Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/brCtbJhJKnb0or7wxPpq1pnc3bI.roa
File: brCtbJhJKnb0or7wxPpq1pnc3bI.roa (raw, json)
Hash identifier: cggVcWk71LOwPepL27PZUo0t4mA0D04rDYwoL0N+/hc=
Subject key identifier: 6E:B0:AD:6C:98:49:2A:76:F4:A2:BE:F0:C4:FA:6A:D6:99:DC:DD:B2
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018B3CB0438EC77587A3B1E5C552C6586D36
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/brCtbJhJKnb0or7wxPpq1pnc3bI.roa
Signing time: Tue 17 Oct 2023 08:11:06 +0000
ROA not before: Tue 17 Oct 2023 08:11:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30938
IP address blocks: 45.12.216.0/24 maxlen: 24
45.12.217.0/24 maxlen: 24
45.12.219.0/24 maxlen: 24
45.12.218.0/24 maxlen: 24
5.39.248.0/24 maxlen: 24
5.39.251.0/24 maxlen: 24
5.39.252.0/24 maxlen: 24
5.39.250.0/24 maxlen: 24
5.39.253.0/24 maxlen: 24
31.192.240.0/21 maxlen: 21
5.178.98.0/24 maxlen: 24
5.178.97.0/24 maxlen: 24
5.178.96.0/24 maxlen: 24
5.144.176.0/21 maxlen: 21
5.178.99.0/24 maxlen: 24
5.144.183.0/24 maxlen: 24
5.178.100.0/24 maxlen: 24
5.178.105.0/24 maxlen: 24
5.178.104.0/24 maxlen: 24
5.178.106.0/24 maxlen: 24
5.178.109.0/24 maxlen: 24
5.178.110.0/24 maxlen: 24
5.39.254.0/24 maxlen: 24
5.39.255.0/24 maxlen: 24
185.5.36.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3c:b0:43:8e:c7:75:87:a3:b1:e5:c5:52:c6:58:6d:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Oct 17 08:11:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6eb0ad6c98492a76f4a2bef0c4fa6ad699dcddb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e6:55:f4:ce:58:d1:fd:7e:6c:6a:b5:af:6f:
7c:99:07:4b:5e:ce:c9:92:d5:2a:92:ad:3b:1f:96:
f9:49:9b:72:26:c3:0c:42:b5:f2:01:c8:7d:1a:be:
18:2f:bb:28:16:f8:b5:a0:d9:ef:ac:83:71:6c:27:
42:a4:ea:45:68:dc:a9:b9:90:19:20:f0:2d:e5:93:
8f:3b:59:05:d8:b3:24:85:6f:8b:c6:2e:d4:59:96:
44:21:0d:3b:58:43:a5:12:f7:6a:c7:07:4d:86:d8:
69:f1:a7:b7:3b:b6:6d:60:b1:be:76:48:7c:eb:70:
70:55:3b:45:5f:78:b5:67:f2:76:98:99:fe:b0:98:
79:47:1a:f7:08:cf:6f:07:21:d2:6c:4b:ef:0e:0d:
f7:eb:a4:33:55:1f:d6:c5:68:d6:67:c1:29:e3:c2:
15:74:87:73:7b:1a:8f:e0:00:42:3d:c1:05:7c:26:
95:1d:c7:37:bf:4a:47:b1:29:36:c1:35:c9:c2:be:
37:f6:94:d3:18:5c:a8:e9:fb:c0:b5:36:7d:dd:e5:
3c:21:1b:e6:52:63:e3:f1:81:8a:4f:1f:1d:8b:93:
d0:29:d0:62:ca:28:fc:92:03:c1:21:85:54:8d:03:
f2:8e:c7:d1:83:91:11:2a:0a:33:38:48:78:c7:64:
3f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:B0:AD:6C:98:49:2A:76:F4:A2:BE:F0:C4:FA:6A:D6:99:DC:DD:B2
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/brCtbJhJKnb0or7wxPpq1pnc3bI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.248.0/24
