Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/BhTzZPlBHI4lHltiO3TQcRNYKKE.roa
File: BhTzZPlBHI4lHltiO3TQcRNYKKE.roa (raw, json)
Hash identifier: TuXr+Ks5Z+IjuGKgOiA7DHZ8OPdNnWQTDkLVRRmRTiM=
Subject key identifier: 06:14:F3:64:F9:41:1C:8E:25:1E:5B:62:3B:74:D0:71:13:58:28:A1
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018B04BF64704E154428D09272396051778B
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/BhTzZPlBHI4lHltiO3TQcRNYKKE.roa
Signing time: Fri 06 Oct 2023 11:28:53 +0000
ROA not before: Fri 06 Oct 2023 11:28:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 193.39.216.0/22 maxlen: 24
185.44.28.0/22 maxlen: 24
45.146.224.0/22 maxlen: 24
185.131.188.0/22 maxlen: 24
185.248.208.0/22 maxlen: 24
5.182.72.0/22 maxlen: 24
185.151.176.0/22 maxlen: 24
185.230.0.0/22 maxlen: 24
185.150.80.0/22 maxlen: 24
141.98.36.0/22 maxlen: 24
185.198.108.0/22 maxlen: 24
141.98.52.0/22 maxlen: 24
185.114.64.0/22 maxlen: 24
45.136.32.0/22 maxlen: 24
185.123.136.0/22 maxlen: 24
185.126.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Nov 2023 15:44:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:04:bf:64:70:4e:15:44:28:d0:92:72:39:60:51:77:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Oct 6 11:28:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0614f364f9411c8e251e5b623b74d071135828a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:0d:b4:62:af:2a:72:dd:af:dc:b0:86:21:f6:
a6:38:51:c2:52:39:64:b9:69:ce:6c:8f:d5:8d:24:
79:d6:4c:46:57:a4:cf:a8:b6:12:42:0f:f8:3b:1e:
ed:aa:d1:db:e6:98:f6:e0:01:8e:36:6c:8e:f2:d9:
4a:df:c1:a9:ab:cd:05:b6:21:ba:95:5b:b7:f4:40:
b8:b0:08:77:e4:7b:88:7c:c5:e7:33:50:c6:05:5a:
e9:ed:84:14:b2:0d:e3:58:3c:75:19:68:07:bb:af:
00:02:6c:e6:b5:e3:25:3f:3f:bc:1e:f6:ad:47:b9:
0a:1a:22:e6:a7:d9:7d:d2:37:e1:ce:09:af:80:8d:
42:8f:1d:35:af:72:b4:b1:38:b8:4b:93:51:a1:e5:
22:8e:5a:7d:c4:26:0f:e1:50:aa:a0:04:f7:ae:25:
77:21:8e:cd:39:a6:48:8f:b4:e0:7e:9c:e3:4d:c4:
fa:82:2c:29:a7:4c:24:89:d7:21:40:6a:e5:ef:5f:
b6:fb:1c:2b:12:df:cd:8c:84:fe:d6:e9:d1:69:09:
7e:95:7a:eb:77:2e:68:d5:29:d0:a9:b4:9b:f6:d1:
f7:a2:94:ed:85:1a:90:8c:09:e2:3c:be:35:8b:0c:
db:e2:f9:52:d5:fe:7e:d2:d6:cb:e2:d6:35:6b:d5:
4b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:14:F3:64:F9:41:1C:8E:25:1E:5B:62:3B:74:D0:71:13:58:28:A1
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/BhTzZPlBHI4lHltiO3TQcRNYKKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.72.0/22
45.136.32.0/22
45.146.224.0/22
141.98.36.0/22
141.98.52.0/22
