Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/D2mhbWBebeT6WZ5zwmaNxZPaZi4.roa
File: D2mhbWBebeT6WZ5zwmaNxZPaZi4.roa (raw, json)
Hash identifier: Uq++tvi6TyTl2OQOxmq4hyOAXbQLqschtckxtUYihCg=
Subject key identifier: 0F:69:A1:6D:60:5E:6D:E4:FA:59:9E:73:C2:66:8D:C5:93:DA:66:2E
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018C1AB9EDFF03360C4C87CDB18F70BAB6E7
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/D2mhbWBebeT6WZ5zwmaNxZPaZi4.roa
Signing time: Wed 29 Nov 2023 10:57:21 +0000
ROA not before: Wed 29 Nov 2023 10:57:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12663
IP address blocks: 46.108.0.0/16 maxlen: 24
37.25.128.0/17 maxlen: 24
188.240.84.0/22 maxlen: 22
92.114.8.0/21 maxlen: 21
176.125.0.0/19 maxlen: 24
85.205.0.0/16 maxlen: 24
130.195.96.0/19 maxlen: 19
192.125.128.0/17 maxlen: 24
195.232.128.0/17 maxlen: 24
145.230.0.0/16 maxlen: 24
130.195.128.0/18 maxlen: 24
89.32.48.0/21 maxlen: 21
46.190.128.0/17 maxlen: 24
130.195.64.0/19 maxlen: 19
108.179.64.0/18 maxlen: 19
130.195.200.0/21 maxlen: 21
86.104.216.0/22 maxlen: 22
208.53.128.0/18 maxlen: 18
62.213.128.0/19 maxlen: 19
139.47.160.0/19 maxlen: 24
139.47.192.0/18 maxlen: 24
195.233.0.0/16 maxlen: 24
130.195.32.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1a:b9:ed:ff:03:36:0c:4c:87:cd:b1:8f:70:ba:b6:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 29 10:57:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f69a16d605e6de4fa599e73c2668dc593da662e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f0:99:f5:c5:36:e1:ad:49:40:4f:8d:40:14:
d0:75:ee:a8:03:3f:6f:55:51:e1:53:41:ad:65:75:
f5:0f:a3:aa:f6:76:bf:f1:36:ea:5a:7c:af:5b:96:
9d:84:c3:43:83:f5:62:83:dd:d3:9e:2e:8b:48:14:
db:8b:53:c7:b3:a7:3d:9c:79:cd:40:f3:79:60:3d:
27:95:55:7c:ed:03:76:f3:cf:42:f0:95:71:df:f4:
2d:0a:2b:5e:c7:a7:c4:37:a7:0b:35:6f:8d:86:ae:
f1:13:6c:8f:4c:73:b9:42:a6:b8:6f:c5:b2:4d:28:
0a:40:b7:63:0b:fb:f5:f2:a9:b0:92:29:c3:1a:aa:
50:5c:81:2a:d7:49:85:cb:e9:e3:63:4a:9b:00:c4:
42:ff:fa:f9:6f:68:95:b5:2b:5e:3e:a4:e6:d1:89:
34:1f:85:b7:4d:e3:01:3d:d9:60:5b:3f:c5:c4:7d:
fc:91:1a:2f:1b:f8:1d:08:13:29:2b:db:1a:f9:c5:
8e:5e:7f:0f:ef:1f:c6:de:5a:bb:80:c7:a0:0b:a7:
cf:e1:4f:27:ef:69:81:22:58:57:75:bf:04:35:06:
30:8b:24:e2:d8:69:f3:2d:08:d2:cc:f7:cb:59:6a:
ab:48:bb:32:b5:7b:3f:50:74:fc:e0:53:be:e8:77:
d9:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:69:A1:6D:60:5E:6D:E4:FA:59:9E:73:C2:66:8D:C5:93:DA:66:2E
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/D2mhbWBebeT6WZ5zwmaNxZPaZi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.128.0/17
46.108.0.0/16
46.190.128.0/17
62.213.128.0/19
85.205.0.0/16
