Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/G2hOImdNEGDlRQm-dqf320DPZq8.roa
File: G2hOImdNEGDlRQm-dqf320DPZq8.roa (raw, json)
Hash identifier: Zl1Ws5dvZlh/edG6nDJPzN+7m4WTOwhyRVrCgQOyql4=
Subject key identifier: 1B:68:4E:22:67:4D:10:60:E5:45:09:BE:76:A7:F7:DB:40:CF:66:AF
Certificate issuer: /CN=bfe3971a32c0692c4e342e911790662470cf31b2
Certificate serial: 018D45BF45988F6C6D5CD718C384873AA66E
Authority key identifier: BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/G2hOImdNEGDlRQm-dqf320DPZq8.roa
Signing time: Fri 26 Jan 2024 12:29:39 +0000
ROA not before: Fri 26 Jan 2024 12:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201814
IP address blocks: 5.181.188.0/22 maxlen: 22
5.181.189.0/24 maxlen: 24
91.223.3.0/24 maxlen: 24
95.214.52.0/22 maxlen: 23
146.19.24.0/24 maxlen: 24
185.16.36.0/22 maxlen: 24
193.34.212.0/22 maxlen: 22
195.3.220.0/22 maxlen: 22
195.3.222.0/24 maxlen: 24
212.23.222.0/24 maxlen: 24
2a03:cfc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 25 Jun 2024 09:35:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:bf:45:98:8f:6c:6d:5c:d7:18:c3:84:87:3a:a6:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe3971a32c0692c4e342e911790662470cf31b2
Validity
Not Before: Jan 26 12:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b684e22674d1060e54509be76a7f7db40cf66af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e1:f5:da:b7:d6:aa:88:5b:87:d9:90:d7:12:
3e:7f:fe:55:31:49:97:04:4a:4e:cd:70:c3:c2:4b:
42:ad:9a:b8:0c:88:36:a4:5f:99:0e:d4:77:de:b8:
27:09:c9:1d:e2:0c:91:29:08:0c:f6:d3:d3:9c:d9:
2d:60:95:b2:6d:7d:19:7b:7c:33:fc:ef:ed:99:7b:
0c:b4:ba:35:f6:35:55:ac:0e:81:e2:42:63:a8:65:
74:ae:60:81:56:d1:b1:b1:65:16:20:a4:c3:80:5c:
61:ff:89:fa:2b:24:e4:06:e3:12:99:a3:71:fb:f5:
95:f0:7c:f8:64:76:a4:15:8c:8e:7e:62:36:d2:e0:
3d:e2:e1:5c:81:2f:77:6e:f4:5c:25:6a:8e:bd:aa:
11:e6:9a:5b:1e:75:5d:50:90:5f:38:7d:e2:fe:c1:
32:37:68:f8:98:ba:7a:59:1d:14:b5:38:95:05:83:
82:97:1f:ba:63:1c:0b:b6:33:8d:2c:44:eb:59:16:
0d:fc:2d:06:8f:b6:05:f6:4b:2a:99:83:ec:08:c0:
77:d2:6f:ab:3a:d6:35:77:1a:48:d0:23:c4:76:91:
8a:4b:0c:1f:70:4a:b8:00:d7:f4:63:5d:fd:f1:88:
3f:f8:9a:1c:a4:fb:46:c2:ef:1d:db:a0:d7:13:7f:
84:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:68:4E:22:67:4D:10:60:E5:45:09:BE:76:A7:F7:DB:40:CF:66:AF
X509v3 Authority Key Identifier:
keyid:BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/G2hOImdNEGDlRQm-dqf320DPZq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.188.0/22
91.223.3.0/24
95.214.52.0/22
146.19.24.0/24
185.16.36.0/22
