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAC2Q1AMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KQMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAj
AwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQEL
BQADggEBAIk1n6swre36m49fiHvS2Dxkyn1yLIoVPkEO6cOXDxin7OXfL/nJYm0r
VRLlS69XCqHGImsT4JJwrqejYRa3Wb7fWJmy3kuAWITB15vEATpxYwCTd63bkj3n
g1QAy44QJ/Zlk7N8h0mIK7Y47dNxnBSEWx4RKUbZ1DejiGRGIGCAR5uYb6zi+6Tx
lWTtcge2O2/7AqUILMASL2J2Lm0Wz2nfPGMQdM18NoxB+uAWhA95cPnwa5aKcoR+
30RVhPS6DZZzSy5C4yC0XiwJPdvUz6S438XYKG0cDqg/EWl+X/AFzphxCVPck8DY
4og1dNOlYNC9zArsdXDuI+ztn+c/SxM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org