Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/BEd7eiCzCvUcsOp36eDKx9HHqeU.roa
File: BEd7eiCzCvUcsOp36eDKx9HHqeU.roa (raw, json)
Hash identifier: Nypj+lmwF6P34XOJ+PFq3aQGXoD/Tqn75k1SOebtx5A=
Subject key identifier: 04:47:7B:7A:20:B3:0A:F5:1C:B0:EA:77:E9:E0:CA:C7:D1:C7:A9:E5
Certificate issuer: /CN=97429de8bcc3be474abbda2be2a89d0f3208c385
Certificate serial: 018C490876965E7E1C60638680F74F115CD0
Authority key identifier: 97:42:9D:E8:BC:C3:BE:47:4A:BB:DA:2B:E2:A8:9D:0F:32:08:C3:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0Kd6LzDvkdKu9or4qidDzIIw4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/BEd7eiCzCvUcsOp36eDKx9HHqeU.roa
Signing time: Fri 08 Dec 2023 10:45:40 +0000
ROA not before: Fri 08 Dec 2023 10:45:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41833
IP address blocks: 95.141.48.0/20 maxlen: 20
95.141.49.0/24 maxlen: 24
95.141.48.0/24 maxlen: 24
95.141.57.0/24 maxlen: 24
95.141.58.0/24 maxlen: 24
95.141.55.0/24 maxlen: 24
95.141.56.0/24 maxlen: 24
95.141.62.0/24 maxlen: 24
95.141.63.0/24 maxlen: 24
95.141.61.0/24 maxlen: 24
95.141.59.0/24 maxlen: 24
95.141.60.0/24 maxlen: 24
141.138.186.96/29 maxlen: 29
46.227.255.0/24 maxlen: 24
46.227.254.0/24 maxlen: 24
93.185.236.136/29 maxlen: 29
46.227.253.0/24 maxlen: 24
46.227.251.0/24 maxlen: 24
46.227.249.0/24 maxlen: 24
46.227.248.0/21 maxlen: 21
46.227.248.0/24 maxlen: 24
46.227.252.0/24 maxlen: 24
89.249.221.80/29 maxlen: 29
141.138.186.144/29 maxlen: 29
185.58.201.0/24 maxlen: 24
185.58.202.0/24 maxlen: 24
185.58.200.0/24 maxlen: 24
185.58.200.0/22 maxlen: 22
93.185.231.0/29 maxlen: 29
89.249.212.0/28 maxlen: 28
93.185.229.0/24 maxlen: 24
93.185.233.0/24 maxlen: 24
93.185.231.0/24 maxlen: 24
141.138.191.0/24 maxlen: 24
93.185.232.0/24 maxlen: 24
141.138.189.0/24 maxlen: 24
93.185.230.0/24 maxlen: 24
141.138.187.0/24 maxlen: 24
141.138.188.0/24 maxlen: 24
93.185.228.0/24 maxlen: 24
93.185.227.0/24 maxlen: 24
93.185.238.0/24 maxlen: 24
93.185.239.0/24 maxlen: 24
93.185.236.0/24 maxlen: 24
93.185.237.0/24 maxlen: 24
93.185.235.0/24 maxlen: 24
93.185.229.0/30 maxlen: 30
89.249.212.0/24 maxlen: 24
89.249.213.0/24 maxlen: 24
89.249.210.0/24 maxlen: 24
89.249.211.0/24 maxlen: 24
89.249.208.0/24 maxlen: 24
89.249.209.0/24 maxlen: 24
89.249.208.0/20 maxlen: 20
141.138.178.0/24 maxlen: 24
89.249.219.0/24 maxlen: 24
141.138.176.0/20 maxlen: 20
141.138.179.0/24 maxlen: 24
89.249.217.0/24 maxlen: 24
141.138.177.0/24 maxlen: 24
