Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/nxM6iYr7tJnLX0tcqr3oDiPtPKY.roa
File: nxM6iYr7tJnLX0tcqr3oDiPtPKY.roa (raw, json)
Hash identifier: 1Xg38XPKegJArl54GN+lme/pSKJO91ShwUn+W/ek0Go=
Subject key identifier: 9F:13:3A:89:8A:FB:B4:99:CB:5F:4B:5C:AA:BD:E8:0E:23:ED:3C:A6
Certificate issuer: /CN=e5503498ff185d0c607353f43f55e911f62a6802
Certificate serial: 018596AED7B5C6851CE64E8DBF95E7653C9F
Authority key identifier: E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/nxM6iYr7tJnLX0tcqr3oDiPtPKY.roa
Signing time: Mon 09 Jan 2023 13:18:38 +0000
ROA not before: Mon 09 Jan 2023 13:18:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15943
IP address blocks: 80.245.104.0/22 maxlen: 24
84.242.16.0/20 maxlen: 24
149.249.16.0/20 maxlen: 24
185.29.240.0/22 maxlen: 24
216.83.208.0/20 maxlen: 24
45.131.16.0/22 maxlen: 24
193.178.56.0/22 maxlen: 24
185.232.32.0/22 maxlen: 24
213.195.24.0/21 maxlen: 21
45.82.192.0/22 maxlen: 22
185.220.216.0/22 maxlen: 24
94.72.168.0/21 maxlen: 24
176.109.192.0/19 maxlen: 24
95.163.160.0/20 maxlen: 24
94.72.184.0/21 maxlen: 24
81.25.160.0/20 maxlen: 24
212.146.136.0/21 maxlen: 24
149.224.0.0/16 maxlen: 24
212.146.144.0/20 maxlen: 24
94.72.128.0/21 maxlen: 24
46.22.0.0/20 maxlen: 24
45.157.100.0/22 maxlen: 22
193.218.16.0/20 maxlen: 24
212.127.32.0/19 maxlen: 24
195.123.96.0/20 maxlen: 24
188.136.224.0/19 maxlen: 24
31.29.32.0/19 maxlen: 24
84.46.0.0/17 maxlen: 24
46.59.128.0/17 maxlen: 24
149.233.128.0/17 maxlen: 24
185.82.16.0/22 maxlen: 24
213.21.32.0/20 maxlen: 24
95.129.0.0/21 maxlen: 24
185.207.4.0/22 maxlen: 22
37.122.136.0/21 maxlen: 24
192.119.48.0/20 maxlen: 24
109.230.96.0/20 maxlen: 20
192.196.192.0/20 maxlen: 24
45.159.176.0/22 maxlen: 24
185.23.224.0/22 maxlen: 24
185.215.236.0/22 maxlen: 24
95.81.0.0/19 maxlen: 24
2.57.116.0/22 maxlen: 24
149.249.248.0/22 maxlen: 24
77.223.8.0/21 maxlen: 21
195.250.0.0/20 maxlen: 24
77.223.16.0/20 maxlen: 20
213.209.64.0/18 maxlen: 24
134.101.128.0/17 maxlen: 24
31.172.104.0/21 maxlen: 24
2a04:4540::/29 maxlen: 29
2a02:2028::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:96:ae:d7:b5:c6:85:1c:e6:4e:8d:bf:95:e7:65:3c:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5503498ff185d0c607353f43f55e911f62a6802
Validity
Not Before: Jan 9 13:18:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f133a898afbb499cb5f4b5caabde80e23ed3ca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d7:01:35:86:f5:ff:f9:c9:2d:9b:59:28:c9:
7a:5b:11:38:18:77:93:15:80:8e:fa:c5:ae:95:79:
