Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/bkHMaRFLSbLbnd8c4rn_YnPg_bY.roa
File: bkHMaRFLSbLbnd8c4rn_YnPg_bY.roa (raw, json)
Hash identifier: FG4FqYk7NnJUqTgh/7M3UUpMmLLXX0auoRk7DAqMWhQ=
Subject key identifier: 6E:41:CC:69:11:4B:49:B2:DB:9D:DF:1C:E2:B9:FF:62:73:E0:FD:B6
Certificate issuer: /CN=cfde85bbd478f5e842f4c4f8d85225d100e0f4df
Certificate serial: 0185730CB7BD5CA73B3B7405F241275ED2FE
Authority key identifier: CF:DE:85:BB:D4:78:F5:E8:42:F4:C4:F8:D8:52:25:D1:00:E0:F4:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z96Fu9R49ehC9MT42FIl0QDg9N8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/bkHMaRFLSbLbnd8c4rn_YnPg_bY.roa
Signing time: Mon 02 Jan 2023 15:14:51 +0000
ROA not before: Mon 02 Jan 2023 15:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 212.104.208.0/24 maxlen: 24
185.83.20.0/22 maxlen: 22
185.175.91.0/24 maxlen: 24
31.25.8.0/23 maxlen: 23
2a11:bd80::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:b7:bd:5c:a7:3b:3b:74:05:f2:41:27:5e:d2:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfde85bbd478f5e842f4c4f8d85225d100e0f4df
Validity
Not Before: Jan 2 15:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e41cc69114b49b2db9ddf1ce2b9ff6273e0fdb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ae:d1:74:6f:e5:bb:69:12:2f:fc:71:52:34:
3b:82:28:7a:10:4a:a1:d6:27:de:e1:62:71:b1:00:
78:23:f1:e8:6a:b5:4f:e8:48:4e:b5:69:5b:9b:84:
5c:9e:3f:26:e1:59:76:6c:7f:70:8b:fe:0c:bc:ba:
c8:a1:df:f7:b2:9b:1f:62:8b:4c:7a:8d:7e:6f:53:
79:35:26:2a:cf:3c:da:31:93:8d:f9:51:83:7e:db:
12:fc:eb:1b:f2:a1:cf:a0:fd:34:d0:b6:f1:f8:b8:
8e:04:f6:49:ce:87:02:56:0b:4b:b4:9d:38:aa:53:
28:ef:5c:14:c9:de:c1:fb:64:87:7a:4c:58:ab:9a:
56:16:48:83:2a:6a:d3:f7:f1:3d:df:8f:4d:23:34:
82:93:56:d2:25:83:41:e6:e7:b4:ce:4c:2b:bf:77:
d0:0d:1c:02:44:fe:67:a3:dc:bf:7d:6f:16:92:60:
fa:4e:ba:fc:fd:e3:fb:43:1d:b4:dd:1e:c9:42:c2:
fc:f6:5d:56:dc:ac:5a:fe:28:1b:0f:a0:a2:4c:8b:
8e:1b:89:22:c6:9f:92:13:90:b9:02:d0:48:94:ca:
99:fc:9d:4e:44:54:45:33:04:45:9c:ab:c0:c0:a4:
b2:3f:cc:32:64:db:31:cb:60:3f:3c:78:c8:21:85:
fd:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:41:CC:69:11:4B:49:B2:DB:9D:DF:1C:E2:B9:FF:62:73:E0:FD:B6
X509v3 Authority Key Identifier:
keyid:CF:DE:85:BB:D4:78:F5:E8:42:F4:C4:F8:D8:52:25:D1:00:E0:F4:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z96Fu9R49ehC9MT42FIl0QDg9N8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/bkHMaRFLSbLbnd8c4rn_YnPg_bY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/z96Fu9R49ehC9MT42FIl0QDg9N8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.8.0/23
185.83.20.0/22
185.175.91.0/24
212.104.208.0/24
IPv6:
