Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Bh2pVHDlvnOMYh3qXeA7TG1hWTo.roa
File: Bh2pVHDlvnOMYh3qXeA7TG1hWTo.roa (raw, json)
Hash identifier: R+4GenwCU7oc5ARDR0JenO2Se+repRFa32TqSqR4ll8=
Subject key identifier: 06:1D:A9:54:70:E5:BE:73:8C:62:1D:EA:5D:E0:3B:4C:6D:61:59:3A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0188EA7502DD870A8B88144414FA6DBFC657
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Bh2pVHDlvnOMYh3qXeA7TG1hWTo.roa
Signing time: Fri 23 Jun 2023 22:51:56 +0000
ROA not before: Fri 23 Jun 2023 22:51:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 194.50.94.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
193.163.85.0/24 maxlen: 24
193.163.86.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
45.131.184.0/22 maxlen: 24
77.81.50.0/23 maxlen: 24
185.232.117.0/24 maxlen: 24
45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a04:ccc6::/32 maxlen: 48
2a0e:97c3:110::/44 maxlen: 48
2a10:ccc0:420::/44 maxlen: 48
2a0c:3b80::/32 maxlen: 48
2a04:ccc7::/32 maxlen: 48
2a04:ccc4::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a10:2f00:193::/48 maxlen: 48
2a04:ccc5::/32 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a10:cc45:130::/44 maxlen: 44
2a0c:3b83::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a04:ccc1::/32 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a04:ccc3::/32 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate revoked on Sat 24 Jun 2023 14:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ea:75:02:dd:87:0a:8b:88:14:44:14:fa:6d:bf:c6:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 23 22:51:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=061da95470e5be738c621dea5de03b4c6d61593a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d8:04:64:3c:a1:99:f5:b3:4c:76:2c:66:0e:
ba:81:62:f9:3d:00:76:b1:59:c0:ca:2f:6e:74:68:
5d:5f:a1:ad:cb:c8:af:86:98:b7:fc:ac:aa:96:db:
49:eb:ee:63:c6:dd:13:a9:7f:ad:85:0c:89:c3:77:
fc:48:23:ac:7d:a6:2f:72:50:d9:30:73:96:7c:dd:
e3:82:ef:5a:c2:31:b8:a9:45:b5:7a:5d:40:7f:1d:
ef:4a:e2:bb:90:95:2a:0a:1f:76:59:95:b4:5c:17:
76:f5:1c:41:87:79:13:9c:63:60:7a:b5:6d:ac:21:
47:31:26:73:df:3b:cb:ad:af:be:77:ab:02:88:2b:
f9:2f:d3:44:4c:63:c9:3c:0a:c0:53:13:74:48:c9:
a9:cc:e4:fc:03:c1:56:19:3e:1b:01:35:71:18:b0:
52:e7:71:52:66:b0:17:6f:82:66:b9:7c:53:a9:24:
a2:04:4e:87:e7:8a:e8:46:7f:83:d5:e6:b4:f8:aa:
32:66:4d:08:12:b7:e6:1e:bc:bb:21:4e:ee:22:0e:
19:2f:be:ab:eb:68:73:84:25:2c:23:22:40:0e:06:
7a:82:55:41:a8:bd:16:f0:0a:b4:ae:9d:10:4d:df:
0a:08:c1:51:13:ae:ef:ef:f6:9f:4b:9f:77:55:f4:
d3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:1D:A9:54:70:E5:BE:73:8C:62:1D:EA:5D:E0:3B:4C:6D:61:59:3A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Bh2pVHDlvnOMYh3qXeA7TG1hWTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.131.184.0/22
45.136.136.0/22
77.81.50.0/23
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
185.232.117.0/24
193.163.85.0-193.163.86.255
194.50.92.0/24
194.50.94.0/24
