Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/vBkDeBgY2PhiQUyjlgnZHxk_ahM.roa
File: vBkDeBgY2PhiQUyjlgnZHxk_ahM.roa (raw, json)
Hash identifier: 8ogCgUW//+yHvF0sxyUyqN2c+5RXNVDPj2JLNPT3baQ=
Subject key identifier: BC:19:03:78:18:18:D8:F8:62:41:4C:A3:96:09:D9:1F:19:3F:6A:13
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 018D4094D35DA01AC04D58C1E7BDB903B333
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/vBkDeBgY2PhiQUyjlgnZHxk_ahM.roa
Signing time: Thu 25 Jan 2024 12:25:11 +0000
ROA not before: Thu 25 Jan 2024 12:25:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3352
IP address blocks: 2.136.0.0/16 maxlen: 16
2.137.0.0/16 maxlen: 16
2.138.0.0/16 maxlen: 16
79.144.0.0/16 maxlen: 16
79.145.0.0/16 maxlen: 16
79.146.0.0/16 maxlen: 16
79.147.0.0/16 maxlen: 16
80.30.0.0/16 maxlen: 16
80.31.0.0/16 maxlen: 16
81.32.0.0/16 maxlen: 16
81.34.0.0/16 maxlen: 16
81.35.0.0/16 maxlen: 16
81.36.0.0/16 maxlen: 16
81.37.0.0/16 maxlen: 16
81.38.0.0/16 maxlen: 16
81.39.0.0/16 maxlen: 16
81.40.0.0/16 maxlen: 16
81.41.0.0/16 maxlen: 16
81.42.0.0/16 maxlen: 16
81.43.0.0/16 maxlen: 16
83.32.0.0/16 maxlen: 16
83.33.0.0/16 maxlen: 16
83.34.0.0/16 maxlen: 16
83.35.0.0/16 maxlen: 16
83.37.0.0/16 maxlen: 16
83.38.0.0/16 maxlen: 16
83.39.0.0/16 maxlen: 16
83.47.0.0/16 maxlen: 16
83.52.0.0/16 maxlen: 16
83.53.0.0/16 maxlen: 16
83.54.0.0/16 maxlen: 16
83.55.0.0/16 maxlen: 16
83.57.0.0/16 maxlen: 16
83.58.0.0/16 maxlen: 16
83.59.0.0/16 maxlen: 16
83.60.0.0/16 maxlen: 16
83.63.0.0/16 maxlen: 16
88.0.0.0/16 maxlen: 16
88.1.0.0/16 maxlen: 16
88.8.0.0/16 maxlen: 16
88.9.0.0/16 maxlen: 16
88.10.0.0/16 maxlen: 16
88.11.0.0/16 maxlen: 16
88.13.0.0/16 maxlen: 16
88.14.0.0/16 maxlen: 16
88.15.0.0/16 maxlen: 16
88.16.0.0/16 maxlen: 16
88.24.0.0/16 maxlen: 16
88.25.0.0/16 maxlen: 16
88.30.0.0/16 maxlen: 16
192.101.1.0/24 maxlen: 24
194.69.225.0/24 maxlen: 24
194.179.34.0/24 maxlen: 24
194.179.112.0/24 maxlen: 24
194.224.157.0/24 maxlen: 24
195.53.0.0/16 maxlen: 16
195.53.193.0/24 maxlen: 24
195.53.218.0/23 maxlen: 23
195.55.78.0/24 maxlen: 24
195.55.79.0/24 maxlen: 24
195.55.110.0/24 maxlen: 24
213.99.44.0/24 maxlen: 24
213.99.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 06:12:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:40:94:d3:5d:a0:1a:c0:4d:58:c1:e7:bd:b9:03:b3:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 25 12:25:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc1903781818d8f862414ca39609d91f193f6a13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:16:28:8d:2c:0d:04:a4:cd:26:b4:29:93:f2:
b9:ba:fe:15:b4:df:61:34:21:21:c8:80:44:3d:20:
eb:71:eb:e6:b6:db:64:b4:6f:1a:4e:f4:3b:e9:be:
02:7c:13:7c:d3:64:11:75:a0:4e:39:11:9d:52:fe:
b5:d3:49:d6:13:ba:1e:52:43:6d:fc:e1:0d:4c:1d:
83:21:eb:c5:97:57:3d:01:00:0c:67:f6:23:c4:49:
a9:99:de:dc:04:6b:37:6b:a6:e9:54:b3:46:f1:13:
8d:1b:06:26:da:f7:ad:09:b3:12:d8:74:e1:8d:4d:
f4:66:f2:e9:88:1c:ec:ec:12:1e:2f:83:db:77:9f:
4c:ca:9f:4e:68:ad:c2:b4:8d:43:44:b3:cc:4f:0b:
13:9e:c8:f1:bb:7d:6e:33:d7:e2:48:98:d3:6b:c5:
50:7a:f1:d9:0e:5a:63:c3:d2:44:f5:5a:e7:5b:6a:
e0:69:db:4c:65:ef:63:ad:77:2b:70:51:f9:24:b9:
cc:e3:e2:73:f3:9b:a4:a5:99:63:99:77:fb:87:1a:
4d:6f:ae:3e:91:7d:96:28:01:8f:94:a7:77:a2:83:
