Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/c547b8-99ab-42f1-a6cc-bc665bb21686/1/bHePCy19bGx9H_DBZUl3yOHW9ag.roa
File: bHePCy19bGx9H_DBZUl3yOHW9ag.roa (raw, json)
Hash identifier: XhoeU2ZtS97ZX7uan2GmC6urE2sKWiN9tkhqgSA2IFs=
Subject key identifier: 6C:77:8F:0B:2D:7D:6C:6C:7D:1F:F0:C1:65:49:77:C8:E1:D6:F5:A8
Certificate issuer: /CN=eb554c44046c36439a919738942f31fa756b6911
Certificate serial: 018D7E2D026E3790D2299ED61710B3AA72A8
Authority key identifier: EB:55:4C:44:04:6C:36:43:9A:91:97:38:94:2F:31:FA:75:6B:69:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/61VMRARsNkOakZc4lC8x-nVraRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/c547b8-99ab-42f1-a6cc-bc665bb21686/1/bHePCy19bGx9H_DBZUl3yOHW9ag.roa
Signing time: Tue 06 Feb 2024 11:28:15 +0000
ROA not before: Tue 06 Feb 2024 11:28:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15682
IP address blocks: 212.74.224.0/19 maxlen: 19
212.74.224.0/21 maxlen: 21
212.74.229.0/24 maxlen: 24
212.74.231.0/24 maxlen: 24
212.74.232.0/21 maxlen: 21
212.74.233.0/24 maxlen: 24
212.74.235.0/24 maxlen: 24
212.74.237.0/24 maxlen: 24
212.74.240.0/21 maxlen: 21
212.74.248.0/21 maxlen: 21
212.74.253.0/24 maxlen: 24
212.74.254.0/24 maxlen: 24
2a01:5f40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 06 Feb 2024 20:08:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7e:2d:02:6e:37:90:d2:29:9e:d6:17:10:b3:aa:72:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb554c44046c36439a919738942f31fa756b6911
Validity
Not Before: Feb 6 11:28:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c778f0b2d7d6c6c7d1ff0c1654977c8e1d6f5a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:18:bd:52:64:f4:33:1e:15:0b:38:77:a2:d8:
68:8c:2b:13:9e:f9:34:45:6e:47:db:5a:5d:ac:9c:
32:e3:73:ab:05:f8:e3:af:53:cc:52:ad:74:ad:34:
02:a8:31:bc:7f:e9:93:b2:31:dd:af:a2:59:ae:ed:
2b:19:ac:ae:15:2b:2a:77:c8:c3:19:09:2d:e1:9b:
77:1c:89:ff:db:ef:55:26:15:12:3e:7e:90:7b:8c:
1a:b9:6d:a2:c5:fe:42:da:9b:57:c7:35:9a:91:fc:
ee:32:0f:c3:7d:5a:e9:5c:d6:3b:23:7c:fd:a3:0e:
82:13:63:be:1e:be:83:b2:6c:9f:27:74:11:09:26:
1a:a8:2c:89:8a:14:cf:cb:dd:a8:81:7a:96:01:0b:
19:f5:4d:60:69:7c:ac:39:33:80:66:21:36:21:ee:
76:00:c7:4f:a8:d4:c4:e4:23:d9:49:5c:64:ec:10:
36:7d:f4:14:cb:03:61:dc:63:d4:42:17:40:17:d6:
56:90:80:cb:67:68:ef:36:da:ff:67:67:da:4e:e0:
ab:77:b2:b8:a8:6b:63:2f:ec:0b:73:08:d3:a8:fc:
7a:83:06:0b:6f:a5:5a:7a:84:de:4d:a1:35:25:7c:
a5:61:55:b3:42:08:7c:fb:cc:bc:be:12:c5:ba:24:
22:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:77:8F:0B:2D:7D:6C:6C:7D:1F:F0:C1:65:49:77:C8:E1:D6:F5:A8
X509v3 Authority Key Identifier:
keyid:EB:55:4C:44:04:6C:36:43:9A:91:97:38:94:2F:31:FA:75:6B:69:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/61VMRARsNkOakZc4lC8x-nVraRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/c547b8-99ab-42f1-a6cc-bc665bb21686/1/bHePCy19bGx9H_DBZUl3yOHW9ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/c547b8-99ab-42f1-a6cc-bc665bb21686/1/61VMRARsNkOakZc4lC8x-nVraRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.74.224.0/19
