Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/BdPoh73wSMdJcItntwT1vNfBOnE.roa
File: BdPoh73wSMdJcItntwT1vNfBOnE.roa (raw, json)
Hash identifier: c2Y6CDOnnZ6GXPGi1e0KVD4TeMxrmwGErka1pdKDn7g=
Subject key identifier: 05:D3:E8:87:BD:F0:48:C7:49:70:8B:67:B7:04:F5:BC:D7:C1:3A:71
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 018CC64B28AE0A6E0184C55D03103C556EFB
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/BdPoh73wSMdJcItntwT1vNfBOnE.roa
Signing time: Mon 01 Jan 2024 18:31:03 +0000
ROA not before: Mon 01 Jan 2024 18:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48715
IP address blocks: 194.56.148.0/24 maxlen: 24
78.110.120.0/22 maxlen: 24
185.36.228.0/24 maxlen: 24
185.141.105.0/24 maxlen: 24
185.141.104.0/24 maxlen: 24
185.141.104.0/22 maxlen: 22
185.141.107.0/24 maxlen: 24
185.141.106.0/24 maxlen: 24
185.18.212.0/24 maxlen: 24
185.18.213.0/24 maxlen: 24
213.109.199.0/24 maxlen: 24
185.18.212.0/22 maxlen: 22
185.18.214.0/24 maxlen: 24
185.18.215.0/24 maxlen: 24
185.173.129.0/24 maxlen: 24
185.173.130.0/24 maxlen: 24
91.247.171.0/24 maxlen: 24
195.211.44.0/22 maxlen: 22
195.211.44.0/24 maxlen: 24
195.211.47.0/24 maxlen: 24
195.211.45.0/24 maxlen: 24
195.211.46.0/24 maxlen: 24
195.110.38.0/23 maxlen: 23
185.233.131.0/24 maxlen: 24
80.71.149.0/24 maxlen: 24
91.236.168.0/24 maxlen: 24
91.236.169.0/24 maxlen: 24
91.236.168.0/23 maxlen: 23
185.213.195.0/24 maxlen: 24
152.89.44.0/24 maxlen: 24
152.89.44.0/22 maxlen: 22
152.89.47.0/24 maxlen: 24
185.170.8.0/24 maxlen: 24
152.89.46.0/24 maxlen: 24
152.89.45.0/24 maxlen: 24
185.234.14.0/24 maxlen: 24
185.58.240.0/22 maxlen: 24
185.51.200.0/24 maxlen: 24
185.51.203.0/24 maxlen: 24
185.51.201.0/24 maxlen: 24
185.51.202.0/24 maxlen: 24
185.51.200.0/22 maxlen: 22
130.193.77.0/24 maxlen: 24
185.112.150.0/23 maxlen: 23
185.206.231.0/24 maxlen: 24
185.112.150.0/24 maxlen: 24
185.112.151.0/24 maxlen: 24
185.112.149.0/24 maxlen: 24
185.121.131.0/24 maxlen: 24
185.121.130.0/24 maxlen: 24
185.121.130.0/23 maxlen: 23
88.135.36.0/22 maxlen: 22
88.135.38.0/24 maxlen: 24
88.135.36.0/24 maxlen: 24
88.135.37.0/24 maxlen: 24
185.141.132.0/22 maxlen: 22
185.141.132.0/24 maxlen: 24
185.141.134.0/24 maxlen: 24
185.141.135.0/24 maxlen: 24
185.141.133.0/24 maxlen: 24
185.252.200.0/24 maxlen: 24
185.235.245.0/24 maxlen: 24
188.209.152.0/24 maxlen: 24
