Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/BhVmiVcmJr7QcFXD9m4Txvq2wG8.roa
File: BhVmiVcmJr7QcFXD9m4Txvq2wG8.roa (raw, json)
Hash identifier: VLi9MuunhIRJb77nsdzQrBJCMC3HyEOw2bhhA5iEAVY=
Subject key identifier: 06:15:66:89:57:26:26:BE:D0:70:55:C3:F6:6E:13:C6:FA:B6:C0:6F
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 0187746154D1A8938E7BB3F811C5033ED8B9
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/BhVmiVcmJr7QcFXD9m4Txvq2wG8.roa
Signing time: Wed 12 Apr 2023 07:32:28 +0000
ROA not before: Wed 12 Apr 2023 07:32:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41313
IP address blocks: 185.40.164.0/22 maxlen: 24
46.35.160.0/19 maxlen: 24
185.18.228.0/22 maxlen: 24
151.252.192.0/20 maxlen: 24
79.110.120.0/21 maxlen: 24
95.158.128.0/18 maxlen: 24
80.95.16.0/21 maxlen: 24
80.95.22.0/24 maxlen: 24
93.175.244.0/23 maxlen: 24
212.21.128.0/19 maxlen: 24
93.152.234.0/23 maxlen: 24
2a00:e200::/32 maxlen: 48
2a0d:3b40::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:74:61:54:d1:a8:93:8e:7b:b3:f8:11:c5:03:3e:d8:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Apr 12 07:32:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06156689572626bed07055c3f66e13c6fab6c06f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:47:0b:a4:f1:92:d8:95:88:35:91:8e:f7:a5:
97:d3:43:da:46:e6:48:ba:fd:67:48:b8:2e:23:b9:
39:55:e6:c0:13:db:d8:63:92:fa:b4:97:00:af:92:
20:8a:08:dd:2b:d2:e9:7a:b1:59:99:b6:cb:a4:6b:
ce:de:c3:f7:3b:ed:93:48:a9:c3:63:c4:25:43:40:
e0:a6:75:e2:db:18:84:79:7a:33:3e:8d:d4:28:c4:
7f:10:4a:10:b6:57:b8:4c:97:72:60:c4:f5:bf:13:
a3:c4:40:78:38:25:93:ec:6b:0d:8b:34:fa:9b:5f:
77:19:b0:8b:bc:03:17:63:7b:63:28:9a:cc:57:25:
67:22:79:b3:89:c1:14:d2:59:6c:9f:28:95:36:d3:
85:84:c8:3a:b0:cb:8b:5e:82:44:fe:6b:39:27:64:
80:2a:5a:93:95:0a:fb:b3:9a:d9:32:81:d0:3f:34:
8e:26:6e:5a:4e:c2:d2:68:7c:50:52:89:f5:8d:93:
d5:e7:44:66:1f:22:aa:57:d9:93:75:e5:01:04:cf:
15:d9:a7:40:9f:3f:a6:40:c6:c1:20:d1:33:02:f1:
6e:39:ed:be:15:67:49:03:db:dd:8c:cf:fd:1d:ba:
ea:d8:e6:c7:fa:a6:e0:d9:77:7f:47:84:2c:35:78:
45:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:15:66:89:57:26:26:BE:D0:70:55:C3:F6:6E:13:C6:FA:B6:C0:6F
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/BhVmiVcmJr7QcFXD9m4Txvq2wG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.35.160.0/19
79.110.120.0/21
80.95.16.0/21
93.152.234.0/23
93.175.244.0/23
95.158.128.0/18
