Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/BibGZv0e4D7l5CybjcYjTIdBxso.roa
File: BibGZv0e4D7l5CybjcYjTIdBxso.roa (raw, json)
Hash identifier: GMpjoxS8QLQ3+D8CAxW6gaL7GB1JdvhoFBq56n9lHwE=
Subject key identifier: 06:26:C6:66:FD:1E:E0:3E:E5:E4:2C:9B:8D:C6:23:4C:87:41:C6:CA
Certificate issuer: /CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Certificate serial: 0185714C43857F9AFF7A0A9AE9FE5F9B59D0
Authority key identifier: E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/BibGZv0e4D7l5CybjcYjTIdBxso.roa
Signing time: Mon 02 Jan 2023 07:05:01 +0000
ROA not before: Mon 02 Jan 2023 07:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202940
IP address blocks: 89.208.56.0/21 maxlen: 21
89.208.0.0/21 maxlen: 21
89.208.4.0/22 maxlen: 24
188.191.224.0/21 maxlen: 21
188.191.224.0/24 maxlen: 24
188.191.225.0/24 maxlen: 24
188.191.226.0/24 maxlen: 24
188.191.228.0/24 maxlen: 24
188.191.229.0/24 maxlen: 24
188.191.227.0/24 maxlen: 24
188.191.230.0/24 maxlen: 24
185.175.34.0/23 maxlen: 23
185.175.32.0/22 maxlen: 22
185.175.32.0/23 maxlen: 23
89.208.128.0/21 maxlen: 21
185.184.246.0/23 maxlen: 23
89.208.135.0/24 maxlen: 24
185.184.244.0/23 maxlen: 23
185.184.244.0/22 maxlen: 22
89.208.134.0/23 maxlen: 24
185.149.253.0/24 maxlen: 24
185.149.252.0/22 maxlen: 22
185.149.252.0/24 maxlen: 24
185.149.254.0/24 maxlen: 24
185.149.255.0/24 maxlen: 24
185.180.102.0/24 maxlen: 24
185.180.103.0/24 maxlen: 24
185.180.100.0/24 maxlen: 24
185.180.100.0/22 maxlen: 22
185.167.110.0/24 maxlen: 24
185.167.108.0/23 maxlen: 23
185.167.108.0/24 maxlen: 24
185.167.108.0/22 maxlen: 22
185.167.109.0/24 maxlen: 24
185.167.111.0/24 maxlen: 24
147.236.176.0/20 maxlen: 20
147.234.23.0/24 maxlen: 24
217.175.92.0/22 maxlen: 22
217.175.95.0/24 maxlen: 24
185.182.77.0/24 maxlen: 24
185.182.78.0/24 maxlen: 24
185.182.76.0/22 maxlen: 22
185.182.76.0/24 maxlen: 24
217.175.82.0/24 maxlen: 24
217.175.80.0/20 maxlen: 20
217.175.80.0/22 maxlen: 22
217.175.80.0/24 maxlen: 24
217.175.84.0/22 maxlen: 22
217.175.88.0/22 maxlen: 22
147.236.116.0/22 maxlen: 24
147.236.120.0/21 maxlen: 21
147.236.144.0/22 maxlen: 24
147.236.144.0/21 maxlen: 21
147.236.144.0/20 maxlen: 20
147.236.148.0/22 maxlen: 22
141.226.120.0/22 maxlen: 23
147.236.152.0/23 maxlen: 23
147.236.152.0/22 maxlen: 22
147.236.152.0/21 maxlen: 21
141.226.122.0/23 maxlen: 23
147.236.154.0/23 maxlen: 23
147.236.156.0/24 maxlen: 24
147.236.156.0/22 maxlen: 24
147.236.157.0/24 maxlen: 24
185.182.79.0/24 maxlen: 24
185.108.82.0/23 maxlen: 23
185.108.82.0/24 maxlen: 24
185.108.80.0/22 maxlen: 23
185.108.83.0/24 maxlen: 24
147.236.104.0/21 maxlen: 21
2a00:7c40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 24 Jan 2023 12:06:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:43:85:7f:9a:ff:7a:0a:9a:e9:fe:5f:9b:59:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Validity
Not Before: Jan 2 07:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0626c666fd1ee03ee5e42c9b8dc6234c8741c6ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4b:b3:c3:5c:ec:6f:6d:48:b8:d7:2f:5f:b0:
62:d5:5e:19:57:48:ce:91:d5:86:34:1c:84:26:51:
67:81:a8:3e:28:1d:fc:eb:ea:ac:f4:2c:b1:e6:a7:
c8:65:11:c1:cd:f3:e3:b2:87:31:2d:1b:ad:35:b3:
8c:5c:a3:36:69:19:1e:6d:50:07:b3:77:21:ae:41:
24:a9:c8:f6:66:2a:20:38:46:b2:0f:ca:13:5e:52:
c9:cc:00:f5:1a:c1:c0:9c:62:13:c3:1f:d4:65:27:
2f:e7:7b:0b:a4:8c:6e:de:af:c2:05:e8:02:f0:25:
de:42:44:51:b5:1e:90:ed:20:e0:19:cc:bf:30:e1:
61:a9:54:fa:53:06:41:16:b8:3b:67:21:60:a6:e7:
a4:7d:62:55:d4:c8:07:83:03:f4:d4:ea:2d:7b:81:
