Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/bAiZJ6JIj1ER_fOCBYENOS8nPrs.roa
File: bAiZJ6JIj1ER_fOCBYENOS8nPrs.roa (raw, json)
Hash identifier: WviR0dwhEu0JZEXQs3ME2tTFj4BwOXj9UNrya/xO088=
Subject key identifier: 6C:08:99:27:A2:48:8F:51:11:FD:F3:82:05:81:0D:39:2F:27:3E:BB
Certificate issuer: /CN=05bfdbb6a4b1663369da407db97b021f73284a28
Certificate serial: 018E37D71073D8A4DF6A31A8D05EC06F7C17
Authority key identifier: 05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/bAiZJ6JIj1ER_fOCBYENOS8nPrs.roa
Signing time: Wed 13 Mar 2024 12:43:45 +0000
ROA not before: Wed 13 Mar 2024 12:43:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 5.101.136.0/21 maxlen: 21
5.101.144.0/21 maxlen: 21
5.101.168.0/21 maxlen: 21
31.132.0.0/21 maxlen: 21
37.9.56.0/21 maxlen: 21
77.74.192.0/21 maxlen: 21
77.75.120.0/21 maxlen: 21
78.110.160.0/21 maxlen: 21
78.110.168.0/23 maxlen: 23
78.110.170.0/24 maxlen: 24
78.110.172.0/22 maxlen: 22
78.157.192.0/21 maxlen: 21
78.157.200.0/22 maxlen: 22
78.157.204.0/24 maxlen: 24
78.157.206.0/23 maxlen: 23
78.157.208.0/20 maxlen: 20
94.229.64.0/20 maxlen: 20
178.159.0.0/20 maxlen: 20
185.17.24.0/22 maxlen: 22
185.103.96.0/22 maxlen: 22
2a01:a500::/32 maxlen: 32
2a01:a500:1::/48 maxlen: 48
2a01:a500:1228::/48 maxlen: 48
2a01:a500:2566::/48 maxlen: 48
2a01:a507::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 05 Apr 2024 15:10:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:37:d7:10:73:d8:a4:df:6a:31:a8:d0:5e:c0:6f:7c:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bfdbb6a4b1663369da407db97b021f73284a28
Validity
Not Before: Mar 13 12:43:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c089927a2488f5111fdf38205810d392f273ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9f:08:6f:2c:14:1c:3b:69:a2:96:de:18:14:
fd:30:8e:87:99:0b:b3:c7:88:c6:0b:d7:a6:47:b2:
a2:b3:3e:2d:4d:a9:00:ba:40:01:04:07:ed:63:02:
f9:8d:00:18:2e:f7:35:e2:8f:9d:8a:58:0d:30:25:
6e:df:3b:a8:2f:ea:42:f2:5e:d9:5d:54:e0:09:03:
50:01:7d:5e:9a:51:f5:58:53:82:5e:65:92:b8:51:
6b:2e:7d:be:5e:4b:b6:56:e9:56:73:ac:5a:78:98:
06:0e:ba:2c:e9:cf:eb:05:65:21:5e:00:73:b6:b6:
49:a3:9b:0a:55:74:0a:44:3f:59:4b:27:1a:d2:23:
23:0b:ec:19:bf:0d:d6:05:df:f7:19:1f:36:d0:fc:
27:2a:a0:16:4e:d9:61:9e:46:b8:00:b3:bb:45:0c:
c4:40:bd:70:9d:6d:78:f1:4c:3d:36:66:9f:dd:96:
19:4d:3e:5b:e3:8e:c9:bc:e5:db:4e:a5:61:86:82:
f1:e6:de:84:38:a8:64:ea:69:e1:25:08:07:aa:e7:
27:2d:cf:27:ef:07:55:2b:06:9a:32:23:89:5f:57:
9d:81:ea:38:43:76:45:91:9f:f8:40:be:62:92:9f:
c5:40:d9:0f:fa:d0:87:4e:84:bb:8a:8b:f1:c2:d4:
fd:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:08:99:27:A2:48:8F:51:11:FD:F3:82:05:81:0D:39:2F:27:3E:BB
X509v3 Authority Key Identifier:
keyid:05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/bAiZJ6JIj1ER_fOCBYENOS8nPrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.136.0-5.101.151.255
