Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/CBPzL3mwOqeK2bPF7Bs73MzkJ-s.roa
File: CBPzL3mwOqeK2bPF7Bs73MzkJ-s.roa (raw, json)
Hash identifier: TdMBgr8jdfs5+tZwwXuNmwixWDLksqqq/zr9ep7qdas=
Subject key identifier: 08:13:F3:2F:79:B0:3A:A7:8A:D9:B3:C5:EC:1B:3B:DC:CC:E4:27:EB
Certificate issuer: /CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Certificate serial: 018DF93667443FFC4D5E9260A050CF3AE155
Authority key identifier: B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/CBPzL3mwOqeK2bPF7Bs73MzkJ-s.roa
Signing time: Fri 01 Mar 2024 08:51:48 +0000
ROA not before: Fri 01 Mar 2024 08:51:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57497
IP address blocks: 5.63.8.0/24 maxlen: 24
5.63.9.0/24 maxlen: 24
5.63.10.0/23 maxlen: 23
5.63.10.0/24 maxlen: 24
5.63.11.0/24 maxlen: 24
5.63.12.0/24 maxlen: 24
5.63.13.0/24 maxlen: 24
5.63.14.0/23 maxlen: 23
5.63.14.0/24 maxlen: 24
45.135.240.0/24 maxlen: 24
45.135.241.0/24 maxlen: 24
45.135.242.0/24 maxlen: 24
45.135.243.0/24 maxlen: 24
158.58.184.0/22 maxlen: 22
158.58.184.0/24 maxlen: 24
158.58.185.0/24 maxlen: 24
158.58.186.0/24 maxlen: 24
158.58.187.0/24 maxlen: 24
158.58.188.0/23 maxlen: 23
158.58.188.0/24 maxlen: 24
158.58.189.0/24 maxlen: 24
158.58.190.0/23 maxlen: 23
158.58.190.0/24 maxlen: 24
158.58.191.0/24 maxlen: 24
185.2.12.0/22 maxlen: 22
185.2.12.0/23 maxlen: 24
185.2.14.0/23 maxlen: 24
185.179.90.0/24 maxlen: 24
185.229.204.0/24 maxlen: 24
194.62.17.0/24 maxlen: 24
195.226.223.0/24 maxlen: 24
2a01:4ac0::/48 maxlen: 48
2a01:4ac0:1::/48 maxlen: 48
2a01:4ac0:2::/48 maxlen: 48
2a01:4ac0:3::/48 maxlen: 48
2a01:4ac0:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 05 Mar 2024 06:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:36:67:44:3f:fc:4d:5e:92:60:a0:50:cf:3a:e1:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Validity
Not Before: Mar 1 08:51:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0813f32f79b03aa78ad9b3c5ec1b3bdccce427eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c5:f3:1e:90:26:ba:7c:77:34:f7:0d:0b:17:
a5:d5:4e:21:b9:03:17:c6:f2:7f:86:a6:74:53:d7:
52:73:b6:6d:45:c6:bc:de:ae:a9:35:62:e0:d7:d3:
1a:81:81:bc:ff:9a:a3:b0:4b:e7:d8:e6:a8:88:cd:
5d:df:c7:c1:9a:7a:84:de:65:83:94:aa:7c:50:59:
ee:4b:a9:6f:0f:d1:22:87:47:48:1d:7a:b7:a0:f2:
58:f1:af:4f:1d:00:a4:d0:bd:95:a9:09:dc:69:ab:
a3:36:51:67:b8:42:5e:86:5b:89:aa:dd:f6:58:2f:
75:b1:1d:0a:5a:ab:38:a1:92:cc:b1:57:39:66:a2:
da:e2:22:e2:af:2d:57:2b:a6:1d:fa:11:f0:89:a6:
7d:68:06:8b:ab:a8:3f:3c:e9:75:12:fd:c4:d8:fb:
f7:5a:df:72:81:a6:2b:5d:af:9c:fc:86:28:64:0c:
c3:9f:71:d8:fb:83:c6:a7:e3:e4:16:e5:dd:42:13:
1d:bd:49:12:39:60:13:8c:49:bf:fa:29:22:a1:21:
5d:a5:ad:87:66:4f:c2:02:28:64:9c:43:87:29:6f:
f7:49:fd:0e:f8:1f:6b:3a:ab:91:cc:00:6e:9b:50:
54:9f:cf:8b:21:bd:ad:c2:7d:e6:ad:31:2d:65:67:
35:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:13:F3:2F:79:B0:3A:A7:8A:D9:B3:C5:EC:1B:3B:DC:CC:E4:27:EB
