Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/zpdw4PtYNgehb97tTiQ_NET47f0.roa
File: zpdw4PtYNgehb97tTiQ_NET47f0.roa (raw, json)
Hash identifier: vlFi9wq0NodB5sUcCCSiyP8LQ6WE4OeXlEt3+st+RUs=
Subject key identifier: CE:97:70:E0:FB:58:36:07:A1:6F:DE:ED:4E:24:3F:34:44:F8:ED:FD
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018E228E3C51EB708B62D89D5FC5FF90167D
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/zpdw4PtYNgehb97tTiQ_NET47f0.roa
Signing time: Sat 09 Mar 2024 09:32:10 +0000
ROA not before: Sat 09 Mar 2024 09:32:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.122.0/23 maxlen: 24
85.209.122.0/24 maxlen: 24
85.209.123.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a07:9200::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a10:dfc0::/29 maxlen: 29
2a11:580::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 18 Mar 2024 07:50:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:22:8e:3c:51:eb:70:8b:62:d8:9d:5f:c5:ff:90:16:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 9 09:32:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce9770e0fb583607a16fdeed4e243f3444f8edfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fc:9e:7e:fd:58:e2:f1:bd:ff:a0:e5:fd:d3:
da:48:a5:62:db:72:a6:92:d3:3a:60:6e:6c:21:40:
e4:c9:b9:78:32:6f:54:59:cc:bf:03:36:57:52:05:
fb:e6:eb:9a:d8:38:d8:42:86:74:84:b4:8e:29:8b:
41:a9:aa:69:ab:8c:03:c8:75:93:5f:96:df:d3:0c:
05:0a:24:e4:94:24:14:12:b2:2d:11:4f:94:ff:42:
0a:9a:f4:d7:c3:c4:23:2e:fe:73:8b:df:74:fd:07:
6c:8a:ca:41:b8:a1:98:7e:95:33:76:62:6f:a6:b1:
c9:3b:c1:17:03:9c:42:69:a6:85:72:54:3d:f3:68:
06:00:fd:6d:39:95:a3:a0:99:14:9d:87:6b:84:a6:
f8:50:cd:c6:ea:0a:27:0d:b1:76:60:96:5f:75:3b:
21:44:4a:c8:ae:1b:77:5d:59:ff:7f:e9:14:f1:ef:
ee:e7:a5:91:18:c2:ce:10:98:07:1d:80:0f:2c:04:
f8:28:e9:18:95:e1:63:7d:55:69:0f:cc:70:ba:c5:
e7:2a:44:e4:53:a6:16:de:c7:6c:95:8e:e9:d2:2a:
de:30:23:0f:27:ff:ed:cc:d8:33:93:2e:8c:55:b3:
c4:94:72:fc:ff:f3:a3:df:cc:a0:44:a7:f7:e2:c9:
81:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:97:70:E0:FB:58:36:07:A1:6F:DE:ED:4E:24:3F:34:44:F8:ED:FD
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/zpdw4PtYNgehb97tTiQ_NET47f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.81.113.0/24
45.81.115.0/24
45.88.136.0/24
45.88.138.0/23
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
91:b2:b6:69:da:7e:02:29:7b:23:8c:aa:10:56:9d:49:31:f3:
