Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/vPreKSBmPJmWe8lhV1CdM8WEmCc.roa
File: vPreKSBmPJmWe8lhV1CdM8WEmCc.roa (raw, json)
Hash identifier: YV920zsKf+cYNU1/9UGYIgXN/0Hm5Kq0WSbpyiymP4k=
Subject key identifier: BC:FA:DE:29:20:66:3C:99:96:7B:C9:61:57:50:9D:33:C5:84:98:27
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018E0EF5EB9DBCB2CAE642233E7C99661A5D
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/vPreKSBmPJmWe8lhV1CdM8WEmCc.roa
Signing time: Tue 05 Mar 2024 14:13:01 +0000
ROA not before: Tue 05 Mar 2024 14:13:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 2.59.48.0/24 maxlen: 24
31.222.240.0/24 maxlen: 24
37.221.80.0/24 maxlen: 24
45.11.22.0/24 maxlen: 24
45.14.220.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
45.80.120.0/22 maxlen: 22
45.89.68.0/24 maxlen: 24
45.89.71.0/24 maxlen: 24
91.188.220.0/24 maxlen: 24
94.158.188.0/24 maxlen: 24
176.56.35.0/24 maxlen: 24
176.124.34.0/24 maxlen: 24
185.212.112.0/24 maxlen: 24
185.234.8.0/24 maxlen: 24
188.95.71.0/24 maxlen: 24
193.3.18.0/24 maxlen: 24
193.201.114.0/24 maxlen: 24
194.32.240.0/24 maxlen: 24
195.18.26.0/24 maxlen: 24
195.69.148.0/24 maxlen: 24
195.69.150.0/24 maxlen: 24
195.225.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 12:12:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:f5:eb:9d:bc:b2:ca:e6:42:23:3e:7c:99:66:1a:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 5 14:13:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bcfade2920663c99967bc96157509d33c5849827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2b:23:1f:c5:53:95:ae:8f:0f:1d:7b:dc:08:
2a:bd:bc:46:5b:7c:9c:02:4e:95:27:b3:22:81:1b:
93:56:e5:1b:64:48:03:a4:3f:9c:68:94:a5:60:18:
52:71:b2:dd:eb:2a:88:03:26:c8:b2:20:bb:ce:de:
39:bb:be:e9:fd:76:b2:8d:5e:31:cd:fe:a2:83:b5:
c1:70:5e:0d:1c:28:c8:cd:7e:aa:f5:bb:e4:92:0f:
1d:56:09:88:89:5c:52:0b:81:5e:0b:ab:31:cb:a1:
94:c6:12:ef:d3:fa:07:19:8c:90:13:b1:68:ca:1a:
87:11:57:32:3c:94:c7:06:2f:bc:0b:f1:6d:7b:cb:
3a:59:58:f4:b7:5c:0c:55:e8:2c:9b:cc:63:00:91:
32:00:47:2d:e6:e2:af:e6:3f:97:b0:66:f6:e4:64:
fe:85:c6:e1:e8:5d:46:d3:b9:28:72:06:f3:0e:1b:
3f:27:55:21:a7:55:8c:fc:65:0e:83:2f:5e:18:d1:
3f:42:3d:17:2b:fa:ce:7e:e0:61:71:e4:f1:a6:c8:
04:09:62:a3:7d:04:56:1f:7e:2d:c0:bc:b6:c8:16:
c0:7f:f5:20:d7:c7:32:62:6f:50:d3:fc:af:93:6a:
74:5a:70:bf:2e:98:c1:7e:a1:d0:a5:68:9d:2c:b5:
78:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:FA:DE:29:20:66:3C:99:96:7B:C9:61:57:50:9D:33:C5:84:98:27
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/vPreKSBmPJmWe8lhV1CdM8WEmCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
31.222.240.0/24
37.221.80.0/24
45.11.22.0/24