151.252.192.0/20
185.18.228.0/22
185.40.164.0/22
212.21.128.0/19
IPv6:
2a00:e200::/32
2a0d:3b40::/29
Signature Algorithm: sha256WithRSAEncryption
ad:22:90:64:d4:e8:1c:86:d0:c0:d1:f4:48:ea:f7:2c:b8:16:
0a:2e:4f:c6:fc:e4:e6:96:b5:61:6a:1d:9d:66:4d:61:ba:38:
d5:ad:99:1c:35:c5:80:6c:a7:39:4c:21:3b:db:c9:97:b5:f5:
c9:5c:01:6c:56:14:bd:92:cf:50:b0:6c:1a:4b:c9:1b:7a:d1:
1f:2e:b5:ae:80:20:ec:16:e6:6a:52:bf:87:b7:9f:f5:a3:c3:
30:53:96:b5:74:94:25:57:92:71:d2:49:81:30:1d:2f:92:f2:
41:0b:ef:51:9e:70:bd:1f:c4:44:9a:b5:34:73:b7:dd:69:c6:
0c:5a:4d:d1:14:9c:49:2f:3a:7e:15:99:8c:34:14:f8:6c:6c:
21:04:9a:2d:a0:c6:ee:ec:52:7d:64:fb:ad:14:25:6b:f8:de:
90:7d:98:3c:81:25:4f:1a:8a:55:4e:50:52:c4:1c:74:fb:2a:
52:3e:69:31:a1:97:a3:bc:fd:b2:06:f8:b6:a3:d2:0c:b1:93:
e8:0a:7c:63:77:dd:ae:09:00:1a:a5:e0:22:fa:31:3a:b1:50:
14:cd:68:6c:3a:40:20:f6:1a:06:48:fd:45:97:d6:c5:c8:93:
3d:91:70:1f:02:e8:34:27:42:43:23:a6:4e:ff:e5:4c:1c:23:
57:6c:2c:9e
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYd0YVTRqJOOe7P4EcUDPti5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjMwNDEyMDczMjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjE1NjY4OTU3MjYyNmJlZDA3MDU1YzNmNjZlMTNjNmZhYjZjMDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUcLpPGS2JWINZGO96WX00PaRuZI
uv1nSLguI7k5VebAE9vYY5L6tJcAr5IgigjdK9LperFZmbbLpGvO3sP3O+2TSKnD
Y8QlQ0DgpnXi2xiEeXozPo3UKMR/EEoQtle4TJdyYMT1vxOjxEB4OCWT7GsNizT6
m193GbCLvAMXY3tjKJrMVyVnInmzicEU0llsnyiVNtOFhMg6sMuLXoJE/ms5J2SA
KlqTlQr7s5rZMoHQPzSOJm5aTsLSaHxQUon1jZPV50RmHyKqV9mTdeUBBM8V2adA
nz+mQMbBINEzAvFuOe2+FWdJA9vdjM/9Hbrq2ObH+qbg2Xd/R4QsNXhFzQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFAYVZolXJia+0HBVw/ZuE8b6tsBvMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvQmhWbWlWY21KcjdRY0ZYRDltNFR4dnEyd0c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQFLiOgAwQD
T254AwQDUF8QAwQBXZjqAwQBXa/0AwQGX56AAwQEl/zAAwQCuRLkAwQCuSikAwQF
1BWAMBQEAgACMA4DBQAqAOIAAwUDKg07QDANBgkqhkiG9w0BAQsFAAOCAQEArSKQ
ZNToHIbQwNH0SOr3LLgWCi5Pxvzk5pa1YWodnWZNYbo41a2ZHDXFgGynOUwhO9vJ
l7X1yVwBbFYUvZLPULBsGkvJG3rRHy61roAg7BbmalK/h7ef9aPDMFOWtXSUJVeS
cdJJgTAdL5LyQQvvUZ5wvR/ERJq1NHO33WnGDFpN0RScSS86fhWZjDQU+GxsIQSa
LaDG7uxSfWT7rRQla/jekH2YPIElTxqKVU5QUsQcdPsqUj5pMaGXo7z9sgb4tqPS
DLGT6Ap8Y3fdrgkAGqXgIvoxOrFQFM1obDpAIPYaBkj9RZfWxciTPZFwHwLoNCdC
QyOmTv/lTBwjV2wsng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:35 2024 by rpki-client on console-ams.rpki-client.org