87:57:db:96:81:de:54:09:3b:34:ca:75:62:ff:c7:84:09:43:
15:89:e4:4d:49:7d:1d:77:c4:f3:39:9b:b4:33:01:13:f5:a5:
98:98:ff:4c:4b:95:f3:91:0e:6d:59:e8:a0:bd:08:88:66:9c:
27:d2:8c:bf:67:f8:61:f1:40:67:37:6c:3d:80:3f:ae:61:51:
90:2c:35:8c:29:63:e4:1f:fd:f2:9d:bb:12:9f:4c:d4:48:bf:
82:98:f6:4e:9b:62:3c:c7:b6:32:e2:2e:36:52:59:d9:bc:99:
34:9b:bf:78:c9:34:d4:ca:be:58:cc:b4:3b:97:88:ce:a6:c6:
c5:c8:44:7c:78:c1:33:8b:d4:2d:1e:4b:ea:a5:c0:a1:e1:55:
a7:51:b0:b7:d4:0c:1b:6f:87:e0:6e:97:19:15:07:18:f2:77:
71:d8:13:2c:1e:5c:1b:55:7a:46:c0:91:4e:45:b9:1f:dc:7f:
23:05:f8:70:ce:4f:1e:94:60:87:50:13:e5:e9:d8:12:78:fe:
a9:4b:a4:5e:5d:93:7b:81:a2:79:10:d1:8c:a8:48:41:87:22:
a8:c3:ff:2e:99:70:8a:5d:9a:49:92:40:ac:c8:a3:3c:3e:93:
9e:67:a9:29
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgISAY4ijjxR63CLYtidX8X/kBZ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMzA5MDkzMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTk3NzBlMGZiNTgzNjA3YTE2ZmRlZWQ0ZTI0M2YzNDQ0ZjhlZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvyefv1Y4vG9/6Dl/dPaSKVi23Km
ktM6YG5sIUDkybl4Mm9UWcy/AzZXUgX75uua2DjYQoZ0hLSOKYtBqappq4wDyHWT
X5bf0wwFCiTklCQUErItEU+U/0IKmvTXw8QjLv5zi990/QdsispBuKGYfpUzdmJv
prHJO8EXA5xCaaaFclQ982gGAP1tOZWjoJkUnYdrhKb4UM3G6gonDbF2YJZfdTsh
RErIrht3XVn/f+kU8e/u56WRGMLOEJgHHYAPLAT4KOkYleFjfVVpD8xwusXnKkTk
U6YW3sdslY7p0ireMCMPJ//tzNgzky6MVbPElHL8//Oj38ygRKf34smBzQIDAQAB
o4ICyzCCAscwHQYDVR0OBBYEFM6XcOD7WDYHoW/e7U4kPzRE+O39MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvenBkdzRQdFlOZ2VoYjk3dFRpUV9ORVQ0N2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHgBggrBgEFBQcBBwEB/wSB0DCBzTCBnwQCAAEwgZgDBAAC
OG0DBAAFtVQDBAAFtVcDBAAtCR0DBAAtUXEDBAAtUXMDBAAtWIgDBAEtWIoDBAAt
XqsDBAIthLQDBAAtkNQDBAAtlwMDBABNUyUDBAJV0XgDBAG5K/gDBAC5K/sDBAG5
yD4DBADBHvADBAHBHvIDBADBOSkDBADBOSsDBALC8mAwDAMEAsOxXAMEAMOxXgME
AsPTvDApBAIAAjAjAwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAw
DQYJKoZIhvcNAQELBQADggEBAJGytmnafgIpeyOMqhBWnUkx84dX25aB3lQJOzTK
dWL/x4QJQxWJ5E1JfR13xPM5m7QzARP1pZiY/0xLlfORDm1Z6KC9CIhmnCfSjL9n
+GHxQGc3bD2AP65hUZAsNYwpY+Qf/fKduxKfTNRIv4KY9k6bYjzHtjLiLjZSWdm8
mTSbv3jJNNTKvljMtDuXiM6mxsXIRHx4wTOL1C0eS+qlwKHhVadRsLfUDBtvh+Bu
lxkVBxjyd3HYEyweXBtVekbAkU5FuR/cfyMF+HDOTx6UYIdQE+Xp2BJ4/qlLpF5d
k3uBonkQ0YyoSEGHIqjD/y6ZcIpdmkmSQKzIozw+k55nqSk=
-----END CERTIFICATE-----
Generated at Mon Mar 18 11:50:10 2024 by rpki-client on console-fra.rpki-client.org