Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/M2uYcOSudr2dhXaA_kJHApbakhw.roa
File: M2uYcOSudr2dhXaA_kJHApbakhw.roa (raw, json)
Hash identifier: NjII1PhHpCGZY07NS1+LaaqQZMtqnKQLJ52VkVd+j7U=
Subject key identifier: 33:6B:98:70:E4:AE:76:BD:9D:85:76:80:FE:42:47:02:96:DA:92:1C
Certificate issuer: /CN=f62eeb879085c94194297dd9e4cd249cd2516515
Certificate serial: 018DA7C492786636B31E8743199BE4C68C36
Authority key identifier: F6:2E:EB:87:90:85:C9:41:94:29:7D:D9:E4:CD:24:9C:D2:51:65:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9i7rh5CFyUGUKX3Z5M0knNJRZRU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/M2uYcOSudr2dhXaA_kJHApbakhw.roa
Signing time: Wed 14 Feb 2024 13:18:14 +0000
ROA not before: Wed 14 Feb 2024 13:18:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197540
IP address blocks: 2.56.96.0/22 maxlen: 22
5.45.96.0/20 maxlen: 32
5.181.48.0/22 maxlen: 22
5.252.224.0/22 maxlen: 22
37.120.160.0/19 maxlen: 32
37.221.192.0/21 maxlen: 32
45.9.60.0/22 maxlen: 22
45.83.104.0/22 maxlen: 22
45.90.4.0/22 maxlen: 22
45.90.7.0/24 maxlen: 24
45.129.180.0/22 maxlen: 22
45.132.244.0/22 maxlen: 22
45.136.28.0/22 maxlen: 22
45.142.176.0/22 maxlen: 22
45.157.176.0/22 maxlen: 22
46.38.224.0/20 maxlen: 32
46.38.240.0/21 maxlen: 32
46.38.248.0/22 maxlen: 32
46.38.252.0/22 maxlen: 32
46.232.248.0/22 maxlen: 22
81.16.16.0/22 maxlen: 22
85.209.48.0/22 maxlen: 22
85.235.64.0/22 maxlen: 22
89.58.0.0/22 maxlen: 22
89.58.4.0/22 maxlen: 22
89.58.8.0/22 maxlen: 22
89.58.12.0/22 maxlen: 22
89.58.16.0/21 maxlen: 21
89.58.24.0/22 maxlen: 22
89.58.28.0/22 maxlen: 22
89.58.32.0/22 maxlen: 22
89.58.36.0/22 maxlen: 22
89.58.40.0/22 maxlen: 22
89.58.44.0/22 maxlen: 22
89.58.48.0/22 maxlen: 22
89.58.52.0/22 maxlen: 22
89.58.56.0/22 maxlen: 22
89.58.60.0/22 maxlen: 22
91.132.144.0/22 maxlen: 22
91.204.44.0/22 maxlen: 22
92.60.36.0/22 maxlen: 22
93.177.64.0/22 maxlen: 22
152.89.104.0/22 maxlen: 22
185.16.60.0/22 maxlen: 32
185.162.248.0/22 maxlen: 32
185.163.116.0/22 maxlen: 22
185.170.112.0/22 maxlen: 32
185.183.156.0/22 maxlen: 32
185.194.140.0/22 maxlen: 22
185.207.104.0/22 maxlen: 32
185.228.136.0/22 maxlen: 32
185.233.104.0/22 maxlen: 32
185.243.8.0/22 maxlen: 32
185.244.192.0/22 maxlen: 32
188.68.32.0/19 maxlen: 32
192.145.44.0/22 maxlen: 22
193.30.120.0/22 maxlen: 22
193.31.24.0/22 maxlen: 22
194.13.80.0/22 maxlen: 22
194.55.12.0/22 maxlen: 22
194.59.204.0/22 maxlen: 22
195.128.100.0/22 maxlen: 22
213.109.160.0/22 maxlen: 22
2a03:4000::/32 maxlen: 48
2a03:4001::/32 maxlen: 48
2a0a:4cc0::/40 maxlen: 40
