Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/vJpLyVEkNlMCdU-7ALBcqqVrfSE.roa
File: vJpLyVEkNlMCdU-7ALBcqqVrfSE.roa (raw, json)
Hash identifier: tfxuyMYwvM2KFSF5k3eXbX+TTa2TmBiQXo7CyZWnkks=
Subject key identifier: BC:9A:4B:C9:51:24:36:53:02:75:4F:BB:00:B0:5C:AA:A5:6B:7D:21
Certificate issuer: /CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Certificate serial: 0188B9E9C182567DE0A10935029174533068
Authority key identifier: B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/vJpLyVEkNlMCdU-7ALBcqqVrfSE.roa
Signing time: Wed 14 Jun 2023 12:38:04 +0000
ROA not before: Wed 14 Jun 2023 12:38:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57391
IP address blocks: 185.67.101.0/24 maxlen: 24
185.132.82.0/24 maxlen: 24
185.132.80.0/24 maxlen: 24
185.233.14.0/24 maxlen: 24
185.233.13.0/24 maxlen: 24
88.135.44.0/24 maxlen: 24
88.135.43.0/24 maxlen: 24
88.135.42.0/24 maxlen: 24
88.135.41.0/24 maxlen: 24
88.135.40.0/24 maxlen: 24
88.135.47.0/24 maxlen: 24
88.135.46.0/24 maxlen: 24
88.135.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:e9:c1:82:56:7d:e0:a1:09:35:02:91:74:53:30:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Validity
Not Before: Jun 14 12:38:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc9a4bc95124365302754fbb00b05caaa56b7d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:34:6d:d8:d0:5f:89:c0:9f:3c:51:2d:cb:f6:
bc:de:e8:3b:67:ab:4e:42:84:7e:e9:b0:da:e3:34:
4f:71:3d:c8:51:f9:44:bb:c8:95:86:d3:34:c0:6f:
9b:e6:96:d7:26:a0:bf:92:26:fd:e0:c4:00:30:08:
f7:df:22:06:34:1e:6b:e3:ba:23:e3:ee:5d:d4:50:
d0:95:47:e8:4f:0b:03:6d:38:df:b8:12:0b:b1:63:
18:66:83:ee:e8:df:6f:b4:3f:a0:ff:2d:47:c4:85:
f4:b3:70:de:69:fd:c5:cf:00:3c:61:66:5a:ae:2e:
aa:d5:36:31:79:9d:12:52:24:1b:10:5a:e8:9d:77:
cc:37:8b:88:e5:46:32:e4:26:4d:cf:9d:05:11:09:
d7:23:d0:6a:11:fb:bf:19:bf:95:af:31:19:ab:8b:
6f:60:a6:d6:7b:9e:5d:a8:b2:f4:81:7f:2b:1e:31:
3d:d7:39:4a:a0:45:c1:06:20:93:9e:79:8a:3c:14:
31:95:15:3a:e2:41:b4:03:2d:04:0f:0c:ca:ce:a1:
b3:3b:3c:41:1d:98:91:ad:32:ba:36:7a:5b:77:dd:
e8:58:86:71:f1:69:33:4a:83:94:20:12:29:2c:e7:
b6:a4:8f:f3:1d:03:f4:c7:be:7a:a4:e3:8d:60:ee:
1e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:9A:4B:C9:51:24:36:53:02:75:4F:BB:00:B0:5C:AA:A5:6B:7D:21
X509v3 Authority Key Identifier:
keyid:B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/vJpLyVEkNlMCdU-7ALBcqqVrfSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.40.0/21
185.67.101.0/24
185.132.80.0/24
