Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/G_bonVo3vU5STPF8F3753c312XM.roa
File: G_bonVo3vU5STPF8F3753c312XM.roa (raw, json)
Hash identifier: u+TNvFlGfmf1q4mZ4DcQrDOAQvvVOPMDspXhL6AGla8=
Subject key identifier: 1B:F6:E8:9D:5A:37:BD:4E:52:4C:F1:7C:17:7E:F9:DD:CD:F5:D9:73
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 018CC7952BB696894659BCDB05F41C03DE66
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/G_bonVo3vU5STPF8F3753c312XM.roa
Signing time: Tue 02 Jan 2024 00:31:31 +0000
ROA not before: Tue 02 Jan 2024 00:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60150
IP address blocks: 185.96.56.0/22 maxlen: 24
194.38.48.0/22 maxlen: 24
193.168.200.0/22 maxlen: 24
193.160.220.0/22 maxlen: 24
185.136.16.0/22 maxlen: 24
147.185.196.0/23 maxlen: 24
147.185.206.0/23 maxlen: 24
207.244.196.0/22 maxlen: 24
43.240.148.0/22 maxlen: 24
207.244.208.0/22 maxlen: 24
45.12.100.0/22 maxlen: 24
2a07:5b40::/29 maxlen: 48
2a05:ff00::/29 maxlen: 48
Validation: Failed, certificate revoked on Sun 08 Sep 2024 18:28:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:2b:b6:96:89:46:59:bc:db:05:f4:1c:03:de:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Jan 2 00:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bf6e89d5a37bd4e524cf17c177ef9ddcdf5d973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:63:32:34:14:87:76:46:bb:4b:bd:bd:76:9b:
bb:3b:a4:f5:3f:e4:dd:17:89:a2:c6:1a:41:2d:2c:
88:12:66:78:f2:48:e0:18:8a:d1:4d:37:88:12:43:
d9:3d:21:92:0b:7c:b4:fd:3e:32:4c:14:ad:ad:09:
9b:f8:14:64:a1:7e:08:77:0d:2c:25:a3:69:2d:06:
44:52:7b:30:22:a8:64:27:8f:f7:fa:d0:44:e3:ed:
8f:f8:dc:da:c3:a9:48:e5:8f:6a:15:c4:ac:d4:94:
5a:9c:e7:c7:6f:40:b8:c4:6c:4e:64:21:10:6b:dc:
24:79:0f:4c:43:a5:51:39:26:eb:88:42:de:05:71:
d8:94:be:26:14:b7:e8:5a:c3:0e:59:a3:96:dc:82:
59:e2:29:c8:5b:b0:a9:64:86:19:0c:89:23:79:35:
80:19:7f:af:a1:2e:c5:60:1d:44:1a:c3:f4:3c:d7:
db:4d:a1:99:3f:91:71:bc:6e:8a:75:89:6a:16:a5:
ea:8c:23:a0:0e:17:b8:76:58:1a:17:99:3d:f6:92:
94:de:7a:33:ad:c3:6a:6b:50:1a:09:39:b0:2d:4f:
f7:e9:24:00:cb:de:32:35:68:bc:2c:04:df:e6:e4:
1f:af:64:97:b2:4b:e5:3f:24:8f:cb:06:e8:c7:7f:
1f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:F6:E8:9D:5A:37:BD:4E:52:4C:F1:7C:17:7E:F9:DD:CD:F5:D9:73
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/G_bonVo3vU5STPF8F3753c312XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.148.0/22
45.12.100.0/22
147.185.196.0/23
147.185.206.0/23
185.96.56.0/22
