Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/R9vyPVmTgXoPrXLmDqtPg3wmgu4.roa
File: R9vyPVmTgXoPrXLmDqtPg3wmgu4.roa (raw, json)
Hash identifier: cyYXgQrsireEp/wtTJbUflnoq2W1J9J3EAmawujmSq4=
Subject key identifier: 47:DB:F2:3D:59:93:81:7A:0F:AD:72:E6:0E:AB:4F:83:7C:26:82:EE
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FD5E1294C62C0B9303D5690C68CA1
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/R9vyPVmTgXoPrXLmDqtPg3wmgu4.roa
Signing time: Mon 02 Jan 2023 17:38:04 +0000
ROA not before: Mon 02 Jan 2023 17:38:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
78.108.216.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.31.140.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
45.90.144.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
45.81.20.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
83.143.116.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.234.72.0/22 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
193.34.76.0/22 maxlen: 24
2a0b:7080:10::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b82::/44 maxlen: 44
2a0b:b85::/32 maxlen: 32
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:30::/44 maxlen: 48
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:b87:ffda::/48 maxlen: 48
2a0d:77c7::/32 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b84::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 18 Jan 2023 17:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:d5:e1:29:4c:62:c0:b9:30:3d:56:90:c6:8c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47dbf23d5993817a0fad72e60eab4f837c2682ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b0:9a:57:f0:f9:2e:b1:84:72:27:5f:65:1b:
e7:e6:e6:58:6a:21:fd:4b:1c:6b:47:0a:02:87:4d:
0b:75:65:fb:9d:c3:ff:b3:7a:41:27:80:93:b4:e9:
8a:d3:2e:51:d8:bd:8d:88:bb:24:05:e6:bb:66:17:
17:44:d8:1d:e4:bd:8f:fd:3e:b2:79:94:3a:8e:a8:
8b:b0:95:7a:37:29:9e:25:40:e2:02:71:41:a7:be:
1e:43:f5:ad:78:52:a6:ff:4a:b7:64:61:b2:c7:da:
98:3b:3d:90:31:4a:6d:72:98:0f:b1:15:ab:fe:88:
57:87:70:f5:04:4a:32:38:6d:cf:45:bf:25:c0:7a:
6e:4a:f1:6d:a6:06:fa:cc:bc:f4:b2:d3:5f:6c:40:
12:93:fe:f3:2b:06:24:eb:0d:d8:3c:44:44:5a:4c:
d0:f0:fe:42:4b:07:f6:c8:fd:1e:e1:7c:30:5d:b0:
29:d8:de:74:cd:9b:6a:5d:65:fb:34:ac:a9:9f:b7:
a4:9c:71:3f:7a:42:8b:0a:8a:e2:ad:01:7b:02:c3:
93:db:9c:c9:73:f5:66:6c:78:f2:a4:b2:2c:70:5b:
f2:83:dd:4b:87:c8:10:37:4c:80:83:a5:f0:f2:29:
73:f5:bc:e4:79:c0:b9:bb:aa:27:1f:14:ae:e5:43:
5a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:DB:F2:3D:59:93:81:7A:0F:AD:72:E6:0E:AB:4F:83:7C:26:82:EE
