Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/bBSNNCbQUy6RzqTU21rqS5POyhM.roa
File: bBSNNCbQUy6RzqTU21rqS5POyhM.roa (raw, json)
Hash identifier: 70e1HawtVtnJdx0+mNYUO4wplX2xDP4kw+QRB/csVvM=
Subject key identifier: 6C:14:8D:34:26:D0:53:2E:91:CE:A4:D4:DB:5A:EA:4B:93:CE:CA:13
Certificate issuer: /CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Certificate serial: 018CC8DE111CCFABF44B33B5BFF3B70B8C94
Authority key identifier: B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/bBSNNCbQUy6RzqTU21rqS5POyhM.roa
Signing time: Tue 02 Jan 2024 06:30:45 +0000
ROA not before: Tue 02 Jan 2024 06:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57497
IP address blocks: 195.226.223.0/24 maxlen: 24
45.135.240.0/24 maxlen: 24
45.135.243.0/24 maxlen: 24
45.135.241.0/24 maxlen: 24
45.135.242.0/24 maxlen: 24
158.58.191.0/24 maxlen: 24
158.58.190.0/23 maxlen: 23
158.58.189.0/24 maxlen: 24
158.58.190.0/24 maxlen: 24
158.58.188.0/24 maxlen: 24
158.58.188.0/23 maxlen: 23
158.58.187.0/24 maxlen: 24
194.62.17.0/24 maxlen: 24
158.58.184.0/24 maxlen: 24
158.58.185.0/24 maxlen: 24
158.58.184.0/22 maxlen: 22
158.58.186.0/24 maxlen: 24
185.2.14.0/23 maxlen: 24
185.2.12.0/22 maxlen: 22
185.2.12.0/23 maxlen: 24
5.63.10.0/24 maxlen: 24
5.63.11.0/24 maxlen: 24
5.63.8.0/24 maxlen: 24
5.63.10.0/23 maxlen: 23
5.63.9.0/24 maxlen: 24
5.63.13.0/24 maxlen: 24
5.63.14.0/24 maxlen: 24
5.63.14.0/23 maxlen: 23
5.63.12.0/24 maxlen: 24
185.229.204.0/24 maxlen: 24
185.179.90.0/24 maxlen: 24
2a01:4ac0:3::/48 maxlen: 48
2a01:4ac0:2::/48 maxlen: 48
2a01:4ac0::/48 maxlen: 48
2a01:4ac0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 01 Mar 2024 08:51:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:11:1c:cf:ab:f4:4b:33:b5:bf:f3:b7:0b:8c:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Validity
Not Before: Jan 2 06:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c148d3426d0532e91cea4d4db5aea4b93ceca13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e5:dd:50:04:5c:09:6f:3e:3e:6c:bf:d5:3c:
f1:0c:b1:09:7c:3a:37:8b:19:5d:0d:ec:46:c9:35:
76:55:65:47:12:14:cc:62:ec:17:d3:ed:ee:74:e8:
bf:46:8b:81:9d:6a:5c:2a:38:8a:49:c3:b9:d7:d2:
53:f5:16:c2:e9:93:ab:af:17:a0:0e:e7:c9:ee:fb:
13:1f:b1:e9:dd:4e:4c:b2:ff:f7:32:b1:bc:51:7e:
d7:07:3f:3f:ab:21:90:34:6b:b6:b3:1e:71:09:77:
17:cb:de:a2:e6:2c:b2:e6:b8:b9:27:9f:36:d4:83:
59:72:30:35:f8:05:48:cb:54:dc:ea:53:64:c8:cd:
a0:ff:e0:3a:de:da:c9:49:2d:c5:53:a9:46:cc:89:
16:a6:15:c4:57:ff:a7:89:b1:6f:4e:b7:74:21:59:
f6:2b:e7:22:a6:e4:e8:67:7f:b5:da:cb:a3:d7:70:
a7:76:e6:8a:19:ce:4b:07:a6:db:cb:f3:40:d2:30:
60:53:6b:94:1d:af:ec:6f:83:ec:47:17:39:6d:dd:
c0:dd:80:a9:03:ae:fc:07:6a:de:e6:22:ad:0c:0a:
9b:66:8e:8e:c8:dd:22:fa:b3:24:e8:b6:ab:b7:64:
de:01:63:1c:6f:01:01:de:af:05:72:1d:09:e0:b5:
3a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:14:8D:34:26:D0:53:2E:91:CE:A4:D4:DB:5A:EA:4B:93:CE:CA:13
