Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/1_VlGLp0iNa5g9ECX92HtRiUkNc.roa
File: 1_VlGLp0iNa5g9ECX92HtRiUkNc.roa (raw, json)
Hash identifier: Rbv62jZ+tD3WmwujHE5AsS2vlkgucig+MAou42d8V08=
Subject key identifier: D7:F5:65:18:BA:74:88:D6:B9:83:D1:02:5F:DD:87:B5:18:94:90:D7
Certificate issuer: /CN=ba0e1264e07b3708bcb9db5a14e7cc9270863958
Certificate serial: 01856F38FAB8D45F72DBC9748D1BA27165D4
Authority key identifier: BA:0E:12:64:E0:7B:37:08:BC:B9:DB:5A:14:E7:CC:92:70:86:39:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ug4SZOB7Nwi8udtaFOfMknCGOVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/1_VlGLp0iNa5g9ECX92HtRiUkNc.roa
Signing time: Sun 01 Jan 2023 21:24:43 +0000
ROA not before: Sun 01 Jan 2023 21:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50596
IP address blocks: 188.68.8.0/21 maxlen: 21
46.254.160.0/21 maxlen: 21
37.75.200.0/21 maxlen: 21
185.8.220.0/22 maxlen: 22
93.179.104.0/21 maxlen: 21
188.68.168.0/21 maxlen: 21
109.201.96.0/21 maxlen: 21
188.68.192.0/21 maxlen: 21
178.57.208.0/21 maxlen: 21
109.201.104.0/21 maxlen: 21
109.201.112.0/20 maxlen: 22
2a03:3cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 26 Dec 2023 10:16:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:38:fa:b8:d4:5f:72:db:c9:74:8d:1b:a2:71:65:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba0e1264e07b3708bcb9db5a14e7cc9270863958
Validity
Not Before: Jan 1 21:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7f56518ba7488d6b983d1025fdd87b5189490d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:09:d4:89:79:34:ed:d3:8e:16:03:66:18:73:
0e:a5:3c:9e:5e:4c:28:72:54:77:19:07:eb:f7:ae:
cf:a2:78:5e:49:9a:fa:a8:43:0a:97:4c:d1:9d:7d:
2a:f1:22:a3:66:64:6f:a8:4e:8f:87:32:07:7e:4f:
10:a4:dc:56:16:51:20:27:d9:dc:26:38:16:5f:54:
b7:df:0f:e1:c5:b6:d8:f4:d0:6b:7b:32:25:c8:03:
6d:4a:c0:d8:c3:9f:61:5e:ed:94:ea:c8:3e:78:d1:
90:9e:6a:e6:a7:77:e8:5b:9c:9b:98:57:10:d0:d8:
fb:ca:8c:95:25:2b:47:a9:30:26:ac:73:ac:16:16:
29:60:25:7e:63:c8:3c:ae:55:29:c1:1d:d8:d2:c2:
96:ce:f3:58:ee:dd:df:36:b2:bb:6c:10:70:fb:fc:
a2:54:4e:4a:0d:19:e3:41:dd:de:ca:21:c2:85:bd:
a8:cb:fe:2a:88:05:9b:13:ca:37:49:b2:21:50:a8:
2a:a5:e4:72:de:3d:77:b5:f0:12:0d:4c:bc:3c:9a:
04:e1:28:53:f2:b8:c9:bf:66:60:9f:52:ae:3b:3a:
68:bb:b5:cf:cc:92:9c:f3:f6:9d:8b:73:b6:a2:f2:
66:9e:15:72:4a:1f:f8:d4:7a:97:db:77:82:c0:23:
a8:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:F5:65:18:BA:74:88:D6:B9:83:D1:02:5F:DD:87:B5:18:94:90:D7
X509v3 Authority Key Identifier:
keyid:BA:0E:12:64:E0:7B:37:08:BC:B9:DB:5A:14:E7:CC:92:70:86:39:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ug4SZOB7Nwi8udtaFOfMknCGOVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/1_VlGLp0iNa5g9ECX92HtRiUkNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/64c2fa-df54-47ff-a8c9-bfe0ccb79fcc/1/ug4SZOB7Nwi8udtaFOfMknCGOVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.200.0/21