X509v3 Authority Key Identifier:
keyid:B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/CBPzL3mwOqeK2bPF7Bs73MzkJ-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.8.0/21
45.135.240.0/22
158.58.184.0/21
185.2.12.0/22
185.179.90.0/24
185.229.204.0/24
194.62.17.0/24
195.226.223.0/24
IPv6:
2a01:4ac0::-2a01:4ac0:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a7:a1:72:b1:e6:35:d2:67:31:97:57:39:88:7d:cf:0f:9d:4b:
a4:9b:4c:d4:75:83:c0:b7:50:ea:c2:20:2d:1a:b9:d0:83:af:
a4:08:16:35:c4:1d:91:f4:08:0b:79:20:37:4d:6d:cc:a9:ae:
70:46:d9:f0:1d:9e:e9:d7:c2:c7:78:f5:ce:c6:51:62:09:5c:
b3:74:35:ee:47:1d:78:c2:49:77:c4:88:81:eb:c2:89:a3:5f:
33:b8:6f:80:97:de:fb:18:35:2d:60:3a:ed:29:0f:5c:b0:bc:
93:32:ed:8a:df:d9:6a:cf:f6:7c:40:4b:72:de:9c:a2:60:7c:
3b:65:da:ba:9e:a6:09:52:e0:a2:30:d3:4f:ca:b8:20:58:8f:
fa:3e:b3:92:40:c9:49:07:b6:8b:7a:5c:a9:f3:f7:06:6f:27:
63:26:22:3b:58:e7:be:10:10:c3:b1:b1:2c:f8:7f:aa:d3:7a:
9b:44:66:e3:d2:42:eb:74:4d:88:c7:90:c7:f6:a6:b4:ef:53:
75:d9:33:30:2e:00:93:84:40:f5:4f:c6:17:cc:49:b2:63:85:
52:f4:0b:f9:64:27:11:e4:b8:99:ca:9b:ba:84:ce:6d:2d:f3:
6d:26:dd:d0:9f:01:36:2a:b7:17:08:00:d3:ad:26:fc:8e:66:
8b:f9:b1:d1
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAY35NmdEP/xNXpJgoFDPOuFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzE2N2RmYTk4ODJiMmFhOGY4NDU5NWY1OGE5N2MzMDVj
YTQzYzUwHhcNMjQwMzAxMDg1MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODEzZjMyZjc5YjAzYWE3OGFkOWIzYzVlYzFiM2JkY2NjZTQyN2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8XzHpAmunx3NPcNCxel1U4huQMX
xvJ/hqZ0U9dSc7ZtRca83q6pNWLg19MagYG8/5qjsEvn2OaoiM1d38fBmnqE3mWD
lKp8UFnuS6lvD9Eih0dIHXq3oPJY8a9PHQCk0L2VqQncaaujNlFnuEJehluJqt32
WC91sR0KWqs4oZLMsVc5ZqLa4iLiry1XK6Yd+hHwiaZ9aAaLq6g/POl1Ev3E2Pv3
Wt9ygaYrXa+c/IYoZAzDn3HY+4PGp+PkFuXdQhMdvUkSOWATjEm/+ikioSFdpa2H
Zk/CAihknEOHKW/3Sf0O+B9rOquRzABum1BUn8+LIb2twn3mrTEtZWc1cwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFAgT8y95sDqnitmzxewbO9zM5CfrMB8GA1UdIwQY
MBaAFLbBZ9+piCsqqPhFlfWKl8MFykPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUt
YWNmYzNkMmMyNTIyLzEvQ0JQekwzbXdPcWVLMmJQRjdCczczTXprSi1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUtYWNmYzNkMmMyNTIy
LzEvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjA2BAIAATAwAwQDBT8IAwQC
LYfwAwQDnjq4AwQCuQIMAwQAubNaAwQAueXMAwQAwj4RAwQAw+LfMBgEAgACMBIw
EAMFBioBSsADBwAqAUrAAAQwDQYJKoZIhvcNAQELBQADggEBAKehcrHmNdJnMZdX
OYh9zw+dS6SbTNR1g8C3UOrCIC0audCDr6QIFjXEHZH0CAt5IDdNbcyprnBG2fAd
nunXwsd49c7GUWIJXLN0Ne5HHXjCSXfEiIHrwomjXzO4b4CX3vsYNS1gOu0pD1yw
vJMy7Yrf2WrP9nxAS3LenKJgfDtl2rqepglS4KIw00/KuCBYj/o+s5JAyUkHtot6
XKnz9wZvJ2MmIjtY574QEMOxsSz4f6rTeptEZuPSQut0TYjHkMf2prTvU3XZMzAu
AJOEQPVPxhfMSbJjhVL0C/lkJxHkuJnKm7qEzm0t820m3dCfATYqtxcIANOtJvyO
Zov5sdE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 01:59:18 2025 by rpki-client