Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/_rm30Ij-ykjtoDb4dTAs1KFATww.roa
File: _rm30Ij-ykjtoDb4dTAs1KFATww.roa (raw, json)
Hash identifier: /mX9b84yaOAWQNvSKS7tWWVcDqLi7yRBCLxxBh4ftHc=
Subject key identifier: FE:B9:B7:D0:88:FE:CA:48:ED:A0:36:F8:75:30:2C:D4:A1:40:4F:0C
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 01856CE6313540706F701708EFEF61BC9532
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/_rm30Ij-ykjtoDb4dTAs1KFATww.roa
Signing time: Sun 01 Jan 2023 10:35:03 +0000
ROA not before: Sun 01 Jan 2023 10:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48287
IP address blocks: 185.26.112.0/22 maxlen: 22
109.70.24.0/21 maxlen: 24
91.217.21.0/24 maxlen: 24
91.217.20.0/24 maxlen: 24
89.104.80.0/21 maxlen: 24
178.210.64.0/19 maxlen: 24
89.111.130.0/24 maxlen: 24
89.111.128.0/24 maxlen: 24
89.111.132.0/23 maxlen: 23
31.177.64.0/22 maxlen: 24
89.111.144.0/22 maxlen: 24
195.24.64.0/22 maxlen: 22
195.24.68.0/22 maxlen: 22
195.24.68.0/23 maxlen: 23
195.24.71.0/24 maxlen: 24
195.24.70.0/24 maxlen: 24
185.76.144.0/22 maxlen: 22
91.189.114.0/23 maxlen: 23
91.189.112.0/21 maxlen: 21
91.189.116.0/22 maxlen: 22
31.177.68.0/22 maxlen: 22
31.177.72.0/21 maxlen: 24
31.177.80.0/21 maxlen: 24
89.111.164.0/24 maxlen: 24
31.177.91.0/24 maxlen: 24
31.177.88.0/21 maxlen: 22
2a02:2090:e400::/48 maxlen: 48
2a02:2090:e800::/48 maxlen: 48
2a02:2090:ec00::/48 maxlen: 48
2a02:2090::/48 maxlen: 48
2a02:2090:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:31:35:40:70:6f:70:17:08:ef:ef:61:bc:95:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Jan 1 10:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=feb9b7d088feca48eda036f875302cd4a1404f0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:da:5b:7a:19:03:e9:67:5b:51:c5:08:eb:6c:
70:e7:91:25:98:f6:c0:32:89:e9:1a:9c:e6:a9:31:
ea:18:6b:d2:6a:92:fc:97:be:85:77:45:55:05:56:
ca:be:8d:8a:5b:2b:2c:15:b7:33:b8:c4:f5:06:10:
3f:a5:18:ad:3e:ae:da:58:e1:83:92:34:80:1f:2c:
56:95:b2:f6:15:b4:0b:09:52:9a:11:89:68:f1:da:
47:aa:86:69:b5:94:c4:11:9e:9a:ff:21:9f:74:51:
c8:e5:9b:de:ab:3f:d5:cc:5a:b4:78:96:fc:db:37:
d6:56:98:e0:fe:63:63:00:c6:db:a9:b8:07:5c:84:
f3:d8:0a:4b:41:d3:6c:57:20:07:ed:89:68:8a:14:
5e:7f:fc:a9:6a:8f:cd:f0:7e:84:92:d9:95:4b:22:
97:27:64:51:d2:81:83:13:66:d5:36:e3:e1:a3:f8:
01:6e:bd:0c:fb:ae:21:73:af:3b:3b:7d:3d:9a:78:
e3:89:11:1a:5a:c7:61:a5:96:c6:1b:d9:d1:34:d5:
6d:70:58:e5:7b:cd:7f:bd:17:ab:65:e0:68:90:06:
35:09:45:09:bc:43:85:37:aa:be:dc:e7:7f:41:37:
c7:8c:ea:aa:71:54:5f:89:1d:6e:81:63:55:56:db:
b9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B9:B7:D0:88:FE:CA:48:ED:A0:36:F8:75:30:2C:D4:A1:40:4F:0C
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/_rm30Ij-ykjtoDb4dTAs1KFATww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.64.0/19
