Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/xD2bsilCk-51e3l56DyaWWF-NPE.roa
File: xD2bsilCk-51e3l56DyaWWF-NPE.roa (raw, json)
Hash identifier: 9tO2g2Dh+GUhgGcIyHx0fmMbtTuHZ6zZFTylnmGMzww=
Subject key identifier: C4:3D:9B:B2:29:42:93:EE:75:7B:79:79:E8:3C:9A:59:61:7E:34:F1
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 0185BA2A238BCBC116E352F614F6E05C93D3
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/xD2bsilCk-51e3l56DyaWWF-NPE.roa
Signing time: Mon 16 Jan 2023 10:40:01 +0000
ROA not before: Mon 16 Jan 2023 10:40:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206092
IP address blocks: 213.21.226.0/24 maxlen: 24
185.118.78.0/24 maxlen: 24
213.21.229.0/24 maxlen: 24
213.21.233.0/24 maxlen: 24
213.21.246.0/24 maxlen: 24
213.21.250.0/24 maxlen: 24
213.21.247.0/24 maxlen: 24
193.68.85.0/24 maxlen: 24
213.21.254.0/24 maxlen: 24
193.68.91.0/24 maxlen: 24
193.68.95.0/24 maxlen: 24
193.68.92.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ba:2a:23:8b:cb:c1:16:e3:52:f6:14:f6:e0:5c:93:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jan 16 10:40:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c43d9bb2294293ee757b7979e83c9a59617e34f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:31:10:61:5a:b9:1b:0e:b5:1f:ed:ed:f1:6a:
93:7d:f8:80:5a:79:ae:65:00:4d:22:45:e1:7e:68:
62:36:4b:5a:0c:e0:a3:0f:08:ff:f6:6d:7c:36:b9:
ae:a2:43:be:40:88:0c:64:2a:47:5c:1c:b4:6b:64:
ac:53:31:87:2e:cb:00:70:c8:4f:5c:88:25:08:92:
78:26:02:f3:d6:4a:aa:64:a1:96:d5:b7:99:56:3a:
d6:d0:56:2c:03:50:0d:3f:8a:1a:75:70:98:3e:b2:
89:09:29:65:ce:44:84:c7:7a:c0:da:c1:0d:ad:e9:
2c:73:69:76:1e:e9:31:1a:01:7a:ff:79:10:1e:1c:
5b:04:d4:1f:50:a7:cd:8f:5f:ef:29:b3:ae:85:66:
0b:c4:fc:51:14:49:07:08:a6:f5:58:10:33:8b:d4:
6f:bb:61:85:c0:91:fd:d7:ec:e9:4f:0c:17:6b:d7:
ef:e9:1b:0c:dc:99:ac:2a:01:a5:98:9e:b3:8a:ab:
1f:db:ed:ff:c9:5e:55:65:30:ba:a9:d7:91:1b:bd:
cb:d7:8b:db:66:16:83:c5:e4:e1:44:46:87:41:49:
20:7f:d0:20:14:91:f6:6d:8c:7b:89:67:4b:c3:27:
bc:f6:67:62:a5:57:54:93:dd:a6:b3:e8:a7:00:0e:
0b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:3D:9B:B2:29:42:93:EE:75:7B:79:79:E8:3C:9A:59:61:7E:34:F1
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/xD2bsilCk-51e3l56DyaWWF-NPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.78.0/24
193.68.85.0/24
193.68.91.0-193.68.92.255
193.68.95.0/24
213.21.226.0/24
