Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/B85UBA0EEJMmv_cIF-1_f3kghtE.roa
File: B85UBA0EEJMmv_cIF-1_f3kghtE.roa (raw, json)
Hash identifier: bUwIbWOVbVNPtkS+RY2PS6G3rQLDEicHaswkCSS5ReY=
Subject key identifier: 07:CE:54:04:0D:04:10:93:26:BF:F7:08:17:ED:7F:7F:79:20:86:D1
Certificate issuer: /CN=13d59fd683e3570d63895530ceb9f2c84fefe0a3
Certificate serial: 018672A5D9CE120F64C3E499ED64F3F76045
Authority key identifier: 13:D5:9F:D6:83:E3:57:0D:63:89:55:30:CE:B9:F2:C8:4F:EF:E0:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/B85UBA0EEJMmv_cIF-1_f3kghtE.roa
Signing time: Tue 21 Feb 2023 06:25:17 +0000
ROA not before: Tue 21 Feb 2023 06:25:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38955
IP address blocks: 185.164.4.0/23 maxlen: 23
185.164.6.0/23 maxlen: 23
185.16.188.0/22 maxlen: 24
185.16.190.0/24 maxlen: 24
185.115.186.0/23 maxlen: 23
185.115.184.0/23 maxlen: 23
178.23.80.0/21 maxlen: 23
81.19.144.0/20 maxlen: 24
2a00:1a68::/32 maxlen: 34
2a0a:7c00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:72:a5:d9:ce:12:0f:64:c3:e4:99:ed:64:f3:f7:60:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13d59fd683e3570d63895530ceb9f2c84fefe0a3
Validity
Not Before: Feb 21 06:25:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07ce54040d04109326bff70817ed7f7f792086d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8b:3a:53:47:f6:6f:8b:5d:33:ac:ab:fc:50:
a5:fb:a5:58:11:3f:a9:1a:4a:fc:42:9e:d1:e2:8d:
70:b9:c3:bc:b6:89:64:1c:4d:96:46:d3:1b:90:13:
eb:42:2e:ca:6e:9a:54:6d:bd:25:4c:9b:ac:8e:50:
eb:07:b9:53:9b:a9:2f:91:fb:82:1e:9f:60:23:64:
07:38:59:6c:09:9c:32:c2:16:23:27:da:22:57:cd:
ef:e5:65:c8:e3:06:95:9c:17:c7:17:18:73:38:18:
ab:b3:d1:21:77:84:9a:1d:ea:8e:78:85:c6:0c:ea:
0f:19:de:ec:4e:1a:37:3f:d8:97:0b:7a:58:44:6f:
4d:fa:22:c8:95:74:aa:b0:0d:15:50:33:09:37:9f:
8c:73:50:71:d6:0e:6e:58:94:94:9a:f0:4b:1c:fa:
99:21:fa:20:85:e0:c9:95:26:9b:22:73:80:4f:c0:
23:4b:0a:4a:85:3c:e8:4d:94:91:3c:b0:40:12:95:
c1:6b:fd:20:37:d1:65:57:79:95:e5:04:fd:57:fb:
b8:ca:a9:cf:d6:9c:06:2f:f6:32:e5:fb:77:10:71:
33:b1:38:33:3c:e1:d8:52:9d:74:09:7f:5f:26:93:
aa:92:50:c2:53:61:ab:e1:8f:da:bb:5b:78:3e:4a:
e0:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:CE:54:04:0D:04:10:93:26:BF:F7:08:17:ED:7F:7F:79:20:86:D1
X509v3 Authority Key Identifier:
keyid:13:D5:9F:D6:83:E3:57:0D:63:89:55:30:CE:B9:F2:C8:4F:EF:E0:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/B85UBA0EEJMmv_cIF-1_f3kghtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.144.0/20
178.23.80.0/21
185.16.188.0/22
185.115.184.0/22
185.164.4.0/22
IPv6:
2a00:1a68::/32
2a0a:7c00::/29