185.44.28.0/22
185.114.64.0/22
185.123.136.0/22
185.126.232.0/22
185.131.188.0/22
185.150.80.0/22
185.151.176.0/22
185.198.108.0/22
185.230.0.0/22
185.248.208.0/22
193.39.216.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:36:5b:e2:98:7a:22:2e:e5:03:55:ac:38:ec:20:85:a2:1a:
13:dc:bc:c2:03:9b:a2:25:06:ca:cf:74:03:c9:a5:63:d8:a7:
89:71:51:9d:a9:1d:89:58:d1:18:7a:07:27:e4:07:ec:54:90:
9f:4d:0f:6c:ca:9e:d5:2a:4d:12:05:d8:33:12:fd:cc:a4:a2:
b5:a4:11:01:e6:f1:71:29:c3:fe:ee:86:7e:a1:2b:53:b3:30:
ee:bc:41:b1:54:dc:ad:06:88:61:da:9d:f2:d7:ea:51:e4:9d:
66:03:68:b6:9b:d6:94:33:fa:52:bd:d1:9c:2d:d7:37:70:3e:
80:7a:74:06:d8:61:41:ca:dd:5c:03:45:4a:55:af:4f:44:ca:
e5:30:58:6b:c9:fc:2d:ce:9f:63:a4:be:8f:ed:ab:63:c1:85:
2a:ef:96:6e:28:f6:6f:e8:e5:ed:90:12:a6:6e:35:35:be:e3:
63:1e:0e:c3:03:9c:a0:7f:1e:bc:af:28:0f:7e:ef:69:99:58:
b1:03:64:76:7c:60:a6:74:35:a4:85:20:43:ac:7a:80:75:1a:
20:fa:e4:51:f0:a4:c0:eb:12:e8:31:71:63:71:1e:48:59:8d:
3f:71:fe:fd:af:da:2c:65:af:78:e9:3d:69:30:71:04:af:29:
a9:67:54:bc
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYsEv2RwThVEKNCScjlgUXeLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMxMDA2MTEyODUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjE0ZjM2NGY5NDExYzhlMjUxZTViNjIzYjc0ZDA3MTEzNTgyOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5w20Yq8qct2v3LCGIfamOFHCUjlk
uWnObI/VjSR51kxGV6TPqLYSQg/4Ox7tqtHb5pj24AGONmyO8tlK38Gpq80FtiG6
lVu39EC4sAh35HuIfMXnM1DGBVrp7YQUsg3jWDx1GWgHu68AAmzmteMlPz+8Hvat
R7kKGiLmp9l90jfhzgmvgI1Cjx01r3K0sTi4S5NRoeUijlp9xCYP4VCqoAT3riV3
IY7NOaZIj7TgfpzjTcT6giwpp0wkidchQGrl71+2+xwrEt/NjIT+1unRaQl+lXrr
dy5o1SnQqbSb9tH3opTthRqQjAniPL41iwzb4vlS1f5+0tbL4tY1a9VL8wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFAYU82T5QRyOJR5bYjt00HETWCihMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvQmhUelpQbEJISTRsSGx0aU8zVFFjUk5ZS0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQCBbZIAwQC
LYggAwQCLZLgAwQCjWIkAwQCjWI0AwQCuSwcAwQCuXJAAwQCuXuIAwQCuX7oAwQC
uYO8AwQCuZZQAwQCuZewAwQCucZsAwQCueYAAwQCufjQAwQCwSfYMA0GCSqGSIb3
DQEBCwUAA4IBAQCnNlvimHoiLuUDVaw47CCFohoT3LzCA5uiJQbKz3QDyaVj2KeJ
cVGdqR2JWNEYegcn5AfsVJCfTQ9syp7VKk0SBdgzEv3MpKK1pBEB5vFxKcP+7oZ+
oStTszDuvEGxVNytBohh2p3y1+pR5J1mA2i2m9aUM/pSvdGcLdc3cD6AenQG2GFB
yt1cA0VKVa9PRMrlMFhryfwtzp9jpL6P7atjwYUq75ZuKPZv6OXtkBKmbjU1vuNj
Hg7DA5ygfx68rygPfu9pmVixA2R2fGCmdDWkhSBDrHqAdRog+uRR8KTA6xLoMXFj
cR5IWY0/cf79r9osZa946T1pMHEErympZ1S8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:50 2024 by rpki-client on console-ams.rpki-client.org