46.254.160.0/21
93.179.104.0/21
109.201.96.0/19
178.57.208.0/21
185.8.220.0/22
188.68.8.0/21
188.68.168.0/21
188.68.192.0/21
IPv6:
2a03:3cc0::/29
Signature Algorithm: sha256WithRSAEncryption
b1:89:1a:e6:5e:01:da:be:07:b1:b0:79:a4:78:15:f3:29:46:
dd:ac:07:4f:11:ce:40:81:1d:56:f8:dc:92:66:5e:b5:5a:a6:
ea:61:cd:19:ca:65:fb:f1:33:33:65:2c:ac:1c:69:7e:f9:bb:
44:b1:31:98:cc:e9:a1:c2:e2:2e:d5:0b:d4:40:ff:fe:f4:85:
0a:40:2e:bd:34:07:22:ba:5c:d1:5c:0a:ef:a3:8a:eb:f7:d4:
b4:3e:06:f9:e6:d9:2f:ae:0d:b2:ae:26:e6:b8:c3:56:88:62:
fd:2e:ad:cc:1c:4e:ad:6b:bf:9f:43:e0:8b:61:da:2e:05:ab:
15:58:b6:88:03:f0:1b:13:92:06:73:53:1b:42:97:ca:f5:1f:
1f:f4:0f:a7:ef:75:23:8a:02:39:1d:64:46:fc:1c:4a:2d:96:
ba:d7:11:70:87:66:56:c3:4b:68:c3:04:83:a3:24:60:e4:8a:
a5:73:66:86:7c:d0:8b:cf:17:b9:c1:95:ef:5c:4e:8a:0f:8c:
77:b8:45:31:ec:d0:20:48:f3:1b:28:80:9c:bd:ee:6c:d3:12:
8c:c3:23:52:77:9a:85:cb:a9:7e:7b:b4:c9:0e:5f:5b:14:0c:
4a:8f:fa:00:9c:e8:0b:bd:5a:6c:8c:dc:6f:78:51:2f:58:ad:
f0:dc:95:40
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVvOPq41F9y28l0jRuicWXUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMGUxMjY0ZTA3YjM3MDhiY2I5ZGI1YTE0ZTdjYzkyNzA4
NjM5NTgwHhcNMjMwMTAxMjEyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2Y1NjUxOGJhNzQ4OGQ2Yjk4M2QxMDI1ZmRkODdiNTE4OTQ5MGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgnUiXk07dOOFgNmGHMOpTyeXkwo
clR3GQfr967PonheSZr6qEMKl0zRnX0q8SKjZmRvqE6PhzIHfk8QpNxWFlEgJ9nc
JjgWX1S33w/hxbbY9NBrezIlyANtSsDYw59hXu2U6sg+eNGQnmrmp3foW5ybmFcQ
0Nj7yoyVJStHqTAmrHOsFhYpYCV+Y8g8rlUpwR3Y0sKWzvNY7t3fNrK7bBBw+/yi
VE5KDRnjQd3eyiHChb2oy/4qiAWbE8o3SbIhUKgqpeRy3j13tfASDUy8PJoE4ShT
8rjJv2Zgn1KuOzpou7XPzJKc8/adi3O2ovJmnhVySh/41HqX23eCwCOohQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFNf1ZRi6dIjWuYPRAl/dh7UYlJDXMB8GA1UdIwQY
MBaAFLoOEmTgezcIvLnbWhTnzJJwhjlYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWc0U1pPQjdOd2k4dWR0YUZPZk1rbkNHT1ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS82NGMyZmEtZGY1NC00N2ZmLWE4Yzkt
YmZlMGNjYjc5ZmNjLzEvMV9WbEdMcDBpTmE1ZzlFQ1g5Mkh0UmlVa05jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS82NGMyZmEtZGY1NC00N2ZmLWE4YzktYmZlMGNjYjc5ZmNj
LzEvdWc0U1pPQjdOd2k4dWR0YUZPZk1rbkNHT1ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDJUvIAwQD
Lv6gAwQDXbNoAwQFbclgAwQDsjnQAwQCuQjcAwQDvEQIAwQDvESoAwQDvETAMA0E
AgACMAcDBQMqAzzAMA0GCSqGSIb3DQEBCwUAA4IBAQCxiRrmXgHavgexsHmkeBXz
KUbdrAdPEc5AgR1W+NySZl61WqbqYc0ZymX78TMzZSysHGl++btEsTGYzOmhwuIu
1QvUQP/+9IUKQC69NAciulzRXArvo4rr99S0Pgb55tkvrg2yribmuMNWiGL9Lq3M
HE6ta7+fQ+CLYdouBasVWLaIA/AbE5IGc1MbQpfK9R8f9A+n73UjigI5HWRG/BxK
LZa61xFwh2ZWw0towwSDoyRg5Iqlc2aGfNCLzxe5wZXvXE6KD4x3uEUx7NAgSPMb
KICcve5s0xKMwyNSd5qFy6l+e7TJDl9bFAxKj/oAnOgLvVpsjNxveFEvWK3w3JVA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:39 2024 by rpki-client on console-ams.rpki-client.org