89.104.80.0/21
89.111.128.0/24
89.111.130.0/24
89.111.132.0/23
89.111.144.0/22
89.111.164.0/24
91.189.112.0/21
91.217.20.0/23
109.70.24.0/21
178.210.64.0/19
185.26.112.0/22
185.76.144.0/22
195.24.64.0/21
IPv6:
2a02:2090::/47
2a02:2090:e400::/48
2a02:2090:e800::/48
2a02:2090:ec00::/48
Signature Algorithm: sha256WithRSAEncryption
2c:f2:fd:ef:4d:ee:7c:a4:70:d8:d2:44:a2:a9:36:bc:76:d5:
0b:2d:56:6e:e0:1c:3a:ae:17:fb:d7:cb:50:13:fd:9d:49:4a:
b7:0e:11:52:9e:cd:4d:66:be:61:a3:ba:a8:88:51:67:00:72:
81:aa:8b:d4:58:d5:e3:43:54:69:6f:7a:06:31:6c:de:5c:15:
18:5b:8b:1d:dd:ae:73:41:37:1b:15:e8:db:9a:b9:65:9c:7b:
3f:e0:f7:e1:5f:9e:8a:b2:32:f2:bb:95:2b:1b:b7:f0:c1:9e:
b8:68:eb:96:7c:8e:1d:06:e3:f7:24:5d:23:d7:af:16:d3:5d:
06:31:e2:0c:be:6f:8d:03:a0:b9:18:8f:13:a1:91:3d:6b:ed:
dc:6e:69:b8:b2:47:e1:4e:9f:90:2e:ee:84:7e:9b:98:1b:c0:
6a:9e:de:dc:a4:8f:d6:0e:34:a1:f7:c8:6c:e6:2e:54:9e:92:
62:e7:aa:87:f6:df:c0:2f:21:c1:1c:ff:6d:62:41:23:31:28:
e3:7b:37:45:39:54:94:07:b5:23:f5:b6:40:42:32:89:f2:92:
6d:b8:d5:31:81:76:ff:57:b8:29:a3:d0:84:8b:ba:b4:c3:22:
eb:d0:1a:e9:14:56:30:85:89:24:06:17:3a:4a:a1:8b:2d:94:
04:29:72:8f
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAYVs5jE1QHBvcBcI7+9hvJUyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjMwMTAxMTAzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWI5YjdkMDg4ZmVjYTQ4ZWRhMDM2Zjg3NTMwMmNkNGExNDA0ZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NpbehkD6WdbUcUI62xw55ElmPbA
MonpGpzmqTHqGGvSapL8l76Fd0VVBVbKvo2KWyssFbczuMT1BhA/pRitPq7aWOGD
kjSAHyxWlbL2FbQLCVKaEYlo8dpHqoZptZTEEZ6a/yGfdFHI5Zveqz/VzFq0eJb8
2zfWVpjg/mNjAMbbqbgHXITz2ApLQdNsVyAH7YloihRef/ypao/N8H6EktmVSyKX
J2RR0oGDE2bVNuPho/gBbr0M+64hc687O309mnjjiREaWsdhpZbGG9nRNNVtcFjl
e81/vRerZeBokAY1CUUJvEOFN6q+3Od/QTfHjOqqcVRfiR1ugWNVVtu5oQIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFP65t9CI/spI7aA2+HUwLNShQE8MMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvX3JtMzBJai15a2p0b0RiNGRUQXMxS0ZBVHd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBaBAIAATBUAwQFH7FA
AwQDWWhQAwQAWW+AAwQAWW+CAwQBWW+EAwQCWW+QAwQAWW+kAwQDW71wAwQBW9kU
AwQDbUYYAwQFstJAAwQCuRpwAwQCuUyQAwQDwxhAMCoEAgACMCQDBwEqAiCQAAAD
BwAqAiCQ5AADBwAqAiCQ6AADBwAqAiCQ7AAwDQYJKoZIhvcNAQELBQADggEBACzy
/e9N7nykcNjSRKKpNrx21QstVm7gHDquF/vXy1AT/Z1JSrcOEVKezU1mvmGjuqiI
UWcAcoGqi9RY1eNDVGlvegYxbN5cFRhbix3drnNBNxsV6NuauWWcez/g9+Ffnoqy
MvK7lSsbt/DBnrho65Z8jh0G4/ckXSPXrxbTXQYx4gy+b40DoLkYjxOhkT1r7dxu
abiyR+FOn5Au7oR+m5gbwGqe3tykj9YONKH3yGzmLlSekmLnqof238AvIcEc/21i
QSMxKON7N0U5VJQHtSP1tkBCMonykm241TGBdv9XuCmj0ISLurTDIuvQGukUVjCF
iSQGFzpKoYstlAQpco8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:15 2024 by rpki-client on console-fra.rpki-client.org