IPv6:
2a04:ccc1::/32
2a04:ccc3::-2a04:ccc7:ffff:ffff:ffff:ffff:ffff:ffff
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:170::/48
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:100::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:2f00:193::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
2a10:ccc0:420::/44
Signature Algorithm: sha256WithRSAEncryption
a0:f4:f9:60:83:9f:03:80:9b:46:49:1b:5d:bc:45:27:87:40:
9e:2c:41:be:bc:df:2e:c7:f4:bb:05:27:c0:59:ce:8f:76:c0:
73:2c:25:8c:e0:48:ae:59:21:b4:a9:16:b3:7a:0d:01:ef:88:
83:02:f4:e6:8d:93:4c:fb:8f:e9:b7:0c:a6:56:2c:25:7e:a4:
6e:6d:18:a2:a5:75:94:3c:66:b6:86:2d:99:8c:af:19:d1:5e:
83:1a:d8:a8:55:bc:7d:7f:6f:ee:c2:42:ab:af:d2:0d:48:69:
75:0a:91:d0:f1:a1:cf:de:19:c3:c2:32:2c:2f:1e:51:bb:ad:
e5:39:dd:67:59:a4:7f:ba:9f:e0:ca:36:54:4b:c0:25:41:c5:
f6:29:a8:73:dc:0c:79:f4:09:d4:ba:a4:72:2f:c9:2e:2f:31:
70:ea:1e:cb:2b:ea:f1:45:b8:41:45:7b:a3:00:77:13:80:22:
f3:2d:8f:16:67:e6:99:34:25:43:9b:93:6c:60:47:40:4e:f2:
9b:de:3c:31:65:70:c7:4a:40:63:d4:74:14:d0:3d:5a:65:e7:
5d:c1:5d:27:9c:4b:86:ca:4d:14:1e:ae:07:70:ea:61:ef:40:
96:ea:90:4f:0e:d1:1f:25:73:0c:71:c7:4f:29:7c:72:69:55:
b6:76:fd:55
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgISAYjqdQLdhwqLiBREFPptv8ZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNjIzMjI1MTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjFkYTk1NDcwZTViZTczOGM2MjFkZWE1ZGUwM2I0YzZkNjE1OTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntgEZDyhmfWzTHYsZg66gWL5PQB2
sVnAyi9udGhdX6Gty8ivhpi3/KyqlttJ6+5jxt0TqX+thQyJw3f8SCOsfaYvclDZ
MHOWfN3jgu9awjG4qUW1el1Afx3vSuK7kJUqCh92WZW0XBd29RxBh3kTnGNgerVt
rCFHMSZz3zvLra++d6sCiCv5L9NETGPJPArAUxN0SMmpzOT8A8FWGT4bATVxGLBS
53FSZrAXb4JmuXxTqSSiBE6H54roRn+D1ea0+KoyZk0IErfmHry7IU7uIg4ZL76r
62hzhCUsIyJADgZ6glVBqL0W8Aq0rp0QTd8KCMFRE67v7/afS593VfTT9wIDAQAB
o4IDLDCCAygwHQYDVR0OBBYEFAYdqVRw5b5zjGId6l3gO0xtYVk6MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQmgycFZIRGx2bk9NWWgzcVhlQTdURzFoV1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQAYIKwYBBQUHAQcBAf8EggEvMIIBKzBQBAIAATBKAwQA
Hyq3AwQCLYO4AwQCLYiIAwQBTVEyAwQAVcrLAwQAXrF6AwQCixxgAwQAueh1MAwD
BADBo1UDBADBo1YDBADCMlwDBADCMl4wgdYEAgACMIHPAwUAKgTMwTAOAwUAKgTM
wwMFAyoEzMADBQMqCQTAMA4DBQcqDDuAAwUAKgw7hgMHACoOl8ABcAMHBCoOl8AB
0AMHBCoOl8ACYAMGACoOl8ECAwcEKg6XwwEQAwcEKg6XxAEAAwcEKg6XxAEgAwcA
Kg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcDKg6xByHAAwcAKg/kBAECAwcAKhAv
AAGNAwcAKhAvAAGPAwcAKhAvAAGTAwcEKhDMQAJQAwcEKhDMRQEwAwcEKhDMwAQg
MA0GCSqGSIb3DQEBCwUAA4IBAQCg9Plgg58DgJtGSRtdvEUnh0CeLEG+vN8ux/S7
BSfAWc6PdsBzLCWM4EiuWSG0qRazeg0B74iDAvTmjZNM+4/ptwymViwlfqRubRii
pXWUPGa2hi2ZjK8Z0V6DGtioVbx9f2/uwkKrr9INSGl1CpHQ8aHP3hnDwjIsLx5R
u63lOd1nWaR/up/gyjZUS8AlQcX2Kahz3Ax59AnUuqRyL8kuLzFw6h7LK+rxRbhB
RXujAHcTgCLzLY8WZ+aZNCVDm5NsYEdATvKb3jwxZXDHSkBj1HQU0D1aZeddwV0n
nEuGyk0UHq4HcOph70CW6pBPDtEfJXMMccdPKXxyaVW2dv1V
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:56 2024 by rpki-client on console-ams.rpki-client.org