X509v3 Authority Key Identifier:
keyid:B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/bBSNNCbQUy6RzqTU21rqS5POyhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.8.0/21
45.135.240.0/22
158.58.184.0/21
185.2.12.0/22
185.179.90.0/24
185.229.204.0/24
194.62.17.0/24
195.226.223.0/24
IPv6:
2a01:4ac0::/46
Signature Algorithm: sha256WithRSAEncryption
a2:0e:10:ea:ce:8a:31:f4:7c:d6:8c:b9:27:c1:e7:12:54:a6:
1a:05:cf:d5:28:90:cc:72:95:e0:f7:15:34:bb:e1:0d:c6:fc:
d7:db:3c:c5:a3:03:60:b9:8f:27:f3:94:06:d5:64:fe:f2:db:
f1:02:f3:4b:8e:e3:ba:ea:e3:83:a3:f4:33:0d:5b:e9:b9:4b:
da:23:36:28:76:92:d5:76:14:d4:f9:24:2a:6c:56:3f:7a:d5:
46:4c:67:f9:05:16:c0:ff:4d:6c:34:f5:2c:c5:76:30:39:64:
7d:f0:4d:39:07:c4:31:00:36:59:61:db:6a:0f:31:70:d4:19:
79:5c:53:01:7f:56:bd:1c:7c:88:7e:58:e0:e4:f6:ee:4e:cf:
ed:5a:1b:80:b7:c4:60:88:a3:90:06:ec:e1:c8:44:81:6c:27:
67:29:0b:8e:df:7d:70:9c:14:2b:c5:eb:59:65:90:10:63:f1:
99:f6:dc:c6:85:b9:08:ad:fa:a7:a6:9b:9d:86:56:56:a5:d5:
4e:ba:1e:f8:9f:a4:3e:dd:b6:f2:2f:aa:fb:c9:76:43:7c:b7:
42:f2:36:b1:be:32:f0:3c:d4:7b:ed:fe:fd:e0:d3:23:e7:b2:
07:c7:e4:16:90:4c:b8:be:08:d4:4a:a8:07:17:b7:c5:fe:7a:
36:1e:65:45
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYzI3hEcz6v0SzO1v/O3C4yUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzE2N2RmYTk4ODJiMmFhOGY4NDU5NWY1OGE5N2MzMDVj
YTQzYzUwHhcNMjQwMTAyMDYzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzE0OGQzNDI2ZDA1MzJlOTFjZWE0ZDRkYjVhZWE0YjkzY2VjYTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+XdUARcCW8+Pmy/1TzxDLEJfDo3
ixldDexGyTV2VWVHEhTMYuwX0+3udOi/RouBnWpcKjiKScO519JT9RbC6ZOrrxeg
DufJ7vsTH7Hp3U5Msv/3MrG8UX7XBz8/qyGQNGu2sx5xCXcXy96i5iyy5ri5J582
1INZcjA1+AVIy1Tc6lNkyM2g/+A63trJSS3FU6lGzIkWphXEV/+nibFvTrd0IVn2
K+cipuToZ3+12suj13CnduaKGc5LB6bby/NA0jBgU2uUHa/sb4PsRxc5bd3A3YCp
A678B2re5iKtDAqbZo6OyN0i+rMk6Lart2TeAWMcbwEB3q8Fch0J4LU6jQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFGwUjTQm0FMukc6k1Nta6kuTzsoTMB8GA1UdIwQY
MBaAFLbBZ9+piCsqqPhFlfWKl8MFykPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUt
YWNmYzNkMmMyNTIyLzEvYkJTTk5DYlFVeTZSenFUVTIxcnFTNVBPeWhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUtYWNmYzNkMmMyNTIy
LzEvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA2BAIAATAwAwQDBT8IAwQC
LYfwAwQDnjq4AwQCuQIMAwQAubNaAwQAueXMAwQAwj4RAwQAw+LfMA8EAgACMAkD
BwIqAUrAAAAwDQYJKoZIhvcNAQELBQADggEBAKIOEOrOijH0fNaMuSfB5xJUphoF
z9UokMxyleD3FTS74Q3G/NfbPMWjA2C5jyfzlAbVZP7y2/EC80uO47rq44Oj9DMN
W+m5S9ojNih2ktV2FNT5JCpsVj961UZMZ/kFFsD/TWw09SzFdjA5ZH3wTTkHxDEA
Nllh22oPMXDUGXlcUwF/Vr0cfIh+WODk9u5Oz+1aG4C3xGCIo5AG7OHIRIFsJ2cp
C47ffXCcFCvF61llkBBj8Zn23MaFuQit+qemm52GVlal1U66HvifpD7dtvIvqvvJ
dkN8t0LyNrG+MvA81Hvt/v3g0yPnsgfH5BaQTLi+CNRKqAcXt8X+ejYeZUU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:35 2024 by rpki-client on console-ams.rpki-client.org