Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/ARCBnxXlAt_mjzX-8xqqwg9sooI.roa
File: ARCBnxXlAt_mjzX-8xqqwg9sooI.roa (raw, json)
Hash identifier: 0bb3mm1obuvyj74/j+6X+XbU/ZgsfCQQrujer3lRShg=
Subject key identifier: 01:10:81:9F:15:E5:02:DF:E6:8F:35:FE:F3:1A:AA:C2:0F:6C:A2:82
Certificate issuer: /CN=bc9f0b9ac1d5652f3dca1ef1623bf99ab29647df
Certificate serial: 018570F0AE425514AA7B6D5336D8021677BB
Authority key identifier: BC:9F:0B:9A:C1:D5:65:2F:3D:CA:1E:F1:62:3B:F9:9A:B2:96:47:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/ARCBnxXlAt_mjzX-8xqqwg9sooI.roa
Signing time: Mon 02 Jan 2023 05:24:59 +0000
ROA not before: Mon 02 Jan 2023 05:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47674
IP address blocks: 185.38.140.0/22 maxlen: 24
185.236.230.0/24 maxlen: 24
185.236.231.0/24 maxlen: 24
185.236.229.0/24 maxlen: 24
188.93.232.0/21 maxlen: 24
5.206.224.0/21 maxlen: 24
2a00:1c60::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Apr 2023 22:34:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:ae:42:55:14:aa:7b:6d:53:36:d8:02:16:77:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc9f0b9ac1d5652f3dca1ef1623bf99ab29647df
Validity
Not Before: Jan 2 05:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0110819f15e502dfe68f35fef31aaac20f6ca282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:10:a3:e7:8a:c1:ca:2d:32:3e:4c:c7:c8:59:
a1:a3:8b:f9:55:e3:08:e3:f4:5c:a2:48:cb:c4:67:
20:79:e8:0a:5d:fe:dd:2e:09:ad:35:30:d2:f5:98:
9f:ac:c3:91:e7:63:e9:10:1d:fd:8f:d5:50:51:7a:
76:15:63:fe:99:07:1b:ac:02:68:2b:31:4e:a7:88:
f5:65:5b:97:8d:33:f0:f8:e5:66:8a:70:4d:69:dc:
e9:97:50:23:40:9e:ac:aa:1d:f6:aa:48:69:fd:4b:
74:a7:8d:71:ea:58:d2:37:03:65:b4:62:d5:ef:9d:
91:61:8c:d2:92:5f:e6:18:8d:67:0b:69:13:08:36:
c7:d2:51:6a:dc:4f:37:22:a2:ac:40:71:6f:e5:f9:
1f:87:e7:f5:d5:25:e6:4e:69:5b:32:ef:83:58:da:
3a:2e:f4:d9:ed:99:6a:94:e0:a3:f9:a4:05:7f:c4:
1a:e3:a4:60:16:fb:80:86:af:29:b4:23:f0:a2:af:
eb:f8:b5:54:c4:d7:ff:d4:34:c5:61:e3:6f:ad:60:
06:c1:33:33:a3:fe:3a:64:f1:ee:5e:ac:1f:08:8f:
90:ae:f8:9d:86:39:7c:20:1a:8e:a0:9b:98:d8:c3:
42:88:b6:d8:9a:f1:45:de:a9:c9:b1:87:4d:3b:e9:
9c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:10:81:9F:15:E5:02:DF:E6:8F:35:FE:F3:1A:AA:C2:0F:6C:A2:82
X509v3 Authority Key Identifier:
keyid:BC:9F:0B:9A:C1:D5:65:2F:3D:CA:1E:F1:62:3B:F9:9A:B2:96:47:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/ARCBnxXlAt_mjzX-8xqqwg9sooI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/vJ8LmsHVZS89yh7xYjv5mrKWR98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.206.224.0/21
185.38.140.0/22
185.236.229.0-185.236.231.255
188.93.232.0/21
IPv6:
