Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/bbHtGhGN6dItD4Kf_xJBANyATeg.roa
File: bbHtGhGN6dItD4Kf_xJBANyATeg.roa (raw, json)
Hash identifier: WHidtoLdZz5DwOoRjyPsQY3d18TGjVteO9Ah0nn0MiI=
Subject key identifier: 6D:B1:ED:1A:11:8D:E9:D2:2D:0F:82:9F:FF:12:41:00:DC:80:4D:E8
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 0186501BA0BC434DFA2FF2546751B49C47FC
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/bbHtGhGN6dItD4Kf_xJBANyATeg.roa
Signing time: Tue 14 Feb 2023 13:27:12 +0000
ROA not before: Tue 14 Feb 2023 13:27:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205647
IP address blocks: 151.240.80.0/21 maxlen: 21
31.56.116.0/24 maxlen: 24
94.182.204.0/24 maxlen: 24
94.182.205.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.204.0/22 maxlen: 22
94.182.207.0/24 maxlen: 24
94.182.217.0/24 maxlen: 24
94.182.226.0/24 maxlen: 24
94.182.228.0/22 maxlen: 22
151.241.224.0/21 maxlen: 21
151.240.168.0/22 maxlen: 22
151.240.192.0/21 maxlen: 21
151.247.214.0/23 maxlen: 23
151.247.216.0/21 maxlen: 21
94.182.41.0/24 maxlen: 24
151.247.224.0/22 maxlen: 22
151.247.240.0/24 maxlen: 24
151.247.241.0/24 maxlen: 24
151.247.248.0/22 maxlen: 22
94.182.72.0/21 maxlen: 21
85.15.49.0/24 maxlen: 24
85.15.48.0/24 maxlen: 24
94.182.97.192/28 maxlen: 28
151.240.240.0/21 maxlen: 21
31.59.12.0/22 maxlen: 22
94.182.8.0/23 maxlen: 23
94.182.12.0/23 maxlen: 23
31.56.64.0/19 maxlen: 19
31.56.96.0/20 maxlen: 20
31.56.0.0/18 maxlen: 18
94.182.116.0/22 maxlen: 22
94.182.114.0/23 maxlen: 23
94.182.120.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:50:1b:a0:bc:43:4d:fa:2f:f2:54:67:51:b4:9c:47:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Feb 14 13:27:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6db1ed1a118de9d22d0f829fff124100dc804de8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e1:f6:44:b0:3f:f3:98:f6:b1:f4:2e:16:27:
04:c2:77:4f:cb:1e:9e:9e:e1:3c:f8:9c:7f:71:71:
62:dc:f6:bb:c0:1c:0d:14:ca:ad:b1:bd:1a:c0:7f:
fc:1a:0e:ce:df:63:ab:25:cf:00:b3:be:97:f9:f5:
e3:c4:33:6c:c7:f8:b7:d3:8c:41:28:0f:2e:0d:c3:
fe:62:e3:dc:f8:27:79:6c:58:f8:19:57:fc:a4:ca:
bb:0f:9d:61:ee:57:74:fb:cf:03:21:a5:4a:71:ce:
3c:7c:a8:2e:56:49:03:37:0c:d3:f7:e4:a5:eb:13:
2b:00:7a:12:de:2d:4d:b8:b6:7c:52:87:f0:d9:c4:
31:07:d1:5b:f4:de:2a:ca:d3:a8:3e:07:0f:88:a1:
e8:88:10:b1:27:f6:c4:48:9d:f5:a7:80:f3:10:4e:
86:68:7a:dc:f8:1e:f0:36:3a:9a:bb:6b:92:a8:bd:
9f:20:a1:01:ed:08:92:4c:b9:88:82:d4:a9:bd:f0:
d7:f6:6c:d7:76:37:07:70:9c:8c:4c:86:03:3e:ab:
21:fc:86:91:68:67:35:c1:ca:cb:3e:ab:9f:33:39:
18:6f:33:f1:a5:dc:62:33:58:b3:5f:6c:1d:1e:68:
f5:5b:08:84:ff:19:0a:6a:be:8e:df:56:23:2b:e7:
f0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:B1:ED:1A:11:8D:E9:D2:2D:0F:82:9F:FF:12:41:00:DC:80:4D:E8
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/bbHtGhGN6dItD4Kf_xJBANyATeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.0.0-31.56.111.255