d6:15:2a:8c:53:fa:aa:93:c1:60:5e:ab:af:ea:03:
18:c0:48:2e:0d:c6:ba:f0:fb:f5:94:60:89:0b:c5:
11:74:76:2e:6b:bf:be:a4:aa:5b:47:29:f1:e0:bc:
06:0c:26:04:b2:c9:ba:f2:41:a1:8e:7f:8e:cd:91:
74:d0:8e:7c:6e:f3:d2:e1:c4:28:80:c2:44:9e:f2:
d5:95:b8:58:d4:93:9e:c8:c8:75:4e:a9:7c:15:3e:
e9:29:8e:29:c1:36:8a:c9:e3:d9:08:c3:c7:ba:44:
8b:e8:98:43:d1:5d:e3:61:5a:3e:e1:e0:86:10:45:
7d:45:bc:3f:ed:1f:74:4b:58:7c:59:34:35:3f:21:
49:cb:d4:01:aa:23:0a:c0:8b:b4:82:3c:dc:b1:a1:
72:33:fb:09:17:65:7d:a0:ce:1d:80:75:c4:15:38:
6e:7e:d5:b7:7a:ed:ef:62:40:b0:c9:4b:a2:ef:13:
78:23:04:42:2b:d6:90:25:b4:17:4a:ac:45:62:03:
fb:95:23:59:8a:4a:f4:f7:73:e3:a3:79:4f:87:4f:
74:12:5f:ad:36:cc:85:a6:66:15:ad:df:20:e2:54:
79:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:13:3A:89:8A:FB:B4:99:CB:5F:4B:5C:AA:BD:E8:0E:23:ED:3C:A6
X509v3 Authority Key Identifier:
keyid:E5:50:34:98:FF:18:5D:0C:60:73:53:F4:3F:55:E9:11:F6:2A:68:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5VA0mP8YXQxgc1P0P1XpEfYqaAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/nxM6iYr7tJnLX0tcqr3oDiPtPKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/97b0bc-f4f8-4f90-8554-1e279f7b6023/1/5VA0mP8YXQxgc1P0P1XpEfYqaAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.116.0/22
31.29.32.0/19
31.172.104.0/21
37.122.136.0/21
45.82.192.0/22
45.131.16.0/22
45.157.100.0/22
45.159.176.0/22
46.22.0.0/20
46.59.128.0/17
77.223.8.0-77.223.31.255
80.245.104.0/22
81.25.160.0/20
84.46.0.0/17
84.242.16.0/20
94.72.128.0/21
94.72.168.0/21
94.72.184.0/21
95.81.0.0/19
95.129.0.0/21
95.163.160.0/20
109.230.96.0/20
134.101.128.0/17
149.224.0.0/16
149.233.128.0/17
149.249.16.0/20
149.249.248.0/22
176.109.192.0/19
185.23.224.0/22
185.29.240.0/22
185.82.16.0/22
185.207.4.0/22
185.215.236.0/22
185.220.216.0/22
185.232.32.0/22
188.136.224.0/19
192.119.48.0/20
192.196.192.0/20
193.178.56.0/22
193.218.16.0/20
195.123.96.0/20
195.250.0.0/20
212.127.32.0/19
212.146.136.0-212.146.159.255
213.21.32.0/20
213.195.24.0/21
213.209.64.0/18
216.83.208.0/20
IPv6:
2a02:2028::/32
2a04:4540::/29
Signature Algorithm: sha256WithRSAEncryption
ab:0a:c1:9e:1c:c4:90:bd:43:91:55:ec:a0:bd:d2:13:56:c0:
5a:b7:4e:ba:19:f8:9c:78:85:57:41:f3:43:51:8c:66:92:28:
5d:7d:8c:85:8e:d7:70:f5:f0:80:04:63:f3:de:38:bb:7d:84:
a5:1b:2e:1b:65:d7:76:85:f2:9a:9a:09:23:59:bf:91:aa:61:
9b:fa:5c:8f:8f:5a:50:af:5b:73:48:6c:90:e2:65:fa:2a:99:
82:f3:b0:27:5b:82:6e:4e:11:cc:fc:54:a5:4c:c9:b7:c8:9e:
38:79:cb:1c:93:a4:29:cd:6d:1d:57:be:53:fb:c2:51:e9:3d:
11:18:cb:94:30:3b:f7:c9:bb:bd:92:97:4d:a8:88:c9:b7:f4:
