Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/nDfuu61Mn6pJ4U_nsc3WhkXzVkw.roa
File: nDfuu61Mn6pJ4U_nsc3WhkXzVkw.roa (raw, json)
Hash identifier: 6m5kNfugTkZXRpZqO2iFdL0wDfDbQTBwjAQfzIsyOyQ=
Subject key identifier: 9C:37:EE:BB:AD:4C:9F:AA:49:E1:4F:E7:B1:CD:D6:86:45:F3:56:4C
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01904B5EFDA0E8BF18A0435A9087EEC3BACA
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/nDfuu61Mn6pJ4U_nsc3WhkXzVkw.roa
Signing time: Mon 24 Jun 2024 17:50:34 +0000
ROA not before: Mon 24 Jun 2024 17:50:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 2.56.0.0/22 maxlen: 22
5.180.4.0/22 maxlen: 22
5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
85.159.117.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.72.0/23 maxlen: 23
91.242.73.0/24 maxlen: 24
91.242.74.0/23 maxlen: 23
91.242.94.0/24 maxlen: 24
91.242.95.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.125.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
178.175.176.0/22 maxlen: 22
185.40.105.0/24 maxlen: 24
185.173.244.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
193.46.204.0/24 maxlen: 24
194.50.200.0/23 maxlen: 24
194.50.201.0/24 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 22
195.138.104.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.108.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
195.138.124.0/24 maxlen: 24
195.216.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 26 Jun 2024 20:11:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4b:5e:fd:a0:e8:bf:18:a0:43:5a:90:87:ee:c3:ba:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 24 17:50:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c37eebbad4c9faa49e14fe7b1cdd68645f3564c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ef:f6:50:be:65:21:dc:6d:38:4d:a2:7e:d7:
6d:14:4f:c9:cd:d4:51:17:4e:7a:ee:26:a1:ec:12:
86:db:e4:43:db:c6:95:3d:7c:bb:39:f7:ca:ea:55:
64:4c:37:d1:f4:28:86:43:ad:d1:81:db:2b:4c:5a:
7e:8e:ba:da:0a:11:4e:fe:50:1a:c3:1c:3f:c9:12:
71:24:b9:3b:40:84:4b:57:1a:1b:92:0f:5f:70:ff:
3a:80:95:b2:1d:16:15:78:58:38:20:7a:d2:82:d1:
97:4f:16:ec:fd:f2:20:f2:b4:34:7d:cf:3a:d9:e5:
35:89:e1:46:0a:84:2a:19:64:13:12:58:6c:ea:82:
3a:d3:31:65:e2:87:e9:2a:c5:eb:db:6e:60:d1:64:
aa:36:81:ef:d5:27:49:f5:ac:98:94:93:ce:12:a9:
fd:5f:3b:e1:d9:1b:a8:80:31:8c:53:06:80:d1:66:
98:ff:a2:91:53:ee:6d:77:80:3e:40:2c:db:03:f2:
18:b6:da:57:9f:a3:17:f2:c6:3f:a4:bd:8a:54:b6:
6f:94:df:79:05:43:cc:b6:3b:88:c8:dc:4e:ba:75:
a5:00:09:4b:ac:ea:80:3e:e0:06:a2:83:ec:2a:28:
2f:1c:2c:2e:d2:89:4b:71:30:c0:e5:a5:3a:d2:37:
4d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:37:EE:BB:AD:4C:9F:AA:49:E1:4F:E7:B1:CD:D6:86:45:F3:56:4C
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/nDfuu61Mn6pJ4U_nsc3WhkXzVkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
5.180.4.0/22
5.182.28.0/22
45.67.117.0/24
85.159.117.0/24
89.39.242.0/24
89.40.161.0/24
91.239.59.0/24
91.242.70.0/24
91.242.72.0/22
