Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/BeIiapTgoUNXSzqCOeJO17LmJOc.roa
File: BeIiapTgoUNXSzqCOeJO17LmJOc.roa (raw, json)
Hash identifier: nGLeHX1rSQ9mnwRlVHPbkkubMR4dOjpVdkb3c0yhHBo=
Subject key identifier: 05:E2:22:6A:94:E0:A1:43:57:4B:3A:82:39:E2:4E:D7:B2:E6:24:E7
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 018A596066A7E6CD27F33D653B1817B904A2
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/BeIiapTgoUNXSzqCOeJO17LmJOc.roa
Signing time: Sun 03 Sep 2023 04:50:04 +0000
ROA not before: Sun 03 Sep 2023 04:50:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200532
IP address blocks: 89.33.41.0/24 maxlen: 24
185.129.48.0/24 maxlen: 24
185.129.49.0/24 maxlen: 24
185.129.50.0/24 maxlen: 24
185.129.51.0/24 maxlen: 24
185.100.64.0/24 maxlen: 24
185.100.67.0/24 maxlen: 24
185.100.65.0/24 maxlen: 24
185.100.66.0/24 maxlen: 24
188.241.216.0/24 maxlen: 24
188.241.217.0/24 maxlen: 24
185.111.104.0/22 maxlen: 22
185.111.104.0/24 maxlen: 24
185.111.105.0/24 maxlen: 24
185.111.106.0/24 maxlen: 24
185.111.107.0/24 maxlen: 24
185.98.4.0/24 maxlen: 24
185.98.5.0/24 maxlen: 24
185.98.6.0/24 maxlen: 24
185.98.7.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.121.80.0/22 maxlen: 22
185.121.81.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
89.35.124.0/24 maxlen: 24
89.35.125.0/24 maxlen: 24
31.14.27.0/24 maxlen: 24
185.113.132.0/22 maxlen: 22
185.113.132.0/24 maxlen: 24
89.46.33.0/24 maxlen: 24
185.113.133.0/24 maxlen: 24
185.113.134.0/24 maxlen: 24
185.113.135.0/24 maxlen: 24
185.125.88.0/24 maxlen: 24
185.125.89.0/24 maxlen: 24
185.125.90.0/24 maxlen: 24
185.125.91.0/24 maxlen: 24
185.116.192.0/24 maxlen: 24
185.116.192.0/22 maxlen: 22
185.116.193.0/24 maxlen: 24
185.116.194.0/24 maxlen: 24
185.116.195.0/24 maxlen: 24
2a06:940::/56 maxlen: 56
2a06:942::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:59:60:66:a7:e6:cd:27:f3:3d:65:3b:18:17:b9:04:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Sep 3 04:50:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05e2226a94e0a143574b3a8239e24ed7b2e624e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0f:10:eb:45:f6:3e:b9:94:cc:bd:71:b6:23:
b7:d4:9d:ad:18:b5:09:b1:3f:a4:d0:21:c2:8c:aa:
a1:89:94:48:d6:99:ae:1a:9a:4c:5e:f5:8d:77:a2:
e1:7a:07:97:1c:31:e6:71:e3:df:60:dd:17:25:42:
67:fc:1b:b0:6d:60:05:ce:89:7c:8f:76:b2:7e:3c:
dd:4d:37:64:67:d6:0a:79:02:d0:1c:44:fa:a7:29:
28:c2:75:18:4d:55:ff:23:fc:d3:d3:7a:5e:ae:8f:
8b:c1:cc:8f:a4:c1:d4:f0:ba:03:06:36:46:65:2f:
60:28:d6:5c:49:05:43:70:28:e4:6c:81:b4:6b:64:
ff:eb:38:bc:68:81:d2:f7:1d:ad:e9:67:f1:89:85:
0c:4a:c1:02:70:d3:f2:e0:e4:c4:7d:70:99:5b:57:
7d:7d:75:da:a9:b9:91:dd:e2:b6:41:ff:fa:89:ff:
24:db:36:9c:8f:49:3c:88:ff:74:73:75:a0:04:b2:
16:67:29:ef:2c:de:c0:50:bd:61:f9:2d:88:51:4a:
95:a4:a3:f1:ed:2e:76:03:a5:fe:de:04:ab:84:c2:
1c:a8:91:2f:b8:9b:59:e9:37:92:3e:d1:0e:16:40:
