Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/m9R-o7w_IrGRtRO6tHl6beqi1JI.roa
File: m9R-o7w_IrGRtRO6tHl6beqi1JI.roa (raw, json)
Hash identifier: +Ekr80txpQm27USKmJ/g9okoIkrl0ZxQ5TLnVtIJ7UE=
Subject key identifier: 9B:D4:7E:A3:BC:3F:22:B1:91:B5:13:BA:B4:79:7A:6D:EA:A2:D4:92
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01887446BB57E9FA9EE79B8CA5E33BA05FB2
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/m9R-o7w_IrGRtRO6tHl6beqi1JI.roa
Signing time: Thu 01 Jun 2023 00:06:12 +0000
ROA not before: Thu 01 Jun 2023 00:06:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
78.108.216.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.31.140.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
193.105.184.0/24 maxlen: 24
45.90.144.0/22 maxlen: 24
194.56.226.0/24 maxlen: 24
194.56.224.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.234.74.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
2a0b:7080:10::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b82::/44 maxlen: 44
2a0b:b85::/32 maxlen: 32
2a0b:b87:fff0::/44 maxlen: 44
2a0b:b87:ff12::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:b87:ffda::/48 maxlen: 48
2a0d:77c7::/32 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b84::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 05 Jun 2023 15:23:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:74:46:bb:57:e9:fa:9e:e7:9b:8c:a5:e3:3b:a0:5f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jun 1 00:06:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9bd47ea3bc3f22b191b513bab4797a6deaa2d492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:af:46:49:de:8d:06:27:41:ee:d3:b3:0c:be:
e1:02:22:d0:c8:cf:f7:8a:f7:51:02:0e:58:a6:f6:
50:f9:7f:08:c6:28:9c:a2:09:02:dc:83:84:7f:b6:
9c:18:35:d3:ff:ee:ac:62:e5:0b:7c:0d:92:c6:44:
2c:7b:81:96:2f:58:6f:c5:c4:f2:e0:df:60:b9:92:
62:6c:0a:ed:bc:63:18:f6:d6:f5:bb:9d:bf:da:66:
c6:e1:08:8d:c9:af:ac:e8:39:f8:c4:ec:6e:9a:e5:
2e:4d:fb:bc:db:36:ff:96:3d:63:37:3a:79:dd:b5:
99:46:03:07:ea:ff:7e:02:fe:3a:45:52:b5:b8:35:
7e:57:53:e6:25:55:1e:4d:25:16:dd:be:87:87:7f:
9e:9d:44:db:00:eb:ee:f6:46:92:c4:09:36:f1:3e:
7e:54:71:4e:7a:0b:33:64:32:ab:ae:e0:3c:24:c0:
fe:98:39:ac:69:31:2e:70:79:2f:d0:ed:69:32:48:
91:5a:6c:6a:8b:14:08:4d:e9:33:95:0c:38:48:84:
5a:16:d3:41:b9:32:c3:d2:60:3a:8a:e7:ff:43:82:
03:54:c1:ed:de:f6:c9:27:eb:8f:11:7f:cf:c5:9f:
d8:8e:1b:2e:80:3b:84:77:e9:4a:09:6f:55:3a:58:
cf:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:D4:7E:A3:BC:3F:22:B1:91:B5:13:BA:B4:79:7A:6D:EA:A2:D4:92
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/m9R-o7w_IrGRtRO6tHl6beqi1JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.221.192.0/22
