Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/bLtMBBvfkGazDMl3wDEF1LV7Pvk.roa
File: bLtMBBvfkGazDMl3wDEF1LV7Pvk.roa (raw, json)
Hash identifier: fUFTbE2Ug/H5s3j2SMEPbu73P4Fp48hPaAQqFrKSQRI=
Subject key identifier: 6C:BB:4C:04:1B:DF:90:66:B3:0C:C9:77:C0:31:05:D4:B5:7B:3E:F9
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01860198AE239FA66BCBEC0A9BAAB6CA4DF0
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/bLtMBBvfkGazDMl3wDEF1LV7Pvk.roa
Signing time: Mon 30 Jan 2023 07:33:48 +0000
ROA not before: Mon 30 Jan 2023 07:33:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31213
IP address blocks: 85.26.128.0/20 maxlen: 20
85.26.208.0/22 maxlen: 22
85.26.212.0/22 maxlen: 22
109.188.128.0/17 maxlen: 17
85.26.216.0/22 maxlen: 22
85.26.220.0/22 maxlen: 22
188.170.80.0/21 maxlen: 21
78.25.120.0/22 maxlen: 22
188.170.92.0/22 maxlen: 22
176.106.131.0/24 maxlen: 24
176.106.130.0/24 maxlen: 24
37.28.160.0/21 maxlen: 21
85.26.248.0/22 maxlen: 22
85.26.252.0/22 maxlen: 22
37.28.168.0/21 maxlen: 21
78.25.96.0/21 maxlen: 21
78.25.104.0/22 maxlen: 22
188.170.68.0/24 maxlen: 24
188.170.65.0/24 maxlen: 24
188.170.66.0/24 maxlen: 24
188.170.67.0/24 maxlen: 24
78.25.108.0/22 maxlen: 22
188.170.72.0/21 maxlen: 21
94.25.228.0/23 maxlen: 23
94.25.232.0/21 maxlen: 21
37.29.71.0/24 maxlen: 24
37.29.68.0/23 maxlen: 23
37.29.70.0/24 maxlen: 24
83.149.0.0/21 maxlen: 21
128.204.74.0/24 maxlen: 24
128.204.75.0/24 maxlen: 24
94.25.208.0/22 maxlen: 22
37.29.48.0/21 maxlen: 21
188.162.64.0/23 maxlen: 23
37.29.56.0/21 maxlen: 21
94.25.216.0/21 maxlen: 21
94.25.224.0/21 maxlen: 21
37.29.64.0/22 maxlen: 22
2a03:d000::/40 maxlen: 40
2a03:d000:100::/40 maxlen: 40
2a03:d000:301::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:01:98:ae:23:9f:a6:6b:cb:ec:0a:9b:aa:b6:ca:4d:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 30 07:33:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cbb4c041bdf9066b30cc977c03105d4b57b3ef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:db:ac:c8:f1:a5:93:e6:5b:c0:b5:87:0f:53:
af:cd:d4:55:4c:3d:0a:95:b0:c4:75:1c:81:ef:b7:
6b:43:2d:5b:15:a4:d1:e8:00:2d:52:09:61:37:79:
0d:10:87:e9:4b:c1:95:2f:65:64:82:94:3d:73:81:
0b:0e:58:34:c1:d2:84:25:7f:a6:be:9f:73:a1:0b:
7f:8f:46:ed:10:d4:c1:fb:ae:80:85:96:9d:c8:7b:
ee:e6:b7:6a:da:10:2e:63:e2:9a:97:fc:2d:b8:ca:
d5:2b:21:40:de:70:97:2f:72:1b:ce:2a:c8:34:c0:
92:78:2e:45:40:0b:c2:03:9c:59:4e:e7:aa:bb:13:
c8:4d:ab:77:b7:65:66:ea:77:9c:55:3b:bb:aa:a1:
fc:18:ee:d1:71:0e:20:34:5a:e4:30:14:28:37:44:
c6:eb:60:f6:68:05:d5:80:b8:81:1d:14:2b:eb:ec:
55:aa:96:df:4a:6c:b6:a1:0c:c6:41:92:2b:03:de:
63:7f:82:7d:21:57:f9:60:df:16:a5:62:fb:00:92:
79:52:70:ee:1f:fc:65:9f:aa:37:8a:6d:87:4d:c6:
f8:7f:e5:b4:d8:e6:e5:10:23:5d:22:d8:a5:1b:bc:
82:29:de:4a:f4:db:9d:5b:55:78:69:29:9a:fb:b6:
c2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:BB:4C:04:1B:DF:90:66:B3:0C:C9:77:C0:31:05:D4:B5:7B:3E:F9