193.34.212.0/22
195.3.220.0/22
212.23.222.0/24
IPv6:
2a03:cfc0::/32
Signature Algorithm: sha256WithRSAEncryption
10:af:86:30:39:a8:4f:65:a4:9c:39:09:7b:10:98:5d:6c:6c:
3e:c9:77:47:2a:b8:ca:b4:b9:b8:af:65:4e:80:ce:6e:9c:74:
ac:f7:54:e1:bc:d7:9f:ef:62:23:35:c8:d6:34:9d:84:62:9b:
31:c3:a9:7c:b2:0b:27:9a:4e:de:29:c5:9a:0b:11:7c:c6:cb:
87:06:73:35:a7:e5:ec:7d:97:df:4d:cf:41:69:60:9b:25:bc:
d9:04:3a:28:17:d5:6d:2c:77:de:42:05:e0:ed:18:5f:9f:24:
f4:69:e6:d5:9a:bd:7b:46:38:5b:ce:70:da:94:2b:9a:1f:43:
05:7b:62:ad:d5:2c:c4:90:54:15:b6:07:03:0e:c8:10:cc:e9:
bf:62:bd:35:28:ef:a2:04:58:2f:bc:ad:7c:c7:c3:e3:6d:7b:
4c:7a:4c:28:b7:59:f1:fc:c5:2f:f8:1e:98:34:ce:58:7e:a4:
5c:ea:f0:bb:2a:2d:fc:36:cd:c6:48:8e:87:a3:5f:c4:6f:76:
f3:a2:b8:90:e6:33:cf:2a:c3:f4:04:7d:0d:3d:fe:a1:ea:c3:
19:a1:27:b8:f0:d3:01:b2:17:02:c0:12:c0:a1:97:f6:64:8b:
c6:b9:e6:5e:1f:5e:ab:90:f0:5c:16:b8:86:a6:e9:18:c7:71:
1f:62:4d:92
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY1Fv0WYj2xtXNcYw4SHOqZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTM5NzFhMzJjMDY5MmM0ZTM0MmU5MTE3OTA2NjI0NzBj
ZjMxYjIwHhcNMjQwMTI2MTIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjY4NGUyMjY3NGQxMDYwZTU0NTA5YmU3NmE3ZjdkYjQwY2Y2NmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+H12rfWqohbh9mQ1xI+f/5VMUmX
BEpOzXDDwktCrZq4DIg2pF+ZDtR33rgnCckd4gyRKQgM9tPTnNktYJWybX0Ze3wz
/O/tmXsMtLo19jVVrA6B4kJjqGV0rmCBVtGxsWUWIKTDgFxh/4n6KyTkBuMSmaNx
+/WV8Hz4ZHakFYyOfmI20uA94uFcgS93bvRcJWqOvaoR5ppbHnVdUJBfOH3i/sEy
N2j4mLp6WR0UtTiVBYOClx+6YxwLtjONLETrWRYN/C0Gj7YF9ksqmYPsCMB30m+r
OtY1dxpI0CPEdpGKSwwfcEq4ANf0Y1398Yg/+JocpPtGwu8d26DXE3+EAQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFBtoTiJnTRBg5UUJvnan99tAz2avMB8GA1UdIwQY
MBaAFL/jlxoywGksTjQukReQZiRwzzGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUt
YzRkY2M3ZjZiN2RmLzEvRzJoT0ltZE5FR0RsUlFtLWRxZjMyMERQWnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUtYzRkY2M3ZjZiN2Rm
LzEvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCBbW8AwQA
W98DAwQCX9Y0AwQAkhMYAwQCuRAkAwQCwSLUAwQCwwPcAwQA1BfeMA0EAgACMAcD
BQAqA8/AMA0GCSqGSIb3DQEBCwUAA4IBAQAQr4YwOahPZaScOQl7EJhdbGw+yXdH
KrjKtLm4r2VOgM5unHSs91ThvNef72IjNcjWNJ2EYpsxw6l8sgsnmk7eKcWaCxF8
xsuHBnM1p+XsfZffTc9BaWCbJbzZBDooF9VtLHfeQgXg7RhfnyT0aebVmr17Rjhb
znDalCuaH0MFe2Kt1SzEkFQVtgcDDsgQzOm/Yr01KO+iBFgvvK18x8PjbXtMekwo
t1nx/MUv+B6YNM5YfqRc6vC7Ki38Ns3GSI6Ho1/Eb3bzoriQ5jPPKsP0BH0NPf6h
6sMZoSe48NMBshcCwBLAoZf2ZIvGueZeH16rkPBcFriGpukYx3EfYk2S
-----END CERTIFICATE-----
Generated at Tue Jun 25 13:08:03 2024 by rpki-client on console-ams.rpki-client.org