1c:aa:41:04:4f:2c:16:a6:98:6e:2c:be:fb:a0:01:
78:ac:8f:94:3c:7c:6f:cb:a4:b6:7b:bf:b3:5d:f7:
4b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:19:03:78:18:18:D8:F8:62:41:4C:A3:96:09:D9:1F:19:3F:6A:13
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/vBkDeBgY2PhiQUyjlgnZHxk_ahM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.136.0.0-2.138.255.255
79.144.0.0/14
80.30.0.0/15
81.32.0.0/16
81.34.0.0-81.43.255.255
83.32.0.0/14
83.37.0.0-83.39.255.255
83.47.0.0/16
83.52.0.0/14
83.57.0.0-83.60.255.255
83.63.0.0/16
88.0.0.0/15
88.8.0.0/14
88.13.0.0-88.16.255.255
88.24.0.0/15
88.30.0.0/16
192.101.1.0/24
194.69.225.0/24
194.179.34.0/24
194.179.112.0/24
194.224.157.0/24
195.53.0.0/16
195.55.78.0/23
195.55.110.0/24
213.99.44.0/24
213.99.59.0/24
Signature Algorithm: sha256WithRSAEncryption
de:09:02:ce:82:8a:bf:10:a1:5d:27:b9:f7:73:32:c3:4a:04:
fe:21:69:49:17:32:71:b4:a0:4a:c0:34:5b:a6:e2:4f:6b:04:
f4:50:80:14:1a:e9:9d:24:40:da:d8:2e:b2:4e:46:88:73:f5:
dd:34:a0:ae:d8:0a:bc:64:62:9d:19:5e:7f:c2:d2:32:88:9b:
d1:ef:c6:22:97:dd:ca:20:c3:33:85:e8:8b:dc:01:11:d1:e8:
08:2d:59:3c:0e:41:d2:85:be:35:f8:d8:69:e7:ee:eb:f4:47:
ef:e2:de:e7:9e:f2:56:75:31:44:70:76:09:98:c2:02:11:3f:
31:77:46:d8:49:33:ea:df:00:f2:4b:c0:c6:8d:2d:ed:34:1c:
89:89:a0:d5:51:d2:5f:f8:53:3b:b4:f9:66:fd:23:97:f5:30:
f8:33:fe:fd:fb:69:e7:e1:0f:e6:e1:17:69:86:ef:f7:91:b8:
fe:17:d3:6e:61:e2:82:c4:ff:ae:b7:2c:e5:fe:1e:c7:58:ed:
ec:8d:92:87:17:d7:89:b8:ae:71:97:72:6c:eb:1f:fa:fa:e3:
fd:d5:9d:89:46:70:83:0d:56:22:d9:0d:e6:19:5d:81:50:64:
74:80:9d:89:e7:6b:8d:a8:a3:fb:26:f8:6f:82:a9:38:ea:e1:
85:81:10:ce
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAY1AlNNdoBrATVjB5725A7MzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjQwMTI1MTIyNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzE5MDM3ODE4MThkOGY4NjI0MTRjYTM5NjA5ZDkxZjE5M2Y2YTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBYojSwNBKTNJrQpk/K5uv4VtN9h
NCEhyIBEPSDrcevmtttktG8aTvQ76b4CfBN802QRdaBOORGdUv6100nWE7oeUkNt
/OENTB2DIevFl1c9AQAMZ/YjxEmpmd7cBGs3a6bpVLNG8RONGwYm2vetCbMS2HTh
jU30ZvLpiBzs7BIeL4Pbd59Myp9OaK3CtI1DRLPMTwsTnsjxu31uM9fiSJjTa8VQ
evHZDlpjw9JE9VrnW2rgadtMZe9jrXcrcFH5JLnM4+Jz85ukpZljmXf7hxpNb64+
kX2WKAGPlKd3ooMcqkEETywWpphuLL77oAF4rI+UPHxvy6S2e7+zXfdL1wIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFLwZA3gYGNj4YkFMo5YJ2R8ZP2oTMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvdkJrRGVCZ1kyUGhpUVV5amxnblpIeGtfYWhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4wCgMD
AwKIAwMAAooDAwJPkAMDAVAeAwMAUSAwCgMDAVEiAwMCUSgDAwJTIDAKAwMAUyUD
AwNTIAMDAFMvAwMCUzQwCgMDAFM5AwMAUzwDAwBTPwMDAVgAAwMCWAgwCgMDAFgN
AwMAWBADAwFYGAMDAFgeAwQAwGUBAwQAwkXhAwQAwrMiAwQAwrNwAwQAwuCdAwMA
wzUDBAHDN04DBADDN24DBADVYywDBADVYzswDQYJKoZIhvcNAQELBQADggEBAN4J
As6Cir8QoV0nufdzMsNKBP4haUkXMnG0oErANFum4k9rBPRQgBQa6Z0kQNrYLrJO
Rohz9d00oK7YCrxkYp0ZXn/C0jKIm9HvxiKX3cogwzOF6IvcARHR6AgtWTwOQdKF
vjX42Gnn7uv0R+/i3uee8lZ1MURwdgmYwgIRPzF3RthJM+rfAPJLwMaNLe00HImJ
oNVR0l/4Uzu0+Wb9I5f1MPgz/v37aefhD+bhF2mG7/eRuP4X025h4oLE/663LOX+
HsdY7eyNkocX14m4rnGXcmzrH/r64/3VnYlGcIMNViLZDeYZXYFQZHSAnYnna42o
o/sm+G+CqTjq4YWBEM4=
-----END CERTIFICATE-----
Generated at Fri Jan 26 10:11:29 2024 by rpki-client on console-fra.rpki-client.org