5.101.168.0/21
31.132.0.0/21
37.9.56.0/21
77.74.192.0/21
77.75.120.0/21
78.110.160.0-78.110.170.255
78.110.172.0/22
78.157.192.0-78.157.204.255
78.157.206.0-78.157.223.255
94.229.64.0/20
178.159.0.0/20
185.17.24.0/22
185.103.96.0/22
IPv6:
2a01:a500::/32
2a01:a507::/32
Signature Algorithm: sha256WithRSAEncryption
88:f4:5b:b6:4c:87:d7:13:02:49:83:4c:e7:43:26:9a:8d:f4:
85:41:fe:88:e3:1d:91:cd:68:69:f0:6a:90:3f:60:42:65:8e:
49:14:e5:6a:f7:a1:98:f9:a1:1f:91:2b:f5:fd:64:91:bb:04:
2a:aa:09:53:f4:50:e9:19:67:4c:a0:c5:01:88:12:90:e5:97:
c8:e5:fb:3f:17:da:24:60:ef:45:4f:0a:78:14:0f:33:8b:09:
38:7a:4b:ed:8c:63:db:71:70:c5:16:22:d7:9c:8c:64:10:7b:
bb:02:75:d9:1c:6c:73:ac:11:dc:d1:3b:18:0c:2c:46:63:9b:
4f:16:f6:2c:0e:75:e8:0b:b1:e7:f2:28:3e:cb:42:bc:b2:d6:
db:2f:94:0f:6b:11:3c:81:9f:03:f2:53:ff:34:7e:90:ed:d4:
67:de:fa:3d:a3:d0:4d:0a:60:4c:81:55:59:92:a8:2b:a2:b1:
2f:08:b5:d0:ab:4c:d3:5d:dd:61:75:a2:6e:ac:4c:8e:e2:fc:
3a:92:a2:7d:44:53:b3:4c:51:3f:25:de:63:49:29:37:91:fd:
c0:97:f3:79:5f:ca:75:21:70:02:b4:b9:54:76:43:8b:e5:ec:
29:79:d9:5e:61:e6:25:e6:78:bd:4b:2d:f9:8f:eb:6d:dc:27:
3b:52:46:99
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAY431xBz2KTfajGo0F7Ab3wXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmZkYmI2YTRiMTY2MzM2OWRhNDA3ZGI5N2IwMjFmNzMy
ODRhMjgwHhcNMjQwMzEzMTI0MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzA4OTkyN2EyNDg4ZjUxMTFmZGYzODIwNTgxMGQzOTJmMjczZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq58IbywUHDtpopbeGBT9MI6HmQuz
x4jGC9emR7Kisz4tTakAukABBAftYwL5jQAYLvc14o+dilgNMCVu3zuoL+pC8l7Z
XVTgCQNQAX1emlH1WFOCXmWSuFFrLn2+Xku2VulWc6xaeJgGDros6c/rBWUhXgBz
trZJo5sKVXQKRD9ZSyca0iMjC+wZvw3WBd/3GR820PwnKqAWTtlhnka4ALO7RQzE
QL1wnW148Uw9Nmaf3ZYZTT5b447JvOXbTqVhhoLx5t6EOKhk6mnhJQgHqucnLc8n
7wdVKwaaMiOJX1edgeo4Q3ZFkZ/4QL5ikp/FQNkP+tCHToS7iovxwtT9OQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFGwImSeiSI9REf3zggWBDTkvJz67MB8GA1UdIwQY
MBaAFAW/27aksWYzadpAfbl7Ah9zKEooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMt
MDYwZGFjZmViZTBmLzEvYkFpWko2SklqMUVSX2ZPQ0JZRU5PUzhuUHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMtMDYwZGFjZmViZTBm
LzEvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjB6BAIAATB0MAwDBAMF
ZYgDBAMFZZADBAMFZagDBAMfhAADBAMlCTgDBANNSsADBANNS3gwDAMEBU5uoAME
AE5uqgMEAk5urDAMAwQGTp3AAwQATp3MMAwDBAFOnc4DBAVOncADBARe5UADBASy
nwADBAK5ERgDBAK5Z2AwFAQCAAIwDgMFACoBpQADBQAqAaUHMA0GCSqGSIb3DQEB
CwUAA4IBAQCI9Fu2TIfXEwJJg0znQyaajfSFQf6I4x2RzWhp8GqQP2BCZY5JFOVq
96GY+aEfkSv1/WSRuwQqqglT9FDpGWdMoMUBiBKQ5ZfI5fs/F9okYO9FTwp4FA8z
iwk4ekvtjGPbcXDFFiLXnIxkEHu7AnXZHGxzrBHc0TsYDCxGY5tPFvYsDnXoC7Hn
8ig+y0K8stbbL5QPaxE8gZ8D8lP/NH6Q7dRn3vo9o9BNCmBMgVVZkqgrorEvCLXQ
q0zTXd1hdaJurEyO4vw6kqJ9RFOzTFE/Jd5jSSk3kf3Al/N5X8p1IXACtLlUdkOL
5ewpedleYeYl5ni9Sy35j+tt3Cc7UkaZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:47 2024 by rpki-client on console-ams.rpki-client.org