Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/_BeK-QUAhwxlXyKqsHzvxHcjHkw.roa
File: _BeK-QUAhwxlXyKqsHzvxHcjHkw.roa (raw, json)
Hash identifier: tVzvM2udRhaELLvR9u9a3MsG9xzST3RqR9DhWsLy0Fo=
Subject key identifier: FC:17:8A:F9:05:00:87:0C:65:5F:22:AA:B0:7C:EF:C4:77:23:1E:4C
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 0186263D7F47C52E5403882241690CF5E7F4
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/_BeK-QUAhwxlXyKqsHzvxHcjHkw.roa
Signing time: Mon 06 Feb 2023 10:20:09 +0000
ROA not before: Mon 06 Feb 2023 10:20:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42473
IP address blocks: 185.228.148.0/22 maxlen: 22
37.235.4.0/24 maxlen: 24
37.235.3.0/24 maxlen: 24
37.235.5.0/24 maxlen: 24
185.2.176.0/22 maxlen: 32
144.208.192.0/18 maxlen: 32
144.208.205.0/24 maxlen: 24
144.208.206.0/24 maxlen: 24
144.208.212.0/22 maxlen: 32
144.208.207.0/24 maxlen: 24
178.255.152.0/21 maxlen: 32
94.16.125.0/24 maxlen: 24
94.16.126.0/24 maxlen: 24
193.33.114.0/23 maxlen: 32
176.123.54.0/23 maxlen: 23
213.227.160.0/19 maxlen: 32
194.1.206.0/24 maxlen: 32
185.116.97.0/24 maxlen: 24
185.116.98.0/24 maxlen: 24
185.116.96.0/24 maxlen: 24
185.116.99.0/24 maxlen: 24
217.146.0.0/19 maxlen: 24
188.172.249.0/24 maxlen: 24
188.172.247.0/24 maxlen: 24
188.172.254.0/24 maxlen: 24
45.132.61.0/24 maxlen: 24
45.132.62.0/23 maxlen: 24
188.172.192.0/18 maxlen: 32
185.81.209.0/24 maxlen: 24
188.172.208.0/24 maxlen: 24
188.65.72.0/21 maxlen: 32
37.252.226.0/24 maxlen: 24
37.252.224.0/19 maxlen: 32
37.252.234.0/24 maxlen: 24
37.252.243.0/24 maxlen: 24
37.252.253.0/24 maxlen: 24
37.252.251.0/24 maxlen: 24
185.50.232.0/23 maxlen: 23
185.50.235.0/24 maxlen: 24
144.208.216.0/24 maxlen: 24
144.208.219.0/24 maxlen: 24
144.208.217.0/24 maxlen: 24
144.208.226.0/24 maxlen: 24
144.208.224.0/24 maxlen: 24
144.208.225.0/24 maxlen: 24
144.208.223.0/24 maxlen: 24
144.208.221.0/24 maxlen: 24
144.208.222.0/24 maxlen: 24
144.208.228.0/24 maxlen: 24
2a00:11c0:66::/48 maxlen: 48
2a00:11c0:dc::/48 maxlen: 48
2a00:11c0::/32 maxlen: 128
2a01:aea0:dd1::/48 maxlen: 48
2a00:11c0:19::/48 maxlen: 48
2a00:11c0:42::/48 maxlen: 48
2a00:11c0:dd::/48 maxlen: 48
2a00:11c0:96::/48 maxlen: 48
2a00:11c0:9a::/48 maxlen: 48
2a01:aea0::/40 maxlen: 40
2a01:aea0::/32 maxlen: 32
2a00:11c0:43::/48 maxlen: 48
2a00:11c0:83::/48 maxlen: 48
2a00:11c0:86::/48 maxlen: 48
2a00:11c0:97::/48 maxlen: 48
2a00:11c0:4a::/48 maxlen: 48
2a00:11c0:de::/48 maxlen: 48
2a01:aea0:df1::/48 maxlen: 48
2a00:11c0:98::/48 maxlen: 48
2a00:11c0:29::/48 maxlen: 48
2a00:11c0:84::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 15 Feb 2023 11:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:26:3d:7f:47:c5:2e:54:03:88:22:41:69:0c:f5:e7:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Feb 6 10:20:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc178af90500870c655f22aab07cefc477231e4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:fc:66:a6:ff:47:10:52:81:9f:1c:7b:a9:f4:
e9:12:74:f2:dd:1d:c4:5d:9a:cf:91:e2:8a:fa:5a:
9b:5c:2f:0a:37:e6:5a:01:40:3b:8f:e9:e5:83:a8:
4d:48:a0:89:37:64:e7:0a:6f:d0:ab:5e:29:a5:6a:
f4:9a:73:f7:70:9d:59:16:a5:87:e3:b0:5b:62:80:
9d:42:aa:b2:ee:48:ca:ee:35:7c:61:71:55:5e:59:
b5:13:55:10:2b:4b:41:36:01:75:2b:0f:a6:27:e5:
f6:82:12:26:c6:bd:63:3c:06:2e:1f:60:dc:52:2b:
96:c3:5a:5b:9b:3e:aa:fa:cc:ef:b2:18:6e:6c:db:
b5:48:f1:2d:1e:c2:4c:07:fd:f3:91:83:b1:1a:71:
d0:e5:b3:54:51:07:ac:31:af:67:6d:e7:d7:93:5a:
bb:fe:50:fc:ea:c6:81:43:b7:1b:f6:0d:60:99:42:
c5:29:0f:0c:e2:7f:54:56:f3:fd:d9:71:75:cb:24:
f6:96:47:a8:3f:19:28:be:04:fe:cb:8c:dc:20:63:
6e:c2:97:04:a9:fc:4f:d5:bd:8a:ad:a5:ff:95:1e:
0f:e5:7d:4e:94:22:80:d5:ae:32:c3:eb:5e:39:49:
bb:77:2b:45:90:97:ad:97:d9:fb:71:ca:7a:48:bd:
ca:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:17:8A:F9:05:00:87:0C:65:5F:22:AA:B0:7C:EF:C4:77:23:1E:4C
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/_BeK-QUAhwxlXyKqsHzvxHcjHkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.3.0-37.235.5.255
37.252.224.0/19
45.132.61.0-45.132.63.255
94.16.125.0-94.16.126.255
144.208.192.0/18
176.123.54.0/23
178.255.152.0/21
185.2.176.0/22
185.50.232.0/23
185.50.235.0/24
185.81.209.0/24
185.116.96.0/22
185.228.148.0/22
188.65.72.0/21
188.172.192.0/18
193.33.114.0/23
194.1.206.0/24
213.227.160.0/19
217.146.0.0/19
IPv6:
2a00:11c0::/32
2a01:aea0::/32
Signature Algorithm: sha256WithRSAEncryption
46:ae:91:68:90:3e:85:76:01:ff:92:e0:51:da:24:06:6c:29:
2a:27:ff:a4:10:18:1a:1b:bf:5e:29:bb:c9:ce:79:8a:c5:e7:
b0:45:43:fc:e3:74:d4:2a:6b:a6:94:f3:0a:28:aa:cf:1c:b5:
9b:ea:03:18:73:a2:e2:53:01:6e:f1:14:f7:16:39:47:89:2d:
d5:f6:35:34:4d:82:e6:64:85:8e:66:a7:4a:b7:5b:22:ee:fc:
d6:c0:61:0d:be:32:a3:5e:ce:7d:99:97:6e:ee:5b:c3:40:b5:
26:2a:9d:2f:7e:a5:ae:49:02:4e:fc:c4:35:f7:dd:fc:92:bd:
cd:74:61:8e:10:57:ec:1b:0c:f5:6e:2f:28:88:46:6d:cf:44:
f7:da:95:c8:4c:68:b5:28:62:88:20:4e:1c:8c:8e:0a:ee:52:
a0:40:1e:54:3f:5b:47:25:f9:da:5a:2c:13:cb:a4:ff:13:c3:
1e:b5:85:d7:2c:9a:27:5e:11:27:dc:74:49:67:ba:f0:e9:00:
de:d8:56:2a:6f:3e:e7:70:3d:77:2e:0d:3a:08:e7:9e:49:92:
c6:f3:de:44:1d:74:7a:e1:e9:d0:0c:09:43:7b:3a:74:a5:1a:
b1:93:51:e7:39:98:bc:14:98:cc:b5:6f:96:52:ed:e0:42:94:
0e:a6:c6:3a
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYYmPX9HxS5UA4giQWkM9ef0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjMwMjA2MTAyMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzE3OGFmOTA1MDA4NzBjNjU1ZjIyYWFiMDdjZWZjNDc3MjMxZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPxmpv9HEFKBnxx7qfTpEnTy3R3E
XZrPkeKK+lqbXC8KN+ZaAUA7j+nlg6hNSKCJN2TnCm/Qq14ppWr0mnP3cJ1ZFqWH
47BbYoCdQqqy7kjK7jV8YXFVXlm1E1UQK0tBNgF1Kw+mJ+X2ghImxr1jPAYuH2Dc
UiuWw1pbmz6q+szvshhubNu1SPEtHsJMB/3zkYOxGnHQ5bNUUQesMa9nbefXk1q7
/lD86saBQ7cb9g1gmULFKQ8M4n9UVvP92XF1yyT2lkeoPxkovgT+y4zcIGNuwpcE
qfxP1b2KraX/lR4P5X1OlCKA1a4yw+teOUm7dytFkJetl9n7ccp6SL3KUQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFPwXivkFAIcMZV8iqrB878R3Ix5MMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvX0JlSy1RVUFod3hsWHlLcXNIenZ4SGNqSGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBkQQCAAEwgYowDAME
ACXrAwMEASXrBAMEBSX84DAMAwQALYQ9AwQGLYQAMAwDBABeEH0DBABeEH4DBAaQ
0MADBAGwezYDBAOy/5gDBAK5ArADBAG5MugDBAC5MusDBAC5UdEDBAK5dGADBAK5
5JQDBAO8QUgDBAa8rMADBAHBIXIDBADCAc4DBAXV46ADBAXZkgAwFAQCAAIwDgMF
ACoAEcADBQAqAa6gMA0GCSqGSIb3DQEBCwUAA4IBAQBGrpFokD6FdgH/kuBR2iQG
bCkqJ/+kEBgaG79eKbvJznmKxeewRUP843TUKmumlPMKKKrPHLWb6gMYc6LiUwFu
8RT3FjlHiS3V9jU0TYLmZIWOZqdKt1si7vzWwGENvjKjXs59mZdu7lvDQLUmKp0v
fqWuSQJO/MQ19938kr3NdGGOEFfsGwz1bi8oiEZtz0T32pXITGi1KGKIIE4cjI4K
7lKgQB5UP1tHJfnaWiwTy6T/E8MetYXXLJonXhEn3HRJZ7rw6QDe2FYqbz7ncD13
Lg06COeeSZLG895EHXR64enQDAlDezp0pRqxk1HnOZi8FJjMtW+WUu3gQpQOpsY6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:14 2024 by rpki-client on console-fra.rpki-client.org