Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/By6KME2c_EjOdEaus-37KU5PISo.roa
File: By6KME2c_EjOdEaus-37KU5PISo.roa (raw, json)
Hash identifier: znbnRmsBRd6AIeBDkI3ijiGW0jsyPG77GrfZOgxGVig=
Subject key identifier: 07:2E:8A:30:4D:9C:FC:48:CE:74:46:AE:B3:ED:FB:29:4E:4F:21:2A
Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Certificate serial: 01876FA1D74D4CC94118433F8B0E814AAA6F
Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/By6KME2c_EjOdEaus-37KU5PISo.roa
Signing time: Tue 11 Apr 2023 09:24:50 +0000
ROA not before: Tue 11 Apr 2023 09:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39401
IP address blocks: 85.217.232.0/24 maxlen: 24
85.217.233.0/24 maxlen: 24
85.217.230.0/24 maxlen: 24
85.217.231.0/24 maxlen: 24
85.217.228.0/24 maxlen: 24
85.217.229.0/24 maxlen: 24
85.217.227.0/24 maxlen: 24
85.217.240.0/22 maxlen: 24
85.217.240.0/24 maxlen: 24
85.217.237.0/24 maxlen: 24
85.217.235.0/24 maxlen: 24
85.217.236.0/24 maxlen: 24
85.217.234.0/24 maxlen: 24
85.217.244.0/23 maxlen: 24
85.217.244.0/24 maxlen: 24
85.217.245.0/24 maxlen: 24
85.217.242.0/24 maxlen: 24
85.217.243.0/24 maxlen: 24
85.217.241.0/24 maxlen: 24
85.217.246.0/24 maxlen: 24
85.217.251.0/24 maxlen: 24
85.217.250.0/23 maxlen: 23
85.217.249.0/24 maxlen: 24
85.217.250.0/24 maxlen: 24
85.217.248.0/24 maxlen: 24
85.217.248.0/23 maxlen: 23
85.217.247.0/24 maxlen: 24
85.217.225.0/24 maxlen: 24
85.217.226.0/24 maxlen: 24
85.217.224.0/24 maxlen: 24
85.217.224.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6f:a1:d7:4d:4c:c9:41:18:43:3f:8b:0e:81:4a:aa:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Validity
Not Before: Apr 11 09:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=072e8a304d9cfc48ce7446aeb3edfb294e4f212a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d4:6b:06:6f:c0:d8:12:8e:cb:b2:fa:af:8b:
1e:96:0c:47:71:a0:8a:4f:1c:7a:a4:24:40:30:64:
a6:69:37:e8:42:55:6c:bc:fa:02:dd:3b:94:53:e9:
1b:de:71:fe:e4:c4:0b:e1:a4:1b:c2:e6:d5:23:26:
13:9e:4c:a0:2c:b1:f6:5c:bf:54:14:1c:f8:b0:4d:
ff:05:b3:dc:eb:1b:63:1f:76:74:64:9b:6d:9c:54:
89:8b:a8:13:ed:b7:82:14:16:be:60:1a:ff:48:29:
f2:f9:03:ab:d9:5a:72:c0:59:3f:e7:c2:a7:ff:17:
a4:14:e4:cc:28:dd:a5:f3:89:16:00:24:6b:57:a3:
ab:78:3d:4e:51:5d:81:92:e7:22:a7:f4:c0:9d:f8:
7f:26:03:93:cb:93:e9:e4:c8:49:d6:08:42:ec:3a:
55:94:72:14:97:98:95:ee:3a:b2:6f:6e:e4:9c:7e:
e0:5f:5e:89:b6:90:c8:b9:fc:e2:3c:1a:cb:9c:41:
c4:9c:a1:a6:df:da:fe:c9:b9:20:e7:30:02:fd:e5:
0e:b7:de:40:c7:6a:b9:cd:b6:b1:cb:f6:ff:cf:e0:
4d:74:bd:15:97:a8:29:00:ac:b4:e3:17:fd:b9:94:
16:38:19:a3:f8:74:c8:03:77:ae:ff:fd:03:a5:cd:
38:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:2E:8A:30:4D:9C:FC:48:CE:74:46:AE:B3:ED:FB:29:4E:4F:21:2A
X509v3 Authority Key Identifier:
keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/By6KME2c_EjOdEaus-37KU5PISo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.224.0-85.217.251.255
Signature Algorithm: sha256WithRSAEncryption
73:ab:bd:5e:67:a0:7e:62:da:a5:89:28:54:b3:45:4e:e2:1f:
5b:c5:4f:6c:ea:48:56:e3:f3:ef:1c:cb:6d:c2:df:86:0a:89:
48:44:50:e1:44:15:a4:27:76:44:23:0e:e9:8e:1b:81:23:64:
fa:28:93:5c:ad:64:83:46:2e:3d:36:84:2d:65:ac:08:10:88:
2d:39:aa:b3:d8:b2:d3:56:0e:71:80:aa:8b:95:84:ff:87:1a:
95:46:8e:68:2d:64:77:f5:71:71:10:ed:83:e9:c2:9b:d9:f0:
45:fe:5e:60:55:ad:c4:84:bf:a3:40:bd:30:f7:11:53:4a:46:
d5:3a:15:26:38:bc:ce:58:ed:8a:77:9b:69:7b:b1:84:eb:3f:
e1:6c:38:de:25:64:99:e3:e9:2b:5d:82:2c:cd:b7:01:f5:5c:
a5:1f:da:7f:d4:47:32:35:b8:73:81:21:84:4a:63:b2:68:c8:
61:e8:d1:19:1c:1a:45:ef:35:4b:e2:4c:8c:9b:19:7d:03:81:
88:fc:75:31:9c:9c:c8:08:4b:34:ef:e9:09:00:4e:0a:6f:da:
46:d1:97:ee:f0:2b:b7:0f:ca:cf:9b:d1:0a:d4:a9:80:65:95:
36:bf:9c:32:d5:80:02:e9:52:99:fd:d4:f1:e1:0e:34:60:4f:
a9:c5:25:fc
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYdvoddNTMlBGEM/iw6BSqpvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey
NTY4MTMwHhcNMjMwNDExMDkyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzJlOGEzMDRkOWNmYzQ4Y2U3NDQ2YWViM2VkZmIyOTRlNGYyMTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltRrBm/A2BKOy7L6r4selgxHcaCK
Txx6pCRAMGSmaTfoQlVsvPoC3TuUU+kb3nH+5MQL4aQbwubVIyYTnkygLLH2XL9U
FBz4sE3/BbPc6xtjH3Z0ZJttnFSJi6gT7beCFBa+YBr/SCny+QOr2VpywFk/58Kn
/xekFOTMKN2l84kWACRrV6OreD1OUV2Bkucip/TAnfh/JgOTy5Pp5MhJ1ghC7DpV
lHIUl5iV7jqyb27knH7gX16JtpDIufziPBrLnEHEnKGm39r+ybkg5zAC/eUOt95A
x2q5zbaxy/b/z+BNdL0Vl6gpAKy04xf9uZQWOBmj+HTIA3eu//0Dpc04gwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAcuijBNnPxIznRGrrPt+ylOTyEqMB8GA1UdIwQY
MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt
NjRkMjljODZiZjNlLzEvQnk2S01FMmNfRWpPZEVhdXMtMzdLVTVQSVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl
LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVV2eAD
BAJV2fgwDQYJKoZIhvcNAQELBQADggEBAHOrvV5noH5i2qWJKFSzRU7iH1vFT2zq
SFbj8+8cy23C34YKiUhEUOFEFaQndkQjDumOG4EjZPook1ytZINGLj02hC1lrAgQ
iC05qrPYstNWDnGAqouVhP+HGpVGjmgtZHf1cXEQ7YPpwpvZ8EX+XmBVrcSEv6NA
vTD3EVNKRtU6FSY4vM5Y7Yp3m2l7sYTrP+FsON4lZJnj6StdgizNtwH1XKUf2n/U
RzI1uHOBIYRKY7JoyGHo0RkcGkXvNUviTIybGX0DgYj8dTGcnMgISzTv6QkATgpv
2kbRl+7wK7cPys+b0QrUqYBllTa/nDLVgALpUpn91PHhDjRgT6nFJfw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:39 2024 by rpki-client on console-ams.rpki-client.org