2a00:1c60::/32
Signature Algorithm: sha256WithRSAEncryption
8e:7e:21:59:ec:09:79:4e:35:07:e2:7d:b7:0a:64:3e:4b:7b:
87:7f:d4:87:1b:c6:87:93:cd:9d:57:2d:04:0d:99:db:70:41:
eb:18:92:5b:01:93:6a:57:26:2d:2e:50:b6:cd:06:7a:f5:a5:
61:4a:e8:41:dc:96:ff:ee:55:4d:e3:90:6f:b6:21:fd:96:6f:
81:eb:39:5f:d6:09:b6:01:4f:37:66:e2:d5:43:03:56:2a:28:
2f:8b:12:7c:d3:cd:25:03:cd:ce:d0:95:57:09:6e:d5:e5:4d:
53:b0:f7:f3:41:be:82:2d:05:9d:5b:a2:fa:6e:6c:97:1e:87:
6a:eb:9a:7d:1c:af:55:af:d2:13:1f:5b:53:38:d7:4d:90:96:
d5:a3:4e:4c:f4:62:72:80:99:66:4a:2a:80:b4:18:b8:c8:1d:
65:f6:74:bf:b4:60:d4:a6:1b:0c:cc:ca:62:32:81:63:11:c3:
ac:d9:88:53:be:4f:6d:e7:90:28:92:b3:c1:64:8f:03:2f:b9:
85:f3:28:f3:7e:1d:79:41:c2:c0:7e:5b:67:0d:ed:91:11:f3:
84:d3:25:e9:59:ca:78:a1:f0:8e:ff:e5:23:01:76:0c:fb:0f:
d6:ef:1a:90:07:51:6f:62:20:24:cb:44:90:42:29:f6:d7:ee:
ed:04:63:fa
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVw8K5CVRSqe21TNtgCFne7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOWYwYjlhYzFkNTY1MmYzZGNhMWVmMTYyM2JmOTlhYjI5
NjQ3ZGYwHhcNMjMwMTAyMDUyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTEwODE5ZjE1ZTUwMmRmZTY4ZjM1ZmVmMzFhYWFjMjBmNmNhMjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBCj54rByi0yPkzHyFmho4v5VeMI
4/RcokjLxGcgeegKXf7dLgmtNTDS9ZifrMOR52PpEB39j9VQUXp2FWP+mQcbrAJo
KzFOp4j1ZVuXjTPw+OVminBNadzpl1AjQJ6sqh32qkhp/Ut0p41x6ljSNwNltGLV
752RYYzSkl/mGI1nC2kTCDbH0lFq3E83IqKsQHFv5fkfh+f11SXmTmlbMu+DWNo6
LvTZ7ZlqlOCj+aQFf8Qa46RgFvuAhq8ptCPwoq/r+LVUxNf/1DTFYeNvrWAGwTMz
o/46ZPHuXqwfCI+Qrvidhjl8IBqOoJuY2MNCiLbYmvFF3qnJsYdNO+mcIwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFAEQgZ8V5QLf5o81/vMaqsIPbKKCMB8GA1UdIwQY
MBaAFLyfC5rB1WUvPcoe8WI7+ZqylkffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdko4TG1zSFZaUzg5eWg3eFlqdjVtcktXUjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80OTkyYjYtZmRhZS00YzlmLWJmM2Ut
OTVjODk0MmRmNzI0LzEvQVJDQm54WGxBdF9tanpYLTh4cXF3Zzlzb29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80OTkyYjYtZmRhZS00YzlmLWJmM2UtOTVjODk0MmRmNzI0
LzEvdko4TG1zSFZaUzg5eWg3eFlqdjVtcktXUjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQDBc7gAwQC
uSaMMAwDBAC57OUDBAO57OADBAO8XegwDQQCAAIwBwMFACoAHGAwDQYJKoZIhvcN
AQELBQADggEBAI5+IVnsCXlONQfifbcKZD5Le4d/1IcbxoeTzZ1XLQQNmdtwQesY
klsBk2pXJi0uULbNBnr1pWFK6EHclv/uVU3jkG+2If2Wb4HrOV/WCbYBTzdm4tVD
A1YqKC+LEnzTzSUDzc7QlVcJbtXlTVOw9/NBvoItBZ1bovpubJceh2rrmn0cr1Wv
0hMfW1M4102QltWjTkz0YnKAmWZKKoC0GLjIHWX2dL+0YNSmGwzMymIygWMRw6zZ
iFO+T23nkCiSs8FkjwMvuYXzKPN+HXlBwsB+W2cN7ZER84TTJelZynih8I7/5SMB
dgz7D9bvGpAHUW9iICTLRJBCKfbX7u0EY/o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:08 2024 by rpki-client on console-ams.rpki-client.org