Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/Bzsmttpw7f2h7ke4FwR-k2WHKF8.roa
File: Bzsmttpw7f2h7ke4FwR-k2WHKF8.roa (raw, json)
Hash identifier: 6kr7x2K0EbWXWekcQtjyarSfD4A59WQnA/hYjhRbSOE=
Subject key identifier: 07:3B:26:B6:DA:70:ED:FD:A1:EE:47:B8:17:04:7E:93:65:87:28:5F
Certificate issuer: /CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Certificate serial: 018C96FD65D6B1D3AAC6CBB996F674932CFF
Authority key identifier: 9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/Bzsmttpw7f2h7ke4FwR-k2WHKF8.roa
Signing time: Sat 23 Dec 2023 14:03:58 +0000
ROA not before: Sat 23 Dec 2023 14:03:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25198
IP address blocks: 85.204.107.0/24 maxlen: 24
103.112.171.0/24 maxlen: 24
185.104.63.0/24 maxlen: 24
195.74.93.0/24 maxlen: 24
46.229.243.0/24 maxlen: 24
46.229.253.0/24 maxlen: 24
83.229.61.0/24 maxlen: 24
2a12:3200:4000::/36 maxlen: 36
2a12:3200:2000::/36 maxlen: 36
2a12:3200::/36 maxlen: 36
2a12:3200:1000::/36 maxlen: 36
2a12:3200:3000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:96:fd:65:d6:b1:d3:aa:c6:cb:b9:96:f6:74:93:2c:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Validity
Not Before: Dec 23 14:03:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=073b26b6da70edfda1ee47b817047e936587285f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:cf:65:1d:ea:43:6d:a7:ef:af:3f:2f:60:4f:
ed:1e:61:bd:fe:76:21:a3:dd:d4:ee:34:f1:90:c0:
25:a3:da:21:f4:67:d2:38:4d:b8:9e:17:e8:f2:83:
36:80:6e:45:4f:ec:8d:b6:45:09:bf:70:37:2d:26:
4e:83:73:00:8b:89:54:0b:2e:e6:5f:3f:84:a7:e4:
7e:7d:f2:cf:a5:5f:2a:a9:b4:2b:b1:e6:59:70:18:
8d:83:e3:bb:0e:c2:ce:54:b8:e5:87:14:4d:49:5b:
66:e8:d1:ce:88:d6:18:bb:c5:fc:15:86:33:f4:fa:
a4:66:77:92:0e:a7:08:64:f4:16:1d:e2:dd:96:40:
b1:e9:65:2b:1e:04:44:ab:4d:b0:1c:0d:6c:b0:f2:
8f:c8:06:4e:be:d8:93:af:f5:03:18:a4:17:38:35:
6e:f6:4f:4c:2a:e7:0b:67:ab:db:58:e5:8b:e0:a5:
24:ec:e5:19:2b:a6:e4:e5:09:c1:cf:e2:03:6c:a9:
e7:d8:00:3a:47:47:d4:69:88:1a:70:d6:8d:74:27:
5b:ad:8c:5a:68:c2:0f:0d:c9:9d:f8:89:8b:e1:fc:
f8:a2:37:83:97:ab:4a:5d:5e:10:42:32:e4:79:b3:
6c:20:c4:a0:56:20:ce:f7:62:6a:95:29:00:e1:51:
bf:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:3B:26:B6:DA:70:ED:FD:A1:EE:47:B8:17:04:7E:93:65:87:28:5F
X509v3 Authority Key Identifier:
keyid:9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/Bzsmttpw7f2h7ke4FwR-k2WHKF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.243.0/24
46.229.253.0/24
83.229.61.0/24
85.204.107.0/24
103.112.171.0/24
185.104.63.0/24
195.74.93.0/24