185.132.82.0/24
185.233.13.0-185.233.14.255
Signature Algorithm: sha256WithRSAEncryption
2b:d2:93:13:e3:61:3b:74:34:0d:85:d7:65:de:4d:7a:de:b4:
cf:27:15:4b:7a:eb:a6:61:56:fa:3b:67:11:98:df:d1:ae:87:
1a:b9:1c:aa:99:68:5c:d1:4b:b7:c0:0c:78:bd:49:76:25:7b:
6d:5b:a1:d3:e7:05:73:9b:b8:ff:1d:cf:4f:b6:ff:7d:90:e1:
f9:fb:21:c6:50:b8:2f:c0:90:e0:f1:26:b7:ae:bf:e7:36:8e:
d2:5a:e3:a6:45:57:1c:9e:a9:ed:cc:b6:ad:56:f5:bb:68:2a:
c5:95:bd:62:cc:33:97:6f:73:08:91:cf:1c:ae:54:62:d5:0e:
32:5b:3a:91:3d:a7:a7:ed:78:cc:ae:e0:8e:94:ab:6a:b6:4f:
d7:90:39:d1:c5:c2:9e:db:b2:6f:00:ee:34:73:6c:e8:6b:d4:
0a:68:37:77:c5:bc:5c:5d:b3:81:00:a9:91:e9:aa:b0:ed:a7:
34:e0:db:68:a4:53:4c:fc:23:24:7d:dc:1f:80:1a:a2:19:fc:
63:91:8b:2f:c8:12:e9:5a:c5:09:66:8e:fa:cd:46:5c:fc:b5:
fb:a6:93:a8:0f:5c:9a:95:49:93:98:c6:c5:7d:2a:bf:39:9c:
fd:72:83:b8:72:cb:26:bb:98:7d:f6:b6:a9:8a:a0:da:05:27:
3c:6b:d6:10
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYi56cGCVn3goQk1ApF0UzBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZDE0MTE4ZGJkMjI3Mjk4ZGFhODBjN2FjYWIxMWVlYTZk
NjNlMjEwHhcNMjMwNjE0MTIzODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzlhNGJjOTUxMjQzNjUzMDI3NTRmYmIwMGIwNWNhYWE1NmI3ZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTRt2NBficCfPFEty/a83ug7Z6tO
QoR+6bDa4zRPcT3IUflEu8iVhtM0wG+b5pbXJqC/kib94MQAMAj33yIGNB5r47oj
4+5d1FDQlUfoTwsDbTjfuBILsWMYZoPu6N9vtD+g/y1HxIX0s3Deaf3FzwA8YWZa
ri6q1TYxeZ0SUiQbEFronXfMN4uI5UYy5CZNz50FEQnXI9BqEfu/Gb+VrzEZq4tv
YKbWe55dqLL0gX8rHjE91zlKoEXBBiCTnnmKPBQxlRU64kG0Ay0EDwzKzqGzOzxB
HZiRrTK6Nnpbd93oWIZx8WkzSoOUIBIpLOe2pI/zHQP0x756pOONYO4eXQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLyaS8lRJDZTAnVPuwCwXKqla30hMB8GA1UdIwQY
MBaAFLbRQRjb0icpjaqAx6yrEe6m1j4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMt
MGUzN2UxMWQwZWMzLzEvdkpwTHlWRWtObE1DZFUtN0FMQmNxcVZyZlNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMtMGUzN2UxMWQwZWMz
LzEvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDWIcoAwQA
uUNlAwQAuYRQAwQAuYRSMAwDBAC56Q0DBAC56Q4wDQYJKoZIhvcNAQELBQADggEB
ACvSkxPjYTt0NA2F12XeTXretM8nFUt666ZhVvo7ZxGY39Guhxq5HKqZaFzRS7fA
DHi9SXYle21bodPnBXObuP8dz0+2/32Q4fn7IcZQuC/AkODxJreuv+c2jtJa46ZF
Vxyeqe3Mtq1W9btoKsWVvWLMM5dvcwiRzxyuVGLVDjJbOpE9p6fteMyu4I6Uq2q2
T9eQOdHFwp7bsm8A7jRzbOhr1ApoN3fFvFxds4EAqZHpqrDtpzTg22ikU0z8IyR9
3B+AGqIZ/GORiy/IEulaxQlmjvrNRlz8tfumk6gPXJqVSZOYxsV9Kr85nP1yg7hy
yya7mH32tqmKoNoFJzxr1hA=
Generated at Sat Sep 9 09:59:34 2023 by rpki-client on console-fra.rpki-client.org