Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/bD5mf1w9w730ajF86ZDEVNEOaIo.roa
File: bD5mf1w9w730ajF86ZDEVNEOaIo.roa (raw, json)
Hash identifier: hv5vbqOtMzwu+5J21K4dnIp04xHAbrgcc8/4fW6Tj3I=
Subject key identifier: 6C:3E:66:7F:5C:3D:C3:BD:F4:6A:31:7C:E9:90:C4:54:D1:0E:68:8A
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 018848A0E87EF3ADFF3F8F7A0D36552F7CA1
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/bD5mf1w9w730ajF86ZDEVNEOaIo.roa
Signing time: Tue 23 May 2023 12:41:24 +0000
ROA not before: Tue 23 May 2023 12:41:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31034
IP address blocks: 185.58.116.0/22 maxlen: 24
94.177.192.0/18 maxlen: 24
89.46.104.0/21 maxlen: 24
95.110.128.0/17 maxlen: 24
31.14.128.0/20 maxlen: 24
31.11.32.0/21 maxlen: 24
77.81.224.0/20 maxlen: 24
46.37.0.0/19 maxlen: 24
89.46.192.0/21 maxlen: 24
62.149.128.0/17 maxlen: 24
188.213.160.0/20 maxlen: 24
176.107.144.0/21 maxlen: 24
80.73.224.0/21 maxlen: 24
89.36.208.0/22 maxlen: 24
217.198.128.0/20 maxlen: 24
5.249.128.0/19 maxlen: 24
195.231.0.0/17 maxlen: 24
209.227.192.0/20 maxlen: 24
217.61.0.0/18 maxlen: 24
89.46.64.0/20 maxlen: 24
94.177.160.0/19 maxlen: 24
209.227.208.0/20 maxlen: 24
185.56.8.0/22 maxlen: 24
80.211.0.0/16 maxlen: 24
209.227.224.0/20 maxlen: 24
82.192.128.0/19 maxlen: 24
194.182.110.0/23 maxlen: 24
209.227.240.0/20 maxlen: 24
195.231.88.0/21 maxlen: 24
2a00:6d40::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:48:a0:e8:7e:f3:ad:ff:3f:8f:7a:0d:36:55:2f:7c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: May 23 12:41:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c3e667f5c3dc3bdf46a317ce990c454d10e688a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a1:cc:6a:f5:4b:f1:be:2a:ca:76:16:dc:ed:
3b:9e:7f:d0:0a:ff:79:1a:6c:71:b1:05:46:21:2e:
51:d3:b0:c6:ac:a2:c6:bb:7c:11:cb:64:ed:8a:ab:
a5:5f:fa:0f:e3:7b:ba:50:fb:da:76:10:e6:1b:47:
e1:b1:a5:b9:a7:6f:4a:f4:46:2a:ee:40:9f:a5:b2:
5b:8a:cb:04:49:fd:d9:48:00:5d:eb:aa:52:bd:53:
de:74:47:52:a1:b8:b4:70:7e:74:e2:8a:03:0b:52:
06:b3:6a:26:77:0a:1d:7b:bb:db:0c:94:23:7c:e2:
63:5d:d3:22:35:91:04:ce:73:80:e8:7b:38:08:dc:
6b:f3:08:96:de:ec:36:36:20:a2:20:17:8f:d3:d6:
b8:93:62:7e:2b:be:66:29:ec:05:d0:cd:46:61:66:
21:52:de:17:d9:40:4f:6c:b5:4a:21:2c:59:2e:87:
cf:88:9d:3f:98:29:a9:9e:bf:ce:8b:77:eb:d5:6d:
28:1a:64:7c:af:34:81:96:8d:a1:c8:43:52:88:e5:
76:e3:d8:2e:67:9c:4b:b3:02:61:5a:d2:bd:cb:ce:
a1:f7:07:db:5d:e0:62:5b:64:34:d9:04:78:c1:8c:
2c:d3:6d:18:47:f1:a2:85:cc:af:0f:e3:00:98:a0:
40:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:3E:66:7F:5C:3D:C3:BD:F4:6A:31:7C:E9:90:C4:54:D1:0E:68:8A
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/bD5mf1w9w730ajF86ZDEVNEOaIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.128.0/19
31.11.32.0/21