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/bLtMBBvfkGazDMl3wDEF1LV7Pvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/20
37.29.48.0-37.29.71.255
78.25.96.0/20
78.25.120.0/22
83.149.0.0/21
85.26.128.0/20
85.26.208.0/20
85.26.248.0/21
94.25.208.0/22
94.25.216.0-94.25.239.255
109.188.128.0/17
128.204.74.0/23
176.106.130.0/23
188.162.64.0/23
188.170.65.0-188.170.68.255
188.170.72.0-188.170.87.255
188.170.92.0/22
IPv6:
2a03:d000::/39
2a03:d000:301::/48
Signature Algorithm: sha256WithRSAEncryption
14:3f:6b:5e:49:54:26:35:4e:d4:48:7d:b7:74:3c:0c:2b:16:
3f:4e:87:9c:53:e4:02:e1:4e:34:40:bf:31:13:48:42:b5:1f:
5a:33:0f:78:e6:bc:90:33:51:4b:c6:62:87:10:b9:76:4e:9a:
bb:c3:b0:a7:5c:ca:56:28:b4:da:8b:4e:be:98:8f:7c:59:77:
6c:da:8d:75:2e:79:e0:42:8d:f9:44:ca:a5:6f:ab:a6:3c:94:
03:2a:5d:2b:9b:8e:3d:02:f5:f1:e5:c9:31:e7:89:bb:fe:0a:
e9:e9:70:32:89:df:5f:65:54:34:a0:04:51:d6:69:ea:be:8c:
09:46:ec:fc:d1:51:42:17:b4:32:86:a0:49:89:5f:a5:80:bb:
69:a6:98:31:85:38:6e:20:a4:83:b7:45:34:fc:85:8e:ea:87:
77:5a:a0:0d:60:0a:d9:be:a2:f1:ad:85:dd:fd:9e:27:d9:82:
77:99:59:ca:a6:b5:1b:4c:9b:5e:b6:96:2f:93:c4:d3:57:25:
cc:25:7d:c4:74:5e:d8:a8:91:84:7c:59:9b:05:55:5d:b6:14:
59:a5:51:54:a0:ef:04:4a:4b:ef:82:17:c1:25:0c:3d:12:cc:
13:e7:53:f3:d4:61:f3:b5:d9:62:52:8b:70:c8:66:fb:0d:54:
e8:d5:1c:ec
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAYYBmK4jn6Zry+wKm6q2yk3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTMwMDczMzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2JiNGMwNDFiZGY5MDY2YjMwY2M5NzdjMDMxMDVkNGI1N2IzZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdusyPGlk+ZbwLWHD1OvzdRVTD0K
lbDEdRyB77drQy1bFaTR6AAtUglhN3kNEIfpS8GVL2VkgpQ9c4ELDlg0wdKEJX+m
vp9zoQt/j0btENTB+66AhZadyHvu5rdq2hAuY+Kal/wtuMrVKyFA3nCXL3IbzirI
NMCSeC5FQAvCA5xZTuequxPITat3t2Vm6necVTu7qqH8GO7RcQ4gNFrkMBQoN0TG
62D2aAXVgLiBHRQr6+xVqpbfSmy2oQzGQZIrA95jf4J9IVf5YN8WpWL7AJJ5UnDu
H/xln6o3im2HTcb4f+W02OblECNdItilG7yCKd5K9NudW1V4aSma+7bCAQIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFGy7TAQb35BmswzJd8AxBdS1ez75MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvYkx0TUJCdmZrR2F6RE1sM3dERUYxTFY3UHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBjQQCAAEwgYYDBAQl
HKAwDAMEBCUdMAMEAyUdQAMEBE4ZYAMEAk4ZeAMEA1OVAAMEBFUagAMEBFUa0AME
A1Ua+AMEAl4Z0DAMAwQDXhnYAwQEXhngAwQHbbyAAwQBgMxKAwQBsGqCAwQBvKJA
MAwDBAC8qkEDBAC8qkQwDAMEA7yqSAMEA7yqUAMEAryqXDAXBAIAAjARAwYBKgPQ
AAADBwAqA9AAAwEwDQYJKoZIhvcNAQELBQADggEBABQ/a15JVCY1TtRIfbd0PAwr
Fj9Oh5xT5ALhTjRAvzETSEK1H1ozD3jmvJAzUUvGYocQuXZOmrvDsKdcylYotNqL
Tr6Yj3xZd2zajXUueeBCjflEyqVvq6Y8lAMqXSubjj0C9fHlyTHnibv+CunpcDKJ
319lVDSgBFHWaeq+jAlG7PzRUUIXtDKGoEmJX6WAu2mmmDGFOG4gpIO3RTT8hY7q
h3daoA1gCtm+ovGthd39nifZgneZWcqmtRtMm162li+TxNNXJcwlfcR0XtiokYR8
WZsFVV22FFmlUVSg7wRKS++CF8ElDD0SzBPnU/PUYfO12WJSi3DIZvsNVOjVHOw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org