5.39.250.0-5.39.255.255
5.144.176.0/21
5.178.96.0-5.178.100.255
5.178.104.0-5.178.106.255
5.178.109.0-5.178.110.255
31.192.240.0/21
45.12.216.0/22
185.5.36.0/22
Signature Algorithm: sha256WithRSAEncryption
c4:5b:76:f2:56:97:dd:1e:51:ef:75:bf:3a:ca:ec:0e:2c:c1:
ca:31:da:69:ba:46:05:c9:d4:02:e7:99:4d:ae:a8:95:d1:f6:
ad:99:ad:dd:fa:67:84:dc:49:48:e0:56:45:00:73:7a:93:0c:
e7:14:38:2d:78:f9:fc:63:26:9f:d5:c1:c5:3e:dc:1e:7f:0f:
70:d3:2a:8f:84:aa:35:4d:4a:ab:7b:9d:81:92:74:93:0c:d1:
27:2e:8b:cf:7c:04:18:aa:84:62:95:4f:c7:ba:8a:63:9a:c3:
b3:95:24:6a:19:46:1a:fe:65:f6:79:17:c5:60:77:f3:fb:64:
d0:c2:17:df:c9:71:87:03:0f:d7:fd:4a:ac:55:c1:63:fc:3c:
dd:45:6f:c2:87:38:48:6e:93:59:7e:41:a2:bb:d3:c7:e8:13:
fa:96:a7:e4:ed:7a:21:7c:18:6d:2d:d2:00:19:e2:a2:dd:d6:
f1:2d:7c:76:a2:aa:a8:39:7a:fd:98:a0:9a:7a:5e:fb:77:2a:
8f:17:7d:8b:d9:92:d3:79:73:27:e6:9a:a8:b1:eb:b8:bd:e7:
62:b1:10:ae:d1:23:dd:2d:d8:87:c3:ec:41:ca:a4:bd:a6:9b:
cb:6b:f8:35:ac:68:2d:ce:49:8c:c8:45:a5:78:6a:88:50:0f:
0b:38:56:05
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYs8sEOOx3WHo7HlxVLGWG02MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMxMDE3MDgxMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWIwYWQ2Yzk4NDkyYTc2ZjRhMmJlZjBjNGZhNmFkNjk5ZGNkZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOZV9M5Y0f1+bGq1r298mQdLXs7J
ktUqkq07H5b5SZtyJsMMQrXyAch9Gr4YL7soFvi1oNnvrINxbCdCpOpFaNypuZAZ
IPAt5ZOPO1kF2LMkhW+Lxi7UWZZEIQ07WEOlEvdqxwdNhthp8ae3O7ZtYLG+dkh8
63BwVTtFX3i1Z/J2mJn+sJh5Rxr3CM9vByHSbEvvDg3366QzVR/WxWjWZ8Ep48IV
dIdzexqP4ABCPcEFfCaVHcc3v0pHsSk2wTXJwr439pTTGFyo6fvAtTZ93eU8IRvm
UmPj8YGKTx8di5PQKdBiyij8kgPBIYVUjQPyjsfRg5ERKgozOEh4x2Q/3QIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFG6wrWyYSSp29KK+8MT6ataZ3N2yMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvYnJDdGJKaEpLbmIwb3I3d3hQcHExcG5jM2JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBbBAIAATBVAwQABSf4MAsD
BAEFJ/oDAwMFIAMEAwWQsDAMAwQFBbJgAwQABbJkMAwDBAMFsmgDBAAFsmowDAME
AAWybQMEAAWybgMEAx/A8AMEAi0M2AMEArkFJDANBgkqhkiG9w0BAQsFAAOCAQEA
xFt28laX3R5R73W/OsrsDizByjHaabpGBcnUAueZTa6oldH2rZmt3fpnhNxJSOBW
RQBzepMM5xQ4LXj5/GMmn9XBxT7cHn8PcNMqj4SqNU1Kq3udgZJ0kwzRJy6Lz3wE
GKqEYpVPx7qKY5rDs5UkahlGGv5l9nkXxWB38/tk0MIX38lxhwMP1/1KrFXBY/w8
3UVvwoc4SG6TWX5BorvTx+gT+pan5O16IXwYbS3SABniot3W8S18dqKqqDl6/Zig
mnpe+3cqjxd9i9mS03lzJ+aaqLHruL3nYrEQrtEj3S3Yh8PsQcqkvaaby2v4Naxo
Lc5JjMhFpXhqiFAPCzhWBQ==
-----END CERTIFICATE-----
Generated at Mon Oct 30 15:25:09 2023 by rpki-client on console-fra.rpki-client.org