31.56.116.0/24
31.59.12.0/22
85.15.48.0/23
94.182.8.0/23
94.182.12.0/23
94.182.41.0/24
94.182.72.0/21
94.182.97.192/28
94.182.114.0-94.182.127.255
94.182.204.0/22
94.182.217.0/24
94.182.226.0/24
94.182.228.0/22
151.240.80.0/21
151.240.168.0/22
151.240.192.0/21
151.240.240.0/21
151.241.224.0/21
151.247.214.0-151.247.227.255
151.247.240.0/23
151.247.248.0/22
Signature Algorithm: sha256WithRSAEncryption
59:77:7c:cd:ef:9b:fe:69:ff:25:d7:84:1c:f6:2f:30:4a:90:
ae:c0:25:8b:94:dd:56:2c:e2:cf:d4:74:d9:a7:39:90:5a:60:
42:34:5f:55:a8:99:93:61:ad:cd:e0:79:85:c8:84:ec:b8:df:
32:20:2d:d5:7c:9a:2d:29:ce:14:7f:58:58:2e:5c:a9:4a:3a:
ce:b3:5d:eb:a0:83:2f:61:1e:34:ba:b1:80:f7:de:e3:ef:82:
47:c3:b7:3d:85:b5:7a:ad:c2:d7:44:59:9a:eb:86:5e:cf:bf:
f4:39:54:35:14:f1:58:0f:af:5c:e6:24:d7:5c:f5:66:2b:34:
aa:71:06:22:e5:33:42:bd:c1:81:13:93:fe:72:bb:7a:08:3b:
68:0d:15:e8:a2:55:ca:bf:86:9d:bd:88:72:b4:1a:8a:ae:5f:
c1:0c:63:2e:b7:a9:ef:c7:81:fa:4a:19:8b:4a:59:a7:ae:9f:
f9:09:bc:b2:83:21:e6:1f:b3:7c:6e:40:e9:86:31:7f:65:69:
34:77:7b:d9:94:3d:67:60:57:d5:b4:52:4d:3b:5a:f3:72:e2:
54:0e:8f:72:c1:60:89:2d:7f:30:7f:5a:a8:ee:0e:d1:62:18:
69:78:ed:79:79:50:7d:ca:f6:55:1b:c4:ee:f3:7a:72:e3:f1:
9b:c7:8b:d4
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYZQG6C8Q036L/JUZ1G0nEf8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjMwMjE0MTMyNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGIxZWQxYTExOGRlOWQyMmQwZjgyOWZmZjEyNDEwMGRjODA0ZGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluH2RLA/85j2sfQuFicEwndPyx6e
nuE8+Jx/cXFi3Pa7wBwNFMqtsb0awH/8Gg7O32OrJc8As76X+fXjxDNsx/i304xB
KA8uDcP+YuPc+Cd5bFj4GVf8pMq7D51h7ld0+88DIaVKcc48fKguVkkDNwzT9+Sl
6xMrAHoS3i1NuLZ8Uofw2cQxB9Fb9N4qytOoPgcPiKHoiBCxJ/bESJ31p4DzEE6G
aHrc+B7wNjqau2uSqL2fIKEB7QiSTLmIgtSpvfDX9mzXdjcHcJyMTIYDPqsh/IaR
aGc1wcrLPqufMzkYbzPxpdxiM1izX2wdHmj1WwiE/xkKar6O31YjK+fwEQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFG2x7RoRjenSLQ+Cn/8SQQDcgE3oMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvYmJIdEdoR042ZEl0RDRLZl94SkJBTnlBVGVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwwCwMD
Ax84AwQEHzhgAwQAHzh0AwQCHzsMAwQBVQ8wAwQBXrYIAwQBXrYMAwQAXrYpAwQD
XrZIAwUEXrZhwDAMAwQBXrZyAwQHXrYAAwQCXrbMAwQAXrbZAwQAXrbiAwQCXrbk
AwQDl/BQAwQCl/CoAwQDl/DAAwQDl/DwAwQDl/HgMAwDBAGX99YDBAKX9+ADBAGX
9/ADBAKX9/gwDQYJKoZIhvcNAQELBQADggEBAFl3fM3vm/5p/yXXhBz2LzBKkK7A
JYuU3VYs4s/UdNmnOZBaYEI0X1WomZNhrc3geYXIhOy43zIgLdV8mi0pzhR/WFgu
XKlKOs6zXeuggy9hHjS6sYD33uPvgkfDtz2FtXqtwtdEWZrrhl7Pv/Q5VDUU8VgP
r1zmJNdc9WYrNKpxBiLlM0K9wYETk/5yu3oIO2gNFeiiVcq/hp29iHK0GoquX8EM
Yy63qe/HgfpKGYtKWaeun/kJvLKDIeYfs3xuQOmGMX9laTR3e9mUPWdgV9W0Uk07
WvNy4lQOj3LBYIktfzB/WqjuDtFiGGl47Xl5UH3K9lUbxO7zenLj8ZvHi9Q=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:52 2023 by rpki-client on console-fra.rpki-client.org