2a11:bd80::/32
Signature Algorithm: sha256WithRSAEncryption
27:f5:fa:44:2c:40:86:ae:66:9a:50:80:21:54:b9:d6:f8:eb:
fd:2c:b6:4a:e2:91:1e:ea:c3:0d:cf:c8:44:ee:c0:5b:83:9f:
09:b8:9e:cb:fe:c9:03:f8:ac:37:f3:92:6f:45:7f:d2:5b:4e:
49:f3:48:24:72:e6:60:c8:7f:68:51:c8:ec:56:44:95:1b:c8:
9f:c0:b4:72:05:9d:cb:eb:48:02:34:c4:b5:9c:fc:14:23:c0:
2b:a8:7c:35:0f:e8:14:42:87:83:59:e3:82:3f:26:a7:3a:3e:
b5:1b:0a:29:30:d6:ff:c2:82:cf:ee:c6:2f:4b:aa:5f:78:82:
ca:ee:ad:d5:49:c7:94:a5:b5:5e:ca:57:ee:b3:84:dc:d7:e2:
b8:db:8a:75:e9:66:5c:65:1c:3b:7d:5b:b8:42:a4:54:53:82:
b2:a5:c4:eb:e9:19:1d:95:be:06:51:20:f0:d9:9c:d0:92:77:
d3:32:ec:fb:7e:ca:c8:17:b0:bc:09:ab:4b:f7:3a:0a:21:71:
44:ca:dd:3e:1a:3b:2f:27:52:57:d4:80:f4:29:8a:13:dd:47:
c8:99:d4:77:33:47:ab:cb:0e:3f:a5:56:bf:c5:aa:a5:b3:9b:
55:6b:1e:39:a8:c7:0f:96:a4:0c:a6:ba:86:cf:2f:3e:8c:f4:
44:30:4e:28
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVzDLe9XKc7O3QF8kEnXtL+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZGU4NWJiZDQ3OGY1ZTg0MmY0YzRmOGQ4NTIyNWQxMDBl
MGY0ZGYwHhcNMjMwMTAyMTUxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQxY2M2OTExNGI0OWIyZGI5ZGRmMWNlMmI5ZmY2MjczZTBmZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhK7RdG/lu2kSL/xxUjQ7gih6EEqh
1ife4WJxsQB4I/HoarVP6EhOtWlbm4Rcnj8m4Vl2bH9wi/4MvLrIod/3spsfYotM
eo1+b1N5NSYqzzzaMZON+VGDftsS/Osb8qHPoP000Lbx+LiOBPZJzocCVgtLtJ04
qlMo71wUyd7B+2SHekxYq5pWFkiDKmrT9/E9349NIzSCk1bSJYNB5ue0zkwrv3fQ
DRwCRP5no9y/fW8WkmD6Trr8/eP7Qx203R7JQsL89l1W3Kxa/igbD6CiTIuOG4ki
xp+SE5C5AtBIlMqZ/J1ORFRFMwRFnKvAwKSyP8wyZNsxy2A/PHjIIYX9dwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFG5BzGkRS0my253fHOK5/2Jz4P22MB8GA1UdIwQY
MBaAFM/ehbvUePXoQvTE+NhSJdEA4PTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejk2RnU5UjQ5ZWhDOU1UNDJGSWwwUURnOU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy81ZTI2MTktZDcyYi00MTBiLWI5ZTgt
ZjkzZDFmODE1YjdkLzEvYmtITWFSRkxTYkxibmQ4YzRybl9ZblBnX2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy81ZTI2MTktZDcyYi00MTBiLWI5ZTgtZjkzZDFmODE1Yjdk
LzEvejk2RnU5UjQ5ZWhDOU1UNDJGSWwwUURnOU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBHxkIAwQC
uVMUAwQAua9bAwQA1GjQMA0EAgACMAcDBQAqEb2AMA0GCSqGSIb3DQEBCwUAA4IB
AQAn9fpELECGrmaaUIAhVLnW+Ov9LLZK4pEe6sMNz8hE7sBbg58JuJ7L/skD+Kw3
85JvRX/SW05J80gkcuZgyH9oUcjsVkSVG8ifwLRyBZ3L60gCNMS1nPwUI8ArqHw1
D+gUQoeDWeOCPyanOj61GwopMNb/woLP7sYvS6pfeILK7q3VSceUpbVeylfus4Tc
1+K424p16WZcZRw7fVu4QqRUU4KypcTr6Rkdlb4GUSDw2ZzQknfTMuz7fsrIF7C8
CatL9zoKIXFEyt0+GjsvJ1JX1ID0KYoT3UfImdR3M0eryw4/pVa/xaqls5tVax45
qMcPlqQMprqGzy8+jPREME4o
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:36 2024 by rpki-client on console-fra.rpki-client.org