Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/CSdYebCebMsJgjghoL7Eqr7UsVM.roa
File: CSdYebCebMsJgjghoL7Eqr7UsVM.roa (raw, json)
Hash identifier: F6QI3ou60iFuZE5voh0g21vj23HIE0x3zFiL6GhDQqE=
Subject key identifier: 09:27:58:79:B0:9E:6C:CB:09:82:38:21:A0:BE:C4:AA:BE:D4:B1:53
Certificate issuer: /CN=bfc470e9b58e557ea8c1dbedaeb9c6a5fc455125
Certificate serial: 0185A13815A360F2AA18CDBDAD174E564F91
Authority key identifier: BF:C4:70:E9:B5:8E:55:7E:A8:C1:DB:ED:AE:B9:C6:A5:FC:45:51:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v8Rw6bWOVX6owdvtrrnGpfxFUSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/CSdYebCebMsJgjghoL7Eqr7UsVM.roa
Signing time: Wed 11 Jan 2023 14:24:45 +0000
ROA not before: Wed 11 Jan 2023 14:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57112
IP address blocks: 185.103.236.0/22 maxlen: 22
185.87.104.0/22 maxlen: 22
185.38.152.0/22 maxlen: 22
185.87.116.0/22 maxlen: 22
185.33.152.0/22 maxlen: 22
81.30.64.0/20 maxlen: 20
45.84.40.0/22 maxlen: 24
185.23.140.0/22 maxlen: 22
185.72.160.0/22 maxlen: 22
185.82.192.0/22 maxlen: 22
45.92.224.0/22 maxlen: 22
45.91.56.0/22 maxlen: 22
185.236.16.0/22 maxlen: 22
217.76.16.0/20 maxlen: 20
217.76.16.0/21 maxlen: 21
217.76.24.0/21 maxlen: 21
31.177.32.0/21 maxlen: 21
185.133.108.0/22 maxlen: 22
5.104.112.0/20 maxlen: 20
185.87.156.0/22 maxlen: 22
185.70.236.0/22 maxlen: 22
86.111.208.0/22 maxlen: 22
185.113.172.0/22 maxlen: 22
185.192.144.0/22 maxlen: 22
2a0e:9680::/29 maxlen: 29
2a0a:4980::/29 maxlen: 29
2a0e:c40::/29 maxlen: 29
2a03:ea40::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 04 Feb 2023 08:33:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a1:38:15:a3:60:f2:aa:18:cd:bd:ad:17:4e:56:4f:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfc470e9b58e557ea8c1dbedaeb9c6a5fc455125
Validity
Not Before: Jan 11 14:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09275879b09e6ccb09823821a0bec4aabed4b153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f9:5d:50:fb:7f:3b:f5:d9:e6:2c:95:12:c5:
bf:25:a9:a7:f0:a7:31:30:84:ac:bc:d2:7d:8e:8a:
06:fb:56:20:d7:28:02:b8:d6:02:74:df:9a:7c:c9:
2a:62:85:73:cc:3b:6c:2c:f6:b2:4c:9a:8d:d5:8d:
ea:d4:72:bf:8a:b0:80:5f:75:b9:55:d4:69:45:83:
dd:79:8c:64:6d:00:a4:6d:6d:38:0b:85:76:58:9b:
64:05:e1:d3:6c:9e:2d:3f:29:e8:6f:07:15:c6:7f:
d3:d1:47:08:78:b6:eb:27:0c:1d:b0:e4:7f:af:7d:
fe:f1:bf:dd:af:b1:02:4a:3a:c8:40:b1:60:31:db:
eb:8b:49:f5:94:63:bf:47:20:20:d9:40:b7:26:c1:
f9:c8:f2:13:5d:1d:37:c8:52:cb:7e:e8:63:6b:48:
27:fc:f5:5a:f4:43:e6:b6:8f:94:a4:0a:3e:fd:21:
f8:b7:c5:aa:dd:e5:0b:02:2a:20:49:a1:af:7d:13:
ba:a1:19:2d:3c:83:21:b0:2d:03:a4:73:10:78:e2:
29:e5:76:be:8e:3a:f8:02:31:78:e7:a2:d8:ac:8e:
64:fb:fd:47:51:aa:4f:84:d5:af:f2:7c:3b:80:99:
4d:f9:7a:c4:9a:38:73:0b:78:1f:1f:c4:01:37:28:
96:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:27:58:79:B0:9E:6C:CB:09:82:38:21:A0:BE:C4:AA:BE:D4:B1:53
X509v3 Authority Key Identifier:
keyid:BF:C4:70:E9:B5:8E:55:7E:A8:C1:DB:ED:AE:B9:C6:A5:FC:45:51:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v8Rw6bWOVX6owdvtrrnGpfxFUSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/CSdYebCebMsJgjghoL7Eqr7UsVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/v8Rw6bWOVX6owdvtrrnGpfxFUSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.112.0/20