89.249.218.0/24 maxlen: 24
89.249.215.0/24 maxlen: 24
141.138.176.0/24 maxlen: 24
89.249.214.0/24 maxlen: 24
141.138.182.0/24 maxlen: 24
89.249.222.0/24 maxlen: 24
89.249.223.0/24 maxlen: 24
141.138.183.0/24 maxlen: 24
141.138.184.0/24 maxlen: 24
141.138.185.0/24 maxlen: 24
141.138.186.0/24 maxlen: 24
141.138.180.0/24 maxlen: 24
93.185.226.0/24 maxlen: 24
93.185.225.0/24 maxlen: 24
93.185.224.0/20 maxlen: 20
93.185.224.0/24 maxlen: 24
89.249.221.0/24 maxlen: 24
141.138.181.0/24 maxlen: 24
89.249.220.0/24 maxlen: 24
2a02:f50::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:49:08:76:96:5e:7e:1c:60:63:86:80:f7:4f:11:5c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97429de8bcc3be474abbda2be2a89d0f3208c385
Validity
Not Before: Dec 8 10:45:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04477b7a20b30af51cb0ea77e9e0cac7d1c7a9e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:39:bb:ad:c7:7b:0f:d9:e5:8e:73:e3:1f:3e:
f5:a1:40:1d:d6:4c:f4:e4:5d:da:2e:e0:0c:6c:48:
ee:0d:41:1f:8f:69:56:e6:69:b0:b6:21:a1:d1:1f:
43:cd:15:81:27:93:9c:ac:20:34:10:f3:a9:e9:da:
80:ee:b3:1e:b2:f3:19:02:c8:d8:16:25:1f:3e:b6:
ef:a6:be:49:fd:f1:57:7a:54:62:3e:c8:51:4a:21:
08:bf:e6:67:20:27:0d:4e:fd:a3:56:bb:f8:87:66:
9e:50:22:f9:b9:d1:41:7c:c9:02:c2:60:18:75:57:
2b:64:85:b8:65:b4:b8:72:67:95:ac:7c:16:d1:43:
66:58:f7:19:25:04:41:37:13:3f:06:17:85:98:d5:
63:b1:98:48:ee:8c:a3:24:8e:a8:c0:d2:da:f5:10:
d9:37:a3:28:4a:1f:96:e8:13:8b:fb:be:13:27:3e:
fb:a8:7e:e1:29:4c:4a:1e:b3:c9:ee:6f:52:ba:e6:
2d:ed:c7:55:cb:e7:c8:70:f6:2a:8a:04:d7:c1:76:
f0:f1:42:06:17:7b:60:5f:91:6a:00:11:17:3c:af:
29:1b:ea:04:a0:06:2e:20:25:18:f4:3d:be:04:df:
6b:7c:dc:57:3e:69:ff:93:2f:19:4a:38:5b:89:c2:
78:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:47:7B:7A:20:B3:0A:F5:1C:B0:EA:77:E9:E0:CA:C7:D1:C7:A9:E5
X509v3 Authority Key Identifier:
keyid:97:42:9D:E8:BC:C3:BE:47:4A:BB:DA:2B:E2:A8:9D:0F:32:08:C3:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0Kd6LzDvkdKu9or4qidDzIIw4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/BEd7eiCzCvUcsOp36eDKx9HHqeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/l0Kd6LzDvkdKu9or4qidDzIIw4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.248.0/21
89.249.208.0/20
93.185.224.0/20
95.141.48.0/20
141.138.176.0/20
185.58.200.0/22
IPv6:
2a02:f50::/32
Signature Algorithm: sha256WithRSAEncryption
c5:50:4b:6c:8f:f4:f0:d3:c2:b1:6d:c5:70:a6:4e:21:db:ef:
5f:c1:31:43:5c:01:63:90:06:04:58:a5:b7:99:5e:c3:6c:b0:
33:72:0e:77:3f:34:8b:05:e4:53:f3:f0:b0:6d:8c:54:a8:06:
10:d5:7f:43:fa:6a:1c:36:47:0c:af:37:e0:79:a2:05:78:4e:
64:d7:7d:24:72:34:0b:61:66:dd:e1:ec:1f:dd:c2:47:94:ac:
67:42:41:dd:ad:71:69:00:72:f9:e1:89:3c:ca:d9:4a:51:b6:
b1:d2:52:3b:fe:8e:5d:50:f9:c6:a8:51:f5:ab:11:58:fa:79:
0a:d2:5e:a3:7e:38:69:1a:cb:f9:d1:81:b1:09:63:6a:af:85:
a2:90:8a:65:d9:a7:e7:bb:40:04:72:ed:02:4f:bb:5e:60:bb:
9e:60:d6:dc:75:ae:66:fe:f9:10:da:5a:67:58:da:4d:74:53:
6d:34:84:90:ea:5c:3f:81:20:dd:f2:46:68:bd:84:ce:37:8d:
9b:99:6d:06:f1:a6:45:4d:e7:e2:f6:8d:d6:ec:3f:87:51:8f:
ce:ec:28:33:4b:2f:29:69:52:cd:37:95:13:3d:62:86:3e:3b:
54:74:7b:0e:0e:2a:94:11:42:68:dd:a5:8e:02:d9:5e:ed:46:
7e:60:29:ab
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYxJCHaWXn4cYGOGgPdPEVzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NDI5ZGU4YmNjM2JlNDc0YWJiZGEyYmUyYTg5ZDBmMzIw
OGMzODUwHhcNMjMxMjA4MTA0NTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDQ3N2I3YTIwYjMwYWY1MWNiMGVhNzdlOWUwY2FjN2QxYzdhOWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDm7rcd7D9nljnPjHz71oUAd1kz0
5F3aLuAMbEjuDUEfj2lW5mmwtiGh0R9DzRWBJ5OcrCA0EPOp6dqA7rMesvMZAsjY
FiUfPrbvpr5J/fFXelRiPshRSiEIv+ZnICcNTv2jVrv4h2aeUCL5udFBfMkCwmAY
dVcrZIW4ZbS4cmeVrHwW0UNmWPcZJQRBNxM/BheFmNVjsZhI7oyjJI6owNLa9RDZ
N6MoSh+W6BOL+74TJz77qH7hKUxKHrPJ7m9SuuYt7cdVy+fIcPYqigTXwXbw8UIG
F3tgX5FqABEXPK8pG+oEoAYuICUY9D2+BN9rfNxXPmn/ky8ZSjhbicJ4zwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFARHe3ogswr1HLDqd+ngysfRx6nlMB8GA1UdIwQY
MBaAFJdCnei8w75HSrvaK+KonQ8yCMOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDBLZDZMekR2a2RLdTlvcjRxaWREeklJdzRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC85OTExYWMtNGNmMi00ZWU1LThkNjMt
MDQ5YmRjNmI4ZWYzLzEvQkVkN2VpQ3pDdlVjc09wMzZlREt4OUhIcWVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC85OTExYWMtNGNmMi00ZWU1LThkNjMtMDQ5YmRjNmI4ZWYz
LzEvbDBLZDZMekR2a2RLdTlvcjRxaWREeklJdzRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLuP4AwQE
WfnQAwQEXbngAwQEX40wAwQEjYqwAwQCuTrIMA0EAgACMAcDBQAqAg9QMA0GCSqG
SIb3DQEBCwUAA4IBAQDFUEtsj/Tw08KxbcVwpk4h2+9fwTFDXAFjkAYEWKW3mV7D
bLAzcg53PzSLBeRT8/CwbYxUqAYQ1X9D+mocNkcMrzfgeaIFeE5k130kcjQLYWbd
4ewf3cJHlKxnQkHdrXFpAHL54Yk8ytlKUbax0lI7/o5dUPnGqFH1qxFY+nkK0l6j
fjhpGsv50YGxCWNqr4WikIpl2afnu0AEcu0CT7teYLueYNbcda5m/vkQ2lpnWNpN
dFNtNISQ6lw/gSDd8kZovYTON42bmW0G8aZFTefi9o3W7D+HUY/O7CgzSy8paVLN
N5UTPWKGPjtUdHsODiqUEUJo3aWOAtle7UZ+YCmr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:42 2024 by rpki-client on console-ams.rpki-client.org