Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/BQDpOlQG6Tf2tUYkUFAYOwYNks0.roa
File: BQDpOlQG6Tf2tUYkUFAYOwYNks0.roa (raw, json)
Hash identifier: jxlhzQuagMrZjX2c3NZ55XSEpg4f0PepymRENH4oCxE=
Subject key identifier: 05:00:E9:3A:54:06:E9:37:F6:B5:46:24:50:50:18:3B:06:0D:92:CD
Certificate issuer: /CN=331bce2ee806e93621112dbd618536f775f44fba
Certificate serial: 018CCA2B9C3636E07B16ED3F9CA4AA5CB1E4
Authority key identifier: 33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/BQDpOlQG6Tf2tUYkUFAYOwYNks0.roa
Signing time: Tue 02 Jan 2024 12:35:04 +0000
ROA not before: Tue 02 Jan 2024 12:35:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 185.122.202.0/24 maxlen: 24
185.122.200.0/24 maxlen: 24
185.122.201.0/24 maxlen: 24
185.122.203.0/24 maxlen: 24
185.198.72.0/24 maxlen: 24
185.198.75.0/24 maxlen: 24
185.198.74.0/24 maxlen: 24
185.130.57.0/24 maxlen: 24
185.130.58.0/24 maxlen: 24
185.130.59.0/24 maxlen: 24
2a07:cd00::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 20 Feb 2024 09:07:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:9c:36:36:e0:7b:16:ed:3f:9c:a4:aa:5c:b1:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=331bce2ee806e93621112dbd618536f775f44fba
Validity
Not Before: Jan 2 12:35:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0500e93a5406e937f6b546245050183b060d92cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f8:1f:30:7b:4d:ed:2b:73:44:a7:b4:22:ce:
f3:d1:c7:4b:1f:6b:85:43:ff:1b:9e:99:a0:eb:32:
34:46:72:1f:b6:e4:cb:dc:5c:98:8e:f2:bf:85:e6:
3e:2a:60:00:c0:cb:f5:43:f3:02:80:85:47:50:c4:
7e:b7:60:46:1a:76:0f:11:f2:ca:05:7d:2b:ab:8d:
e2:00:22:5f:3e:d8:a6:f8:bd:ff:31:b9:d3:0f:f3:
06:b3:64:22:4e:4e:a7:dd:ad:d5:b3:4d:0c:3e:01:
ef:25:06:eb:22:59:8e:e3:18:b8:58:24:2f:e7:1b:
a0:a4:c1:be:23:2d:01:6a:16:ab:d5:3b:64:cf:43:
44:02:10:41:2a:04:a5:b7:d4:f5:4b:6d:1b:12:d5:
7f:3e:9c:47:b8:88:5c:30:17:66:bf:40:b9:fb:03:
d8:6e:64:8f:8e:01:5e:36:85:78:a2:4a:ed:a5:32:
42:2f:7f:eb:67:ef:c8:40:32:0b:82:7a:7e:a3:b6:
99:a8:2d:dc:0d:5a:50:05:f3:24:06:41:ca:89:53:
c5:47:5b:ca:2b:45:dd:cc:e8:90:a2:cb:e4:12:c1:
ad:7c:02:e2:ba:09:93:4f:50:eb:fe:71:95:38:42:
4c:29:a7:f5:f3:a0:49:50:37:2d:46:b6:72:a1:0c:
ac:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:00:E9:3A:54:06:E9:37:F6:B5:46:24:50:50:18:3B:06:0D:92:CD
X509v3 Authority Key Identifier:
keyid:33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/BQDpOlQG6Tf2tUYkUFAYOwYNks0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.200.0/22
185.130.57.0-185.130.59.255
185.198.72.0/24