45.14.220.0/23
45.80.120.0/22
45.89.68.0/24
45.89.71.0/24
91.188.220.0/24
94.158.188.0/24
176.56.35.0/24
176.124.34.0/24
185.212.112.0/24
185.234.8.0/24
188.95.71.0/24
193.3.18.0/24
193.201.114.0/24
194.32.240.0/24
195.18.26.0/24
195.69.148.0/24
195.69.150.0/24
195.225.96.0/24
Signature Algorithm: sha256WithRSAEncryption
66:41:23:b6:c2:8c:b7:d3:60:ed:4a:da:fa:25:d5:6d:1a:aa:
ad:25:d0:ab:88:67:bf:a5:42:a4:c7:16:2b:94:64:6d:34:d7:
1b:a0:6e:bd:30:2a:6f:e0:39:05:6d:eb:de:28:29:92:a3:c3:
cf:47:5f:38:a7:f4:80:23:79:1e:d2:ac:67:15:20:03:c5:73:
25:a7:b0:6b:5e:f1:60:fb:09:ed:1d:d5:0d:b8:f8:7e:16:23:
60:2d:64:db:6f:91:ae:68:a5:32:46:58:81:89:b2:b4:84:d2:
6b:10:ef:8e:5a:70:32:36:3c:5c:8a:9f:ff:72:37:93:89:74:
4d:6d:0b:82:86:4d:04:c9:4a:a4:74:41:2a:46:5d:0a:f6:ee:
a2:a9:e4:bb:66:32:7c:f7:6c:a3:92:35:7e:36:80:b4:ab:cc:
74:c5:79:04:ec:9e:99:2c:91:23:81:5e:14:66:d1:26:11:50:
3b:ac:35:5c:e3:62:76:b4:64:2e:80:75:98:ad:a7:f8:17:76:
9d:fa:01:d1:e5:35:fb:30:df:07:5a:14:71:91:8b:d4:6c:12:
ea:83:37:2f:fc:77:bb:d7:d0:7e:9f:a6:94:a5:0f:89:bc:8f:
78:ad:8d:fe:96:a6:1b:9e:bf:93:7b:49:43:8c:20:eb:96:d8:
2f:6e:ea:2a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAY4O9eudvLLK5kIjPnyZZhpdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMzA1MTQxMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2ZhZGUyOTIwNjYzYzk5OTY3YmM5NjE1NzUwOWQzM2M1ODQ5ODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoysjH8VTla6PDx173AgqvbxGW3yc
Ak6VJ7MigRuTVuUbZEgDpD+caJSlYBhScbLd6yqIAybIsiC7zt45u77p/XayjV4x
zf6ig7XBcF4NHCjIzX6q9bvkkg8dVgmIiVxSC4FeC6sxy6GUxhLv0/oHGYyQE7Fo
yhqHEVcyPJTHBi+8C/Fte8s6WVj0t1wMVegsm8xjAJEyAEct5uKv5j+XsGb25GT+
hcbh6F1G07kocgbzDhs/J1Uhp1WM/GUOgy9eGNE/Qj0XK/rOfuBhceTxpsgECWKj
fQRWH34twLy2yBbAf/Ug18cyYm9Q0/yvk2p0WnC/LpjBfqHQpWidLLV47wIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFLz63ikgZjyZlnvJYVdQnTPFhJgnMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvdlByZUtTQm1QSm1XZThsaFYxQ2RNOFdFbUNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAAC
OzADBAAf3vADBAAl3VADBAAtCxYDBAEtDtwDBAItUHgDBAAtWUQDBAAtWUcDBABb
vNwDBABenrwDBACwOCMDBACwfCIDBAC51HADBAC56ggDBAC8X0cDBADBAxIDBADB
yXIDBADCIPADBADDEhoDBADDRZQDBADDRZYDBADD4WAwDQYJKoZIhvcNAQELBQAD
ggEBAGZBI7bCjLfTYO1K2vol1W0aqq0l0KuIZ7+lQqTHFiuUZG001xugbr0wKm/g
OQVt694oKZKjw89HXzin9IAjeR7SrGcVIAPFcyWnsGte8WD7Ce0d1Q24+H4WI2At
ZNtvka5opTJGWIGJsrSE0msQ745acDI2PFyKn/9yN5OJdE1tC4KGTQTJSqR0QSpG
XQr27qKp5LtmMnz3bKOSNX42gLSrzHTFeQTsnpkskSOBXhRm0SYRUDusNVzjYna0
ZC6AdZitp/gXdp36AdHlNfsw3wdaFHGRi9RsEuqDNy/8d7vX0H6fppSlD4m8j3it
jf6Wphuev5N7SUOMIOuW2C9u6io=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:23 2024 by rpki-client on console-fra.rpki-client.org