fa:6b:b6:fb:be:9d:99:e3:68:57:df:8b:15:d9:ab:
10:1d:37:de:0f:4a:5a:6f:d5:b0:ad:fb:83:9b:9e:
d9:0f:ff:c5:45:38:d3:33:04:9f:4b:b8:4f:a9:b3:
b4:f5:6c:33:aa:5c:93:dc:34:bf:db:84:85:3f:e0:
e7:8e:e4:69:e4:5e:bd:fe:d7:ee:04:e8:50:1d:c5:
3a:4c:91:bb:00:d2:93:8a:ec:51:75:de:8f:94:a1:
66:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:26:C6:66:FD:1E:E0:3E:E5:E4:2C:9B:8D:C6:23:4C:87:41:C6:CA
X509v3 Authority Key Identifier:
keyid:E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/BibGZv0e4D7l5CybjcYjTIdBxso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/6KhR3a5aZMw4glOVvppQfalat88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.208.0.0/21
89.208.56.0/21
89.208.128.0/21
141.226.120.0/22
147.234.23.0/24
147.236.104.0/21
147.236.116.0-147.236.127.255
147.236.144.0/20
147.236.176.0/20
185.108.80.0/22
185.149.252.0/22
185.167.108.0/22
185.175.32.0/22
185.180.100.0/22
185.182.76.0/22
185.184.244.0/22
188.191.224.0/21
217.175.80.0/20
IPv6:
2a00:7c40::/32
Signature Algorithm: sha256WithRSAEncryption
a7:df:f9:ab:d2:7d:7d:14:b0:e9:17:bc:09:0c:10:8a:a1:7a:
e1:a5:f3:33:b0:29:dd:ce:07:3d:40:a6:6b:e1:8c:cf:58:57:
4c:b1:ea:da:8d:fe:6f:02:a7:7f:e7:00:00:c2:fc:05:ea:f6:
81:34:f1:e3:b6:6f:c0:18:ff:53:36:40:c0:12:b4:49:25:0b:
e8:27:4b:07:d6:f3:09:8e:d8:81:f4:65:cd:23:07:94:b2:7c:
cf:fe:56:4e:66:ac:e0:89:fe:4c:1a:88:9e:03:ef:8f:10:9a:
a7:97:d7:17:c4:e2:46:4d:91:3b:1c:39:27:34:6e:f4:0e:c5:
93:e6:33:28:02:9a:64:d6:79:1f:db:4b:a6:ec:fa:fb:ba:30:
e9:14:3d:11:33:9e:8e:33:ec:6a:42:0e:8a:22:7c:35:3b:af:
ba:23:60:fb:ab:5b:19:32:c4:bd:fa:ef:b7:11:6c:35:9a:f3:
f4:d7:01:6e:3f:d0:0a:ac:c6:a0:b5:98:d7:90:39:9d:0f:1f:
58:6a:da:7c:de:6e:16:c0:6c:51:d6:ae:ee:87:6e:67:4a:bc:
a0:fd:c5:39:d8:90:3e:69:84:dc:e0:65:9c:e6:92:0c:43:8d:
bd:09:45:48:4a:e2:5e:0b:67:de:9e:19:a2:1a:21:7b:f4:90:
28:08:dd:46
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAYVxTEOFf5r/egqa6f5fm1nQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTg1MWRkYWU1YTY0Y2MzODgyNTM5NWJlOWE1MDdkYTk1
YWI3Y2YwHhcNMjMwMTAyMDcwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjI2YzY2NmZkMWVlMDNlZTVlNDJjOWI4ZGM2MjM0Yzg3NDFjNmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEuzw1zsb21IuNcvX7Bi1V4ZV0jO
kdWGNByEJlFngag+KB386+qs9Cyx5qfIZRHBzfPjsocxLRutNbOMXKM2aRkebVAH
s3chrkEkqcj2ZiogOEayD8oTXlLJzAD1GsHAnGITwx/UZScv53sLpIxu3q/CBegC
8CXeQkRRtR6Q7SDgGcy/MOFhqVT6UwZBFrg7ZyFgpuekfWJV1MgHgwP01Oote4H6
a7b7vp2Z42hX34sV2asQHTfeD0pab9WwrfuDm57ZD//FRTjTMwSfS7hPqbO09Wwz
qlyT3DS/24SFP+DnjuRp5F69/tfuBOhQHcU6TJG7ANKTiuxRdd6PlKFm4wIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFAYmxmb9HuA+5eQsm43GI0yHQcbKMB8GA1UdIwQY
MBaAFOioUd2uWmTMOIJTlb6aUH2pWrfPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEt
MTEwYzg3OGRjZDI5LzEvQmliR1p2MGU0RDdsNUN5YmpjWWpUSWRCeHNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEtMTEwYzg3OGRjZDI5
LzEvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizB6BAIAATB0AwQDWdAA
AwQDWdA4AwQDWdCAAwQCjeJ4AwQAk+oXAwQDk+xoMAwDBAKT7HQDBAeT7AADBAST
7JADBAST7LADBAK5bFADBAK5lfwDBAK5p2wDBAK5ryADBAK5tGQDBAK5tkwDBAK5
uPQDBAO8v+ADBATZr1AwDQQCAAIwBwMFACoAfEAwDQYJKoZIhvcNAQELBQADggEB
AKff+avSfX0UsOkXvAkMEIqheuGl8zOwKd3OBz1ApmvhjM9YV0yx6tqN/m8Cp3/n
AADC/AXq9oE08eO2b8AY/1M2QMAStEklC+gnSwfW8wmO2IH0Zc0jB5SyfM/+Vk5m
rOCJ/kwaiJ4D748QmqeX1xfE4kZNkTscOSc0bvQOxZPmMygCmmTWeR/bS6bs+vu6
MOkUPREzno4z7GpCDooifDU7r7ojYPurWxkyxL3677cRbDWa8/TXAW4/0AqsxqC1
mNeQOZ0PH1hq2nzebhbAbFHWru6HbmdKvKD9xTnYkD5phNzgZZzmkgxDjb0JRUhK
4l4LZ96eGaIaIXv0kCgI3UY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:30 2024 by rpki-client on console-ams.rpki-client.org