Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/Bc57I_wvtEPzT89skni19uVfgWo.roa
File: Bc57I_wvtEPzT89skni19uVfgWo.roa (raw, json)
Hash identifier: 03jj0shjX2NRquSaSx9s77KWTq7lvEz/v5gWo8ZYHWI=
Subject key identifier: 05:CE:7B:23:FC:2F:B4:43:F3:4F:CF:6C:92:78:B5:F6:E5:5F:81:6A
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 018BD2842532EADF80960D4DE865D87E6EBC
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/Bc57I_wvtEPzT89skni19uVfgWo.roa
Signing time: Wed 15 Nov 2023 10:25:57 +0000
ROA not before: Wed 15 Nov 2023 10:25:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8708
IP address blocks: 213.157.189.0/24 maxlen: 24
213.154.100.0/24 maxlen: 24
188.26.128.0/18 maxlen: 24
212.93.128.0/19 maxlen: 24
86.127.54.0/24 maxlen: 24
86.127.59.0/24 maxlen: 24
212.93.143.0/24 maxlen: 24
213.157.160.0/19 maxlen: 24
188.26.224.0/19 maxlen: 24
89.43.180.0/23 maxlen: 24
5.12.0.0/14 maxlen: 24
82.76.0.0/14 maxlen: 24
93.113.40.0/22 maxlen: 24
86.120.0.0/13 maxlen: 24
82.137.16.0/20 maxlen: 24
82.137.32.0/19 maxlen: 24
188.26.0.0/17 maxlen: 24
62.231.120.0/24 maxlen: 24
5.2.128.0/17 maxlen: 24
79.117.0.0/16 maxlen: 24
62.231.64.0/18 maxlen: 24
82.137.0.0/21 maxlen: 24
82.137.0.0/18 maxlen: 24
89.46.12.0/22 maxlen: 24
79.112.0.0/13 maxlen: 24
185.129.36.0/22 maxlen: 22
31.14.104.0/21 maxlen: 24
79.112.0.0/14 maxlen: 24
82.79.10.0/24 maxlen: 24
194.102.80.0/23 maxlen: 24
194.102.81.0/24 maxlen: 24
31.14.192.0/21 maxlen: 24
81.18.64.0/19 maxlen: 24
31.14.224.0/22 maxlen: 24
84.232.128.0/17 maxlen: 24
188.27.0.0/16 maxlen: 24
79.118.0.0/15 maxlen: 24
84.232.149.0/24 maxlen: 24
81.196.0.0/16 maxlen: 24
79.118.155.0/24 maxlen: 24
193.111.232.0/24 maxlen: 24
188.24.0.0/15 maxlen: 24
212.54.96.0/19 maxlen: 24
188.27.120.0/24 maxlen: 24
212.54.122.0/24 maxlen: 24
212.54.123.0/24 maxlen: 24
212.54.120.0/24 maxlen: 24
86.121.222.0/24 maxlen: 24
2a02:2f00::/28 maxlen: 48
2a02:2f09:3100::/48 maxlen: 48
2a03:9c20:1000::/48 maxlen: 48
2a03:9c20:f000::/48 maxlen: 48
2a02:2f0c:8002::/48 maxlen: 48
2a02:2f01:100::/48 maxlen: 48
2a03:9c20::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:84:25:32:ea:df:80:96:0d:4d:e8:65:d8:7e:6e:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Nov 15 10:25:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05ce7b23fc2fb443f34fcf6c9278b5f6e55f816a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:47:4e:80:6c:d6:8a:c4:d3:81:56:d3:0c:d9:
6c:05:55:92:47:37:14:6f:34:6f:89:4a:34:ab:dd:
fc:a0:b9:c4:5b:0d:2f:d3:fd:02:f1:e9:86:20:01:
26:78:ee:5d:0b:45:a4:d3:c3:84:2e:0b:58:89:60:
54:4f:11:b1:58:08:d9:bd:6c:f1:bf:47:45:6f:24:
7d:74:ce:66:f5:58:c6:93:d5:62:b0:c1:98:b4:eb:
a6:b0:2d:01:df:ac:0c:2d:94:16:fa:f7:7b:33:2e:
1f:2a:d6:00:56:03:43:bb:c2:b5:8a:ad:50:d7:85:
b9:b4:9b:12:b1:24:92:2e:fc:fd:94:b4:be:05:0b:
7a:7d:a7:88:0b:c3:a0:1b:8b:a5:23:90:65:5a:73:
d6:69:f4:73:f2:b5:ac:d0:71:ac:89:21:85:ac:4b:
23:f0:3f:af:49:57:18:a5:64:bf:b0:5d:c7:97:50:
8f:a4:36:09:6e:68:d3:41:31:b6:d9:0d:cf:85:7e:
86:73:9a:72:ee:1a:03:4d:1a:9f:60:2a:39:5e:41:
e0:0c:7c:f9:e3:6c:ca:68:21:7e:42:12:23:9f:a9:
0c:35:47:45:03:2d:42:29:01:f9:e0:aa:0a:bc:42:
f5:9f:8a:cf:c3:8e:f7:7b:08:4f:21:ac:3b:2f:e5:
08:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:CE:7B:23:FC:2F:B4:43:F3:4F:CF:6C:92:78:B5:F6:E5:5F:81:6A
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/Bc57I_wvtEPzT89skni19uVfgWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.128.0/17
5.12.0.0/14
31.14.104.0/21
31.14.192.0/21
31.14.224.0/22
62.231.64.0/18
79.112.0.0/13
81.18.64.0/19
81.196.0.0/16
82.76.0.0/14
82.137.0.0/18
84.232.128.0/17
86.120.0.0/13
89.43.180.0/23
89.46.12.0/22
93.113.40.0/22
185.129.36.0/22
188.24.0.0-188.26.191.255
188.26.224.0-188.27.255.255
193.111.232.0/24
194.102.80.0/23
212.54.96.0/19
212.93.128.0/19
213.154.100.0/24
213.157.160.0/19
IPv6:
2a02:2f00::/28
2a03:9c20::/32
Signature Algorithm: sha256WithRSAEncryption
6a:49:36:2d:f9:8e:f3:14:11:66:98:fd:54:f7:65:48:f5:f8:
5b:0e:38:d9:4d:70:50:89:e7:19:fb:8e:ca:3d:f7:a5:e0:94:
3a:18:d3:0e:4e:05:a6:f8:f8:2b:7e:f9:da:07:96:ad:4e:63:
37:08:e3:f4:59:54:4e:3a:21:a6:b1:62:12:8f:e5:03:d3:10:
b2:eb:bd:19:02:a0:39:b6:d5:df:89:d4:67:bb:01:67:b7:6e:
4f:28:cc:63:73:55:f5:54:02:1c:ef:f3:16:61:82:db:a2:8d:
0f:1b:61:3f:ff:b3:1e:9a:af:7c:5b:4d:b5:b5:38:7f:5e:99:
9a:a6:0e:1e:a4:5c:73:93:98:46:e7:8e:f8:4b:9a:3c:c5:ed:
03:67:77:ec:9c:d7:88:bb:be:41:a0:b4:fe:9a:a6:9f:2d:47:
2e:95:85:1f:13:68:e7:5a:c0:0a:95:06:71:c7:60:6f:c9:85:
6d:0e:ca:ec:4f:7c:5e:4f:6c:70:b4:4e:cf:4c:f7:3f:0f:72:
49:a3:04:13:58:5b:0e:2a:08:83:53:3b:9d:6d:bd:19:10:0d:
70:5e:3a:dd:e0:e5:aa:fa:4e:3b:c7:f5:fd:09:e4:ad:f6:b3:
b8:bd:e9:fb:a9:86:8b:03:6e:21:fb:87:79:95:7e:88:a4:2d:
fd:5e:0c:fe
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgISAYvShCUy6t+Alg1N6GXYfm68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjMxMTE1MTAyNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWNlN2IyM2ZjMmZiNDQzZjM0ZmNmNmM5Mjc4YjVmNmU1NWY4MTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEdOgGzWisTTgVbTDNlsBVWSRzcU
bzRviUo0q938oLnEWw0v0/0C8emGIAEmeO5dC0Wk08OELgtYiWBUTxGxWAjZvWzx
v0dFbyR9dM5m9VjGk9VisMGYtOumsC0B36wMLZQW+vd7My4fKtYAVgNDu8K1iq1Q
14W5tJsSsSSSLvz9lLS+BQt6faeIC8OgG4ulI5BlWnPWafRz8rWs0HGsiSGFrEsj
8D+vSVcYpWS/sF3Hl1CPpDYJbmjTQTG22Q3PhX6Gc5py7hoDTRqfYCo5XkHgDHz5
42zKaCF+QhIjn6kMNUdFAy1CKQH54KoKvEL1n4rPw473ewhPIaw7L+UIowIDAQAB
o4ICvTCCArkwHQYDVR0OBBYEFAXOeyP8L7RD80/PbJJ4tfblX4FqMB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEvQmM1N0lfd3Z0RVB6VDg5c2tuaTE5dVZmZ1dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHSBggrBgEFBQcBBwEB/wSBwjCBvzCBpgQCAAEwgZ8DBAcF
AoADAwIFDAMEAx8OaAMEAx8OwAMEAh8O4AMEBj7nQAMDA09wAwQFURJAAwMAUcQD
AwJSTAMEBlKJAAMEB1TogAMDA1Z4AwQBWSu0AwQCWS4MAwQCXXEoAwQCuYEkMAsD
AwO8GAMEBrwagDALAwQFvBrgAwMCvBgDBADBb+gDBAHCZlADBAXUNmADBAXUXYAD
BADVmmQDBAXVnaAwFAQCAAIwDgMFBCoCLwADBQAqA5wgMA0GCSqGSIb3DQEBCwUA
A4IBAQBqSTYt+Y7zFBFmmP1U92VI9fhbDjjZTXBQiecZ+47KPfel4JQ6GNMOTgWm
+PgrfvnaB5atTmM3COP0WVROOiGmsWISj+UD0xCy670ZAqA5ttXfidRnuwFnt25P
KMxjc1X1VAIc7/MWYYLboo0PG2E//7Memq98W021tTh/Xpmapg4epFxzk5hG5474
S5o8xe0DZ3fsnNeIu75BoLT+mqafLUculYUfE2jnWsAKlQZxx2BvyYVtDsrsT3xe
T2xwtE7PTPc/D3JJowQTWFsOKgiDUzudbb0ZEA1wXjrd4OWq+k47x/X9CeSt9rO4
ven7qYaLA24h+4d5lX6IpC39Xgz+
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:17 2024 by rpki-client on console-fra.rpki-client.org