Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/yDD0L4R89GPCrnc1coLbksxxpGY.roa
File: yDD0L4R89GPCrnc1coLbksxxpGY.roa (raw, json)
Hash identifier: LEpdbWjKD4xL1/YgYEOxyxbFWtAFgxptdJoRsSsYX4c=
Subject key identifier: C8:30:F4:2F:84:7C:F4:63:C2:AE:77:35:72:82:DB:92:CC:71:A4:66
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018AE1B351D37C9FC73F8594E90F67A24B6B
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/yDD0L4R89GPCrnc1coLbksxxpGY.roa
Signing time: Fri 29 Sep 2023 16:08:59 +0000
ROA not before: Fri 29 Sep 2023 16:08:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
45.81.112.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 29 Sep 2023 16:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e1:b3:51:d3:7c:9f:c7:3f:85:94:e9:0f:67:a2:4b:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 29 16:08:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c830f42f847cf463c2ae77357282db92cc71a466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:8f:40:99:5d:2c:98:86:2a:49:a2:2d:83:b4:
27:7f:e5:fa:ac:b7:9c:ca:68:b5:44:c9:e3:9d:ba:
5d:c6:de:cb:cf:77:95:85:4f:f1:20:82:aa:64:ac:
1f:fd:3a:d9:72:a3:44:36:e7:37:74:a8:6e:ef:90:
a1:2f:d5:2c:21:96:27:27:98:77:55:7d:d1:6e:7f:
b4:79:ac:79:92:d6:1d:96:d8:e5:77:dc:d4:18:c5:
ca:a9:94:c6:3a:09:b4:db:e5:ec:7c:9b:63:98:6d:
19:8e:96:d3:7b:12:07:d4:79:45:75:9f:44:35:55:
7d:94:fe:8e:b8:5d:cc:e2:40:a5:d1:b8:bf:22:c1:
39:db:3b:27:05:09:84:1c:98:be:34:e1:21:42:2a:
81:b4:ec:d7:75:e2:e7:a0:2b:ec:56:b5:9d:bb:d6:
94:51:c6:8d:67:f2:4f:d2:ad:af:80:3d:8a:3e:6b:
35:da:61:eb:b2:e5:ad:18:cc:31:1b:03:ab:2a:f5:
31:3d:9f:dd:c1:f7:af:db:c7:1b:46:13:f9:f8:1c:
d8:6f:34:a7:82:91:bb:5b:0a:d1:bb:e6:8f:a4:ba:
d4:1b:69:59:25:d1:b9:74:f7:c5:9d:5d:dc:4a:4f:
6d:3f:45:db:27:f5:ce:25:5f:2d:95:c8:8d:44:77:
e0:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:30:F4:2F:84:7C:F4:63:C2:AE:77:35:72:82:DB:92:CC:71:A4:66
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/yDD0L4R89GPCrnc1coLbksxxpGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
3a:e2:b0:bc:0d:a6:19:f3:12:44:5d:34:71:4c:bb:04:ef:72:
dc:6f:50:f3:70:bb:83:f9:39:69:4c:f8:2d:49:69:ba:db:17:
49:41:df:b5:75:f0:eb:7c:c7:ee:21:0e:ce:c1:41:33:16:9a:
9a:bf:42:88:5c:7c:d8:bf:e0:1d:9e:1a:18:e9:4d:5f:ef:62:
27:d5:ec:d7:e3:8d:5e:5f:20:34:b0:80:e3:e2:9c:5b:0c:f6:
12:8a:cc:5e:26:7e:fe:27:41:99:9c:ef:8f:d4:75:6c:6d:c5:
2a:83:27:a5:83:3e:fc:dc:56:60:7e:35:e5:3c:54:6f:aa:7f:
a2:91:60:69:28:70:f3:1d:e6:97:33:2b:46:b0:cb:fd:13:20:
28:dd:4a:93:76:bd:dc:f6:fe:aa:b1:e6:b9:08:31:1b:d9:d3:
69:41:9c:36:38:29:a3:e1:8d:3b:36:31:6c:28:ec:c5:b9:4e:
b0:d4:d0:fc:21:83:4a:39:c2:5b:6c:e2:4c:1b:42:12:f0:6d:
7e:1f:bf:c0:80:25:44:96:2e:96:92:84:71:38:f4:af:a5:48:
df:dc:6c:1c:1f:a8:72:bf:d9:7c:4e:10:f6:9c:be:ef:94:40:
97:56:96:e8:e6:59:c6:7f:8b:58:42:0c:08:38:d1:67:a7:74:
03:14:94:0d
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYrhs1HTfJ/HP4WU6Q9noktrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTI5MTYwODU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODMwZjQyZjg0N2NmNDYzYzJhZTc3MzU3MjgyZGI5MmNjNzFhNDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjI9AmV0smIYqSaItg7Qnf+X6rLec
ymi1RMnjnbpdxt7Lz3eVhU/xIIKqZKwf/TrZcqNENuc3dKhu75ChL9UsIZYnJ5h3
VX3Rbn+0eax5ktYdltjld9zUGMXKqZTGOgm02+XsfJtjmG0ZjpbTexIH1HlFdZ9E
NVV9lP6OuF3M4kCl0bi/IsE52zsnBQmEHJi+NOEhQiqBtOzXdeLnoCvsVrWdu9aU
UcaNZ/JP0q2vgD2KPms12mHrsuWtGMwxGwOrKvUxPZ/dwfev28cbRhP5+BzYbzSn
gpG7WwrRu+aPpLrUG2lZJdG5dPfFnV3cSk9tP0XbJ/XOJV8tlciNRHfgpwIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFMgw9C+EfPRjwq53NXKC25LMcaRmMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEveUREMEw0Ujg5R1BDcm5jMWNvTGJrc3h4cEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBmwQCAAEwgZQDBAAC
OG0DBAAFtVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAC2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wME
AbnIPgMEAMEe8AMEAcEe8gMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8
MCkEAgACMCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkq
hkiG9w0BAQsFAAOCAQEAOuKwvA2mGfMSRF00cUy7BO9y3G9Q83C7g/k5aUz4LUlp
utsXSUHftXXw63zH7iEOzsFBMxaamr9CiFx82L/gHZ4aGOlNX+9iJ9Xs1+ONXl8g
NLCA4+KcWwz2EorMXiZ+/idBmZzvj9R1bG3FKoMnpYM+/NxWYH415TxUb6p/opFg
aShw8x3mlzMrRrDL/RMgKN1Kk3a93Pb+qrHmuQgxG9nTaUGcNjgpo+GNOzYxbCjs
xblOsNTQ/CGDSjnCW2ziTBtCEvBtfh+/wIAlRJYulpKEcTj0r6VI39xsHB+ocr/Z
fE4Q9py+75RAl1aW6OZZxn+LWEIMCDjRZ6d0AxSUDQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org