185.198.74.0/23
IPv6:
2a07:cd00::/48
Signature Algorithm: sha256WithRSAEncryption
87:9d:c9:a1:87:50:28:de:1d:fe:66:a5:d3:a4:17:6b:9a:65:
d6:fc:bd:61:50:c0:37:ad:17:1b:ac:f4:ef:ed:19:63:4f:a6:
eb:66:b8:a6:81:44:58:f3:94:c6:59:09:81:53:bf:ce:32:5e:
81:a9:d3:40:5d:77:cc:4e:d3:3d:10:22:2d:f6:47:36:63:2b:
51:7f:4a:b7:85:f4:0f:48:c8:41:b6:07:c7:25:60:ff:c7:a5:
9b:ec:2c:99:18:6d:de:ae:1e:c5:31:ca:7e:6f:e2:01:ab:22:
01:ac:76:45:f4:73:f9:8d:07:eb:24:d4:5d:5e:0c:b0:d4:bd:
a9:b3:0a:bc:a7:c6:26:3c:b2:c8:ea:ff:d3:97:53:c9:bb:a1:
09:be:5c:d0:2a:7d:4b:78:d6:f9:85:0d:b1:a3:de:e7:fb:d1:
e5:84:4b:bc:b8:10:e4:f7:8e:a2:b3:2a:2f:bb:be:3e:a5:77:
3d:69:f7:bf:eb:1d:d9:d2:f7:c5:ac:c9:87:8c:50:16:6f:20:
46:da:2a:c1:f9:1b:84:9f:e7:4c:06:e9:40:ed:2c:bb:da:c9:
ce:75:27:1d:a0:b2:34:be:f5:55:2d:c1:97:f2:97:14:68:7d:
32:0f:0f:6b:8f:f8:56:69:40:81:e0:0c:95:1b:48:9d:74:a9:
73:9d:d6:13
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYzKK5w2NuB7Fu0/nKSqXLHkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMWJjZTJlZTgwNmU5MzYyMTExMmRiZDYxODUzNmY3NzVm
NDRmYmEwHhcNMjQwMTAyMTIzNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTAwZTkzYTU0MDZlOTM3ZjZiNTQ2MjQ1MDUwMTgzYjA2MGQ5MmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvgfMHtN7StzRKe0Is7z0cdLH2uF
Q/8bnpmg6zI0RnIftuTL3FyYjvK/heY+KmAAwMv1Q/MCgIVHUMR+t2BGGnYPEfLK
BX0rq43iACJfPtim+L3/MbnTD/MGs2QiTk6n3a3Vs00MPgHvJQbrIlmO4xi4WCQv
5xugpMG+Iy0Bahar1Ttkz0NEAhBBKgSlt9T1S20bEtV/PpxHuIhcMBdmv0C5+wPY
bmSPjgFeNoV4okrtpTJCL3/rZ+/IQDILgnp+o7aZqC3cDVpQBfMkBkHKiVPFR1vK
K0XdzOiQosvkEsGtfALiugmTT1Dr/nGVOEJMKaf186BJUDctRrZyoQysNwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFAUA6TpUBuk39rVGJFBQGDsGDZLNMB8GA1UdIwQY
MBaAFDMbzi7oBuk2IREtvWGFNvd19E+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYt
YWVhYzE2MjI3YzI1LzEvQlFEcE9sUUc2VGYydFVZa1VGQVlPd1lOa3MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYtYWVhYzE2MjI3YzI1
LzEvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgAwQCuXrIMAwD
BAC5gjkDBAK5gjgDBAC5xkgDBAG5xkowDwQCAAIwCQMHACoHzQAAADANBgkqhkiG
9w0BAQsFAAOCAQEAh53JoYdQKN4d/mal06QXa5pl1vy9YVDAN60XG6z07+0ZY0+m
62a4poFEWPOUxlkJgVO/zjJeganTQF13zE7TPRAiLfZHNmMrUX9Kt4X0D0jIQbYH
xyVg/8elm+wsmRht3q4exTHKfm/iAasiAax2RfRz+Y0H6yTUXV4MsNS9qbMKvKfG
JjyyyOr/05dTybuhCb5c0Cp9S3jW+YUNsaPe5/vR5YRLvLgQ5PeOorMqL7u+PqV3
PWn3v+sd2dL3xazJh4xQFm8gRtoqwfkbhJ/nTAbpQO0su9rJznUnHaCyNL71VS3B
l/KXFGh9Mg8Pa4/4VmlAgeAMlRtInXSpc53WEw==
-----END CERTIFICATE-----
Generated at Tue Feb 20 12:20:06 2024 by rpki-client on console-ams.rpki-client.org