Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/bp31SB_oH43YBEes41Rm-5M77qs.roa
File: bp31SB_oH43YBEes41Rm-5M77qs.roa (raw, json)
Hash identifier: LTzVcVh4jkLit/ReiYGl/hInSk0fo+uX+iff3h1kNxg=
Subject key identifier: 6E:9D:F5:48:1F:E8:1F:8D:D8:04:47:AC:E3:54:66:FB:93:3B:EE:AB
Certificate issuer: /CN=0969a2a39635b797476f1f1633ae8f27bf33b533
Certificate serial: 018A2A77E8A40E87565757D49511DCA26B8E
Authority key identifier: 09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/bp31SB_oH43YBEes41Rm-5M77qs.roa
Signing time: Fri 25 Aug 2023 02:13:36 +0000
ROA not before: Fri 25 Aug 2023 02:13:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207709
IP address blocks: 195.85.207.0/24 maxlen: 24
195.85.216.0/24 maxlen: 24
185.242.162.0/24 maxlen: 24
185.242.161.0/24 maxlen: 24
185.242.160.0/24 maxlen: 24
185.242.163.0/24 maxlen: 24
2.56.152.0/24 maxlen: 24
2.56.155.0/24 maxlen: 24
2.56.154.0/24 maxlen: 24
2.56.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Aug 2023 02:23:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2a:77:e8:a4:0e:87:56:57:57:d4:95:11:dc:a2:6b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0969a2a39635b797476f1f1633ae8f27bf33b533
Validity
Not Before: Aug 25 02:13:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e9df5481fe81f8dd80447ace35466fb933beeab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:27:df:6a:05:0c:54:f5:1b:22:76:0c:90:5d:
4d:dd:c6:3e:29:2d:57:5e:d4:d5:98:2d:27:15:da:
c2:ad:45:79:35:0e:17:a3:b6:ae:7d:f3:b9:1c:a6:
a6:ab:ea:8b:d9:d3:fe:76:6a:86:7a:77:46:81:d3:
f7:7c:79:53:6b:6f:8e:e9:bc:07:09:d2:3f:51:90:
95:88:44:75:af:2d:60:e0:b4:ba:7a:d6:27:03:01:
57:53:9d:9a:f9:4a:ef:80:23:7e:6d:83:ae:ca:49:
7c:64:21:86:26:b6:21:d0:7a:fb:57:a5:8d:0d:49:
1f:81:b5:7f:2b:b4:d4:4d:4c:dc:10:90:57:03:e9:
51:ff:15:02:70:88:8c:cb:06:db:27:b9:e4:d6:03:
ab:41:b5:13:52:b5:b2:44:78:49:e2:21:d3:6a:58:
2f:b7:e8:ef:e2:fd:a4:74:e9:67:a2:06:1a:fb:37:
0e:3f:dc:d3:d7:8d:ab:d4:17:37:b8:0e:2d:b9:9a:
0a:db:09:74:76:58:05:47:e0:4c:dc:95:ff:f8:ab:
a6:a8:91:46:fa:26:bc:a0:84:28:5a:7a:fa:c5:97:
0a:c0:5f:db:8e:11:c5:bc:1e:92:60:f3:fd:61:a7:
30:61:6a:a2:23:d3:e6:7f:e0:d4:03:46:ee:21:f9:
b6:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:9D:F5:48:1F:E8:1F:8D:D8:04:47:AC:E3:54:66:FB:93:3B:EE:AB
X509v3 Authority Key Identifier:
keyid:09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/bp31SB_oH43YBEes41Rm-5M77qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.152.0/22
