Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/d2ra_BCDwj7gvfILOaHaPAt0ees.roa
File: d2ra_BCDwj7gvfILOaHaPAt0ees.roa (raw, json)
Hash identifier: qtCTveP6j9FCZwGPzRyobsqsNCPIvyiD/wI2lKZFCR0=
Subject key identifier: 77:6A:DA:FC:10:83:C2:3E:E0:BD:F2:0B:39:A1:DA:3C:0B:74:79:EB
Certificate issuer: /CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Certificate serial: 01886C7FA55F98FF06DF4DC4DE895E94217A
Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/d2ra_BCDwj7gvfILOaHaPAt0ees.roa
Signing time: Tue 30 May 2023 11:51:24 +0000
ROA not before: Tue 30 May 2023 11:51:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13037
IP address blocks: 212.23.0.0/19 maxlen: 19
82.71.240.0/20 maxlen: 20
88.97.64.0/19 maxlen: 19
88.98.160.0/21 maxlen: 21
88.98.172.0/22 maxlen: 22
88.98.170.0/23 maxlen: 23
88.98.176.0/20 maxlen: 20
88.97.0.0/18 maxlen: 18
51.148.0.0/16 maxlen: 16
88.97.128.0/17 maxlen: 17
62.3.64.0/18 maxlen: 18
51.170.0.0/16 maxlen: 18
88.97.96.0/20 maxlen: 20
88.97.112.0/20 maxlen: 20
88.98.0.0/20 maxlen: 20
88.98.16.0/23 maxlen: 23
88.98.24.0/21 maxlen: 21
88.98.22.0/23 maxlen: 23
88.98.21.0/24 maxlen: 24
88.98.18.0/24 maxlen: 24
88.96.0.0/16 maxlen: 16
88.96.0.0/15 maxlen: 15
217.155.0.0/16 maxlen: 16
51.155.0.0/16 maxlen: 16
82.68.0.0/14 maxlen: 14
88.98.128.0/19 maxlen: 19
88.98.32.0/19 maxlen: 19
88.98.64.0/19 maxlen: 19
2a02:8010::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 24 Aug 2023 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6c:7f:a5:5f:98:ff:06:df:4d:c4:de:89:5e:94:21:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Validity
Not Before: May 30 11:51:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=776adafc1083c23ee0bdf20b39a1da3c0b7479eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a6:18:a2:5a:6a:a2:03:ec:02:43:1b:9e:ad:
55:1b:e5:5b:49:9f:c9:3b:31:76:e4:6d:79:51:e3:
f7:f9:4f:bb:c4:fb:76:75:7b:bc:88:2a:33:e9:a0:
38:d0:fc:12:71:22:4a:25:91:c8:63:c3:d8:ea:16:
d9:d8:2f:70:99:9b:44:85:03:40:b1:e5:a9:39:2d:
bf:c1:5a:e5:b8:ec:d8:c2:0c:3c:6d:c7:ed:76:cb:
8c:54:47:83:86:ae:7e:3a:cc:34:c0:46:b2:02:fe:
ce:33:8f:6e:ea:1a:36:30:35:79:be:25:50:52:c4:
2e:85:3b:21:d3:fa:23:67:f2:53:4e:56:55:77:a1:
43:88:02:4a:a9:0b:7a:a0:17:43:5b:ae:b8:7a:c8:
1d:f9:3f:df:b7:e2:55:81:08:3e:e7:79:c5:cf:ed:
78:2f:82:cf:6a:bb:c1:35:c4:16:cf:2d:59:1a:e0:
b5:3e:19:29:30:c1:31:1d:5f:32:9a:32:81:99:22:
76:e4:86:c9:3c:e5:3c:b7:99:3d:d2:3d:3c:8b:e4:
3d:e5:af:ee:90:91:cd:20:34:0a:de:07:7d:97:9d:
01:58:70:6f:15:96:54:4d:d3:f6:5b:07:88:47:dc:
90:99:b7:b7:48:e1:4f:cd:7b:c1:55:56:c3:8e:af:
d2:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:6A:DA:FC:10:83:C2:3E:E0:BD:F2:0B:39:A1:DA:3C:0B:74:79:EB
X509v3 Authority Key Identifier:
keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/d2ra_BCDwj7gvfILOaHaPAt0ees.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.148.0.0/16
