Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/XwIY5afoZiHZ_CpDy_8Ox9IFRN0.roa
File: XwIY5afoZiHZ_CpDy_8Ox9IFRN0.roa (raw, json)
Hash identifier: DQf9tymJd4Hi6goLbsaIf9jP9UwkMU7XSvSYHRR5hlg=
Subject key identifier: 5F:02:18:E5:A7:E8:66:21:D9:FC:2A:43:CB:FF:0E:C7:D2:05:44:DD
Certificate issuer: /CN=bfc470e9b58e557ea8c1dbedaeb9c6a5fc455125
Certificate serial: 01861B8ED0989E50971E18AA728EBD2EAED4
Authority key identifier: BF:C4:70:E9:B5:8E:55:7E:A8:C1:DB:ED:AE:B9:C6:A5:FC:45:51:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v8Rw6bWOVX6owdvtrrnGpfxFUSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/XwIY5afoZiHZ_CpDy_8Ox9IFRN0.roa
Signing time: Sat 04 Feb 2023 08:33:09 +0000
ROA not before: Sat 04 Feb 2023 08:33:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57112
IP address blocks: 185.103.236.0/22 maxlen: 22
185.87.104.0/22 maxlen: 22
185.38.152.0/22 maxlen: 22
185.87.116.0/22 maxlen: 22
185.33.152.0/22 maxlen: 22
81.30.64.0/20 maxlen: 20
45.84.40.0/22 maxlen: 24
185.23.140.0/22 maxlen: 22
185.72.160.0/22 maxlen: 22
185.82.192.0/22 maxlen: 22
45.92.224.0/22 maxlen: 22
45.91.56.0/22 maxlen: 22
185.236.16.0/22 maxlen: 22
217.76.16.0/20 maxlen: 20
217.76.16.0/21 maxlen: 21
217.76.24.0/21 maxlen: 21
31.177.32.0/21 maxlen: 21
185.133.108.0/22 maxlen: 22
5.104.112.0/20 maxlen: 20
185.87.156.0/22 maxlen: 22
185.70.236.0/22 maxlen: 22
86.111.208.0/22 maxlen: 22
185.113.172.0/22 maxlen: 22
185.192.144.0/22 maxlen: 24
2a0e:9680::/29 maxlen: 29
2a0a:4980::/29 maxlen: 29
2a0e:c40::/29 maxlen: 29
2a03:ea40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:1b:8e:d0:98:9e:50:97:1e:18:aa:72:8e:bd:2e:ae:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfc470e9b58e557ea8c1dbedaeb9c6a5fc455125
Validity
Not Before: Feb 4 08:33:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f0218e5a7e86621d9fc2a43cbff0ec7d20544dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:08:1b:fa:c3:dc:80:4f:90:3a:a0:63:c6:87:
8c:02:e6:1d:c4:28:f9:df:96:9f:68:ef:c5:6a:da:
bf:5b:e8:a3:3b:f3:ad:8c:27:2d:a2:23:83:8d:ac:
e5:5c:3b:65:82:65:3a:40:7d:35:88:75:60:07:7b:
e0:6c:3f:b2:36:e4:22:91:53:48:03:ce:df:ed:f3:
3f:39:12:bb:04:53:54:28:c2:5b:4c:03:35:a5:38:
65:f0:4b:6b:0f:d8:ce:2c:e1:57:2e:92:8d:c0:a2:
eb:e2:e8:54:20:b7:dc:d5:27:70:d0:c0:51:c1:71:
8d:88:06:8e:7e:ba:02:fe:c7:a0:57:b6:35:aa:cc:
da:ec:6b:af:ad:9e:46:40:b1:c3:c3:5f:94:ec:6f:
f2:5c:31:0e:9a:b6:99:91:74:b3:c6:f5:a3:2e:a0:
e7:fa:3a:eb:03:79:e4:24:5b:3c:0e:79:10:37:af:
2a:0b:c9:f6:5e:ed:b7:3d:15:65:e8:5a:a2:0b:04:
8d:26:b2:8a:72:25:49:9c:19:97:5a:25:09:d6:16:
54:c7:57:ac:41:74:8a:f6:1a:49:6d:4f:df:67:58:
4d:22:a6:c3:b1:cb:77:23:65:db:0d:c8:1a:f7:fc:
39:53:9b:65:5d:f3:3d:15:69:14:45:35:07:0e:23:
da:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:02:18:E5:A7:E8:66:21:D9:FC:2A:43:CB:FF:0E:C7:D2:05:44:DD
X509v3 Authority Key Identifier:
keyid:BF:C4:70:E9:B5:8E:55:7E:A8:C1:DB:ED:AE:B9:C6:A5:FC:45:51:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v8Rw6bWOVX6owdvtrrnGpfxFUSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/XwIY5afoZiHZ_CpDy_8Ox9IFRN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/v8Rw6bWOVX6owdvtrrnGpfxFUSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.112.0/20
