Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/3BspLOOMTXT0RBUSm03ACrVWZBM.roa
File: 3BspLOOMTXT0RBUSm03ACrVWZBM.roa (raw, json)
Hash identifier: eqRPsQ3k6283n44CeeqDVqdf4lZTmf/ioBbJBB97SMk=
Subject key identifier: DC:1B:29:2C:E3:8C:4D:74:F4:44:15:12:9B:4D:C0:0A:B5:56:64:13
Certificate issuer: /CN=00642b607b94a143ff41c554c913bd5a651f8c05
Certificate serial: 0185729EF7AD9AF44D8CE27E0288002E996B
Authority key identifier: 00:64:2B:60:7B:94:A1:43:FF:41:C5:54:C9:13:BD:5A:65:1F:8C:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AGQrYHuUoUP_QcVUyRO9WmUfjAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/3BspLOOMTXT0RBUSm03ACrVWZBM.roa
Signing time: Mon 02 Jan 2023 13:14:58 +0000
ROA not before: Mon 02 Jan 2023 13:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50563
IP address blocks: 37.98.204.0/22 maxlen: 22
37.98.205.0/24 maxlen: 24
37.98.206.0/23 maxlen: 23
37.98.206.0/24 maxlen: 24
37.98.204.0/24 maxlen: 24
37.98.204.0/23 maxlen: 23
37.98.207.0/24 maxlen: 24
93.119.16.0/23 maxlen: 23
93.119.16.0/24 maxlen: 24
93.119.17.0/24 maxlen: 24
93.119.19.0/24 maxlen: 24
195.189.208.0/23 maxlen: 23
195.189.208.0/24 maxlen: 24
195.189.209.0/24 maxlen: 24
188.240.192.0/24 maxlen: 24
188.240.193.0/24 maxlen: 24
185.72.112.0/22 maxlen: 22
185.72.112.0/23 maxlen: 23
185.72.112.0/24 maxlen: 24
185.72.115.0/24 maxlen: 24
185.72.113.0/24 maxlen: 24
185.72.114.0/23 maxlen: 23
185.72.114.0/24 maxlen: 24
185.66.44.0/24 maxlen: 24
185.66.44.0/23 maxlen: 23
185.66.44.0/22 maxlen: 22
185.66.45.0/24 maxlen: 24
185.66.46.0/23 maxlen: 23
185.66.46.0/24 maxlen: 24
185.66.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Mar 2023 09:34:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:f7:ad:9a:f4:4d:8c:e2:7e:02:88:00:2e:99:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00642b607b94a143ff41c554c913bd5a651f8c05
Validity
Not Before: Jan 2 13:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc1b292ce38c4d74f44415129b4dc00ab5566413
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4a:3d:48:70:51:7a:45:a4:58:3f:77:0a:14:
62:cd:35:ff:66:e6:39:4d:b2:82:83:86:80:64:e8:
d8:c0:fa:8f:47:99:a5:cc:4d:56:df:0a:e9:e4:e0:
fb:17:ac:05:0a:ea:cd:28:18:54:33:5e:ee:96:63:
35:2c:aa:fd:d0:d4:f9:e7:0b:22:46:f9:b2:7b:11:
db:ce:41:ea:f1:2d:ba:3e:da:66:79:b8:25:7c:da:
6b:33:2f:c6:a0:e9:aa:8a:1a:0c:48:d0:dc:7b:dd:
c9:e1:00:49:97:33:7b:00:b1:dc:1e:2c:b2:52:7d:
40:48:52:0a:d5:9e:78:f8:b7:e6:c9:28:9a:cb:97:
2d:27:87:75:0b:3d:05:16:82:65:2c:e2:ed:5c:6a:
2d:50:69:9c:d5:e9:c2:1a:5e:7a:cb:ba:ab:8a:7c:
df:6e:18:bc:91:ab:ec:1b:df:e9:79:b7:21:a6:58:
be:86:84:ab:71:f3:f4:d3:a5:d8:97:e7:f6:8b:d2:
9e:c2:18:37:60:73:68:62:26:ab:52:a7:40:a5:3f:
09:6d:fa:3e:c6:b1:40:f8:18:2f:dd:84:6b:ec:71:
41:b0:9d:42:2b:b5:59:fe:1c:31:aa:d5:3a:87:4d:
c0:89:95:18:86:d0:30:c0:48:31:18:49:c9:8e:04:
8b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:1B:29:2C:E3:8C:4D:74:F4:44:15:12:9B:4D:C0:0A:B5:56:64:13
X509v3 Authority Key Identifier:
keyid:00:64:2B:60:7B:94:A1:43:FF:41:C5:54:C9:13:BD:5A:65:1F:8C:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AGQrYHuUoUP_QcVUyRO9WmUfjAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/3BspLOOMTXT0RBUSm03ACrVWZBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/AGQrYHuUoUP_QcVUyRO9WmUfjAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.204.0/22
93.119.16.0/23
93.119.19.0/24
185.66.44.0/22
185.72.112.0/22
188.240.192.0/23
195.189.208.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:d8:53:33:4f:33:3d:e8:1e:15:45:93:ee:cf:6d:2a:1a:93:
54:1a:76:52:fd:1d:1b:2c:8f:2c:a2:9d:a6:b9:c4:16:1f:d7:
59:7c:1e:ac:d2:fb:06:e2:49:ad:b9:bf:06:05:73:77:8c:f6:
27:8a:97:42:73:52:6e:b2:0d:8f:7c:95:5c:10:c7:b7:de:7e:
6f:57:ed:1f:ae:fb:e0:6a:35:41:32:ec:60:e8:d2:d5:eb:86:
c6:ad:20:40:fb:4f:52:a0:b7:32:c5:dc:96:88:ba:99:80:f0:
07:3c:ac:4e:61:e0:1c:75:16:6a:4d:12:e4:6e:ed:61:a3:36:
8c:ef:40:8b:09:0b:cb:bf:d4:a3:00:40:c0:a8:ca:80:ab:72:
72:a2:58:f5:b5:76:f3:84:af:7e:22:65:68:ef:1e:32:7c:77:
65:7d:1f:6c:a2:be:ec:19:46:aa:34:9e:85:ed:a4:86:58:cc:
90:6f:58:56:08:22:42:10:cf:6d:da:e2:21:05:01:de:db:eb:
22:19:b5:fa:37:ab:f8:54:f1:d8:5c:75:1b:08:8d:37:b5:67:
b2:ce:b2:63:10:e8:df:79:2c:c3:3e:e8:55:4e:25:5a:e4:ed:
a4:52:ab:ab:f4:9c:ba:6a:b9:74:3a:76:fc:63:ce:aa:c5:b7:
3c:0e:fd:1a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVynvetmvRNjOJ+AogALplrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNjQyYjYwN2I5NGExNDNmZjQxYzU1NGM5MTNiZDVhNjUx
ZjhjMDUwHhcNMjMwMTAyMTMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzFiMjkyY2UzOGM0ZDc0ZjQ0NDE1MTI5YjRkYzAwYWI1NTY2NDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlko9SHBRekWkWD93ChRizTX/ZuY5
TbKCg4aAZOjYwPqPR5mlzE1W3wrp5OD7F6wFCurNKBhUM17ulmM1LKr90NT55wsi
RvmyexHbzkHq8S26PtpmebglfNprMy/GoOmqihoMSNDce93J4QBJlzN7ALHcHiyy
Un1ASFIK1Z54+LfmySiay5ctJ4d1Cz0FFoJlLOLtXGotUGmc1enCGl56y7qrinzf
bhi8kavsG9/pebchpli+hoSrcfP006XYl+f2i9Kewhg3YHNoYiarUqdApT8Jbfo+
xrFA+Bgv3YRr7HFBsJ1CK7VZ/hwxqtU6h03AiZUYhtAwwEgxGEnJjgSLnwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNwbKSzjjE109EQVEptNwAq1VmQTMB8GA1UdIwQY
MBaAFABkK2B7lKFD/0HFVMkTvVplH4wFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUdRcllIdVVvVVBfUWNWVXlSTzlXbVVmakFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9hYzlhYmEtOTczNS00YjlkLThlYWUt
MTliYzdiZGNjYmMxLzEvM0JzcExPT01UWFQwUkJVU20wM0FDclZXWkJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9hYzlhYmEtOTczNS00YjlkLThlYWUtMTliYzdiZGNjYmMx
LzEvQUdRcllIdVVvVVBfUWNWVXlSTzlXbVVmakFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCJWLMAwQB
XXcQAwQAXXcTAwQCuUIsAwQCuUhwAwQBvPDAAwQBw73QMA0GCSqGSIb3DQEBCwUA
A4IBAQAb2FMzTzM96B4VRZPuz20qGpNUGnZS/R0bLI8sop2mucQWH9dZfB6s0vsG
4kmtub8GBXN3jPYnipdCc1Jusg2PfJVcEMe33n5vV+0frvvgajVBMuxg6NLV64bG
rSBA+09SoLcyxdyWiLqZgPAHPKxOYeAcdRZqTRLkbu1hozaM70CLCQvLv9SjAEDA
qMqAq3Jyolj1tXbzhK9+ImVo7x4yfHdlfR9sor7sGUaqNJ6F7aSGWMyQb1hWCCJC
EM9t2uIhBQHe2+siGbX6N6v4VPHYXHUbCI03tWeyzrJjEOjfeSzDPuhVTiVa5O2k
Uqur9Jy6arl0Onb8Y86qxbc8Dv0a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:51 2024 by rpki-client on console-ams.rpki-client.org