00:63:94:e9:44:80:4c:7d:06:61:64:fc:1d:d5:79:c1:1a:b6:
50:e9:c7:2f:cf:b3:51:2f:df:ce:0b:5e:18:96:f1:2c:a2:7f:
ee:35:81:db:71:e3:bb:f6:a6:eb:db:7c:cd:94:65:2e:2d:c8:
aa:fe:db:81:d6:12:49:c9:a6:c4:73:fc:e2:ba:da:dd:ab:cd:
8d:90:69:07:85:76:1c:98:b0:52:80:d7:12:8c:d2:b3:68:87:
1c:db:77:b6:05:d8:a6:6f:de:bb:bb:5e:88:51:70:05:d9:70:
7f:08:78:f9
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgISAYWWrte1xoUc5k6Nv5XnZTyfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NTAzNDk4ZmYxODVkMGM2MDczNTNmNDNmNTVlOTExZjYy
YTY4MDIwHhcNMjMwMTA5MTMxODM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjEzM2E4OThhZmJiNDk5Y2I1ZjRiNWNhYWJkZTgwZTIzZWQzY2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltcBNYb1//nJLZtZKMl6WxE4GHeT
FYCO+sWulXnWFSqMU/qqk8FgXquv6gMYwEguDca68Pv1lGCJC8URdHYua7++pKpb
Rynx4LwGDCYEssm68kGhjn+OzZF00I58bvPS4cQogMJEnvLVlbhY1JOeyMh1Tql8
FT7pKY4pwTaKyePZCMPHukSL6JhD0V3jYVo+4eCGEEV9Rbw/7R90S1h8WTQ1PyFJ
y9QBqiMKwIu0gjzcsaFyM/sJF2V9oM4dgHXEFThuftW3eu3vYkCwyUui7xN4IwRC
K9aQJbQXSqxFYgP7lSNZikr093Pjo3lPh090El+tNsyFpmYVrd8g4lR5/QIDAQAB
o4IDUjCCA04wHQYDVR0OBBYEFJ8TOomK+7SZy19LXKq96A4j7TymMB8GA1UdIwQY
MBaAFOVQNJj/GF0MYHNT9D9V6RH2KmgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVZBMG1QOFlYUXhnYzFQMFAxWHBFZllxYUFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85N2IwYmMtZjRmOC00ZjkwLTg1NTQt
MWUyNzlmN2I2MDIzLzEvbnhNNmlZcjd0Sm5MWDB0Y3FyM29EaVB0UEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85N2IwYmMtZjRmOC00ZjkwLTg1NTQtMWUyNzlmN2I2MDIz
LzEvNVZBMG1QOFlYUXhnYzFQMFAxWHBFZllxYUFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZgYIKwYBBQUHAQcBAf8EggFVMIIBUTCCATcEAgABMIIB
LwMEAgI5dAMEBR8dIAMEAx+saAMEAyV6iAMEAi1SwAMEAi2DEAMEAi2dZAMEAi2f
sAMEBC4WAAMEBy47gDAMAwQDTd8IAwQFTd8AAwQCUPVoAwQEURmgAwQHVC4AAwQE
VPIQAwQDXkiAAwQDXkioAwQDXki4AwQFX1EAAwQDX4EAAwQEX6OgAwQEbeZgAwQH
hmWAAwMAleADBAeV6YADBASV+RADBAKV+fgDBAWwbcADBAK5F+ADBAK5HfADBAK5
UhADBAK5zwQDBAK51+wDBAK53NgDBAK56CADBAW8iOADBATAdzADBATAxMADBALB
sjgDBATB2hADBATDe2ADBATD+gADBAXUfyAwDAMEA9SSiAMEBdSSgAMEBNUVIAME
A9XDGAMEBtXRQAMEBNhT0DAUBAIAAjAOAwUAKgIgKAMFAyoERUAwDQYJKoZIhvcN
AQELBQADggEBAKsKwZ4cxJC9Q5FV7KC90hNWwFq3TroZ+Jx4hVdB80NRjGaSKF19
jIWO13D18IAEY/PeOLt9hKUbLhtl13aF8pqaCSNZv5GqYZv6XI+PWlCvW3NIbJDi
ZfoqmYLzsCdbgm5OEcz8VKVMybfInjh5yxyTpCnNbR1XvlP7wlHpPREYy5QwO/fJ
u72Sl02oiMm39ABjlOlEgEx9BmFk/B3VecEatlDpxy/Ps1Ev384LXhiW8Syif+41
gdtx47v2puvbfM2UZS4tyKr+24HWEknJpsRz/OK62t2rzY2QaQeFdhyYsFKA1xKM
0rNohxzbd7YF2KZv3ru7XohRcAXZcH8IePk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:37 2023 by rpki-client on console-ams.rpki-client.org