Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/626SQGGDTBceU1D4ZMHZfVo_BPM.roa
File: 626SQGGDTBceU1D4ZMHZfVo_BPM.roa (raw, json)
Hash identifier: 81VpF9OCE+tc7l13HrdakQaO0H6HYM2pTe28GKP0j30=
Subject key identifier: EB:6E:92:40:61:83:4C:17:1E:53:50:F8:64:C1:D9:7D:5A:3F:04:F3
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 018CC64A065479FC4B133577A402C91C9467
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/626SQGGDTBceU1D4ZMHZfVo_BPM.roa
Signing time: Mon 01 Jan 2024 18:29:49 +0000
ROA not before: Mon 01 Jan 2024 18:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 185.125.200.0/22 maxlen: 24
95.140.146.0/23 maxlen: 24
95.140.158.0/23 maxlen: 24
80.90.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 12:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:06:54:79:fc:4b:13:35:77:a4:02:c9:1c:94:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Jan 1 18:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb6e924061834c171e5350f864c1d97d5a3f04f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:5a:29:00:ba:29:47:f5:2d:4d:a9:ad:db:39:
65:7d:46:48:94:90:26:55:35:43:55:58:a5:2a:4c:
73:0e:6c:d6:c9:98:d2:33:84:93:1f:2c:45:89:f0:
27:60:d4:42:80:39:24:fd:4a:ba:76:f8:ab:cd:19:
b9:a1:a9:7b:0c:e5:b3:5b:d3:dd:5c:78:d5:41:a9:
08:75:c8:c8:95:6f:37:9b:a5:31:5d:cf:18:6e:ad:
07:60:6d:d4:ee:a4:85:dc:5d:22:50:62:6d:e8:92:
31:65:1b:60:28:62:ed:96:ec:08:74:b3:5c:5e:64:
ed:c5:0b:1b:7c:05:95:aa:5f:51:3c:88:93:2b:83:
d2:67:e1:0d:b3:a1:23:ab:2a:51:4b:57:90:a2:aa:
85:23:39:68:ba:ca:e9:e3:b4:59:2c:09:e9:e1:8d:
40:01:49:30:db:5d:ef:77:27:93:c5:63:6f:c0:37:
49:11:ce:4d:86:a4:8e:b8:6c:8b:b4:87:29:33:ba:
76:dc:8b:cc:8c:aa:7e:26:0e:7d:b3:71:02:46:dd:
4d:b9:c6:37:9a:a7:2e:ed:32:ee:43:f2:9d:93:b2:
a6:17:7c:bb:14:3b:6a:38:7a:6a:3e:e0:43:68:06:
df:a4:34:18:b2:c1:a0:6b:89:c5:be:a0:39:e0:8a:
81:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:6E:92:40:61:83:4C:17:1E:53:50:F8:64:C1:D9:7D:5A:3F:04:F3
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/626SQGGDTBceU1D4ZMHZfVo_BPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.179.0/24
95.140.146.0/23
95.140.158.0/23
185.125.200.0/22
Signature Algorithm: sha256WithRSAEncryption
37:fe:f1:ed:7d:c5:37:34:3d:40:ab:04:89:06:10:b6:e9:ac:
d5:3d:df:ce:4c:3b:76:a5:96:5f:04:0b:01:80:10:c8:dc:5c:
76:db:26:5f:ca:19:7e:c9:62:d6:ce:a5:68:b1:6d:59:78:40:
35:6f:28:b9:70:cf:b6:0c:e2:e4:e9:8b:b8:41:6f:be:6c:84:
b7:eb:f5:cb:f4:f0:af:c4:d2:a5:c5:b1:53:d2:e7:3b:dd:cf:
e8:dd:d9:6e:1f:30:96:22:57:ca:1f:42:1b:29:bc:3d:45:c3:
94:e7:fe:23:47:e5:65:f8:cb:93:cc:e8:31:4c:f4:8e:1d:69:
5e:aa:03:ad:aa:28:0d:3f:7f:76:57:0e:58:7a:51:bb:f4:db:
f1:9b:8d:31:56:e6:c7:25:d6:6b:a9:e6:77:ff:6e:69:97:38:
bf:e1:ad:9b:7d:42:a6:86:33:ec:4b:8d:53:ab:ab:5b:4e:e2:
9d:fc:25:3b:bb:11:cf:50:86:55:13:38:a9:36:87:d4:bd:37:
75:56:60:74:a9:0b:f2:b5:ef:7a:27:40:49:8e:c7:2e:c2:29:
d8:4a:b9:71:d9:e0:c4:4d:0d:a6:56:6b:26:75:49:86:80:cd:
04:0e:cc:27:5a:b9:99:d3:de:71:34:6c:d1:bf:18:b8:6b:55:
26:60:a3:7b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGSgZUefxLEzV3pALJHJRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjQwMTAxMTgyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjZlOTI0MDYxODM0YzE3MWU1MzUwZjg2NGMxZDk3ZDVhM2YwNGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1opALopR/UtTamt2zllfUZIlJAm
VTVDVVilKkxzDmzWyZjSM4STHyxFifAnYNRCgDkk/Uq6dvirzRm5oal7DOWzW9Pd
XHjVQakIdcjIlW83m6UxXc8Ybq0HYG3U7qSF3F0iUGJt6JIxZRtgKGLtluwIdLNc
XmTtxQsbfAWVql9RPIiTK4PSZ+ENs6EjqypRS1eQoqqFIzlousrp47RZLAnp4Y1A
AUkw213vdyeTxWNvwDdJEc5NhqSOuGyLtIcpM7p23IvMjKp+Jg59s3ECRt1NucY3
mqcu7TLuQ/Kdk7KmF3y7FDtqOHpqPuBDaAbfpDQYssGga4nFvqA54IqBrQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOtukkBhg0wXHlNQ+GTB2X1aPwTzMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvNjI2U1FHR0RUQmNlVTFENFpNSFpmVm9fQlBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUFqzAwQB
X4ySAwQBX4yeAwQCuX3IMA0GCSqGSIb3DQEBCwUAA4IBAQA3/vHtfcU3ND1AqwSJ
BhC26azVPd/OTDt2pZZfBAsBgBDI3Fx22yZfyhl+yWLWzqVosW1ZeEA1byi5cM+2
DOLk6Yu4QW++bIS36/XL9PCvxNKlxbFT0uc73c/o3dluHzCWIlfKH0IbKbw9RcOU
5/4jR+Vl+MuTzOgxTPSOHWleqgOtqigNP392Vw5YelG79Nvxm40xVubHJdZrqeZ3
/25plzi/4a2bfUKmhjPsS41Tq6tbTuKd/CU7uxHPUIZVEzipNofUvTd1VmB0qQvy
te96J0BJjscuwinYSrlx2eDETQ2mVmsmdUmGgM0EDswnWrmZ095xNGzRvxi4a1Um
YKN7
-----END CERTIFICATE-----
Generated at Tue Apr 30 18:14:24 2024 by rpki-client on console-fra.rpki-client.org