Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BrmzHUNBG3yXycuPVLnyhxjroYU.roa
File: BrmzHUNBG3yXycuPVLnyhxjroYU.roa (raw, json)
Hash identifier: 9HOHdihSpD9VPU2uPL1DLBCFH3nvzQ5IJAjoVaoz/oo=
Subject key identifier: 06:B9:B3:1D:43:41:1B:7C:97:C9:CB:8F:54:B9:F2:87:18:EB:A1:85
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018B0FF9FF857060E1892F7B311B800747F6
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BrmzHUNBG3yXycuPVLnyhxjroYU.roa
Signing time: Sun 08 Oct 2023 15:48:43 +0000
ROA not before: Sun 08 Oct 2023 15:48:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 09 Oct 2023 10:31:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0f:f9:ff:85:70:60:e1:89:2f:7b:31:1b:80:07:47:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 8 15:48:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06b9b31d43411b7c97c9cb8f54b9f28718eba185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:43:25:b6:10:4c:0b:24:ae:5b:a9:0b:8f:31:
ad:4e:83:79:a7:fb:4b:22:86:7c:8d:96:63:81:ec:
11:89:99:fa:cb:d4:1e:73:97:c2:59:e2:0c:b5:25:
23:99:89:9b:e7:2a:32:86:32:fe:a0:f0:c6:e5:6d:
21:14:0f:41:e8:f6:9d:6b:40:17:56:bf:4a:13:6e:
77:43:f0:e1:c1:a0:d7:05:78:ff:88:e0:36:8b:55:
21:90:92:52:64:61:e1:ce:c4:3f:35:67:70:db:fd:
2f:51:40:27:4b:6f:e9:b2:d4:22:e7:58:3a:84:e7:
2e:bf:94:9e:99:92:ed:cd:9d:de:f4:33:dd:04:ff:
b6:fe:b5:1b:59:7b:4f:f7:ac:51:17:14:c5:5c:6a:
6c:0d:85:28:1e:a2:d0:91:49:c8:8e:cf:9a:ef:ca:
10:d3:44:bc:5a:0b:57:db:8c:29:ef:f2:a9:d6:28:
3f:e8:53:8a:6f:d3:05:05:a9:70:23:b7:a4:41:06:
56:bd:a8:24:99:21:aa:01:d5:01:79:6f:27:3b:c8:
30:d1:f6:54:61:26:fc:c9:d1:91:e8:18:73:57:cb:
59:04:6d:ad:73:0b:53:c0:6f:11:ab:67:bf:d2:22:
ab:ef:e9:9d:83:51:8f:74:96:3b:1d:fc:9a:d8:34:
1d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B9:B3:1D:43:41:1B:7C:97:C9:CB:8F:54:B9:F2:87:18:EB:A1:85
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BrmzHUNBG3yXycuPVLnyhxjroYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.113.0/24
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
b8:94:5a:df:1b:32:5c:17:8a:64:9b:d5:e1:05:fb:8e:73:ad:
45:3d:57:57:4a:33:fe:41:ea:95:5c:1f:06:08:57:13:22:04:
65:92:9e:b3:97:15:c9:1d:99:c3:da:1e:47:32:65:fa:ca:e6:
db:3f:14:fd:78:9a:71:68:d2:14:27:df:17:92:a5:09:17:7d:
fc:8f:cd:09:71:29:56:6d:06:c2:40:5b:f2:4b:5d:ba:6f:98:
44:9b:a8:b9:90:50:a4:0d:a0:0f:66:54:7b:d5:0d:ef:f8:80:
0a:99:79:b9:f7:e7:6e:58:2b:0b:4a:d9:28:62:be:34:45:43:
4c:d3:63:7a:63:a4:a6:a4:bb:35:aa:c1:a4:6e:0e:48:78:7d:
05:f2:c8:85:62:70:c1:dc:16:49:93:8c:44:4d:06:db:25:f4:
12:e8:b4:49:9e:29:e1:26:f0:db:a6:31:5e:c9:dd:80:f6:ab:
3c:03:38:c4:71:bd:46:26:b7:1a:64:d9:3d:fd:6b:f7:90:9b:
d7:80:b6:85:93:d3:42:b1:04:41:7e:a5:a0:10:91:ef:5c:f9:
76:c6:4a:94:4a:93:67:b7:9b:4d:e5:34:2d:bb:3f:2d:77:0b:
e8:80:17:ea:2a:48:7d:c2:b8:f5:6d:05:6e:73:f3:b5:cf:35:
ae:cf:97:7f
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAYsP+f+FcGDhiS97MRuAB0f2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMDA4MTU0ODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmI5YjMxZDQzNDExYjdjOTdjOWNiOGY1NGI5ZjI4NzE4ZWJhMTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokMlthBMCySuW6kLjzGtToN5p/tL
IoZ8jZZjgewRiZn6y9Qec5fCWeIMtSUjmYmb5yoyhjL+oPDG5W0hFA9B6Pada0AX
Vr9KE253Q/DhwaDXBXj/iOA2i1UhkJJSZGHhzsQ/NWdw2/0vUUAnS2/pstQi51g6
hOcuv5SemZLtzZ3e9DPdBP+2/rUbWXtP96xRFxTFXGpsDYUoHqLQkUnIjs+a78oQ
00S8WgtX24wp7/Kp1ig/6FOKb9MFBalwI7ekQQZWvagkmSGqAdUBeW8nO8gw0fZU
YSb8ydGR6BhzV8tZBG2tcwtTwG8Rq2e/0iKr7+mdg1GPdJY7Hfya2DQdRwIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFAa5sx1DQRt8l8nLj1S58ocY66GFMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvQnJtekhVTkJHM3lYeWN1UFZMbnloeGpyb1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHWBggrBgEFBQcBBwEB/wSBxjCBwzCBlQQCAAEwgY4DBAAF
tVcDBAAtCR0DBAAtUXEDBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AC2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AMEe8AMEAcEe8gMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgAC
MCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0B
AQsFAAOCAQEAuJRa3xsyXBeKZJvV4QX7jnOtRT1XV0oz/kHqlVwfBghXEyIEZZKe
s5cVyR2Zw9oeRzJl+srm2z8U/XiacWjSFCffF5KlCRd9/I/NCXEpVm0GwkBb8ktd
um+YRJuouZBQpA2gD2ZUe9UN7/iACpl5uffnblgrC0rZKGK+NEVDTNNjemOkpqS7
NarBpG4OSHh9BfLIhWJwwdwWSZOMRE0G2yX0Eui0SZ4p4Sbw26YxXsndgParPAM4
xHG9Ria3GmTZPf1r95Cb14C2hZPTQrEEQX6loBCR71z5dsZKlEqTZ7ebTeU0Lbs/
LXcL6IAX6ipIfcK49W0FbnPztc81rs+Xfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org