185.242.160.0/22
195.85.207.0/24
195.85.216.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:c4:13:cd:99:ca:cc:0f:18:14:c9:fa:26:61:88:1f:12:7d:
ce:04:6c:17:b5:3a:4d:c2:b2:7e:06:18:81:ad:e8:a1:b8:ed:
ce:e5:1e:62:4b:fa:89:e2:68:1c:8d:b7:7d:36:16:43:0e:8f:
e0:64:2e:f3:d8:18:d1:f7:70:e5:dc:2d:64:60:59:40:c1:25:
d5:ef:36:ac:49:de:d6:5c:dd:c2:d8:33:4c:c7:2e:1d:79:df:
96:d3:ca:d0:28:94:6c:c9:6c:80:b8:c9:87:f5:6e:6e:6c:a7:
d2:21:ec:05:1d:9d:6c:0c:e6:44:8e:6b:f5:74:1d:59:6f:5e:
c8:51:7b:81:92:56:34:03:7a:1a:5d:a5:50:d2:cf:05:56:fc:
46:c4:fb:2b:29:01:ff:ec:e9:62:c7:84:6d:c0:94:c8:2c:08:
fa:09:b9:45:97:81:e9:e5:ca:bd:7d:52:ca:5e:08:af:fd:c1:
51:3a:48:4d:f0:45:65:88:0d:e0:ae:52:89:d9:90:5f:b4:3c:
0e:b6:e9:a8:d9:71:82:34:eb:e1:70:cb:b3:32:8c:fa:16:c6:
77:a6:3c:97:19:1d:dc:e2:19:88:cf:e0:9c:45:aa:c6:46:be:
11:9f:c8:25:68:ef:a2:e7:a7:cc:dd:85:0c:c3:e9:88:9e:3a:
70:97:3e:f1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYoqd+ikDodWV1fUlRHcomuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjlhMmEzOTYzNWI3OTc0NzZmMWYxNjMzYWU4ZjI3YmYz
M2I1MzMwHhcNMjMwODI1MDIxMzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTlkZjU0ODFmZTgxZjhkZDgwNDQ3YWNlMzU0NjZmYjkzM2JlZWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCffagUMVPUbInYMkF1N3cY+KS1X
XtTVmC0nFdrCrUV5NQ4Xo7auffO5HKamq+qL2dP+dmqGendGgdP3fHlTa2+O6bwH
CdI/UZCViER1ry1g4LS6etYnAwFXU52a+UrvgCN+bYOuykl8ZCGGJrYh0Hr7V6WN
DUkfgbV/K7TUTUzcEJBXA+lR/xUCcIiMywbbJ7nk1gOrQbUTUrWyRHhJ4iHTalgv
t+jv4v2kdOlnogYa+zcOP9zT142r1Bc3uA4tuZoK2wl0dlgFR+BM3JX/+KumqJFG
+ia8oIQoWnr6xZcKwF/bjhHFvB6SYPP9YacwYWqiI9Pmf+DUA0buIfm2kQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG6d9Ugf6B+N2ARHrONUZvuTO+6rMB8GA1UdIwQY
MBaAFAlpoqOWNbeXR28fFjOujye/M7UzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUt
NDE0OTA4NzJmYzRlLzEvYnAzMVNCX29INDNZQkVlczQxUm0tNU03N3FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUtNDE0OTA4NzJmYzRl
LzEvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjiYAwQC
ufKgAwQAw1XPAwQAw1XYMA0GCSqGSIb3DQEBCwUAA4IBAQBNxBPNmcrMDxgUyfom
YYgfEn3OBGwXtTpNwrJ+BhiBreihuO3O5R5iS/qJ4mgcjbd9NhZDDo/gZC7z2BjR
93Dl3C1kYFlAwSXV7zasSd7WXN3C2DNMxy4ded+W08rQKJRsyWyAuMmH9W5ubKfS
IewFHZ1sDOZEjmv1dB1Zb17IUXuBklY0A3oaXaVQ0s8FVvxGxPsrKQH/7Olix4Rt
wJTILAj6CblFl4Hp5cq9fVLKXgiv/cFROkhN8EVliA3grlKJ2ZBftDwOtumo2XGC
NOvhcMuzMoz6FsZ3pjyXGR3c4hmIz+CcRarGRr4Rn8glaO+i56fM3YUMw+mInjpw
lz7x
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:42 2024 by rpki-client on console-ams.rpki-client.org