188.209.152.0/23 maxlen: 23
188.209.153.0/24 maxlen: 24
88.135.39.0/24 maxlen: 24
185.128.136.0/22 maxlen: 22
185.128.138.0/24 maxlen: 24
185.128.139.0/24 maxlen: 24
185.128.137.0/24 maxlen: 24
185.128.136.0/24 maxlen: 24
2a0a:5e80::/48 maxlen: 48
2a0a:5e80::/64 maxlen: 64
2a0a:5e80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 03 Apr 2024 11:57:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:28:ae:0a:6e:01:84:c5:5d:03:10:3c:55:6e:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Jan 1 18:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05d3e887bdf048c749708b67b704f5bcd7c13a71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f8:34:0a:20:72:44:c6:b2:0b:a2:e4:0b:1f:
88:bb:d3:74:d7:3a:4d:7e:14:97:73:8f:5c:01:58:
cc:be:59:97:57:74:0d:20:95:f3:2d:43:60:0e:8f:
37:4c:9e:0a:a5:71:52:6e:52:c0:d4:ad:8e:d9:5a:
d7:4e:e7:be:14:d4:72:77:5c:ab:d3:9d:22:7b:98:
85:12:51:67:98:e7:a5:92:0f:18:77:aa:9a:70:4a:
fe:41:50:ca:41:f9:f8:6f:47:b7:2f:ea:84:98:ec:
2f:82:72:5c:36:c2:03:e9:7a:5d:77:d5:85:84:b6:
79:d4:84:00:ff:a9:60:f2:41:26:f4:6e:56:66:a1:
5e:58:c6:42:48:0a:e5:31:df:90:d3:8f:ca:c6:ae:
4f:8d:8e:ee:7e:ff:97:fe:8f:7a:89:91:bd:74:81:
c9:7e:d0:c6:17:c6:0d:f7:a6:72:39:d8:8d:7e:ee:
3d:e4:e0:91:d9:d7:cb:4e:63:41:2e:7d:ba:9e:67:
b1:32:dc:dd:94:2c:5a:84:29:9a:98:a0:0e:26:06:
8b:dc:fc:3d:f1:02:cc:b8:7c:bc:31:97:8b:e2:68:
93:52:5f:a0:51:1e:0c:5e:10:1e:a2:42:48:ac:a0:
bd:aa:1e:1c:a1:c2:0a:26:3c:b2:24:58:8e:24:86:
df:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D3:E8:87:BD:F0:48:C7:49:70:8B:67:B7:04:F5:BC:D7:C1:3A:71
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/BdPoh73wSMdJcItntwT1vNfBOnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.110.120.0/22
80.71.149.0/24
88.135.36.0/22
91.236.168.0/23
91.247.171.0/24
130.193.77.0/24
152.89.44.0/22
185.18.212.0/22
185.36.228.0/24
185.51.200.0/22
185.58.240.0/22
185.112.149.0-185.112.151.255
185.121.130.0/23
185.128.136.0/22
185.141.104.0/22
185.141.132.0/22
185.170.8.0/24
185.173.129.0-185.173.130.255
185.206.231.0/24
185.213.195.0/24
185.233.131.0/24
185.234.14.0/24
185.235.245.0/24
185.252.200.0/24
188.209.152.0/23
194.56.148.0/24
195.110.38.0/23
195.211.44.0/22
213.109.199.0/24
IPv6:
2a0a:5e80::/29
Signature Algorithm: sha256WithRSAEncryption
04:55:41:ea:0b:bd:c7:29:a7:6c:c1:05:3f:41:13:42:f0:86:
66:0a:a0:7f:e2:15:b5:e3:d5:7f:7b:07:fa:80:88:9d:92:31:
7a:51:63:66:fe:cc:09:cd:04:de:4d:ad:42:34:8c:22:be:e9:
15:dc:c6:a7:ca:70:9b:b8:be:ba:00:d3:93:e3:d5:d6:6a:c6:
f1:eb:ec:8e:05:2d:96:68:de:97:48:f8:7b:98:df:9c:c4:ad:
8f:24:c3:88:e9:69:43:4e:7a:88:d8:7f:44:2a:fd:d0:b2:93:
ea:05:a5:8a:33:fa:88:e7:48:95:cb:9b:f4:3a:bd:df:88:d6:
93:e7:55:ee:22:c9:20:11:56:9b:8d:9f:75:d7:26:d6:3e:0a:
fe:82:6f:40:fa:64:28:19:57:b8:07:ee:49:b6:25:46:c9:59:
ee:1b:23:6f:1c:cf:33:d6:26:60:58:b7:aa:4d:a9:a0:f5:9d:
fd:f3:2e:53:a6:14:45:d6:9d:ca:64:f8:c7:87:bd:5e:83:97:
fa:65:3d:4c:1a:4d:42:89:b2:f8:7f:95:b0:4e:ca:bf:ac:ef:
43:d2:e4:30:61:37:9b:aa:f4:da:46:45:db:c8:66:a7:c9:8c:
3f:79:a7:82:c7:ee:ca:34:16:5e:74:2e:c8:ee:72:45:a9:13:
66:8d:79:88
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAYzGSyiuCm4BhMVdAxA8VW77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjQwMTAxMTgzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWQzZTg4N2JkZjA0OGM3NDk3MDhiNjdiNzA0ZjViY2Q3YzEzYTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vg0CiByRMayC6LkCx+Iu9N01zpN
fhSXc49cAVjMvlmXV3QNIJXzLUNgDo83TJ4KpXFSblLA1K2O2VrXTue+FNRyd1yr
050ie5iFElFnmOelkg8Yd6qacEr+QVDKQfn4b0e3L+qEmOwvgnJcNsID6Xpdd9WF
hLZ51IQA/6lg8kEm9G5WZqFeWMZCSArlMd+Q04/Kxq5PjY7ufv+X/o96iZG9dIHJ
ftDGF8YN96ZyOdiNfu495OCR2dfLTmNBLn26nmexMtzdlCxahCmamKAOJgaL3Pw9
8QLMuHy8MZeL4miTUl+gUR4MXhAeokJIrKC9qh4cocIKJjyyJFiOJIbfFQIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFAXT6Ie98EjHSXCLZ7cE9bzXwTpxMB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvQmRQb2g3M3dTTWRKY0l0bnR3VDF2TmZCT25FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBxQQCAAEwgb4DBAJO
bngDBABQR5UDBAJYhyQDBAFb7KgDBABb96sDBACCwU0DBAKYWSwDBAK5EtQDBAC5
JOQDBAK5M8gDBAK5OvAwDAMEALlwlQMEA7lwkAMEAbl5ggMEArmAiAMEArmNaAME
ArmNhAMEALmqCDAMAwQAua2BAwQAua2CAwQAuc7nAwQAudXDAwQAuemDAwQAueoO
AwQAuev1AwQAufzIAwQBvNGYAwQAwjiUAwQBw24mAwQCw9MsAwQA1W3HMA0EAgAC
MAcDBQMqCl6AMA0GCSqGSIb3DQEBCwUAA4IBAQAEVUHqC73HKadswQU/QRNC8IZm
CqB/4hW149V/ewf6gIidkjF6UWNm/swJzQTeTa1CNIwivukV3ManynCbuL66ANOT
49XWasbx6+yOBS2WaN6XSPh7mN+cxK2PJMOI6WlDTnqI2H9EKv3QspPqBaWKM/qI
50iVy5v0Or3fiNaT51XuIskgEVabjZ911ybWPgr+gm9A+mQoGVe4B+5JtiVGyVnu
GyNvHM8z1iZgWLeqTamg9Z398y5TphRF1p3KZPjHh71eg5f6ZT1MGk1CibL4f5Ww
Tsq/rO9D0uQwYTebqvTaRkXbyGanyYw/eaeCx+7KNBZedC7I7nJFqRNmjXmI
-----END CERTIFICATE-----
Generated at Wed Apr 3 16:48:16 2024 by rpki-client on console-ams.rpki-client.org