213.21.229.0/24
213.21.233.0/24
213.21.246.0/23
213.21.250.0/24
213.21.254.0/24
Signature Algorithm: sha256WithRSAEncryption
68:95:c1:70:fc:b2:1e:e8:18:8c:59:f9:b8:28:cd:b3:65:48:
51:8b:e6:ea:ab:6e:4e:64:9d:cc:41:15:14:3b:70:d1:82:26:
5b:b1:bc:45:63:4d:c1:ae:9b:eb:c0:cf:17:c9:40:10:da:d1:
9d:63:24:89:ff:a7:b0:e2:ca:5c:ed:e9:a4:a5:b0:73:27:33:
e8:e5:e8:4b:92:10:a2:d3:2c:20:0a:96:21:e2:78:24:af:7b:
5d:0e:fe:0a:03:c5:ad:92:68:a0:ee:a0:31:85:18:a8:75:92:
b6:83:b4:ee:83:20:c5:16:11:4e:1e:ab:fa:5d:91:71:f4:6f:
53:30:33:8a:b6:c6:ca:a4:67:d2:70:87:e1:f6:00:0c:b4:8c:
87:3e:d2:0c:d3:ee:de:89:a9:d5:bf:01:49:13:64:11:a7:cf:
07:7c:78:f3:9e:82:8e:08:cc:56:5f:ab:1f:44:e6:02:4c:0f:
c4:1d:59:43:3b:d1:28:1d:c3:de:90:b4:17:ce:d0:ff:fa:61:
26:8b:e5:4f:39:ee:c3:97:6e:a6:ab:be:21:43:4a:6e:d2:f9:
5b:e4:e9:9f:ef:fb:45:0b:6e:e1:47:9d:a6:4e:3a:29:a6:d4:
65:5e:22:c5:e8:36:a7:d8:0f:87:8a:7a:d6:a5:a1:1f:d9:e9:
92:d8:5f:82
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYW6KiOLy8EW41L2FPbgXJPTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjMwMTE2MTA0MDAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDNkOWJiMjI5NDI5M2VlNzU3Yjc5NzllODNjOWE1OTYxN2UzNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijEQYVq5Gw61H+3t8WqTffiAWnmu
ZQBNIkXhfmhiNktaDOCjDwj/9m18NrmuokO+QIgMZCpHXBy0a2SsUzGHLssAcMhP
XIglCJJ4JgLz1kqqZKGW1beZVjrW0FYsA1ANP4oadXCYPrKJCSllzkSEx3rA2sEN
reksc2l2HukxGgF6/3kQHhxbBNQfUKfNj1/vKbOuhWYLxPxRFEkHCKb1WBAzi9Rv
u2GFwJH91+zpTwwXa9fv6RsM3JmsKgGlmJ6ziqsf2+3/yV5VZTC6qdeRG73L14vb
ZhaDxeThREaHQUkgf9AgFJH2bYx7iWdLwye89mdipVdUk92ms+inAA4LcwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFMQ9m7IpQpPudXt5eeg8mllhfjTxMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEveEQyYnNpbENrLTUxZTNsNTZEeWFXV0YtTlBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAuXZOAwQA
wURVMAwDBADBRFsDBADBRFwDBADBRF8DBADVFeIDBADVFeUDBADVFekDBAHVFfYD
BADVFfoDBADVFf4wDQYJKoZIhvcNAQELBQADggEBAGiVwXD8sh7oGIxZ+bgozbNl
SFGL5uqrbk5kncxBFRQ7cNGCJluxvEVjTcGum+vAzxfJQBDa0Z1jJIn/p7Diylzt
6aSlsHMnM+jl6EuSEKLTLCAKliHieCSve10O/goDxa2SaKDuoDGFGKh1kraDtO6D
IMUWEU4eq/pdkXH0b1MwM4q2xsqkZ9Jwh+H2AAy0jIc+0gzT7t6JqdW/AUkTZBGn
zwd8ePOego4IzFZfqx9E5gJMD8QdWUM70Sgdw96QtBfO0P/6YSaL5U857sOXbqar
viFDSm7S+Vvk6Z/v+0ULbuFHnaZOOimm1GVeIsXoNqfYD4eKetaloR/Z6ZLYX4I=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:20 2023 by rpki-client on console-fra.rpki-client.org