Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/Bf86YTcsVdqX8x89ZKz2Z2QWbzo.roa
File: Bf86YTcsVdqX8x89ZKz2Z2QWbzo.roa (raw, json)
Hash identifier: PoO0qAoMv3TnY0x99N0WG2Umylcgfbd2MO5pW66hhWA=
Subject key identifier: 05:FF:3A:61:37:2C:55:DA:97:F3:1F:3D:64:AC:F6:67:64:16:6F:3A
Certificate issuer: /CN=b7f646de414072fc1ab76b1b2c9e08b9bd21a843
Certificate serial: 018CC72762B5B4DFAA367E92C9DD1C0A3140
Authority key identifier: B7:F6:46:DE:41:40:72:FC:1A:B7:6B:1B:2C:9E:08:B9:BD:21:A8:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/Bf86YTcsVdqX8x89ZKz2Z2QWbzo.roa
Signing time: Mon 01 Jan 2024 22:31:36 +0000
ROA not before: Mon 01 Jan 2024 22:31:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56485
IP address blocks: 194.113.32.0/24 maxlen: 24
185.252.24.0/22 maxlen: 22
88.151.12.0/24 maxlen: 24
176.114.0.0/22 maxlen: 22
176.114.4.0/22 maxlen: 22
45.154.116.0/22 maxlen: 22
176.114.8.0/22 maxlen: 22
176.114.12.0/22 maxlen: 22
194.113.58.0/24 maxlen: 24
91.234.32.0/22 maxlen: 22
37.72.129.0/24 maxlen: 24
185.166.216.0/22 maxlen: 22
91.247.189.0/24 maxlen: 24
88.218.188.0/22 maxlen: 22
194.110.248.0/24 maxlen: 24
194.110.254.0/24 maxlen: 24
77.87.127.0/24 maxlen: 24
188.93.118.0/24 maxlen: 24
185.230.88.0/22 maxlen: 22
91.223.180.0/24 maxlen: 24
2a0f:c100::/29 maxlen: 48
2a11:1280::/29 maxlen: 48
2a0c:f00::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Jan 2024 14:08:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:62:b5:b4:df:aa:36:7e:92:c9:dd:1c:0a:31:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7f646de414072fc1ab76b1b2c9e08b9bd21a843
Validity
Not Before: Jan 1 22:31:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05ff3a61372c55da97f31f3d64acf66764166f3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9b:b2:94:af:03:5a:ed:26:0c:a6:3b:92:e7:
9f:2e:52:e2:63:5a:3f:73:bf:a2:87:da:bf:2e:09:
dc:57:48:a6:2e:0c:f7:a3:76:1c:76:56:59:cd:d2:
dd:52:d1:66:f2:20:4b:42:30:98:aa:5f:b8:c7:0b:
5a:11:09:48:cd:c2:bc:d4:5d:31:f2:b5:c2:f1:df:
12:77:24:c0:59:9f:69:8a:9b:c0:17:cb:36:de:7b:
f8:7d:ae:f5:4f:8f:15:03:8d:67:7b:02:bd:2b:68:
25:a9:e8:ae:75:54:10:ab:d8:48:fd:2b:5e:bf:18:
73:a0:67:9f:13:7a:03:f9:bd:50:d2:5a:01:b5:60:
3c:dc:fc:09:53:cc:d5:8b:c8:2f:60:df:77:6b:17:
3c:8f:05:93:c8:9f:7f:e7:dd:bf:16:0c:2f:91:64:
c1:93:28:af:55:36:8b:a6:1d:aa:ab:8f:07:66:1b:
ca:bb:91:26:69:92:d9:28:29:4f:31:04:14:5d:66:
af:89:06:a0:87:8c:3f:7a:39:4b:f0:9f:04:ba:04:
ca:59:ac:6c:fc:ea:8c:3b:31:61:1d:8c:24:24:01:
b1:6e:15:e3:bd:ba:da:4e:25:2e:db:dd:0d:17:ba:
dc:e5:31:56:51:50:06:5c:16:a2:91:29:15:e1:88:
f6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:FF:3A:61:37:2C:55:DA:97:F3:1F:3D:64:AC:F6:67:64:16:6F:3A
X509v3 Authority Key Identifier:
keyid:B7:F6:46:DE:41:40:72:FC:1A:B7:6B:1B:2C:9E:08:B9:BD:21:A8:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/Bf86YTcsVdqX8x89ZKz2Z2QWbzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.129.0/24
45.154.116.0/22
77.87.127.0/24
88.151.12.0/24
88.218.188.0/22
91.223.180.0/24