IPv6:
2a01:5f40::/32
Signature Algorithm: sha256WithRSAEncryption
03:c5:57:89:c5:e2:1d:61:89:67:ec:70:90:2f:b7:c0:24:97:
9b:0c:47:ed:0f:f4:27:02:7a:a8:a3:7f:73:23:c6:e2:51:90:
98:1c:50:b1:48:f0:f2:e9:fe:87:c4:2e:4e:10:fd:89:3a:b1:
a8:f2:b8:ec:de:3b:1f:e4:5b:fb:a6:0e:73:2c:0d:65:d1:cf:
e1:6e:3e:bb:8d:ac:b4:5c:ca:f4:58:1e:ce:c4:47:51:06:0c:
ab:5c:84:a3:05:43:1f:c0:05:b0:70:63:a2:a1:c5:a3:37:3d:
52:2f:0c:94:00:ed:42:a6:89:fa:21:4c:b3:09:5b:eb:ef:7a:
61:ea:c3:95:07:f2:89:bd:17:6d:27:5d:99:b7:33:f1:04:1c:
e0:59:54:86:05:35:b2:83:6c:99:ba:4b:19:34:f2:15:3c:2c:
82:68:0b:dc:31:f0:76:e5:a0:a6:90:ad:b5:a4:9c:3a:d5:07:
ab:76:e5:e5:8c:70:a2:bd:13:75:e2:7f:3c:9f:87:b8:58:3d:
6b:b9:ad:9e:3b:0f:1b:80:9c:fe:2d:b9:b7:b1:eb:d0:b3:22:
0a:7d:be:ee:d2:50:f0:37:57:c6:fa:9a:6b:ca:39:6d:a1:5c:
30:97:f2:a2:02:9a:da:f5:c1:f2:0b:8a:af:d4:cd:a5:69:3f:
2c:8f:f1:6b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1+LQJuN5DSKZ7WFxCzqnKoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViNTU0YzQ0MDQ2YzM2NDM5YTkxOTczODk0MmYzMWZhNzU2
YjY5MTEwHhcNMjQwMjA2MTEyODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzc3OGYwYjJkN2Q2YzZjN2QxZmYwYzE2NTQ5NzdjOGUxZDZmNWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhi9UmT0Mx4VCzh3othojCsTnvk0
RW5H21pdrJwy43OrBfjjr1PMUq10rTQCqDG8f+mTsjHdr6JZru0rGayuFSsqd8jD
GQkt4Zt3HIn/2+9VJhUSPn6Qe4wauW2ixf5C2ptXxzWakfzuMg/DfVrpXNY7I3z9
ow6CE2O+Hr6DsmyfJ3QRCSYaqCyJihTPy92ogXqWAQsZ9U1gaXysOTOAZiE2Ie52
AMdPqNTE5CPZSVxk7BA2ffQUywNh3GPUQhdAF9ZWkIDLZ2jvNtr/Z2faTuCrd7K4
qGtjL+wLcwjTqPx6gwYLb6VaeoTeTaE1JXylYVWzQgh8+8y8vhLFuiQiQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGx3jwstfWxsfR/wwWVJd8jh1vWoMB8GA1UdIwQY
MBaAFOtVTEQEbDZDmpGXOJQvMfp1a2kRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjFWTVJBUnNOa09ha1pjNGxDOHgtblZyYVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9jNTQ3YjgtOTlhYi00MmYxLWE2Y2Mt
YmM2NjViYjIxNjg2LzEvYkhlUEN5MTliR3g5SF9EQlpVbDN5T0hXOWFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9jNTQ3YjgtOTlhYi00MmYxLWE2Y2MtYmM2NjViYjIxNjg2
LzEvNjFWTVJBUnNOa09ha1pjNGxDOHgtblZyYVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1ErgMA0E
AgACMAcDBQAqAV9AMA0GCSqGSIb3DQEBCwUAA4IBAQADxVeJxeIdYYln7HCQL7fA
JJebDEftD/QnAnqoo39zI8biUZCYHFCxSPDy6f6HxC5OEP2JOrGo8rjs3jsf5Fv7
pg5zLA1l0c/hbj67jay0XMr0WB7OxEdRBgyrXISjBUMfwAWwcGOiocWjNz1SLwyU
AO1Cpon6IUyzCVvr73ph6sOVB/KJvRdtJ12ZtzPxBBzgWVSGBTWyg2yZuksZNPIV
PCyCaAvcMfB25aCmkK21pJw61QerduXljHCivRN14n88n4e4WD1rua2eOw8bgJz+
Lbm3sevQsyIKfb7u0lDwN1fG+ppryjltoVwwl/KiApra9cHyC4qv1M2laT8sj/Fr
-----END CERTIFICATE-----
Generated at Wed Feb 7 00:16:53 2024 by rpki-client on console-ams.rpki-client.org