Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/vBmEOao65Zmb0cqugiyDnWBOvxw.roa
File: vBmEOao65Zmb0cqugiyDnWBOvxw.roa (raw, json)
Hash identifier: rtnTRkyicqiEWuKukxwX02Hj5knwTf2MbnSJ0bWaaXo=
Subject key identifier: BC:19:84:39:AA:3A:E5:99:9B:D1:CA:AE:82:2C:83:9D:60:4E:BF:1C
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01888C27B4B2FDCE3BB8889B99213534A505
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/vBmEOao65Zmb0cqugiyDnWBOvxw.roa
Signing time: Mon 05 Jun 2023 15:23:12 +0000
ROA not before: Mon 05 Jun 2023 15:23:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
78.108.216.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.31.140.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
193.105.184.0/24 maxlen: 24
45.90.144.0/22 maxlen: 24
194.56.226.0/24 maxlen: 24
194.56.224.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.234.74.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
2a0b:7080:10::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b82::/44 maxlen: 44
2a0b:b85::/32 maxlen: 32
2a0b:b87:fff0::/44 maxlen: 44
2a0b:b87:ff12::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:b87:ffda::/48 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0d:77c7::/32 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b84::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8c:27:b4:b2:fd:ce:3b:b8:88:9b:99:21:35:34:a5:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jun 5 15:23:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc198439aa3ae5999bd1caae822c839d604ebf1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:78:35:92:b8:bd:93:7f:7b:48:40:9a:3f:96:
6d:d4:f0:5f:c2:80:e3:b8:4e:b2:97:02:84:12:15:
84:84:95:57:3b:71:1b:13:c7:6f:4b:71:eb:f3:de:
30:6b:9a:86:24:da:fa:70:9c:67:98:2a:af:ba:fe:
0f:f4:15:b2:f4:5b:a7:0a:ae:bb:fb:81:ae:a5:de:
72:d0:29:f5:df:94:ff:35:24:df:cf:7f:e0:1f:60:
35:c8:23:71:9d:0e:d8:61:cc:ee:70:3e:02:b7:f0:
cd:08:23:09:da:6f:ed:d0:ab:90:52:6e:dd:e0:57:
7b:bc:a4:3d:4d:2d:1f:ef:57:95:81:24:ff:22:00:
38:92:92:af:e2:be:c6:3c:9b:3a:db:f4:34:d5:fe:
51:7c:89:81:34:b5:0c:59:55:6c:1d:36:30:b9:e3:
7f:b0:76:e4:4c:91:66:32:78:41:8e:fd:2a:36:09:
fd:2a:f9:cd:fd:62:ca:0c:b4:66:6a:3c:c4:9f:78:
13:23:0a:7d:2e:3d:aa:da:22:65:4c:58:a0:67:1b:
59:dc:b6:07:2c:23:e1:89:17:c3:d5:76:06:ad:27:
ed:f4:d3:55:29:78:73:7b:37:53:00:a6:fd:85:1f:
57:c9:92:7d:50:b2:ca:b1:8f:58:70:f6:d2:05:08:
ec:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:19:84:39:AA:3A:E5:99:9B:D1:CA:AE:82:2C:83:9D:60:4E:BF:1C
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/vBmEOao65Zmb0cqugiyDnWBOvxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.221.192.0/22