IPv6:
2a12:3200::-2a12:3200:4fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ad:f9:3b:2d:19:04:b2:6d:e0:3e:83:6e:8e:48:fc:db:59:a9:
8f:a6:95:a9:fb:05:a7:0d:7f:57:2d:60:f3:96:05:18:3f:ce:
10:1e:5d:8c:38:1a:83:b8:e0:73:2f:df:62:f8:e5:84:21:7e:
b9:69:9e:45:eb:07:c4:69:8a:86:1a:d8:79:48:39:ed:fb:5b:
37:cf:c6:0f:22:75:59:c3:ac:f6:f9:e0:da:33:d2:09:a9:ed:
d6:b9:0b:78:52:da:81:94:88:22:16:84:56:83:a1:05:57:a4:
f0:3d:72:26:fb:92:78:b0:10:30:a6:07:b7:5a:62:93:64:8b:
1b:99:93:d2:ad:25:a4:a5:1d:83:f9:55:1d:43:16:f1:77:56:
09:3d:a1:ec:89:b5:60:2f:a4:cd:e9:aa:0d:7c:14:f0:4b:e8:
cd:06:77:37:b8:ce:4b:a0:e1:85:24:c3:fb:af:0b:2d:57:8f:
83:fb:19:0c:4e:0f:99:1e:7d:cf:b7:11:4d:71:6d:4d:b5:b2:
93:0c:20:5a:b5:36:03:47:37:3a:8c:4f:ff:e5:39:4b:d7:06:
b6:f1:4b:78:3d:7f:b4:dc:a2:1d:0c:cb:9a:8a:49:05:c4:a5:
ec:93:32:5c:21:53:41:0f:0b:02:f0:85:23:e0:23:c7:d3:fc:
32:c1:73:3b
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYyW/WXWsdOqxsu5lvZ0kyz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjUwZTUzODZjODA5YTBmYWU2NTMwYWE1ZThkOTgyNTI1
MWRlZDAwHhcNMjMxMjIzMTQwMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzNiMjZiNmRhNzBlZGZkYTFlZTQ3YjgxNzA0N2U5MzY1ODcyODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA389lHepDbafvrz8vYE/tHmG9/nYh
o93U7jTxkMAlo9oh9GfSOE24nhfo8oM2gG5FT+yNtkUJv3A3LSZOg3MAi4lUCy7m
Xz+Ep+R+ffLPpV8qqbQrseZZcBiNg+O7DsLOVLjlhxRNSVtm6NHOiNYYu8X8FYYz
9PqkZneSDqcIZPQWHeLdlkCx6WUrHgREq02wHA1ssPKPyAZOvtiTr/UDGKQXODVu
9k9MKucLZ6vbWOWL4KUk7OUZK6bk5QnBz+IDbKnn2AA6R0fUaYgacNaNdCdbrYxa
aMIPDcmd+ImL4fz4ojeDl6tKXV4QQjLkebNsIMSgViDO92JqlSkA4VG/CQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFAc7JrbacO39oe5HuBcEfpNlhyhfMB8GA1UdIwQY
MBaAFJ61DlOGyAmg+uZTCqXo2YJSUd7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUt
MWNhZGE2ZThiMWE5LzEvQnpzbXR0cHc3ZjJoN2tlNEZ3Ui1rMldIS0Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUtMWNhZGE2ZThiMWE5
LzEvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAwBAIAATAqAwQALuXzAwQA
LuX9AwQAU+U9AwQAVcxrAwQAZ3CrAwQAuWg/AwQAw0pdMBYEAgACMBAwDgMEASoS
MgMGBCoSMgBAMA0GCSqGSIb3DQEBCwUAA4IBAQCt+TstGQSybeA+g26OSPzbWamP
ppWp+wWnDX9XLWDzlgUYP84QHl2MOBqDuOBzL99i+OWEIX65aZ5F6wfEaYqGGth5
SDnt+1s3z8YPInVZw6z2+eDaM9IJqe3WuQt4UtqBlIgiFoRWg6EFV6TwPXIm+5J4
sBAwpge3WmKTZIsbmZPSrSWkpR2D+VUdQxbxd1YJPaHsibVgL6TN6aoNfBTwS+jN
Bnc3uM5LoOGFJMP7rwstV4+D+xkMTg+ZHn3PtxFNcW1NtbKTDCBatTYDRzc6jE//
5TlL1wa28Ut4PX+03KIdDMuaikkFxKXskzJcIVNBDwsC8IUj4CPH0/wywXM7
-----END CERTIFICATE-----
Generated at Mon Dec 25 20:21:14 2023 by rpki-client on console-ams.rpki-client.org