Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/obD1wu0QkXJ863UzXG81dbOBdWc.roa
File: obD1wu0QkXJ863UzXG81dbOBdWc.roa (raw, json)
Hash identifier: Yq/gkuo3jye31WpjZUIaJh2VWQJ2HAg75uIOXJLmMRE=
Subject key identifier: A1:B0:F5:C2:ED:10:91:72:7C:EB:75:33:5C:6F:35:75:B3:81:75:67
Certificate issuer: /CN=bcc63f010c540bcd4554344bfb9a59a2edbabc29
Certificate serial: 01856C2EC1AB7CAB3F5B18A455FCEB23CFAE
Authority key identifier: BC:C6:3F:01:0C:54:0B:CD:45:54:34:4B:FB:9A:59:A2:ED:BA:BC:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vMY_AQxUC81FVDRL-5pZou26vCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/obD1wu0QkXJ863UzXG81dbOBdWc.roa
Signing time: Sun 01 Jan 2023 07:14:41 +0000
ROA not before: Sun 01 Jan 2023 07:14:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60144
IP address blocks: 45.150.76.0/22 maxlen: 24
185.53.8.0/22 maxlen: 24
192.162.136.0/24 maxlen: 24
192.162.136.0/22 maxlen: 24
45.138.36.0/22 maxlen: 24
91.215.156.0/22 maxlen: 24
185.56.28.0/22 maxlen: 24
185.27.236.0/22 maxlen: 24
2a07:f9c0::/29 maxlen: 48
2a02:5060::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:2e:c1:ab:7c:ab:3f:5b:18:a4:55:fc:eb:23:cf:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcc63f010c540bcd4554344bfb9a59a2edbabc29
Validity
Not Before: Jan 1 07:14:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1b0f5c2ed1091727ceb75335c6f3575b3817567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bf:a3:29:f0:83:48:40:b9:bf:f8:62:be:db:
7f:16:e1:4d:9e:3d:6c:48:69:01:80:94:76:57:c2:
24:8b:8a:44:db:d2:0e:81:90:3a:7a:b4:fb:f7:69:
ee:90:af:41:dd:a1:52:3c:f3:2c:01:59:ec:f8:35:
95:f2:02:c5:96:4e:b6:d1:f9:bf:34:f8:aa:a6:c3:
a2:f2:68:2d:40:e0:5e:42:c0:ab:cc:67:d3:70:21:
8a:be:95:94:25:ac:f8:f3:cb:11:14:bf:57:e5:06:
5e:3d:95:17:18:88:93:de:8a:9b:46:1b:28:37:f7:
05:25:22:51:bb:57:bb:3b:3e:6c:d9:46:78:7b:f3:
de:d6:e0:70:af:b5:41:60:5d:8b:4e:03:86:87:3d:
a1:1b:2b:76:4e:26:26:1e:e3:ed:ae:dd:22:5b:cc:
50:c2:83:1b:a9:eb:77:27:ef:89:a7:d0:f8:87:fa:
0c:b3:a6:23:27:1b:42:64:9e:a4:5c:e7:99:3c:4e:
a4:81:b4:ff:f6:27:a7:ea:be:bb:f8:4a:1a:d9:bb:
85:fc:74:f8:a6:1c:6d:bb:59:1e:d9:67:10:6e:3f:
37:78:69:ef:fd:91:5b:e6:b8:b8:6c:32:43:37:71:
a2:04:79:cb:29:b8:4e:de:cc:8a:fb:34:76:ad:13:
34:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B0:F5:C2:ED:10:91:72:7C:EB:75:33:5C:6F:35:75:B3:81:75:67
X509v3 Authority Key Identifier:
keyid:BC:C6:3F:01:0C:54:0B:CD:45:54:34:4B:FB:9A:59:A2:ED:BA:BC:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vMY_AQxUC81FVDRL-5pZou26vCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/obD1wu0QkXJ863UzXG81dbOBdWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/vMY_AQxUC81FVDRL-5pZou26vCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.36.0/22
45.150.76.0/22
91.215.156.0/22
