Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/bTPQ7Jr2sCMkz-QQrX7j2-0TuIs.roa
File: bTPQ7Jr2sCMkz-QQrX7j2-0TuIs.roa (raw, json)
Hash identifier: Sy21ToJbjFvsvhdn9xWbf6hyo+4rV5ccTc0JQ9RBcfg=
Subject key identifier: 6D:33:D0:EC:9A:F6:B0:23:24:CF:E4:10:AD:7E:E3:DB:ED:13:B8:8B
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DE6B3A85556AA59648646CEDDE7352411
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/bTPQ7Jr2sCMkz-QQrX7j2-0TuIs.roa
Signing time: Mon 26 Feb 2024 18:35:50 +0000
ROA not before: Mon 26 Feb 2024 18:35:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 2.59.48.0/24 maxlen: 24
37.221.80.0/24 maxlen: 24
45.11.22.0/24 maxlen: 24
45.14.220.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
45.80.120.0/22 maxlen: 22
45.89.68.0/24 maxlen: 24
45.89.71.0/24 maxlen: 24
91.188.220.0/24 maxlen: 24
94.158.188.0/24 maxlen: 24
176.56.35.0/24 maxlen: 24
176.124.34.0/24 maxlen: 24
185.212.112.0/24 maxlen: 24
185.234.8.0/24 maxlen: 24
188.95.71.0/24 maxlen: 24
193.3.18.0/24 maxlen: 24
193.201.114.0/24 maxlen: 24
194.32.240.0/24 maxlen: 24
195.18.26.0/24 maxlen: 24
195.69.148.0/24 maxlen: 24
195.69.150.0/24 maxlen: 24
195.225.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Mar 2024 14:13:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e6:b3:a8:55:56:aa:59:64:86:46:ce:dd:e7:35:24:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 26 18:35:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d33d0ec9af6b02324cfe410ad7ee3dbed13b88b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d2:87:9b:b0:82:96:ba:fa:a0:9a:72:6d:f0:
46:5a:ad:af:00:13:a2:35:96:d8:5d:da:ab:1f:51:
77:c0:f7:ce:cf:b3:9a:20:a4:3e:1c:eb:a6:20:e5:
d5:ee:1b:67:fd:14:15:92:b5:61:3b:29:cd:0a:5b:
c5:c6:d6:67:1a:53:db:81:28:48:11:c6:a8:2e:e3:
01:5e:f2:c9:0c:e0:40:e8:1a:46:42:05:17:c8:cc:
c0:3b:68:60:e2:76:fc:7b:61:af:be:fd:b3:1e:b0:
5c:0e:7a:53:99:66:bb:99:01:95:94:2d:83:c2:5d:
54:69:f0:50:a4:f0:c2:2d:29:33:77:18:3a:cf:f2:
f5:a8:43:bf:57:bf:2c:5b:79:28:9b:68:07:22:0d:
59:cc:3c:08:82:03:5e:90:f9:0f:8e:b0:36:c0:ee:
6c:3c:86:a6:e4:69:97:41:c4:02:97:41:aa:5a:7f:
3c:9a:5d:5c:2b:a4:4e:db:c8:a9:63:e8:ec:9b:89:
f8:9c:05:35:e1:ee:fe:ef:3a:e4:06:a4:6b:81:8e:
18:ca:12:95:c5:1c:df:eb:06:af:96:ef:5f:3b:ea:
1d:8e:2b:d3:48:34:aa:00:c6:2c:3e:d0:ac:4f:aa:
2d:13:d7:9a:01:ee:a3:1a:cf:a6:6f:19:d2:75:27:
95:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:33:D0:EC:9A:F6:B0:23:24:CF:E4:10:AD:7E:E3:DB:ED:13:B8:8B
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/bTPQ7Jr2sCMkz-QQrX7j2-0TuIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
37.221.80.0/24
45.11.22.0/24
45.14.220.0/23