31.177.32.0/21
45.84.40.0/22
45.91.56.0/22
45.92.224.0/22
81.30.64.0/20
86.111.208.0/22
185.23.140.0/22
185.33.152.0/22
185.38.152.0/22
185.70.236.0/22
185.72.160.0/22
185.82.192.0/22
185.87.104.0/22
185.87.116.0/22
185.87.156.0/22
185.103.236.0/22
185.113.172.0/22
185.133.108.0/22
185.192.144.0/22
185.236.16.0/22
217.76.16.0/20
IPv6:
2a03:ea40::/32
2a0a:4980::/29
2a0e:c40::/29
2a0e:9680::/29
Signature Algorithm: sha256WithRSAEncryption
9d:6f:92:62:37:c0:2b:08:7c:77:66:fd:a5:f1:82:00:63:91:
32:34:8b:ba:97:eb:94:90:93:ca:fc:f2:bf:35:d3:a1:b6:e2:
b9:61:2b:a9:36:cc:91:a3:9f:a5:51:cf:79:bf:f8:41:96:76:
5a:dd:26:83:2c:28:87:21:6a:6e:4e:b5:8b:99:4e:c0:c1:99:
de:0b:b6:6b:8c:75:d5:8f:1b:55:59:9c:fa:9d:6e:40:8e:73:
e3:fd:fc:4e:32:99:f8:8e:64:cf:f6:e4:26:6c:f9:99:db:09:
16:bd:fb:dc:b4:ae:5c:fc:24:82:55:75:1c:00:15:79:04:a5:
fe:a7:10:0d:ec:4e:5a:21:de:45:ae:b4:bf:17:9f:56:e2:d0:
5d:79:e5:07:c2:f7:b7:99:09:34:73:71:0e:d5:45:0b:47:ee:
69:cc:e6:04:de:0a:7a:d7:1c:f1:a9:03:2e:1c:e4:44:70:a2:
33:aa:e6:ea:e6:a8:ba:98:59:c0:77:2f:f1:77:f4:21:21:4d:
e6:f0:50:62:69:90:7d:f9:ea:fb:fb:e8:e9:55:2e:2c:2f:68:
85:3e:3d:f2:b8:a8:53:4f:14:26:42:63:c8:ff:8c:ea:48:09:
68:be:97:ca:38:43:3d:88:c3:f9:c7:10:ad:4c:46:d7:bb:f8:
5b:f0:9d:e9
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYYbjtCYnlCXHhiqco69Lq7UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYzQ3MGU5YjU4ZTU1N2VhOGMxZGJlZGFlYjljNmE1ZmM0
NTUxMjUwHhcNMjMwMjA0MDgzMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjAyMThlNWE3ZTg2NjIxZDlmYzJhNDNjYmZmMGVjN2QyMDU0NGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQgb+sPcgE+QOqBjxoeMAuYdxCj5
35afaO/Fatq/W+ijO/OtjCctoiODjazlXDtlgmU6QH01iHVgB3vgbD+yNuQikVNI
A87f7fM/ORK7BFNUKMJbTAM1pThl8EtrD9jOLOFXLpKNwKLr4uhUILfc1Sdw0MBR
wXGNiAaOfroC/segV7Y1qsza7GuvrZ5GQLHDw1+U7G/yXDEOmraZkXSzxvWjLqDn
+jrrA3nkJFs8DnkQN68qC8n2Xu23PRVl6FqiCwSNJrKKciVJnBmXWiUJ1hZUx1es
QXSK9hpJbU/fZ1hNIqbDsct3I2XbDcga9/w5U5tlXfM9FWkURTUHDiPaTwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFF8CGOWn6GYh2fwqQ8v/DsfSBUTdMB8GA1UdIwQY
MBaAFL/EcOm1jlV+qMHb7a65xqX8RVElMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjhSdzZiV09WWDZvd2R2dHJybkdwZnhGVVNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yN2IzOWItMDQ0OS00YzY0LWJhNzkt
YTJhYTY1NDBmODc1LzEvWHdJWTVhZm9aaUhaX0NwRHlfOE94OUlGUk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8yN2IzOWItMDQ0OS00YzY0LWJhNzktYTJhYTY1NDBmODc1
LzEvdjhSdzZiV09WWDZvd2R2dHJybkdwZnhGVVNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBiwQCAAEwgYQDBAQF
aHADBAMfsSADBAItVCgDBAItWzgDBAItXOADBARRHkADBAJWb9ADBAK5F4wDBAK5
IZgDBAK5JpgDBAK5RuwDBAK5SKADBAK5UsADBAK5V2gDBAK5V3QDBAK5V5wDBAK5
Z+wDBAK5cawDBAK5hWwDBAK5wJADBAK57BADBATZTBAwIgQCAAIwHAMFACoD6kAD
BQMqCkmAAwUDKg4MQAMFAyoOloAwDQYJKoZIhvcNAQELBQADggEBAJ1vkmI3wCsI
fHdm/aXxggBjkTI0i7qX65SQk8r88r8106G24rlhK6k2zJGjn6VRz3m/+EGWdlrd
JoMsKIcham5OtYuZTsDBmd4LtmuMddWPG1VZnPqdbkCOc+P9/E4ymfiOZM/25CZs
+ZnbCRa9+9y0rlz8JIJVdRwAFXkEpf6nEA3sTloh3kWutL8Xn1bi0F155QfC97eZ
CTRzcQ7VRQtH7mnM5gTeCnrXHPGpAy4c5ERwojOq5urmqLqYWcB3L/F39CEhTebw
UGJpkH356vv76OlVLiwvaIU+PfK4qFNPFCZCY8j/jOpICWi+l8o4Qz2Iw/nHEK1M
Rte7+Fvwnek=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:05 2024 by rpki-client on console-ams.rpki-client.org