185.27.236.0/22
185.53.8.0/22
185.56.28.0/22
192.162.136.0/22
IPv6:
2a02:5060::/32
2a07:f9c0::/29
Signature Algorithm: sha256WithRSAEncryption
09:ed:08:b6:90:ca:92:b3:9a:ef:6d:5d:fd:2d:18:29:48:99:
39:5d:13:99:15:c4:50:da:9b:ed:64:7d:94:b2:77:f8:7c:47:
bd:f7:4e:63:23:98:fe:af:0b:e4:61:56:5c:1b:1e:ed:1a:91:
6b:69:de:2a:79:74:ca:8d:48:d6:2b:17:05:88:e9:f9:47:ec:
85:00:61:0b:55:e7:49:25:82:3f:9b:e9:8e:69:ec:3b:61:ee:
5e:3d:28:be:ee:e5:29:77:11:ac:c1:a8:77:69:db:29:15:73:
84:26:47:37:8f:ef:60:0a:2e:18:08:23:1a:6d:c8:d3:21:19:
b9:3b:34:ef:7b:43:4c:72:20:69:3d:34:7f:11:13:4a:f2:1f:
08:d4:26:6f:91:0e:43:33:17:2c:bb:e7:aa:47:71:a4:0b:7a:
db:0b:73:0a:38:b0:b7:fe:91:68:6d:e3:3d:3c:4e:9c:1f:7c:
a9:82:b4:19:78:1a:25:58:77:ce:40:10:36:1e:fe:28:aa:21:
18:4d:c5:a9:1f:11:6e:99:8d:e6:2a:c4:1d:1d:8d:c9:2a:b1:
ec:fc:3d:a7:4b:63:b7:1a:78:b3:7c:39:df:4a:9f:ae:c3:0a:
c7:e4:59:0d:d7:be:07:03:d6:d1:e9:b3:61:8f:77:e5:f0:ea:
09:19:91:53
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYVsLsGrfKs/WxikVfzrI8+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjYzYzZjAxMGM1NDBiY2Q0NTU0MzQ0YmZiOWE1OWEyZWRi
YWJjMjkwHhcNMjMwMTAxMDcxNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWIwZjVjMmVkMTA5MTcyN2NlYjc1MzM1YzZmMzU3NWIzODE3NTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAir+jKfCDSEC5v/hivtt/FuFNnj1s
SGkBgJR2V8Iki4pE29IOgZA6erT792nukK9B3aFSPPMsAVns+DWV8gLFlk620fm/
NPiqpsOi8mgtQOBeQsCrzGfTcCGKvpWUJaz488sRFL9X5QZePZUXGIiT3oqbRhso
N/cFJSJRu1e7Oz5s2UZ4e/Pe1uBwr7VBYF2LTgOGhz2hGyt2TiYmHuPtrt0iW8xQ
woMbqet3J++Jp9D4h/oMs6YjJxtCZJ6kXOeZPE6kgbT/9ien6r67+Eoa2buF/HT4
phxtu1ke2WcQbj83eGnv/ZFb5ri4bDJDN3GiBHnLKbhO3syK+zR2rRM0pwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFKGw9cLtEJFyfOt1M1xvNXWzgXVnMB8GA1UdIwQY
MBaAFLzGPwEMVAvNRVQ0S/uaWaLturwpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk1ZX0FReFVDODFGVkRSTC01cFpvdTI2dkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hMjljNjctZjI0ZC00OTc5LWIyYWYt
Y2M0MWM0YTMxOThkLzEvb2JEMXd1MFFrWEo4NjNVelhHODFkYk9CZFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9hMjljNjctZjI0ZC00OTc5LWIyYWYtY2M0MWM0YTMxOThk
LzEvdk1ZX0FReFVDODFGVkRSTC01cFpvdTI2dkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQCLYokAwQC
LZZMAwQCW9ecAwQCuRvsAwQCuTUIAwQCuTgcAwQCwKKIMBQEAgACMA4DBQAqAlBg
AwUDKgf5wDANBgkqhkiG9w0BAQsFAAOCAQEACe0ItpDKkrOa721d/S0YKUiZOV0T
mRXEUNqb7WR9lLJ3+HxHvfdOYyOY/q8L5GFWXBse7RqRa2neKnl0yo1I1isXBYjp
+UfshQBhC1XnSSWCP5vpjmnsO2HuXj0ovu7lKXcRrMGod2nbKRVzhCZHN4/vYAou
GAgjGm3I0yEZuTs073tDTHIgaT00fxETSvIfCNQmb5EOQzMXLLvnqkdxpAt62wtz
Cjiwt/6RaG3jPTxOnB98qYK0GXgaJVh3zkAQNh7+KKohGE3FqR8RbpmN5irEHR2N
ySqx7Pw9p0tjtxp4s3w530qfrsMKx+RZDde+BwPW0emzYY935fDqCRmRUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:49 2024 by rpki-client on console-fra.rpki-client.org