7e:ae:76:41:52:3b:eb:b8:81:58:75:56:0c:64:58:
ca:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:E2:22:6A:94:E0:A1:43:57:4B:3A:82:39:E2:4E:D7:B2:E6:24:E7
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/BeIiapTgoUNXSzqCOeJO17LmJOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.27.0/24
89.33.41.0/24
89.35.124.0/23
89.46.33.0/24
185.98.4.0/22
185.100.64.0/22
185.111.104.0/22
185.113.132.0/22
185.116.192.0/22
185.121.80.0/22
185.125.88.0/22
185.129.48.0/22
188.241.216.0/23
IPv6:
2a06:940::/56
2a06:942::/48
Signature Algorithm: sha256WithRSAEncryption
2d:37:36:b5:23:1f:64:40:40:3d:20:d8:cd:92:9b:9a:88:2e:
4e:6b:e1:fa:fc:c9:90:25:f9:8a:61:f6:64:cc:de:58:f3:3e:
ca:c9:74:5b:99:a5:17:ae:d7:ed:16:47:48:70:d9:64:34:73:
c9:19:19:6e:8a:cf:ff:54:ef:af:d9:4e:e8:eb:02:66:a5:fa:
89:05:ff:4c:26:74:1b:ff:8f:05:fd:51:0c:3c:23:82:71:b7:
58:d2:ed:3e:de:cc:17:ae:9a:77:cf:79:7a:10:91:26:c2:d0:
8b:a3:7c:40:44:89:40:de:a4:f5:35:6f:42:0b:3c:16:4d:34:
90:c9:38:40:c5:ba:4a:c4:f1:9b:2f:6a:3a:76:82:48:e7:b3:
70:d7:30:42:44:72:27:c8:f1:da:31:78:1c:8d:fa:89:cb:b2:
aa:a7:d4:b5:05:71:2b:3a:1c:0b:f3:02:7f:f0:ee:df:89:7a:
f2:6a:7d:9c:b2:7c:1c:4b:d7:83:46:5d:9f:0b:c9:c8:e8:77:
e4:89:4d:b6:3b:4d:38:c9:8c:68:4d:02:f3:59:22:60:26:aa:
7a:ba:93:0c:c7:27:c9:ab:49:70:58:86:95:f3:9f:97:27:04:
48:bd:1a:46:13:22:fc:ba:61:7c:2e:51:f0:42:db:e2:13:af:
41:5a:ea:42
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYpZYGan5s0n8z1lOxgXuQSiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjMwOTAzMDQ1MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWUyMjI2YTk0ZTBhMTQzNTc0YjNhODIzOWUyNGVkN2IyZTYyNGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQ8Q60X2PrmUzL1xtiO31J2tGLUJ
sT+k0CHCjKqhiZRI1pmuGppMXvWNd6LhegeXHDHmcePfYN0XJUJn/BuwbWAFzol8
j3ayfjzdTTdkZ9YKeQLQHET6pykownUYTVX/I/zT03pero+LwcyPpMHU8LoDBjZG
ZS9gKNZcSQVDcCjkbIG0a2T/6zi8aIHS9x2t6WfxiYUMSsECcNPy4OTEfXCZW1d9
fXXaqbmR3eK2Qf/6if8k2zacj0k8iP90c3WgBLIWZynvLN7AUL1h+S2IUUqVpKPx
7S52A6X+3gSrhMIcqJEvuJtZ6TeSPtEOFkB+rnZBUjvruIFYdVYMZFjKpwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFAXiImqU4KFDV0s6gjniTtey5iTnMB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvQmVJaWFwVGdvVU5YU3pxQ09lSk8xN0xtSk9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwVAQCAAEwTgMEAB8OGwME
AFkhKQMEAVkjfAMEAFkuIQMEArliBAMEArlkQAMEArlvaAMEArlxhAMEArl0wAME
Arl5UAMEArl9WAMEArmBMAMEAbzx2DAZBAIAAjATAwgAKgYJQAAAAAMHACoGCUIA
ADANBgkqhkiG9w0BAQsFAAOCAQEALTc2tSMfZEBAPSDYzZKbmoguTmvh+vzJkCX5
imH2ZMzeWPM+ysl0W5mlF67X7RZHSHDZZDRzyRkZborP/1Tvr9lO6OsCZqX6iQX/
TCZ0G/+PBf1RDDwjgnG3WNLtPt7MF66ad895ehCRJsLQi6N8QESJQN6k9TVvQgs8
Fk00kMk4QMW6SsTxmy9qOnaCSOezcNcwQkRyJ8jx2jF4HI36icuyqqfUtQVxKzoc
C/MCf/Du34l68mp9nLJ8HEvXg0ZdnwvJyOh35IlNtjtNOMmMaE0C81kiYCaqerqT
DMcnyatJcFiGlfOflycESL0aRhMi/LphfC5R8ELb4hOvQVrqQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:22 2024 by rpki-client on console-ams.rpki-client.org