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/R9vyPVmTgXoPrXLmDqtPg3wmgu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.221.192.0/22
194.31.140.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::/31
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c7::/32
Signature Algorithm: sha256WithRSAEncryption
c3:ab:54:c6:d2:20:e3:ca:df:58:bd:66:d0:ec:4d:14:ff:36:
91:9c:e9:f0:1c:d6:73:ff:44:b3:5d:f5:19:e9:65:26:47:e9:
46:7d:d9:15:55:d9:5a:5c:40:f0:e0:6c:93:10:74:0b:da:a7:
ff:16:a9:7d:b6:b4:6d:42:fc:b1:3b:4b:b5:2a:05:eb:ac:42:
ed:3a:68:33:85:a1:70:45:2b:b0:d5:12:7f:1a:88:6a:95:02:
6d:cc:d0:b3:9d:8a:e1:12:74:cd:8e:91:ac:3f:b6:ad:15:78:
bd:c0:fa:19:06:81:2d:a7:51:ab:3e:a5:6b:cb:40:00:1b:a1:
ac:ef:16:73:f5:ff:ca:4a:2e:f6:71:89:03:f2:56:29:2b:24:
a8:c7:7d:f4:92:24:10:c8:a4:d0:d9:ae:e4:2b:c6:d2:2d:c2:
92:a2:c5:47:9e:85:ac:f7:22:39:2a:40:6f:4b:5a:2f:11:b5:
3a:f1:72:cf:f3:4f:ac:20:04:b2:38:b7:f4:a5:c2:33:eb:83:
e8:3c:44:51:2d:fa:3f:10:3d:3a:52:4e:f9:12:f9:d1:53:0b:
27:f1:29:ff:62:fa:34:49:24:85:2d:51:c7:6d:13:c0:1b:7e:
26:ee:a0:17:48:9d:83:23:82:7f:af:6d:18:f2:ee:f7:09:fb:
8c:b4:c9:a6
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgISAYVzj9XhKUxiwLkwPVaQxoyhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2RiZjIzZDU5OTM4MTdhMGZhZDcyZTYwZWFiNGY4MzdjMjY4MmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirCaV/D5LrGEcidfZRvn5uZYaiH9
SxxrRwoCh00LdWX7ncP/s3pBJ4CTtOmK0y5R2L2NiLskBea7ZhcXRNgd5L2P/T6y
eZQ6jqiLsJV6NymeJUDiAnFBp74eQ/WteFKm/0q3ZGGyx9qYOz2QMUptcpgPsRWr
/ohXh3D1BEoyOG3PRb8lwHpuSvFtpgb6zLz0stNfbEASk/7zKwYk6w3YPEREWkzQ
8P5CSwf2yP0e4XwwXbAp2N50zZtqXWX7NKypn7eknHE/ekKLCorirQF7AsOT25zJ
c/VmbHjypLIscFvyg91Lh8gQN0yAg6Xw8ilz9bzkecC5u6onHxSu5UNabQIDAQAB
o4IC6TCCAuUwHQYDVR0OBBYEFEfb8j1Zk4F6D61y5g6rT4N8JoLuMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvUjl2eVBWbVRnWG9QclhMbURxdFBnM3dtZ3U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH+BggrBgEFBQcBBwEB/wSB7jCB6zCBkQQCAAEwgYoDBAIC
OKQDBAItURQDBAItWpADBAItjNwDBAItmsQDBAJNU/ADBAJObNgDBAJTj3QDBAJV
yqADBAJZvpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uADBALB
HxwDBALBIkwDBALB3cADBALCH4wDBALCMhADBALCOOADBALUawwwVQQCAAIwTwMH
BCoLC4IAAAMFASoLC4QDBwAqCwuH/7QDBwAqCwuH/9oDBwAqCwuH/+wDBwQqCwuH
//AwEgMHBCoLcIAAEAMHBioLcIAAAAMFACoNd8cwDQYJKoZIhvcNAQELBQADggEB
AMOrVMbSIOPK31i9ZtDsTRT/NpGc6fAc1nP/RLNd9RnpZSZH6UZ92RVV2VpcQPDg
bJMQdAvap/8WqX22tG1C/LE7S7UqBeusQu06aDOFoXBFK7DVEn8aiGqVAm3M0LOd
iuESdM2Okaw/tq0VeL3A+hkGgS2nUas+pWvLQAAboazvFnP1/8pKLvZxiQPyVikr
JKjHffSSJBDIpNDZruQrxtItwpKixUeehaz3IjkqQG9LWi8RtTrxcs/zT6wgBLI4
t/SlwjPrg+g8RFEt+j8QPTpSTvkS+dFTCyfxKf9i+jRJJIUtUcdtE8AbfibuoBdI
nYMjgn+vbRjy7vcJ+4y0yaY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org