Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/vBwPIZFgZWauhWD49i9625YYqlA.roa
File: vBwPIZFgZWauhWD49i9625YYqlA.roa (raw, json)
Hash identifier: MCI/3lM0S2oYIKBGcgxoiAYvem2uvKEEIOSj2vW2tI8=
Subject key identifier: BC:1C:0F:21:91:60:65:66:AE:85:60:F8:F6:2F:7A:DB:96:18:AA:50
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 0191D863D25AD96386AE0864D6EB35933691
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/vBwPIZFgZWauhWD49i9625YYqlA.roa
Signing time: Mon 09 Sep 2024 20:05:06 +0000
ROA not before: Mon 09 Sep 2024 20:05:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 46.16.128.0/24 maxlen: 24
46.16.129.0/24 maxlen: 24
46.16.130.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.20.0/24 maxlen: 24
185.213.21.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:22::/48 maxlen: 48
2a11:840:23::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
2a11:840:61::/48 maxlen: 48
2a11:840:62::/48 maxlen: 48
2a11:840:63::/48 maxlen: 48
2a11:840:64::/48 maxlen: 48
2a11:840:65::/48 maxlen: 48
2a11:840:66::/48 maxlen: 48
2a11:840:67::/48 maxlen: 48
2a11:840:68::/48 maxlen: 48
2a11:840:69::/48 maxlen: 48
2a11:840:70::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 13 Sep 2024 22:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d8:63:d2:5a:d9:63:86:ae:08:64:d6:eb:35:93:36:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Sep 9 20:05:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc1c0f2191606566ae8560f8f62f7adb9618aa50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:16:34:1d:7e:c4:64:97:a6:11:0a:d7:02:3a:
9a:21:c0:72:3a:46:74:9e:83:62:85:2c:98:90:32:
7d:09:66:da:66:83:a3:04:6c:65:3c:6e:52:36:05:
53:9e:f7:f7:99:e8:c3:db:b9:0c:db:fb:ca:9a:e5:
ce:40:08:76:c5:48:0e:ff:3a:e0:2b:33:fe:2d:3f:
e7:48:97:b0:35:e8:0f:78:90:eb:b0:27:c6:94:2c:
71:b1:6c:35:d6:11:18:fe:26:82:a0:80:c1:68:99:
97:ec:63:3a:a7:c9:4f:10:a2:a9:8a:4a:0a:05:93:
a1:16:4f:9a:ec:f3:c0:3c:3c:27:4f:ab:7b:61:7e:
a5:0a:c7:cd:67:be:e9:96:16:d7:da:5c:00:58:cf:
58:fd:56:56:4f:cc:b7:e1:3b:3b:17:99:54:16:e4:
e5:e2:06:05:79:f2:93:9b:ac:0d:c8:26:1c:5f:26:
e1:b2:20:5e:96:f5:82:81:af:84:f8:4b:91:00:e6:
7f:b0:73:45:0f:c8:77:ff:04:d9:78:5f:3b:de:8e:
3e:d5:22:08:fc:60:aa:6b:e7:cf:21:05:67:31:ff:
41:21:81:8a:6e:64:3f:e8:f7:d7:cc:c1:7e:8d:f4:
90:aa:62:db:11:ba:f0:6e:45:23:26:71:8b:f3:cb:
39:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:1C:0F:21:91:60:65:66:AE:85:60:F8:F6:2F:7A:DB:96:18:AA:50
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/vBwPIZFgZWauhWD49i9625YYqlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.128.0-46.16.130.255
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.238.0/23
185.213.20.0/23