51.155.0.0/16
51.170.0.0/16
62.3.64.0/18
82.68.0.0/14
88.96.0.0-88.98.18.255
88.98.21.0-88.98.95.255
88.98.128.0-88.98.167.255
88.98.170.0-88.98.191.255
212.23.0.0/19
217.155.0.0/16
IPv6:
2a02:8010::/29
Signature Algorithm: sha256WithRSAEncryption
4f:44:2a:b0:ed:70:3c:53:98:32:14:fb:74:c9:5a:2a:b1:f1:
1e:be:14:1b:65:02:69:58:a5:d5:26:e5:a6:6d:fe:56:76:28:
42:48:27:ca:8d:08:31:f6:a0:af:b4:a7:a5:bf:cc:7d:f5:6d:
ae:e4:5b:0a:e8:9b:60:7b:a8:d5:e4:63:01:c2:6b:1a:5e:a4:
84:82:44:ce:d1:07:00:1c:56:14:d0:30:95:8f:ad:18:52:52:
95:0b:91:68:73:3f:68:8f:8a:b9:f0:21:02:3f:bc:17:d0:1a:
41:26:05:aa:e7:9e:0b:06:f5:0b:be:6f:6e:b2:ec:ad:42:8c:
e5:d4:60:e8:5b:db:43:e4:b2:c2:9b:d4:5b:e0:b5:05:83:35:
72:71:88:eb:f0:ca:61:52:ed:76:60:85:3a:e8:92:1a:79:79:
2a:46:b8:eb:69:7a:3b:ee:98:7d:eb:a3:65:61:34:e6:70:df:
7f:79:02:63:ba:49:b8:e2:34:99:ca:d3:91:dc:e0:2a:f3:c2:
9d:fa:05:f5:ac:b0:c3:e4:c7:10:f1:bc:f5:07:9b:6d:f8:91:
53:01:a5:57:36:92:e0:d1:a1:84:a5:d5:b3:bc:b2:25:6b:20:
0b:91:38:c8:24:38:fa:ff:31:e0:ed:6e:ec:7d:6a:7e:31:22:
ab:70:1d:7d
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYhsf6VfmP8G303E3olelCF6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjQ1MDFiNzU1MDAyZDkxNDNlOGZhNjczNjgxNWU5ZjBm
OTM2OTUwHhcNMjMwNTMwMTE1MTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzZhZGFmYzEwODNjMjNlZTBiZGYyMGIzOWExZGEzYzBiNzQ3OWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKYYolpqogPsAkMbnq1VG+VbSZ/J
OzF25G15UeP3+U+7xPt2dXu8iCoz6aA40PwScSJKJZHIY8PY6hbZ2C9wmZtEhQNA
seWpOS2/wVrluOzYwgw8bcftdsuMVEeDhq5+Osw0wEayAv7OM49u6ho2MDV5viVQ
UsQuhTsh0/ojZ/JTTlZVd6FDiAJKqQt6oBdDW664esgd+T/ft+JVgQg+53nFz+14
L4LParvBNcQWzy1ZGuC1PhkpMMExHV8ymjKBmSJ25IbJPOU8t5k90j08i+Q95a/u
kJHNIDQK3gd9l50BWHBvFZZUTdP2WweIR9yQmbe3SOFPzXvBVVbDjq/S9wIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFHdq2vwQg8I+4L3yCzmh2jwLdHnrMB8GA1UdIwQY
MBaAFFz0UBt1UALZFD6PpnNoFenw+TaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUt
NjBjZjlhYjFiMTNlLzEvZDJyYV9CQ0R3ajdndmZJTE9hSGFQQXQwZWVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUtNjBjZjlhYjFiMTNl
LzEvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMDADOUAwMA
M5sDAwAzqgMEBj4DQAMDAlJEMAsDAwVYYAMEAFhiEjAMAwQAWGIVAwQFWGJAMAwD
BAdYYoADBANYYqAwDAMEAVhiqgMEBlhigAMEBdQXAAMDANmbMA0EAgACMAcDBQMq
AoAQMA0GCSqGSIb3DQEBCwUAA4IBAQBPRCqw7XA8U5gyFPt0yVoqsfEevhQbZQJp
WKXVJuWmbf5WdihCSCfKjQgx9qCvtKelv8x99W2u5FsK6Jtge6jV5GMBwmsaXqSE
gkTO0QcAHFYU0DCVj60YUlKVC5Focz9oj4q58CECP7wX0BpBJgWq554LBvULvm9u
suytQozl1GDoW9tD5LLCm9Rb4LUFgzVycYjr8MphUu12YIU66JIaeXkqRrjraXo7
7ph966NlYTTmcN9/eQJjukm44jSZytOR3OAq88Kd+gX1rLDD5McQ8bz1B5tt+JFT
AaVXNpLg0aGEpdWzvLIlayALkTjIJDj6/zHg7W7sfWp+MSKrcB19
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:15 2024 by rpki-client on console-fra.rpki-client.org