Signature Algorithm: sha256WithRSAEncryption
3a:32:cf:85:4f:d8:4e:45:62:26:56:33:e1:e4:5b:85:89:bb:
7a:aa:4f:27:24:a5:e4:1f:e9:4f:70:7b:a1:26:95:ec:0e:13:
8f:35:2a:3d:d6:f8:85:78:d2:09:ff:0d:51:c9:a3:55:df:0c:
2b:97:83:62:8b:2b:90:ed:c0:cd:43:b6:9f:88:49:fe:d4:3f:
8a:f8:70:df:22:7a:2b:0a:b3:14:53:bf:c4:96:52:3c:2a:ea:
9e:a6:0e:12:7f:ff:d1:18:e2:71:5e:8f:c6:92:36:de:63:37:
d0:2f:38:8c:af:3a:e5:f1:ad:5c:04:5d:bc:1a:9c:b2:35:9d:
c0:69:59:3c:d2:1a:76:d3:a2:4f:07:a0:bc:48:44:be:a9:4c:
8b:89:83:ef:c9:da:99:1c:5f:b0:3f:f1:e7:26:6c:b3:56:ef:
28:7b:72:cb:e9:e4:24:ec:1a:19:8e:ae:f4:17:80:f4:bb:12:
21:fa:19:a2:5c:5c:57:3c:a5:84:a8:59:23:84:5d:a4:55:30:
b9:ab:4b:70:01:e4:69:79:45:92:9b:9c:1c:2b:78:f0:18:dc:
86:6e:00:6a:b9:6e:99:ff:b3:a1:4f:5f:da:bc:df:9d:83:50:
3b:ff:58:d3:47:f9:e8:d9:91:58:76:8e:a8:fc:d9:0f:e9:b0:
53:65:7e:eb
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYZypdnOEg9kw+SZ7WTz92BFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZDU5ZmQ2ODNlMzU3MGQ2Mzg5NTUzMGNlYjlmMmM4NGZl
ZmUwYTMwHhcNMjMwMjIxMDYyNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2NlNTQwNDBkMDQxMDkzMjZiZmY3MDgxN2VkN2Y3Zjc5MjA4NmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIs6U0f2b4tdM6yr/FCl+6VYET+p
Gkr8Qp7R4o1wucO8tolkHE2WRtMbkBPrQi7KbppUbb0lTJusjlDrB7lTm6kvkfuC
Hp9gI2QHOFlsCZwywhYjJ9oiV83v5WXI4waVnBfHFxhzOBirs9Ehd4SaHeqOeIXG
DOoPGd7sTho3P9iXC3pYRG9N+iLIlXSqsA0VUDMJN5+Mc1Bx1g5uWJSUmvBLHPqZ
IfogheDJlSabInOAT8AjSwpKhTzoTZSRPLBAEpXBa/0gN9FlV3mV5QT9V/u4yqnP
1pwGL/Yy5ft3EHEzsTgzPOHYUp10CX9fJpOqklDCU2Gr4Y/au1t4PkrggwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFAfOVAQNBBCTJr/3CBftf395IIbRMB8GA1UdIwQY
MBaAFBPVn9aD41cNY4lVMM658shP7+CjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTlXZjFvUGpWdzFqaVZVd3pybnl5RV92NEtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80MTBlYWYtZjgyZC00N2ZmLTk5MjYt
MGIxYjMwODk1NjAyLzEvQjg1VUJBMEVFSk1tdl9jSUYtMV9mM2tnaHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80MTBlYWYtZjgyZC00N2ZmLTk5MjYtMGIxYjMwODk1NjAy
LzEvRTlXZjFvUGpWdzFqaVZVd3pybnl5RV92NEtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQEUROQAwQD
shdQAwQCuRC8AwQCuXO4AwQCuaQEMBQEAgACMA4DBQAqABpoAwUDKgp8ADANBgkq
hkiG9w0BAQsFAAOCAQEAOjLPhU/YTkViJlYz4eRbhYm7eqpPJySl5B/pT3B7oSaV
7A4TjzUqPdb4hXjSCf8NUcmjVd8MK5eDYosrkO3AzUO2n4hJ/tQ/ivhw3yJ6Kwqz
FFO/xJZSPCrqnqYOEn//0RjicV6PxpI23mM30C84jK865fGtXARdvBqcsjWdwGlZ
PNIadtOiTwegvEhEvqlMi4mD78namRxfsD/x5yZss1bvKHtyy+nkJOwaGY6u9BeA
9LsSIfoZolxcVzylhKhZI4RdpFUwuatLcAHkaXlFkpucHCt48Bjchm4Aarlumf+z
oU9f2rzfnYNQO/9Y00f56NmRWHaOqPzZD+mwU2V+6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:23 2024 by rpki-client on console-ams.rpki-client.org