185.213.23.0/24
IPv6:
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
2a11:840:60::-2a11:840:69:ffff:ffff:ffff:ffff:ffff
2a11:840:70::/48
Signature Algorithm: sha256WithRSAEncryption
3b:d8:76:e1:78:e0:c0:08:23:6e:ab:9e:6c:d7:4c:31:fc:8d:
6a:30:d7:63:86:41:b4:7e:71:37:29:ed:89:a6:6f:3c:dc:f4:
8b:23:b5:af:cc:15:9f:e7:cb:24:c9:4a:c7:1c:87:fc:71:62:
ff:10:8f:9c:b4:cd:8b:b7:c3:43:1f:2e:ec:5f:62:59:67:79:
bc:75:0b:88:e5:92:cb:8f:19:56:08:fc:09:c9:cf:a7:02:4d:
72:88:5d:4b:4c:4d:fc:f7:0a:2d:f5:c6:e4:69:a6:11:95:22:
1b:68:22:2f:bd:08:7d:b4:f9:eb:36:db:a2:47:f7:ec:47:ab:
7b:4e:ef:d7:0e:76:cd:b3:ce:f0:fc:4d:0e:26:e9:1f:8c:07:
af:a9:92:50:2f:88:07:fc:76:e2:e3:97:97:62:20:f6:12:d9:
9f:50:07:a3:24:e5:31:f4:56:68:eb:c8:76:87:0d:f0:fa:1a:
fd:6e:f6:ac:15:c7:cd:d1:87:55:b6:de:6a:f4:ec:82:48:03:
97:c7:c5:d5:44:a2:4e:33:bf:55:06:0d:bf:d9:4f:1d:61:04:
9a:80:b1:73:a0:8f:d4:8a:e8:27:3c:86:77:71:9e:5c:e7:50:
be:68:e4:69:1a:f7:ef:ff:f9:b0:a9:36:18:d4:1b:07:92:5b:
4d:65:c3:4a
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAZHYY9Ja2WOGrghk1us1kzaRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwOTA5MjAwNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzFjMGYyMTkxNjA2NTY2YWU4NTYwZjhmNjJmN2FkYjk2MThhYTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihY0HX7EZJemEQrXAjqaIcByOkZ0
noNihSyYkDJ9CWbaZoOjBGxlPG5SNgVTnvf3mejD27kM2/vKmuXOQAh2xUgO/zrg
KzP+LT/nSJewNegPeJDrsCfGlCxxsWw11hEY/iaCoIDBaJmX7GM6p8lPEKKpikoK
BZOhFk+a7PPAPDwnT6t7YX6lCsfNZ77plhbX2lwAWM9Y/VZWT8y34Ts7F5lUFuTl
4gYFefKTm6wNyCYcXybhsiBelvWCga+E+EuRAOZ/sHNFD8h3/wTZeF873o4+1SII
/GCqa+fPIQVnMf9BIYGKbmQ/6PfXzMF+jfSQqmLbEbrwbkUjJnGL88s5PQIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFLwcDyGRYGVmroVg+PYvetuWGKpQMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvdkJ3UElaRmdaV2F1aFdENDlpOTYyNVlZcWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH8BggrBgEFBQcBBwEB/wSB7DCB6TA4BAIAATAyMAwDBAcu
EIADBAAuEIIDBAFtaJgDBABtaJsDBAKTTgADBAG5fu4DBAG51RQDBAC51RcwgawE
AgACMIGlMBIDBwEqEQhAAAYDBwAqEQhAAAgwEgMHBCoRCEAAEAMHACoRCEAAFDAS
AwcAKhEIQAAXAwcBKhEIQAAYMBIDBwUqEQhAACADBwAqEQhAACYDBwAqEQhAADAD
BwAqEQhAADMDBwEqEQhAAEAwEgMHACoRCEAARwMHACoRCEAASAMHACoRCEAAVDAS
AwcFKhEIQABgAwcBKhEIQABoAwcAKhEIQABwMA0GCSqGSIb3DQEBCwUAA4IBAQA7
2HbheODACCNuq55s10wx/I1qMNdjhkG0fnE3Ke2Jpm883PSLI7WvzBWf58skyUrH
HIf8cWL/EI+ctM2Lt8NDHy7sX2JZZ3m8dQuI5ZLLjxlWCPwJyc+nAk1yiF1LTE38
9wot9cbkaaYRlSIbaCIvvQh9tPnrNtuiR/fsR6t7Tu/XDnbNs87w/E0OJukfjAev
qZJQL4gH/Hbi45eXYiD2EtmfUAejJOUx9FZo68h2hw3w+hr9bvasFcfN0YdVtt5q
9OyCSAOXx8XVRKJOM79VBg2/2U8dYQSagLFzoI/UiugnPIZ3cZ5c51C+aORpGvfv
//mwqTYY1BsHkltNZcNK
-----END CERTIFICATE-----
Generated at Fri Sep 13 23:38:01 2024 by rpki-client on console-fra.rpki-client.org