Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/tbWpRa3qRt1VISKxQ_vQ9PZW7jc.roa
File: tbWpRa3qRt1VISKxQ_vQ9PZW7jc.roa (raw, json)
Hash identifier: h847kEvRo8omv0jl8awLS4YwjxXSSxw+iVb7Er0knr0=
Subject key identifier: B5:B5:A9:45:AD:EA:46:DD:55:21:22:B1:43:FB:D0:F4:F6:56:EE:37
Certificate issuer: /CN=bf809a7e6ca14d0a1a976673e0319e34e956ed3d
Certificate serial: 01856FC29A8044DA77CB2F54182E4F158C00
Authority key identifier: BF:80:9A:7E:6C:A1:4D:0A:1A:97:66:73:E0:31:9E:34:E9:56:ED:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4CafmyhTQoal2Zz4DGeNOlW7T0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/tbWpRa3qRt1VISKxQ_vQ9PZW7jc.roa
Signing time: Sun 01 Jan 2023 23:55:02 +0000
ROA not before: Sun 01 Jan 2023 23:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35332
IP address blocks: 185.151.96.0/22 maxlen: 24
87.236.0.0/21 maxlen: 24
194.5.181.0/24 maxlen: 24
77.242.112.0/20 maxlen: 24
188.92.56.0/21 maxlen: 24
37.235.112.0/21 maxlen: 24
45.116.184.0/22 maxlen: 24
208.88.128.0/22 maxlen: 24
185.113.212.0/22 maxlen: 24
139.28.200.0/22 maxlen: 24
2a00:a000::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:9a:80:44:da:77:cb:2f:54:18:2e:4f:15:8c:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf809a7e6ca14d0a1a976673e0319e34e956ed3d
Validity
Not Before: Jan 1 23:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5b5a945adea46dd552122b143fbd0f4f656ee37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9d:ae:70:7a:30:9c:16:78:2d:f5:e1:f9:ae:
fa:11:c8:72:a3:b4:d8:58:30:36:d6:a3:29:13:2c:
d5:57:93:80:f1:79:7c:8a:60:5b:15:ef:82:e6:38:
cb:9e:90:0a:42:78:32:a8:49:85:68:d2:c1:96:41:
28:8b:8b:1a:b5:32:25:96:f4:e9:d1:36:db:53:cf:
cb:8b:a7:f5:d3:0b:7a:9d:19:27:eb:6e:b2:63:d7:
ea:2c:f8:1c:34:16:81:96:53:82:fe:3f:9a:c0:8d:
54:ba:07:c6:bf:22:70:4b:6e:1d:d4:3c:46:e8:d3:
cf:84:c0:41:82:61:93:2d:ca:74:1e:a9:32:98:9b:
56:48:22:e0:70:f6:c4:5e:3f:6a:1f:3f:89:86:6c:
8c:6d:f3:08:96:e8:db:41:59:20:0f:21:0b:ca:43:
f8:8c:c4:88:5e:12:7a:2e:e1:b6:9c:65:d4:9a:c3:
f7:49:d1:90:a9:bf:37:68:9a:ca:e8:b7:2f:52:f7:
77:97:6e:0b:87:b5:25:c1:61:f4:92:86:c6:a0:88:
95:c8:51:37:81:43:08:4c:00:6f:0e:f7:33:09:37:
7a:96:42:bc:ca:fc:21:48:cf:31:62:76:cb:d9:bb:
c7:49:56:fd:17:f9:c0:e0:8e:9b:4f:b4:d8:63:e2:
5c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B5:A9:45:AD:EA:46:DD:55:21:22:B1:43:FB:D0:F4:F6:56:EE:37
X509v3 Authority Key Identifier:
keyid:BF:80:9A:7E:6C:A1:4D:0A:1A:97:66:73:E0:31:9E:34:E9:56:ED:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4CafmyhTQoal2Zz4DGeNOlW7T0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/tbWpRa3qRt1VISKxQ_vQ9PZW7jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/v4CafmyhTQoal2Zz4DGeNOlW7T0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.112.0/21
45.116.184.0/22
77.242.112.0/20