194.31.140.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::/31
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c7::/32
Signature Algorithm: sha256WithRSAEncryption
ba:c1:0a:bb:e7:07:24:40:04:6b:2a:c8:1a:a7:5b:d0:d5:5c:
f2:13:c5:68:65:50:42:41:b5:59:fa:5b:e2:b2:14:93:e4:71:
0e:72:d1:ba:ea:b6:14:d0:75:33:5f:6d:41:d4:f5:23:55:21:
8d:dd:ec:d8:f0:2d:e8:e4:8c:f5:38:b3:32:af:b3:46:e4:92:
90:3e:4b:e3:1e:3a:35:33:40:b8:3b:ca:c2:f1:d7:41:af:7d:
a5:fc:98:a1:7f:10:b1:eb:8e:9d:90:e1:5e:35:0d:7d:08:4b:
97:fd:05:25:d5:06:73:5b:06:17:e6:d6:fc:d4:d1:72:01:b5:
87:07:5e:dc:10:b1:c2:c4:fa:04:3f:a5:9b:47:c8:2a:9c:b7:
c6:23:43:2f:d1:a1:b3:59:36:c5:e1:8a:3d:e9:cd:c8:a7:ed:
f3:cb:3a:fe:70:e2:97:d0:af:5c:8a:25:1c:c2:b1:1f:39:f0:
1f:eb:19:e7:19:c0:1b:e1:a6:c8:52:d6:7d:be:ad:7d:c2:bd:
c2:d5:65:91:46:ac:9d:f0:08:64:d2:14:3b:32:c8:bf:5f:98:
d8:e6:d7:03:85:7d:fc:30:7b:6a:11:53:c7:36:b4:ac:24:e5:
fc:f1:74:51:81:34:0c:3f:35:25:59:8a:77:f5:bf:73:d5:cc:
72:44:19:98
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAYh0RrtX6fqe55uMpeM7oF+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwNjAxMDAwNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmQ0N2VhM2JjM2YyMmIxOTFiNTEzYmFiNDc5N2E2ZGVhYTJkNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn69GSd6NBidB7tOzDL7hAiLQyM/3
ivdRAg5YpvZQ+X8IxiicogkC3IOEf7acGDXT/+6sYuULfA2SxkQse4GWL1hvxcTy
4N9guZJibArtvGMY9tb1u52/2mbG4QiNya+s6Dn4xOxumuUuTfu82zb/lj1jNzp5
3bWZRgMH6v9+Av46RVK1uDV+V1PmJVUeTSUW3b6Hh3+enUTbAOvu9kaSxAk28T5+
VHFOegszZDKrruA8JMD+mDmsaTEucHkv0O1pMkiRWmxqixQITekzlQw4SIRaFtNB
uTLD0mA6iuf/Q4IDVMHt3vbJJ+uPEX/PxZ/YjhsugDuEd+lKCW9VOljPSQIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFJvUfqO8PyKxkbUTurR5em3qotSSMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvbTlSLW83d19JckdSdFJPNnRIbDZiZXFpMUpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgZcEAgABMIGQAwQC
AjikAwQCLVEUAwQCLVqQAwQCLYzcAwQCLZrEAwQCTVPwAwQCTmzYAwQCU490AwQC
VcqgAwQCWb6cAwQCstqQAwQCubkoAwQCubpAAwQCueNEAwQCuepIAwQCufLgAwQC
wR8cAwQCwSJMAwQAwWm4AwQCwd3AAwQCwh+MAwQCwjIQAwQCwjjgAwQC1GsMMF4E
AgACMFgDBwQqCwuCAAADBQEqCwuEAwcAKgsLh/8SAwcAKgsLh/+0AwcAKgsLh//a
AwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABADBwYqC3CAAAADBQAqDXfHMA0G
CSqGSIb3DQEBCwUAA4IBAQC6wQq75wckQARrKsgap1vQ1VzyE8VoZVBCQbVZ+lvi
shST5HEOctG66rYU0HUzX21B1PUjVSGN3ezY8C3o5Iz1OLMyr7NG5JKQPkvjHjo1
M0C4O8rC8ddBr32l/JihfxCx646dkOFeNQ19CEuX/QUl1QZzWwYX5tb81NFyAbWH
B17cELHCxPoEP6WbR8gqnLfGI0Mv0aGzWTbF4Yo96c3Ip+3zyzr+cOKX0K9ciiUc
wrEfOfAf6xnnGcAb4abIUtZ9vq19wr3C1WWRRqyd8Ahk0hQ7Msi/X5jY5tcDhX38
MHtqEVPHNrSsJOX88XRRgTQMPzUlWYp39b9z1cxyRBmY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:40 2024 by rpki-client on console-ams.rpki-client.org