Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/B_ZR_UQ0rCOyMEAwTW5_ReskuHY.roa
File: B_ZR_UQ0rCOyMEAwTW5_ReskuHY.roa (raw, json)
Hash identifier: XHlr+8vIK2b/BMxJRL3h65VJDipkfQJyJV3OPngcbX4=
Subject key identifier: 07:F6:51:FD:44:34:AC:23:B2:30:40:30:4D:6E:7F:45:EB:24:B8:76
Certificate issuer: /CN=4866d4027de3c27e897d72adb2c86d87ab7e5ac2
Certificate serial: 018CC5DC6CEB1F160AD93B31D8F82932B021
Authority key identifier: 48:66:D4:02:7D:E3:C2:7E:89:7D:72:AD:B2:C8:6D:87:AB:7E:5A:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/B_ZR_UQ0rCOyMEAwTW5_ReskuHY.roa
Signing time: Mon 01 Jan 2024 16:30:06 +0000
ROA not before: Mon 01 Jan 2024 16:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208808
IP address blocks: 103.43.40.0/22 maxlen: 22
103.208.72.0/22 maxlen: 22
212.73.152.0/24 maxlen: 24
94.156.26.0/23 maxlen: 23
212.73.153.0/24 maxlen: 24
87.120.203.0/24 maxlen: 24
92.243.94.0/23 maxlen: 23
185.201.76.0/22 maxlen: 22
45.140.196.0/22 maxlen: 22
213.255.210.0/23 maxlen: 23
213.255.216.0/23 maxlen: 23
213.255.224.0/23 maxlen: 23
213.255.244.0/23 maxlen: 23
78.138.18.0/23 maxlen: 23
31.13.210.0/24 maxlen: 24
78.138.26.0/23 maxlen: 23
78.138.28.0/23 maxlen: 23
103.104.108.0/22 maxlen: 22
78.138.42.0/23 maxlen: 23
92.243.71.0/24 maxlen: 24
87.120.80.0/23 maxlen: 23
92.243.68.0/24 maxlen: 24
92.243.86.0/23 maxlen: 23
92.243.90.0/23 maxlen: 23
160.202.156.0/22 maxlen: 22
2a0a:bd40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 15 Apr 2024 08:19:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:6c:eb:1f:16:0a:d9:3b:31:d8:f8:29:32:b0:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4866d4027de3c27e897d72adb2c86d87ab7e5ac2
Validity
Not Before: Jan 1 16:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07f651fd4434ac23b23040304d6e7f45eb24b876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ea:ce:2e:36:b4:e6:2f:2b:13:92:91:0f:83:
5e:5c:58:08:8a:69:76:bc:3d:f3:4e:ec:86:9c:17:
8b:65:c4:0b:45:a5:05:b7:cb:f9:f8:53:45:da:36:
c6:46:ad:e9:4f:f4:d8:f6:82:3c:2f:3b:58:3e:99:
bd:65:cb:0b:58:bd:00:6d:fd:fa:64:5a:b6:7e:fb:
a4:34:f8:dd:28:42:66:fa:5b:13:37:7d:64:99:32:
9f:82:d6:61:73:b6:8f:29:f0:4d:af:18:37:d3:bb:
8c:0e:b7:77:79:73:48:ae:0e:31:73:69:b9:4c:ea:
41:94:f8:24:79:53:17:69:ff:83:25:94:a2:49:32:
7b:3a:76:5d:06:a7:ff:74:61:80:f7:0d:65:10:2a:
b9:93:b5:7f:60:a1:38:75:58:d7:6a:0d:be:60:62:
8a:fd:27:7c:68:3a:9b:cb:79:b0:e2:2e:04:c6:7e:
68:d1:24:1b:96:b6:5c:23:55:c9:66:38:8e:3b:38:
86:61:74:28:b2:30:18:f6:66:7b:01:d5:cb:b7:0a:
76:db:5b:c8:26:80:fe:8c:51:7c:38:71:c7:fd:a9:
31:31:8d:76:7d:28:c2:7b:db:a7:1a:72:79:60:90:
f5:a2:13:3f:9f:5e:6c:0b:16:a3:f2:c7:c7:e9:6d:
ba:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:F6:51:FD:44:34:AC:23:B2:30:40:30:4D:6E:7F:45:EB:24:B8:76
X509v3 Authority Key Identifier:
keyid:48:66:D4:02:7D:E3:C2:7E:89:7D:72:AD:B2:C8:6D:87:AB:7E:5A:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/B_ZR_UQ0rCOyMEAwTW5_ReskuHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/SGbUAn3jwn6JfXKtsshth6t-WsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.210.0/24
45.140.196.0/22
78.138.18.0/23
78.138.26.0-78.138.29.255