194.31.140.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::/31
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c7::/32
Signature Algorithm: sha256WithRSAEncryption
78:72:01:56:3f:96:c2:c2:17:c1:08:33:b0:ad:fd:57:24:47:
4d:93:89:90:62:2f:d8:38:3f:82:fb:4a:ab:a3:91:84:05:5f:
9a:bc:65:fb:ca:8c:22:bd:ae:e6:af:ca:45:76:6f:ab:7f:07:
27:c0:95:4f:3a:32:cc:f8:12:2a:db:64:9d:bd:3a:f5:24:17:
5d:35:c5:78:fd:5b:19:ef:94:51:bc:f4:a3:7a:0f:b3:e1:db:
60:d6:80:24:74:07:d4:8a:6f:26:83:6c:c7:86:35:3a:a3:4a:
1f:5e:69:a3:be:b6:e4:a3:7e:a9:4c:05:80:7e:aa:1d:03:6d:
a9:f0:0c:0d:d0:a6:c7:d7:25:7e:9c:33:52:0e:b5:d1:70:e9:
5f:43:73:02:23:64:e2:a7:55:5d:f4:5e:aa:f1:42:04:2b:66:
f3:9c:a2:db:84:a5:39:82:f0:a4:e0:ff:3f:01:6d:f6:e7:aa:
f8:dc:6e:fd:e3:03:99:03:4a:46:2c:e2:7f:7a:79:78:25:2c:
5c:27:9a:0f:81:b2:9c:a5:2f:12:e1:bc:ca:39:3b:04:5a:4d:
33:51:2e:5c:f0:f7:6e:e7:2c:ab:0e:b8:89:30:96:51:c6:b7:
05:fd:52:c3:ba:99:a9:8b:68:03:d1:8f:c9:d3:54:93:43:0e:
bc:47:ef:95
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAYiMJ7Sy/c47uIibmSE1NKUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwNjA1MTUyMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzE5ODQzOWFhM2FlNTk5OWJkMWNhYWU4MjJjODM5ZDYwNGViZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnng1kri9k397SECaP5Zt1PBfwoDj
uE6ylwKEEhWEhJVXO3EbE8dvS3Hr894wa5qGJNr6cJxnmCqvuv4P9BWy9FunCq67
+4Gupd5y0Cn135T/NSTfz3/gH2A1yCNxnQ7YYczucD4Ct/DNCCMJ2m/t0KuQUm7d
4Fd7vKQ9TS0f71eVgST/IgA4kpKv4r7GPJs62/Q01f5RfImBNLUMWVVsHTYwueN/
sHbkTJFmMnhBjv0qNgn9KvnN/WLKDLRmajzEn3gTIwp9Lj2q2iJlTFigZxtZ3LYH
LCPhiRfD1XYGrSft9NNVKXhzezdTAKb9hR9XyZJ9ULLKsY9YcPbSBQjsawIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFLwZhDmqOuWZm9HKroIsg51gTr8cMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvdkJtRU9hbzY1Wm1iMGNxdWdpeURuV0JPdnh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgZcEAgABMIGQAwQC
AjikAwQCLVEUAwQCLVqQAwQCLYzcAwQCLZrEAwQCTVPwAwQCTmzYAwQCU490AwQC
VcqgAwQCWb6cAwQCstqQAwQCubkoAwQCubpAAwQCueNEAwQCuepIAwQCufLgAwQC
wR8cAwQCwSJMAwQAwWm4AwQCwd3AAwQCwh+MAwQCwjIQAwQCwjjgAwQC1GsMMF4E
AgACMFgDBwQqCwuCAAADBQEqCwuEAwcAKgsLh/8SAwcAKgsLh/+0AwcAKgsLh//a
AwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABADBwYqC3CAAAADBQAqDXfHMA0G
CSqGSIb3DQEBCwUAA4IBAQB4cgFWP5bCwhfBCDOwrf1XJEdNk4mQYi/YOD+C+0qr
o5GEBV+avGX7yowiva7mr8pFdm+rfwcnwJVPOjLM+BIq22SdvTr1JBddNcV4/VsZ
75RRvPSjeg+z4dtg1oAkdAfUim8mg2zHhjU6o0ofXmmjvrbko36pTAWAfqodA22p
8AwN0KbH1yV+nDNSDrXRcOlfQ3MCI2Tip1Vd9F6q8UIEK2bznKLbhKU5gvCk4P8/
AW3256r43G794wOZA0pGLOJ/enl4JSxcJ5oPgbKcpS8S4bzKOTsEWk0zUS5c8Pdu
5yyrDriJMJZRxrcF/VLDupmpi2gD0Y/J01STQw68R++V
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:39 2023 by rpki-client on console-fra.rpki-client.org