Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/3bkpkU7fW5-U-YNYNgsiOBp0pZw.roa
File: 3bkpkU7fW5-U-YNYNgsiOBp0pZw.roa (raw, json)
Hash identifier: lZDIsi03mBYExghHEOvw1bGx25rxaXx0GRJMqpzCVOk=
Subject key identifier: DD:B9:29:91:4E:DF:5B:9F:94:F9:83:58:36:0B:22:38:1A:74:A5:9C
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018CC8DE87E04C2CAC6DBF3287A851F16528
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/3bkpkU7fW5-U-YNYNgsiOBp0pZw.roa
Signing time: Tue 02 Jan 2024 06:31:16 +0000
ROA not before: Tue 02 Jan 2024 06:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 85.208.105.0/24 maxlen: 24
45.66.152.0/24 maxlen: 24
45.66.154.0/24 maxlen: 24
45.66.155.0/24 maxlen: 24
5.180.32.0/22 maxlen: 24
5.180.51.0/24 maxlen: 24
5.180.50.0/24 maxlen: 24
85.208.107.0/24 maxlen: 24
85.208.113.0/24 maxlen: 24
85.208.115.0/24 maxlen: 24
45.8.192.0/22 maxlen: 24
45.8.188.0/22 maxlen: 24
45.8.199.0/24 maxlen: 24
45.8.198.0/24 maxlen: 24
45.8.197.0/24 maxlen: 24
45.8.203.0/24 maxlen: 24
193.168.208.0/22 maxlen: 24
5.180.80.0/24 maxlen: 24
5.180.235.0/24 maxlen: 24
85.209.160.0/24 maxlen: 24
5.253.44.0/24 maxlen: 24
5.253.39.0/24 maxlen: 24
45.8.252.0/24 maxlen: 24
45.8.253.0/24 maxlen: 24
5.253.47.0/24 maxlen: 24
5.253.45.0/24 maxlen: 24
45.9.4.0/24 maxlen: 24
45.8.255.0/24 maxlen: 24
45.9.1.0/24 maxlen: 24
45.9.0.0/24 maxlen: 24
45.9.6.0/24 maxlen: 24
45.9.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jan 2024 06:54:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:87:e0:4c:2c:ac:6d:bf:32:87:a8:51:f1:65:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 2 06:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddb929914edf5b9f94f98358360b22381a74a59c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:81:12:15:70:4f:cf:d2:83:f6:2b:4f:be:c8:
5b:c6:8e:98:ed:a7:36:0b:af:49:4a:7d:aa:da:2b:
d4:60:00:a5:5d:d9:ee:03:dc:67:b0:94:83:89:d2:
d7:27:6e:9a:5c:b5:74:49:13:31:8f:7d:cb:b5:f6:
9d:7f:81:2d:af:bd:54:bf:ef:c8:30:7e:a4:e1:2c:
87:b6:68:4f:b9:bf:c7:6d:80:4f:65:bd:70:35:f6:
3f:96:e2:67:3a:b9:37:3f:3d:2c:33:f4:89:4c:a0:
44:f1:26:78:99:7e:37:13:94:d1:7b:af:11:e5:32:
cc:8a:b0:5b:a8:ba:81:4a:c4:25:e0:09:a1:b1:b9:
ab:24:6a:87:57:0f:4c:69:1e:aa:fc:2d:b8:b8:23:
25:57:24:51:75:6d:f6:1a:5f:ed:97:b4:b7:6a:7f:
25:0a:2a:69:70:02:52:65:d6:65:48:7e:6e:96:d2:
dd:6c:06:fd:58:4c:cf:d9:0b:cb:4b:27:b5:10:1a:
b4:9c:2c:a3:4c:c5:0f:4e:49:10:7c:3c:ee:a9:3a:
37:3b:b5:f7:38:10:3b:4f:00:67:e8:9f:a0:58:6f:
09:f6:93:a7:a4:c4:a2:a7:a5:67:7b:92:a5:23:52:
0d:ad:f5:c7:95:ce:b4:67:3b:35:25:7a:80:d0:d1:
8d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:B9:29:91:4E:DF:5B:9F:94:F9:83:58:36:0B:22:38:1A:74:A5:9C
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/3bkpkU7fW5-U-YNYNgsiOBp0pZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.32.0/22