31.177.32.0/21
45.84.40.0/22
45.91.56.0/22
45.92.224.0/22
81.30.64.0/20
86.111.208.0/22
185.23.140.0/22
185.33.152.0/22
185.38.152.0/22
185.70.236.0/22
185.72.160.0/22
185.82.192.0/22
185.87.104.0/22
185.87.116.0/22
185.87.156.0/22
185.103.236.0/22
185.113.172.0/22
185.133.108.0/22
185.192.144.0/22
185.236.16.0/22
217.76.16.0/20
IPv6:
2a03:ea40::/32
2a0a:4980::/29
2a0e:c40::/29
2a0e:9680::/29
Signature Algorithm: sha256WithRSAEncryption
71:dc:e7:bb:4f:96:eb:29:f9:52:18:84:4c:62:96:94:90:c8:
67:20:39:f2:ab:55:fb:5b:47:b0:f6:c9:3a:fa:8f:18:2d:84:
b1:f2:94:c8:f2:b8:9c:e7:7b:8a:2c:bf:82:b0:d4:3e:6a:88:
ee:9a:86:99:cb:3e:f9:29:87:a9:8c:e5:0f:11:ad:cc:67:51:
2e:fc:4f:cb:60:21:dd:8c:22:eb:b4:09:eb:c4:01:f3:2e:91:
2c:26:90:c2:5f:8c:bc:0d:31:a3:d7:2d:b7:65:29:0b:13:88:
bd:1b:25:95:9b:22:de:00:12:d0:75:e4:60:d7:bf:4a:00:4a:
69:76:89:4b:d4:33:64:e9:e7:c5:5e:94:b8:f4:f2:90:26:0c:
53:d1:05:c6:85:45:52:d8:4b:4b:0a:2a:8a:6a:f4:ba:71:a8:
3a:57:59:b7:fa:fc:c5:32:06:c5:46:50:d1:64:f7:bc:85:88:
17:a0:4a:8b:09:28:64:c2:63:97:80:cf:7d:aa:3f:b0:e0:6d:
93:ec:29:c0:e7:5b:50:b3:fd:4a:32:21:32:8f:0c:cd:60:c1:
41:3a:8d:3e:4c:19:31:c9:a1:aa:04:fa:7c:63:05:6e:5c:d9:
ec:36:17:8b:cc:dd:42:8f:c5:b9:04:32:76:b4:fe:41:c7:19:
60:c4:26:e5
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYWhOBWjYPKqGM29rRdOVk+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYzQ3MGU5YjU4ZTU1N2VhOGMxZGJlZGFlYjljNmE1ZmM0
NTUxMjUwHhcNMjMwMTExMTQyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTI3NTg3OWIwOWU2Y2NiMDk4MjM4MjFhMGJlYzRhYWJlZDRiMTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvldUPt/O/XZ5iyVEsW/Jamn8Kcx
MISsvNJ9jooG+1Yg1ygCuNYCdN+afMkqYoVzzDtsLPayTJqN1Y3q1HK/irCAX3W5
VdRpRYPdeYxkbQCkbW04C4V2WJtkBeHTbJ4tPynobwcVxn/T0UcIeLbrJwwdsOR/
r33+8b/dr7ECSjrIQLFgMdvri0n1lGO/RyAg2UC3JsH5yPITXR03yFLLfuhja0gn
/PVa9EPmto+UpAo+/SH4t8Wq3eULAiogSaGvfRO6oRktPIMhsC0DpHMQeOIp5Xa+
jjr4AjF456LYrI5k+/1HUapPhNWv8nw7gJlN+XrEmjhzC3gfH8QBNyiWGQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFAknWHmwnmzLCYI4IaC+xKq+1LFTMB8GA1UdIwQY
MBaAFL/EcOm1jlV+qMHb7a65xqX8RVElMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjhSdzZiV09WWDZvd2R2dHJybkdwZnhGVVNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yN2IzOWItMDQ0OS00YzY0LWJhNzkt
YTJhYTY1NDBmODc1LzEvQ1NkWWViQ2ViTXNKZ2pnaG9MN0VxcjdVc1ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8yN2IzOWItMDQ0OS00YzY0LWJhNzktYTJhYTY1NDBmODc1
LzEvdjhSdzZiV09WWDZvd2R2dHJybkdwZnhGVVNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBiwQCAAEwgYQDBAQF
aHADBAMfsSADBAItVCgDBAItWzgDBAItXOADBARRHkADBAJWb9ADBAK5F4wDBAK5
IZgDBAK5JpgDBAK5RuwDBAK5SKADBAK5UsADBAK5V2gDBAK5V3QDBAK5V5wDBAK5
Z+wDBAK5cawDBAK5hWwDBAK5wJADBAK57BADBATZTBAwIgQCAAIwHAMFACoD6kAD
BQMqCkmAAwUDKg4MQAMFAyoOloAwDQYJKoZIhvcNAQELBQADggEBAHHc57tPlusp
+VIYhExilpSQyGcgOfKrVftbR7D2yTr6jxgthLHylMjyuJzne4osv4Kw1D5qiO6a
hpnLPvkph6mM5Q8RrcxnUS78T8tgId2MIuu0CevEAfMukSwmkMJfjLwNMaPXLbdl
KQsTiL0bJZWbIt4AEtB15GDXv0oASml2iUvUM2Tp58VelLj08pAmDFPRBcaFRVLY
S0sKKopq9LpxqDpXWbf6/MUyBsVGUNFk97yFiBegSosJKGTCY5eAz32qP7DgbZPs
KcDnW1Cz/UoyITKPDM1gwUE6jT5MGTHJoaoE+nxjBW5c2ew2F4vM3UKPxbkEMna0
/kHHGWDEJuU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:26 2024 by rpki-client on console-fra.rpki-client.org