87.236.0.0/21
139.28.200.0/22
185.113.212.0/22
185.151.96.0/22
188.92.56.0/21
194.5.181.0/24
208.88.128.0/22
IPv6:
2a00:a000::/32
Signature Algorithm: sha256WithRSAEncryption
78:14:0a:ab:9a:4d:ef:f9:c3:71:99:e7:b7:50:6f:a4:2b:78:
c5:24:75:fc:e7:97:a0:db:fa:ac:56:fb:e4:c2:32:70:97:fe:
be:98:50:74:d9:41:30:84:ba:3a:65:1f:f5:f6:fd:4e:85:46:
10:12:b6:af:e4:ec:fb:d6:19:b2:83:d6:2b:92:d8:42:29:dd:
a9:1e:9f:9f:35:d9:fc:a4:da:69:0c:2c:d8:53:38:05:a3:b5:
3e:32:a9:bc:8b:cb:eb:80:0e:5e:fe:a8:9e:86:db:49:d7:fc:
1b:a0:cb:ae:2f:52:34:c3:83:71:c2:d9:08:68:20:9e:60:9c:
a7:68:bb:6b:9c:72:8c:8d:df:0c:f2:73:c5:ea:ed:24:27:73:
8b:a4:4b:a8:20:f2:b3:08:5a:5d:c4:72:fe:7f:dc:6d:8d:53:
8e:c7:70:af:56:d3:02:46:52:dd:83:d1:f7:2d:a4:7a:f0:96:
f0:f4:c0:88:cd:ec:72:82:56:55:c8:54:59:3f:f4:a0:3c:87:
4f:55:ba:b0:91:91:8e:29:a1:e6:41:16:c9:8c:bf:dc:6b:39:
c6:c0:9b:94:2f:ca:9a:98:64:64:3f:f0:89:b3:07:68:5b:ae:
30:ed:e5:b2:ba:85:7e:c3:b9:e4:bb:44:8c:e8:f8:a4:10:61:
61:d2:1a:d7
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYVvwpqARNp3yy9UGC5PFYwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODA5YTdlNmNhMTRkMGExYTk3NjY3M2UwMzE5ZTM0ZTk1
NmVkM2QwHhcNMjMwMTAxMjM1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWI1YTk0NWFkZWE0NmRkNTUyMTIyYjE0M2ZiZDBmNGY2NTZlZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJ2ucHownBZ4LfXh+a76Echyo7TY
WDA21qMpEyzVV5OA8Xl8imBbFe+C5jjLnpAKQngyqEmFaNLBlkEoi4satTIllvTp
0TbbU8/Li6f10wt6nRkn626yY9fqLPgcNBaBllOC/j+awI1UugfGvyJwS24d1DxG
6NPPhMBBgmGTLcp0HqkymJtWSCLgcPbEXj9qHz+JhmyMbfMIlujbQVkgDyELykP4
jMSIXhJ6LuG2nGXUmsP3SdGQqb83aJrK6LcvUvd3l24Lh7UlwWH0kobGoIiVyFE3
gUMITABvDvczCTd6lkK8yvwhSM8xYnbL2bvHSVb9F/nA4I6bT7TYY+Jc3wIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFLW1qUWt6kbdVSEisUP70PT2Vu43MB8GA1UdIwQY
MBaAFL+Amn5soU0KGpdmc+AxnjTpVu09MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRDYWZteWhUUW9hbDJaejRER2VOT2xXN1QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8zYTM4MmEtM2RkYS00Nzk2LWIzMjAt
M2ZkZmI0MTQwZjI0LzEvdGJXcFJhM3FSdDFWSVNLeFFfdlE5UFpXN2pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8zYTM4MmEtM2RkYS00Nzk2LWIzMjAtM2ZkZmI0MTQwZjI0
LzEvdjRDYWZteWhUUW9hbDJaejRER2VOT2xXN1QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDJetwAwQC
LXS4AwQETfJwAwQDV+wAAwQCixzIAwQCuXHUAwQCuZdgAwQDvFw4AwQAwgW1AwQC
0FiAMA0EAgACMAcDBQAqAKAAMA0GCSqGSIb3DQEBCwUAA4IBAQB4FAqrmk3v+cNx
mee3UG+kK3jFJHX855eg2/qsVvvkwjJwl/6+mFB02UEwhLo6ZR/19v1OhUYQErav
5Oz71hmyg9YrkthCKd2pHp+fNdn8pNppDCzYUzgFo7U+Mqm8i8vrgA5e/qiehttJ
1/wboMuuL1I0w4NxwtkIaCCeYJynaLtrnHKMjd8M8nPF6u0kJ3OLpEuoIPKzCFpd
xHL+f9xtjVOOx3CvVtMCRlLdg9H3LaR68Jbw9MCIzexyglZVyFRZP/SgPIdPVbqw
kZGOKaHmQRbJjL/caznGwJuUL8qamGRkP/CJswdoW64w7eWyuoV+w7nku0SM6Pik
EGFh0hrX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:00 2024 by rpki-client on console-ams.rpki-client.org