5.180.50.0/23
5.180.80.0/24
5.180.235.0/24
5.253.39.0/24
5.253.44.0/23
5.253.47.0/24
45.8.188.0-45.8.195.255
45.8.197.0-45.8.199.255
45.8.203.0/24
45.8.252.0/23
45.8.255.0-45.9.1.255
45.9.4.0/24
45.9.6.0/23
45.66.152.0/24
45.66.154.0/23
85.208.105.0/24
85.208.107.0/24
85.208.113.0/24
85.208.115.0/24
85.209.160.0/24
193.168.208.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:b9:d3:60:64:1c:e3:6d:d6:0e:97:72:33:ac:38:c8:55:05:
da:18:53:57:4d:e6:ce:17:53:f5:b6:63:e6:be:b0:25:66:e9:
97:82:de:13:17:d7:39:bb:46:e5:c0:8a:26:ec:ca:ee:a2:38:
91:e3:1d:8b:6e:63:4e:1c:b0:25:ba:be:3f:c5:bf:e3:79:d8:
7b:3f:8e:05:9b:ca:93:15:09:a0:0e:3a:24:6c:69:35:af:8a:
13:19:e4:64:ff:75:e1:82:aa:65:a7:ac:83:87:45:f7:5d:cc:
5c:f5:18:3f:a7:28:0f:75:f4:1e:31:4e:4b:1c:74:58:bd:ac:
56:7d:35:fd:a8:1c:c6:4f:12:40:49:77:4f:b0:e6:8b:d9:2d:
7d:ac:e5:b1:8a:66:05:bd:25:80:3c:e7:a9:55:da:00:6a:36:
e0:82:f8:08:56:bb:c7:2b:f2:fe:db:cd:b3:b4:77:57:6e:f9:
b3:c0:dd:05:80:ab:55:e7:2e:92:90:54:a2:b1:04:a3:32:1a:
6c:57:b7:34:f7:64:c8:c1:fb:7b:05:ff:45:30:ec:ee:2d:01:
12:48:93:7b:f2:7e:b1:85:59:32:9f:b9:f0:02:8c:3b:6d:e5:
bc:59:0d:b4:74:02:d9:a5:09:94:18:76:14:32:f7:71:f8:24:
5f:3f:07:5f
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYzI3ofgTCysbb8yh6hR8WUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTAyMDYzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGI5Mjk5MTRlZGY1YjlmOTRmOTgzNTgzNjBiMjIzODFhNzRhNTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4ESFXBPz9KD9itPvshbxo6Y7ac2
C69JSn2q2ivUYAClXdnuA9xnsJSDidLXJ26aXLV0SRMxj33Ltfadf4Etr71Uv+/I
MH6k4SyHtmhPub/HbYBPZb1wNfY/luJnOrk3Pz0sM/SJTKBE8SZ4mX43E5TRe68R
5TLMirBbqLqBSsQl4AmhsbmrJGqHVw9MaR6q/C24uCMlVyRRdW32Gl/tl7S3an8l
CippcAJSZdZlSH5ultLdbAb9WEzP2QvLSye1EBq0nCyjTMUPTkkQfDzuqTo3O7X3
OBA7TwBn6J+gWG8J9pOnpMSip6Vne5KlI1INrfXHlc60Zzs1JXqA0NGNtQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFN25KZFO31uflPmDWDYLIjgadKWcMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvM2JrcGtVN2ZXNS1VLVlOWU5nc2lPQnAwcFp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAIF
tCADBAEFtDIDBAAFtFADBAAFtOsDBAAF/ScDBAEF/SwDBAAF/S8wDAMEAi0IvAME
Ai0IwDAMAwQALQjFAwQDLQjAAwQALQjLAwQBLQj8MAwDBAAtCP8DBAEtCQADBAAt
CQQDBAEtCQYDBAAtQpgDBAEtQpoDBABV0GkDBABV0GsDBABV0HEDBABV0HMDBABV
0aADBALBqNAwDQYJKoZIhvcNAQELBQADggEBAGu502BkHONt1g6XcjOsOMhVBdoY
U1dN5s4XU/W2Y+a+sCVm6ZeC3hMX1zm7RuXAiibsyu6iOJHjHYtuY04csCW6vj/F
v+N52Hs/jgWbypMVCaAOOiRsaTWvihMZ5GT/deGCqmWnrIOHRfddzFz1GD+nKA91
9B4xTkscdFi9rFZ9Nf2oHMZPEkBJd0+w5ovZLX2s5bGKZgW9JYA856lV2gBqNuCC
+AhWu8cr8v7bzbO0d1du+bPA3QWAq1XnLpKQVKKxBKMyGmxXtzT3ZMjB+3sF/0Uw
7O4tARJIk3vyfrGFWTKfufACjDtt5bxZDbR0AtmlCZQYdhQy93H4JF8/B18=
-----END CERTIFICATE-----
Generated at Fri Jan 12 08:30:14 2024 by rpki-client on console-fra.rpki-client.org