86.104.216.0/22
89.32.48.0/21
92.114.8.0/21
108.179.64.0/18
130.195.32.0/20
130.195.64.0-130.195.191.255
130.195.200.0/21
139.47.160.0-139.47.255.255
145.230.0.0/16
176.125.0.0/19
188.240.84.0/22
192.125.128.0/17
195.232.128.0-195.233.255.255
208.53.128.0/18
Signature Algorithm: sha256WithRSAEncryption
1f:9e:0a:95:5f:e4:3a:6e:aa:24:39:ad:e5:9d:53:c0:33:9b:
88:1d:14:3a:45:50:ac:81:32:c5:f4:da:b9:91:6d:5b:04:74:
68:24:4c:c1:90:b0:f2:f4:81:24:7e:83:8b:d4:9b:05:89:a3:
dd:e8:36:ca:ef:5c:39:4f:bd:02:18:ca:b7:2b:b7:97:2e:6d:
15:25:03:c6:f8:ef:9b:cb:9a:66:98:da:08:8a:7b:32:39:d1:
30:b6:6a:2b:7e:8a:41:d5:58:6f:cc:4a:67:aa:60:f1:cd:16:
b6:bc:03:e3:c4:57:a3:ef:94:59:70:39:3b:fd:72:73:69:07:
7c:a8:46:3e:68:33:7e:48:c7:56:fb:e6:0c:c6:1b:dc:6a:24:
b3:12:54:21:46:fa:ba:8b:d2:2f:59:61:a8:cc:ec:40:fc:24:
2c:12:cd:b5:46:e4:b4:69:77:d9:ac:2a:74:c1:49:3b:20:10:
43:34:34:fc:73:c8:05:62:01:8e:1c:94:9c:c1:96:c2:5f:a9:
28:cb:aa:75:7b:0b:f7:3a:02:5a:50:45:1d:22:51:0d:32:e6:
2f:53:e2:9a:3f:27:33:fc:3e:38:9e:f2:8b:d5:69:e3:4d:ac:
3b:91:a4:36:28:e8:5f:3b:48:59:fc:47:b7:49:4c:13:fe:a3:
d8:9b:cb:15
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYwaue3/AzYMTIfNsY9wurbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjMxMTI5MTA1NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjY5YTE2ZDYwNWU2ZGU0ZmE1OTllNzNjMjY2OGRjNTkzZGE2NjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivCZ9cU24a1JQE+NQBTQde6oAz9v
VVHhU0GtZXX1D6Oq9na/8TbqWnyvW5adhMNDg/Vig93Tni6LSBTbi1PHs6c9nHnN
QPN5YD0nlVV87QN2889C8JVx3/QtCitex6fEN6cLNW+Nhq7xE2yPTHO5Qqa4b8Wy
TSgKQLdjC/v18qmwkinDGqpQXIEq10mFy+njY0qbAMRC//r5b2iVtStePqTm0Yk0
H4W3TeMBPdlgWz/FxH38kRovG/gdCBMpK9sa+cWOXn8P7x/G3lq7gMegC6fP4U8n
72mBIlhXdb8ENQYwiyTi2GnzLQjSzPfLWWqrSLsytXs/UHT84FO+6HfZUQIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFA9poW1gXm3k+lmec8JmjcWT2mYuMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvRDJtaGJXQmViZVQ2V1o1endtYU54WlBhWmk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzCBjAQCAAEwgYUDBAcl
GYADAwAubAMEBy6+gAMEBT7VgAMDAFXNAwQCVmjYAwQDWSAwAwQDXHIIAwQGbLNA
AwQEgsMgMAwDBAaCw0ADBAaCw4ADBAOCw8gwCwMEBYsvoAMDBIsgAwMAkeYDBAWw
fQADBAK88FQDBAfAfYAwCwMEB8PogAMDAcPoAwQG0DWAMA0GCSqGSIb3DQEBCwUA
A4IBAQAfngqVX+Q6bqokOa3lnVPAM5uIHRQ6RVCsgTLF9Nq5kW1bBHRoJEzBkLDy
9IEkfoOL1JsFiaPd6DbK71w5T70CGMq3K7eXLm0VJQPG+O+by5pmmNoIinsyOdEw
tmorfopB1VhvzEpnqmDxzRa2vAPjxFej75RZcDk7/XJzaQd8qEY+aDN+SMdW++YM
xhvcaiSzElQhRvq6i9IvWWGozOxA/CQsEs21RuS0aXfZrCp0wUk7IBBDNDT8c8gF
YgGOHJScwZbCX6koy6p1ewv3OgJaUEUdIlENMuYvU+KaPycz/D44nvKL1WnjTaw7
kaQ2KOhfO0hZ/Ee3SUwT/qPYm8sV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:21 2024 by rpki-client on console-ams.rpki-client.org