2a0a:4cc0:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 25 Apr 2024 06:40:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:c4:92:78:66:36:b3:1e:87:43:19:9b:e4:c6:8c:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f62eeb879085c94194297dd9e4cd249cd2516515
Validity
Not Before: Feb 14 13:18:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=336b9870e4ae76bd9d857680fe42470296da921c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:db:d7:31:47:fd:f6:50:b2:a3:5d:fc:a7:ff:
f5:66:19:e6:ef:1b:ee:bb:0f:e4:e5:3d:d2:a6:6c:
29:bd:aa:62:44:02:83:7a:9f:5a:b3:0e:10:ac:f3:
a6:0a:45:02:11:b4:14:56:fd:52:10:29:a0:69:13:
db:82:84:97:cd:c1:93:5b:94:23:a4:07:d4:01:4d:
5a:a3:45:2a:ae:11:3f:85:d3:75:fc:84:b8:d1:13:
0b:8d:e3:a4:3e:2b:ca:9d:20:68:e5:97:f0:75:01:
a3:d3:53:ce:30:04:0a:44:88:f8:b2:4b:b4:78:6a:
ee:a3:fb:9f:89:1e:c2:8c:ea:b3:5d:03:8d:c1:38:
42:5e:d2:8c:ad:aa:d2:71:48:af:3a:4d:e1:8c:3f:
82:69:4f:89:3f:27:f0:68:b2:4e:0b:95:94:80:6c:
4a:02:00:d0:6c:59:a2:e3:35:d3:cc:cd:83:6c:66:
c7:30:ab:47:0b:82:90:ff:3e:8f:21:55:1c:43:89:
c2:58:16:4d:04:03:46:3b:78:41:6d:dc:ed:9e:8d:
38:27:6e:89:65:d0:5a:d5:fb:d3:e1:60:38:9a:6b:
ae:6f:7b:18:97:6c:24:18:55:2b:3b:12:0f:d9:9a:
d4:b1:27:e4:db:e2:c2:85:19:68:75:57:d9:3b:97:
3f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:6B:98:70:E4:AE:76:BD:9D:85:76:80:FE:42:47:02:96:DA:92:1C
X509v3 Authority Key Identifier:
keyid:F6:2E:EB:87:90:85:C9:41:94:29:7D:D9:E4:CD:24:9C:D2:51:65:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9i7rh5CFyUGUKX3Z5M0knNJRZRU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/M2uYcOSudr2dhXaA_kJHApbakhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/9i7rh5CFyUGUKX3Z5M0knNJRZRU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.96.0/22
5.45.96.0/20
5.181.48.0/22
5.252.224.0/22
37.120.160.0/19
37.221.192.0/21
45.9.60.0/22
45.83.104.0/22
45.90.4.0/22
45.129.180.0/22
45.132.244.0/22
45.136.28.0/22
45.142.176.0/22
45.157.176.0/22
46.38.224.0/19
46.232.248.0/22
81.16.16.0/22
85.209.48.0/22
85.235.64.0/22
89.58.0.0/18
91.132.144.0/22
91.204.44.0/22
92.60.36.0/22
93.177.64.0/22
152.89.104.0/22
185.16.60.0/22
185.162.248.0/22
185.163.116.0/22
185.170.112.0/22
185.183.156.0/22
185.194.140.0/22
185.207.104.0/22
185.228.136.0/22
185.233.104.0/22
185.243.8.0/22
185.244.192.0/22
188.68.32.0/19
192.145.44.0/22
193.30.120.0/22
193.31.24.0/22
194.13.80.0/22
194.55.12.0/22
194.59.204.0/22
195.128.100.0/22
213.109.160.0/22
IPv6:
2a03:4000::/31
2a0a:4cc0::-2a0a:4cc0:100:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
89:08:6c:85:0a:91:13:8e:b5:96:b8:ba:9b:84:34:9b:52:33:
91:fd:41:17:11:f3:3c:6e:76:d8:36:67:54:c4:70:e1:6e:0c:
e7:34:af:6c:61:87:19:ee:84:ca:87:fc:55:67:f5:5c:f1:b6:
e8:65:0b:d8:75:f8:82:cf:1d:53:50:27:9c:89:b6:ef:fb:0b:
e6:cc:ef:de:e2:c6:ce:99:ed:99:03:22:ef:40:5a:19:dc:21:
79:7e:24:6b:cf:56:79:f6:ed:7d:ba:2a:5b:1c:f9:46:d0:8d:
45:d8:85:87:77:dd:72:23:7b:80:2f:cf:49:cf:2a:14:f5:bb:
a6:be:14:63:c0:2d:c3:23:1b:06:3b:b0:a1:41:bf:ca:f9:df:
6b:47:fa:6c:a8:dd:c2:af:c9:9a:f1:6f:0e:88:5e:81:81:be:
2b:e3:fe:b0:19:65:a7:36:61:8e:9f:89:b6:89:00:30:22:b0:
7f:f3:9b:6f:53:c9:9f:32:db:20:50:8c:21:e9:a5:3f:c7:c3:
91:e4:58:94:4e:c1:7e:eb:8b:17:a7:e2:86:3b:d2:cc:d4:11:
4d:ba:ce:b3:cf:40:40:37:1b:4d:a9:c0:4b:1d:d1:17:b8:06:
b1:b5:b5:2d:fc:91:60:20:6c:96:1c:55:d7:06:9e:8b:ba:b3:
72:87:93:b7
-----BEGIN CERTIFICATE-----
MIIGMDCCBRigAwIBAgISAY2nxJJ4ZjazHodDGZvkxow2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MmVlYjg3OTA4NWM5NDE5NDI5N2RkOWU0Y2QyNDljZDI1
MTY1MTUwHhcNMjQwMjE0MTMxODE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzZiOTg3MGU0YWU3NmJkOWQ4NTc2ODBmZTQyNDcwMjk2ZGE5MjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltvXMUf99lCyo138p//1Zhnm7xvu
uw/k5T3SpmwpvapiRAKDep9asw4QrPOmCkUCEbQUVv1SECmgaRPbgoSXzcGTW5Qj
pAfUAU1ao0UqrhE/hdN1/IS40RMLjeOkPivKnSBo5ZfwdQGj01POMAQKRIj4sku0
eGruo/ufiR7CjOqzXQONwThCXtKMrarScUivOk3hjD+CaU+JPyfwaLJOC5WUgGxK
AgDQbFmi4zXTzM2DbGbHMKtHC4KQ/z6PIVUcQ4nCWBZNBANGO3hBbdztno04J26J
ZdBa1fvT4WA4mmuub3sYl2wkGFUrOxIP2ZrUsSfk2+LChRlodVfZO5c/BQIDAQAB
o4IDPDCCAzgwHQYDVR0OBBYEFDNrmHDkrna9nYV2gP5CRwKW2pIcMB8GA1UdIwQY
MBaAFPYu64eQhclBlCl92eTNJJzSUWUVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWk3cmg1Q0Z5VUdVS1gzWjVNMGtuTkpSWlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS85MWRhOGItMDUwMi00OGRmLTg1MzIt
NWZiZjlhMjliNmUxLzEvTTJ1WWNPU3VkcjJkaFhhQV9rSkhBcGJha2h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS85MWRhOGItMDUwMi00OGRmLTg1MzItNWZiZjlhMjliNmUx
LzEvOWk3cmg1Q0Z5VUdVS1gzWjVNMGtuTkpSWlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUAYIKwYBBQUHAQcBAf8EggE/MIIBOzCCARYEAgABMIIB
DgMEAgI4YAMEBAUtYAMEAgW1MAMEAgX84AMEBSV4oAMEAyXdwAMEAi0JPAMEAi1T
aAMEAi1aBAMEAi2BtAMEAi2E9AMEAi2IHAMEAi2OsAMEAi2dsAMEBS4m4AMEAi7o
+AMEAlEQEAMEAlXRMAMEAlXrQAMEBlk6AAMEAluEkAMEAlvMLAMEAlw8JAMEAl2x
QAMEAphZaAMEArkQPAMEArmi+AMEArmjdAMEArmqcAMEArm3nAMEArnCjAMEArnP
aAMEArnkiAMEArnpaAMEArnzCAMEArn0wAMEBbxEIAMEAsCRLAMEAsEeeAMEAsEf
GAMEAsINUAMEAsI3DAMEAsI7zAMEAsOAZAMEAtVtoDAfBAIAAjAZAwUBKgNAADAQ
AwUGKgpMwAMHACoKTMABADANBgkqhkiG9w0BAQsFAAOCAQEAiQhshQqRE461lri6
m4Q0m1Izkf1BFxHzPG522DZnVMRw4W4M5zSvbGGHGe6Eyof8VWf1XPG26GUL2HX4
gs8dU1AnnIm27/sL5szv3uLGzpntmQMi70BaGdwheX4ka89WefbtfboqWxz5RtCN
RdiFh3fdciN7gC/PSc8qFPW7pr4UY8AtwyMbBjuwoUG/yvnfa0f6bKjdwq/JmvFv
DohegYG+K+P+sBllpzZhjp+JtokAMCKwf/Obb1PJnzLbIFCMIemlP8fDkeRYlE7B
fuuLF6fihjvSzNQRTbrOs89AQDcbTanASx3RF7gGsbW1LfyRYCBslhxV1waei7qz
coeTtw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:17 2024 by rpki-client on console-ams.rpki-client.org