185.136.16.0/22
193.160.220.0/22
193.168.200.0/22
194.38.48.0/22
207.244.196.0/22
207.244.208.0/22
IPv6:
2a05:ff00::/29
2a07:5b40::/29
Signature Algorithm: sha256WithRSAEncryption
33:45:6c:2e:c8:92:dd:74:82:63:94:8d:23:95:d7:3a:8c:e9:
ba:a0:17:01:b7:42:24:0c:07:ed:e8:40:03:65:ee:c2:63:04:
bd:16:7e:84:fd:45:07:10:98:29:91:83:85:a5:38:71:17:06:
47:b4:ed:65:03:ee:74:10:69:8b:9e:1d:be:f4:5d:7f:7c:80:
e4:b8:35:b7:92:f2:9c:d8:eb:89:7d:36:90:1c:f5:8a:ee:a0:
44:3d:df:e9:78:ef:9a:57:11:5e:62:1e:6b:9b:09:67:98:83:
8f:88:b2:50:66:f9:e5:f9:f2:13:56:c9:01:36:77:17:17:59:
db:65:bd:69:37:97:55:d0:32:bf:9b:69:df:77:5d:28:58:f4:
98:d8:90:5c:37:70:8e:f9:5b:f2:c8:9f:2b:16:a9:69:2c:46:
0a:9f:5f:f4:c9:f0:f4:76:c3:72:d6:e1:c8:c1:b1:50:1b:a1:
e3:c3:ca:01:3e:3e:a9:f0:c0:70:df:4b:e1:fd:5d:ab:a6:a0:
df:04:a3:31:6a:cd:40:4e:3c:c2:b1:7f:89:0b:3b:9c:49:6f:
d4:82:3d:4e:eb:c3:fa:34:e6:ad:8a:b9:b7:93:8c:b8:bd:5e:
4f:ce:fd:3b:45:f0:d3:51:53:96:1c:5a:3a:c3:f8:87:ec:0e:
5c:3d:5d:92
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYzHlSu2lolGWbzbBfQcA95mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjQwMTAyMDAzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmY2ZTg5ZDVhMzdiZDRlNTI0Y2YxN2MxNzdlZjlkZGNkZjVkOTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWMyNBSHdka7S729dpu7O6T1P+Td
F4mixhpBLSyIEmZ48kjgGIrRTTeIEkPZPSGSC3y0/T4yTBStrQmb+BRkoX4Idw0s
JaNpLQZEUnswIqhkJ4/3+tBE4+2P+Nzaw6lI5Y9qFcSs1JRanOfHb0C4xGxOZCEQ
a9wkeQ9MQ6VROSbriELeBXHYlL4mFLfoWsMOWaOW3IJZ4inIW7CpZIYZDIkjeTWA
GX+voS7FYB1EGsP0PNfbTaGZP5FxvG6KdYlqFqXqjCOgDhe4dlgaF5k99pKU3noz
rcNqa1AaCTmwLU/36SQAy94yNWi8LATf5uQfr2SXskvlPySPywbox38fYQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFBv26J1aN71OUkzxfBd++d3N9dlzMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvR19ib25WbzN2VTVTVFBGOEYzNzUzYzMxMlhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQCK/CUAwQC
LQxkAwQBk7nEAwQBk7nOAwQCuWA4AwQCuYgQAwQCwaDcAwQCwajIAwQCwiYwAwQC
z/TEAwQCz/TQMBQEAgACMA4DBQMqBf8AAwUDKgdbQDANBgkqhkiG9w0BAQsFAAOC
AQEAM0VsLsiS3XSCY5SNI5XXOozpuqAXAbdCJAwH7ehAA2XuwmMEvRZ+hP1FBxCY
KZGDhaU4cRcGR7TtZQPudBBpi54dvvRdf3yA5Lg1t5LynNjriX02kBz1iu6gRD3f
6XjvmlcRXmIea5sJZ5iDj4iyUGb55fnyE1bJATZ3FxdZ22W9aTeXVdAyv5tp33dd
KFj0mNiQXDdwjvlb8sifKxapaSxGCp9f9Mnw9HbDctbhyMGxUBuh48PKAT4+qfDA
cN9L4f1dq6ag3wSjMWrNQE48wrF/iQs7nElv1II9TuvD+jTmrYq5t5OMuL1eT879
O0Xw01FTlhxaOsP4h+wOXD1dkg==
-----END CERTIFICATE-----
Generated at Sun Sep 8 19:47:10 2024 by rpki-client on console-ams.rpki-client.org