45.80.120.0/22
45.89.68.0/24
45.89.71.0/24
91.188.220.0/24
94.158.188.0/24
176.56.35.0/24
176.124.34.0/24
185.212.112.0/24
185.234.8.0/24
188.95.71.0/24
193.3.18.0/24
193.201.114.0/24
194.32.240.0/24
195.18.26.0/24
195.69.148.0/24
195.69.150.0/24
195.225.96.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:38:b3:de:13:7b:9c:04:6f:3f:25:0d:ef:ba:ae:93:84:76:
d3:95:75:a8:1b:5d:6f:a1:d7:ac:df:95:6a:7c:86:1f:ce:cd:
86:59:b9:91:12:40:a8:83:de:0c:2a:28:98:ab:9c:69:aa:96:
be:d0:b5:32:b3:fb:7c:1c:9c:67:b0:a3:6f:38:3f:59:a3:4d:
e6:f1:58:36:a0:b0:9c:5c:55:19:77:33:ca:0c:58:8f:be:43:
40:57:59:9d:9e:59:d9:96:1b:4f:1d:a1:eb:b0:bb:8c:9c:f9:
37:8c:d5:c5:6d:61:fb:d2:4b:82:6f:97:ba:ab:dc:e6:c1:29:
b5:26:87:02:77:78:47:5e:90:dd:c0:41:ca:c3:14:d2:5c:85:
0d:71:b3:3d:ef:2b:1e:be:3a:d2:20:54:2b:14:e1:fb:c4:03:
1a:f2:c8:80:7b:e9:66:5c:37:10:31:f9:7f:3b:86:fa:2b:b8:
ab:e5:b2:f9:fc:51:0a:05:29:34:ce:64:dd:d0:22:3e:e8:91:
82:4f:20:11:cb:19:9a:cd:23:c8:47:7d:48:87:db:4a:6a:2e:
3d:f1:53:20:74:cb:eb:57:02:5e:8a:12:a1:0c:7d:2f:50:70:
22:92:27:ac:7c:5f:a4:13:00:be:49:ac:d6:6b:91:42:59:38:
e8:e3:c9:eb
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY3ms6hVVqpZZIZGzt3nNSQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjI2MTgzNTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDMzZDBlYzlhZjZiMDIzMjRjZmU0MTBhZDdlZTNkYmVkMTNiODhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9KHm7CClrr6oJpybfBGWq2vABOi
NZbYXdqrH1F3wPfOz7OaIKQ+HOumIOXV7htn/RQVkrVhOynNClvFxtZnGlPbgShI
EcaoLuMBXvLJDOBA6BpGQgUXyMzAO2hg4nb8e2Gvvv2zHrBcDnpTmWa7mQGVlC2D
wl1UafBQpPDCLSkzdxg6z/L1qEO/V78sW3kom2gHIg1ZzDwIggNekPkPjrA2wO5s
PIam5GmXQcQCl0GqWn88ml1cK6RO28ipY+jsm4n4nAU14e7+7zrkBqRrgY4YyhKV
xRzf6wavlu9fO+odjivTSDSqAMYsPtCsT6otE9eaAe6jGs+mbxnSdSeVKQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFG0z0Oya9rAjJM/kEK1+49vtE7iLMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvYlRQUTdKcjJzQ01rei1RUXJYN2oyLTBUdUlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAAI7
MAMEACXdUAMEAC0LFgMEAS0O3AMEAi1QeAMEAC1ZRAMEAC1ZRwMEAFu83AMEAF6e
vAMEALA4IwMEALB8IgMEALnUcAMEALnqCAMEALxfRwMEAMEDEgMEAMHJcgMEAMIg
8AMEAMMSGgMEAMNFlAMEAMNFlgMEAMPhYDANBgkqhkiG9w0BAQsFAAOCAQEAGziz
3hN7nARvPyUN77quk4R205V1qBtdb6HXrN+VanyGH87Nhlm5kRJAqIPeDCoomKuc
aaqWvtC1MrP7fBycZ7Cjbzg/WaNN5vFYNqCwnFxVGXczygxYj75DQFdZnZ5Z2ZYb
Tx2h67C7jJz5N4zVxW1h+9JLgm+Xuqvc5sEptSaHAnd4R16Q3cBBysMU0lyFDXGz
Pe8rHr460iBUKxTh+8QDGvLIgHvpZlw3EDH5fzuG+iu4q+Wy+fxRCgUpNM5k3dAi
PuiRgk8gEcsZms0jyEd9SIfbSmouPfFTIHTL61cCXooSoQx9L1BwIpInrHxfpBMA
vkms1muRQlk46OPJ6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:23 2024 by rpki-client on console-fra.rpki-client.org