31.14.128.0/20
46.37.0.0/19
62.149.128.0/17
77.81.224.0/20
80.73.224.0/21
80.211.0.0/16
82.192.128.0/19
89.36.208.0/22
89.46.64.0/20
89.46.104.0/21
89.46.192.0/21
94.177.160.0-94.177.255.255
95.110.128.0/17
176.107.144.0/21
185.56.8.0/22
185.58.116.0/22
188.213.160.0/20
194.182.110.0/23
195.231.0.0/17
209.227.192.0/18
217.61.0.0/18
217.198.128.0/20
IPv6:
2a00:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
3a:c1:95:32:c1:47:e6:dd:7f:fb:ea:30:dd:9e:8d:85:2b:73:
a4:b5:14:53:7c:f2:0f:3c:e8:f9:00:67:9e:bb:2b:50:9e:6b:
84:b4:7d:e3:89:10:fa:ec:fd:14:05:f5:9d:78:4d:5d:eb:ea:
de:dc:fe:9d:88:3e:0a:f1:f6:3e:54:0a:ed:3b:53:48:7e:84:
5f:91:be:89:dd:56:99:33:8c:92:f9:2c:d7:45:65:78:c2:c0:
00:97:08:ab:c2:7d:87:94:57:88:08:13:8c:3d:f4:66:68:86:
14:49:70:1e:9b:fd:3b:ef:f0:5d:2d:dc:fd:d0:f0:49:ba:2b:
cf:ed:eb:be:e1:fd:a2:31:5f:5d:3e:25:46:83:1e:f2:5d:a8:
04:66:bb:66:33:65:91:4f:01:54:bd:6d:3f:f4:7d:13:be:02:
5b:bc:98:76:ab:64:fa:e3:13:82:ff:81:52:f8:71:12:c5:4d:
61:58:fe:19:b4:58:80:88:75:8e:97:bc:29:da:e4:86:f8:5e:
64:df:1a:e0:d2:00:77:43:11:2c:7b:89:eb:b0:1e:46:d7:55:
9f:e1:4a:aa:55:31:87:ac:e1:d9:8e:ee:a9:52:a6:4a:2e:fe:
81:75:8a:c4:77:cc:5d:1b:40:0b:fa:b2:6e:43:8d:13:0a:07:
7c:47:08:d3
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAYhIoOh+863/P496DTZVL3yhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjMwNTIzMTI0MTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzNlNjY3ZjVjM2RjM2JkZjQ2YTMxN2NlOTkwYzQ1NGQxMGU2ODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6HMavVL8b4qynYW3O07nn/QCv95
GmxxsQVGIS5R07DGrKLGu3wRy2TtiqulX/oP43u6UPvadhDmG0fhsaW5p29K9EYq
7kCfpbJbissESf3ZSABd66pSvVPedEdSobi0cH504ooDC1IGs2omdwode7vbDJQj
fOJjXdMiNZEEznOA6Hs4CNxr8wiW3uw2NiCiIBeP09a4k2J+K75mKewF0M1GYWYh
Ut4X2UBPbLVKISxZLofPiJ0/mCmpnr/Oi3fr1W0oGmR8rzSBlo2hyENSiOV249gu
Z5xLswJhWtK9y86h9wfbXeBiW2Q02QR4wYws020YR/GihcyvD+MAmKBAcwIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFGw+Zn9cPcO99GoxfOmQxFTRDmiKMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvYkQ1bWYxdzl3NzMwYWpGODZaREVWTkVPYUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAUF
+YADBAMfCyADBAQfDoADBAUuJQADBAc+lYADBARNUeADBANQSeADAwBQ0wMEBVLA
gAMEAlkk0AMEBFkuQAMEA1kuaAMEA1kuwDALAwQFXrGgAwMBXrADBAdfboADBAOw
a5ADBAK5OAgDBAK5OnQDBAS81aADBAHCtm4DBAfD5wADBAbR48ADBAbZPQADBATZ
xoAwDQQCAAIwBwMFAyoAbUAwDQYJKoZIhvcNAQELBQADggEBADrBlTLBR+bdf/vq
MN2ejYUrc6S1FFN88g886PkAZ567K1Cea4S0feOJEPrs/RQF9Z14TV3r6t7c/p2I
Pgrx9j5UCu07U0h+hF+RvondVpkzjJL5LNdFZXjCwACXCKvCfYeUV4gIE4w99GZo
hhRJcB6b/Tvv8F0t3P3Q8Em6K8/t677h/aIxX10+JUaDHvJdqARmu2YzZZFPAVS9
bT/0fRO+Alu8mHarZPrjE4L/gVL4cRLFTWFY/hm0WICIdY6XvCna5Ib4XmTfGuDS
AHdDESx7ieuwHkbXVZ/hSqpVMYes4dmO7qlSpkou/oF1isR3zF0bQAv6sm5DjRMK
B3xHCNM=
-----END CERTIFICATE-----
Generated at Mon Oct 23 14:46:01 2023 by rpki-client on console-fra.rpki-client.org