91.242.94.0/23
91.242.103.0/24
91.242.105.0/24
91.242.123.0-91.242.127.255
94.231.198.0/24
176.126.223.0/24
178.175.176.0/22
185.40.105.0/24
185.173.244.0/24
185.173.247.0/24
185.180.145.0/24
185.212.11.0/24
193.46.204.0/24
194.50.200.0/23
194.50.206.0/23
195.138.103.0-195.138.108.255
195.138.111.0-195.138.112.255
195.138.114.0/24
195.138.116.0/24
195.138.118.0/24
195.138.120.0/24
195.138.122.0-195.138.127.255
195.216.156.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:f8:2d:69:9a:e6:b1:09:5b:fd:5a:98:b6:b3:35:ed:e0:30:
c5:4b:d6:7f:0f:a3:f9:26:d3:4b:7e:65:06:d3:fc:23:84:c7:
db:46:69:dd:85:c5:c3:b2:a9:43:cb:e4:e3:9b:85:b4:2b:b1:
64:e6:41:fe:16:f7:92:cb:c5:5e:b2:3d:0b:d3:13:04:28:a0:
63:97:cd:6d:37:d2:df:79:c6:58:2f:2c:34:8b:4b:f8:04:81:
d8:33:03:9a:c2:88:17:ae:d3:ea:5e:e5:3a:49:bb:95:dc:7c:
a6:9b:0d:ec:d4:fc:49:eb:d4:f7:dd:05:33:1c:ab:d0:e2:56:
36:61:54:1e:f1:0a:54:55:dd:33:44:b1:98:92:aa:46:ab:8b:
bf:9f:64:ae:94:85:5e:ef:f0:a1:51:ff:c5:ec:5f:0d:6b:b4:
5e:d1:af:f8:56:e0:44:4e:81:dd:d6:bc:ce:77:7e:ab:c5:58:
7c:8c:ba:6e:4e:39:f5:76:f1:13:e7:7a:5d:da:a3:14:97:14:
09:db:37:bb:16:19:66:f7:36:17:5e:f4:00:89:ec:63:6c:93:
50:41:75:fb:50:c4:5b:79:b6:b4:ba:e5:3d:cf:15:4a:35:a5:
56:51:cb:fc:df:ca:f1:ca:5e:b9:e6:08:b2:49:8e:44:8f:f9:
8a:14:8d:4d
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgISAZBLXv2g6L8YoENakIfuw7rKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNjI0MTc1MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzM3ZWViYmFkNGM5ZmFhNDllMTRmZTdiMWNkZDY4NjQ1ZjM1NjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzu/2UL5lIdxtOE2iftdtFE/JzdRR
F0567iah7BKG2+RD28aVPXy7OffK6lVkTDfR9CiGQ63RgdsrTFp+jrraChFO/lAa
wxw/yRJxJLk7QIRLVxobkg9fcP86gJWyHRYVeFg4IHrSgtGXTxbs/fIg8rQ0fc86
2eU1ieFGCoQqGWQTElhs6oI60zFl4ofpKsXr225g0WSqNoHv1SdJ9ayYlJPOEqn9
Xzvh2RuogDGMUwaA0WaY/6KRU+5td4A+QCzbA/IYttpXn6MX8sY/pL2KVLZvlN95
BUPMtjuIyNxOunWlAAlLrOqAPuAGooPsKigvHCwu0olLcTDA5aU60jdNdQIDAQAB
o4IC7zCCAuswHQYDVR0OBBYEFJw37rutTJ+qSeFP57HN1oZF81ZMMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvbkRmdXU2MU1uNnBKNFVfbnNjM1doa1h6Vmt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwge0EAgABMIHmAwQC
AjgAAwQCBbQEAwQCBbYcAwQALUN1AwQAVZ91AwQAWSfyAwQAWSihAwQAW+87AwQA
W/JGAwQCW/JIAwQBW/JeAwQAW/JnAwQAW/JpMAwDBABb8nsDBAdb8gADBABe58YD
BACwft8DBAKyr7ADBAC5KGkDBAC5rfQDBAC5rfcDBAC5tJEDBAC51AsDBADBLswD
BAHCMsgDBAHCMs4wDAMEAMOKZwMEAMOKbDAMAwQAw4pvAwQAw4pwAwQAw4pyAwQA
w4p0AwQAw4p2AwQAw4p4MAwDBAHDinoDBAfDigADBALD2JwwDQYJKoZIhvcNAQEL
BQADggEBAKH4LWma5rEJW/1amLazNe3gMMVL1n8Po/km00t+ZQbT/COEx9tGad2F
xcOyqUPL5OObhbQrsWTmQf4W95LLxV6yPQvTEwQooGOXzW030t95xlgvLDSLS/gE
gdgzA5rCiBeu0+pe5TpJu5XcfKabDezU/Enr1PfdBTMcq9DiVjZhVB7xClRV3TNE
sZiSqkari7+fZK6UhV7v8KFR/8XsXw1rtF7Rr/hW4EROgd3WvM53fqvFWHyMum5O
OfV28RPnel3aoxSXFAnbN7sWGWb3Nhde9ACJ7GNsk1BBdftQxFt5trS65T3PFUo1
pVZRy/zfyvHKXrnmCLJJjkSP+YoUjU0=
-----END CERTIFICATE-----
Generated at Thu Jun 27 00:14:23 2024 by rpki-client on console-fra.rpki-client.org