78.138.42.0/23
87.120.80.0/23
87.120.203.0/24
92.243.68.0/24
92.243.71.0/24
92.243.86.0/23
92.243.90.0/23
92.243.94.0/23
94.156.26.0/23
103.43.40.0/22
103.104.108.0/22
103.208.72.0/22
160.202.156.0/22
185.201.76.0/22
212.73.152.0/23
213.255.210.0/23
213.255.216.0/23
213.255.224.0/23
213.255.244.0/23
IPv6:
2a0a:bd40::/29
Signature Algorithm: sha256WithRSAEncryption
43:0f:64:6d:f9:10:4c:fb:cd:7b:67:64:3d:a8:64:34:4b:f3:
24:0f:82:e9:c0:1a:e3:7e:64:6c:e7:ab:43:37:fb:bd:f5:8d:
17:c6:9c:80:fa:7d:1d:23:7b:05:f1:18:f9:1c:33:90:b9:9f:
56:1a:c6:6c:9a:c3:50:4d:39:a5:e9:d6:df:5e:88:97:e1:76:
8e:a1:cd:d0:97:ab:49:1b:12:1d:cc:61:49:56:aa:b9:f2:c6:
85:90:61:6d:19:f3:7a:fa:15:58:92:e0:a0:e2:8e:84:38:8c:
93:67:5c:90:aa:8b:22:58:d2:c7:5b:4a:95:6a:30:ce:b6:de:
44:3a:52:6d:a5:59:72:5e:e7:46:c0:79:d8:79:39:18:5e:bf:
83:e0:71:ad:40:47:fa:3b:a9:81:44:11:35:77:a8:da:d6:54:
22:9e:23:0a:6a:37:8d:34:94:19:1c:1c:b6:5b:0f:98:32:33:
a7:f4:9b:a7:20:b0:79:54:47:d1:35:67:2b:98:75:f9:0e:62:
6d:79:c3:b7:fe:c1:95:47:f1:ce:30:46:11:4b:7c:53:4a:0c:
35:42:bb:0a:05:ec:af:cc:e8:8e:e3:a2:73:00:38:41:d2:d5:
32:99:ed:f5:8a:51:4e:db:f4:9f:31:98:a5:1c:c0:3a:4b:60:
c6:7a:73:96
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAYzF3GzrHxYK2Tsx2PgpMrAhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NjZkNDAyN2RlM2MyN2U4OTdkNzJhZGIyYzg2ZDg3YWI3
ZTVhYzIwHhcNMjQwMTAxMTYzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2Y2NTFmZDQ0MzRhYzIzYjIzMDQwMzA0ZDZlN2Y0NWViMjRiODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+rOLja05i8rE5KRD4NeXFgIiml2
vD3zTuyGnBeLZcQLRaUFt8v5+FNF2jbGRq3pT/TY9oI8LztYPpm9ZcsLWL0Abf36
ZFq2fvukNPjdKEJm+lsTN31kmTKfgtZhc7aPKfBNrxg307uMDrd3eXNIrg4xc2m5
TOpBlPgkeVMXaf+DJZSiSTJ7OnZdBqf/dGGA9w1lECq5k7V/YKE4dVjXag2+YGKK
/Sd8aDqby3mw4i4Exn5o0SQblrZcI1XJZjiOOziGYXQosjAY9mZ7AdXLtwp221vI
JoD+jFF8OHHH/akxMY12fSjCe9unGnJ5YJD1ohM/n15sCxaj8sfH6W26/wIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFAf2Uf1ENKwjsjBAME1uf0XrJLh2MB8GA1UdIwQY
MBaAFEhm1AJ948J+iX1yrbLIbYerflrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0diVUFuM2p3bjZKZlhLdHNzaHRoNnQtV3NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni81NTZhZDUtMmU2Yi00ZDUxLTg1NmMt
NjFjOWMyOWMyNzVkLzEvQl9aUl9VUTByQ095TUVBd1RXNV9SZXNrdUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni81NTZhZDUtMmU2Yi00ZDUxLTg1NmMtNjFjOWMyOWMyNzVk
LzEvU0diVUFuM2p3bjZKZlhLdHNzaHRoNnQtV3NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBmQQCAAEwgZIDBAAf
DdIDBAItjMQDBAFOihIwDAMEAU6KGgMEAU6KHAMEAU6KKgMEAVd4UAMEAFd4ywME
AFzzRAMEAFzzRwMEAVzzVgMEAVzzWgMEAVzzXgMEAV6cGgMEAmcrKAMEAmdobAME
AmfQSAMEAqDKnAMEArnJTAMEAdRJmAMEAdX/0gMEAdX/2AMEAdX/4AMEAdX/9DAN
BAIAAjAHAwUDKgq9QDANBgkqhkiG9w0BAQsFAAOCAQEAQw9kbfkQTPvNe2dkPahk
NEvzJA+C6cAa435kbOerQzf7vfWNF8acgPp9HSN7BfEY+RwzkLmfVhrGbJrDUE05
penW316Il+F2jqHN0JerSRsSHcxhSVaqufLGhZBhbRnzevoVWJLgoOKOhDiMk2dc
kKqLIljSx1tKlWowzrbeRDpSbaVZcl7nRsB52Hk5GF6/g+BxrUBH+jupgUQRNXeo
2tZUIp4jCmo3jTSUGRwctlsPmDIzp/SbpyCweVRH0TVnK5h1+Q5ibXnDt/7BlUfx
zjBGEUt8U0oMNUK7CgXsr8zojuOicwA4QdLVMpnt9YpRTtv0nzGYpRzAOktgxnpz
lg==
-----END CERTIFICATE-----
Generated at Mon Apr 15 11:50:12 2024 by rpki-client on console-ams.rpki-client.org