91.234.32.0/22
91.247.189.0/24
176.114.0.0/20
185.166.216.0/22
185.230.88.0/22
185.252.24.0/22
188.93.118.0/24
194.110.248.0/24
194.110.254.0/24
194.113.32.0/24
194.113.58.0/24
IPv6:
2a0c:f00::/29
2a0f:c100::/29
2a11:1280::/29
Signature Algorithm: sha256WithRSAEncryption
36:51:b2:e1:39:eb:ed:c7:9d:14:6a:e8:c4:99:aa:91:43:71:
9a:e0:34:5a:e2:4b:65:41:b9:45:eb:c8:73:be:a2:c2:43:90:
ef:e9:4b:b0:8f:6c:5f:e9:7d:2d:f6:06:a1:95:be:65:0c:f2:
0a:25:67:e2:9d:36:d7:5f:fb:76:e6:fe:81:16:aa:c6:fb:6a:
68:60:34:fa:d0:84:0a:e1:69:a0:a6:e0:e1:de:73:98:83:7e:
e6:d1:64:99:d6:91:0b:ea:c7:c1:70:7a:46:82:e4:3b:9d:b5:
ee:2d:94:97:82:39:ec:5f:c0:c5:71:5b:c6:38:ac:c2:0f:c5:
c2:bc:15:62:8d:80:3d:60:de:02:1c:13:9a:35:d9:15:b0:be:
50:89:85:b0:59:15:52:8e:08:b0:7a:78:7a:98:58:99:d1:32:
32:fb:18:50:ee:35:60:44:04:e7:7e:2b:05:33:6f:7a:20:19:
86:7d:c9:a9:a5:ff:60:7c:93:f4:e9:03:e0:06:a4:c6:a2:47:
fe:d5:68:c9:37:d0:5c:de:6f:0c:ec:52:94:5f:c4:af:5e:a7:
a6:20:eb:46:22:6e:1e:80:e8:49:04:99:27:aa:ec:69:1e:6a:
c8:b3:76:db:49:0f:d3:52:35:52:6d:bc:48:2b:08:56:8d:3a:
97:86:18:60
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAYzHJ2K1tN+qNn6Syd0cCjFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZjY0NmRlNDE0MDcyZmMxYWI3NmIxYjJjOWUwOGI5YmQy
MWE4NDMwHhcNMjQwMTAxMjIzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWZmM2E2MTM3MmM1NWRhOTdmMzFmM2Q2NGFjZjY2NzY0MTY2ZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZuylK8DWu0mDKY7kuefLlLiY1o/
c7+ih9q/LgncV0imLgz3o3YcdlZZzdLdUtFm8iBLQjCYql+4xwtaEQlIzcK81F0x
8rXC8d8SdyTAWZ9pipvAF8s23nv4fa71T48VA41newK9K2glqeiudVQQq9hI/Ste
vxhzoGefE3oD+b1Q0loBtWA83PwJU8zVi8gvYN93axc8jwWTyJ9/592/FgwvkWTB
kyivVTaLph2qq48HZhvKu5EmaZLZKClPMQQUXWaviQagh4w/ejlL8J8EugTKWaxs
/OqMOzFhHYwkJAGxbhXjvbraTiUu290NF7rc5TFWUVAGXBaikSkV4Yj2jQIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFAX/OmE3LFXal/MfPWSs9mdkFm86MB8GA1UdIwQY
MBaAFLf2Rt5BQHL8GrdrGyyeCLm9IahDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdF9aRzNrRkFjdndhdDJzYkxKNEl1YjBocUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9lMmY5ZmYtYzQ2MC00MGEyLWEzNTct
NzdlZjg3YTczZTEzLzEvQmY4NllUY3NWZHFYOHg4OVpLejJaMlFXYnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9lMmY5ZmYtYzQ2MC00MGEyLWEzNTctNzdlZjg3YTczZTEz
LzEvdF9aRzNrRkFjdndhdDJzYkxKNEl1YjBocUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizBsBAIAATBmAwQAJUiB
AwQCLZp0AwQATVd/AwQAWJcMAwQCWNq8AwQAW9+0AwQCW+ogAwQAW/e9AwQEsHIA
AwQCuabYAwQCueZYAwQCufwYAwQAvF12AwQAwm74AwQAwm7+AwQAwnEgAwQAwnE6
MBsEAgACMBUDBQMqDA8AAwUDKg/BAAMFAyoREoAwDQYJKoZIhvcNAQELBQADggEB
ADZRsuE56+3HnRRq6MSZqpFDcZrgNFriS2VBuUXryHO+osJDkO/pS7CPbF/pfS32
BqGVvmUM8golZ+KdNtdf+3bm/oEWqsb7amhgNPrQhArhaaCm4OHec5iDfubRZJnW
kQvqx8FwekaC5Dudte4tlJeCOexfwMVxW8Y4rMIPxcK8FWKNgD1g3gIcE5o12RWw
vlCJhbBZFVKOCLB6eHqYWJnRMjL7GFDuNWBEBOd+KwUzb3ogGYZ9yaml/2B8k/Tp
A+AGpMaiR/7VaMk30FzebwzsUpRfxK9ep6Yg60Yibh6A6EkEmSeq7GkeasizdttJ
D9NSNVJtvEgrCFaNOpeGGGA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:34 2024 by rpki-client on console-fra.rpki-client.org