Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/tbE1772YzYz4d-2s48Xz0v6r8d8.roa
File: tbE1772YzYz4d-2s48Xz0v6r8d8.roa (raw, json)
Hash identifier: XRLuvMbPFNAXmhHg3rTcRer7pN1WwzXBx7ImGE9JQKg=
Subject key identifier: B5:B1:35:EF:BD:98:CD:8C:F8:77:ED:AC:E3:C5:F3:D2:FE:AB:F1:DF
Certificate issuer: /CN=c1a190504b6d9ed9c18096840425b11d7b22dff4
Certificate serial: 0186C003349D85F77887D51E5ED9885FE86E
Authority key identifier: C1:A1:90:50:4B:6D:9E:D9:C1:80:96:84:04:25:B1:1D:7B:22:DF:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/waGQUEttntnBgJaEBCWxHXsi3_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/tbE1772YzYz4d-2s48Xz0v6r8d8.roa
Signing time: Wed 08 Mar 2023 06:58:00 +0000
ROA not before: Wed 08 Mar 2023 06:58:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42707
IP address blocks: 84.39.204.0/22 maxlen: 22
77.75.48.0/22 maxlen: 22
185.245.88.0/22 maxlen: 22
91.189.224.0/21 maxlen: 21
193.33.134.0/23 maxlen: 23
185.252.124.0/22 maxlen: 22
185.254.48.0/22 maxlen: 22
91.195.64.0/22 maxlen: 22
185.148.28.0/22 maxlen: 22
185.250.136.0/22 maxlen: 22
193.36.164.0/22 maxlen: 22
185.247.44.0/22 maxlen: 22
185.247.48.0/22 maxlen: 22
185.248.228.0/22 maxlen: 22
5.45.32.0/22 maxlen: 22
5.206.208.0/20 maxlen: 20
185.233.212.0/22 maxlen: 22
185.236.4.0/22 maxlen: 22
185.229.80.0/22 maxlen: 22
185.231.24.0/22 maxlen: 22
185.231.28.0/22 maxlen: 22
83.143.76.0/22 maxlen: 22
109.207.72.0/22 maxlen: 22
5.57.248.0/21 maxlen: 21
195.42.224.0/22 maxlen: 22
195.42.228.0/23 maxlen: 23
194.49.88.0/22 maxlen: 22
2a00:5140::/32 maxlen: 32
2a00:5141::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 20 Mar 2023 09:15:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:03:34:9d:85:f7:78:87:d5:1e:5e:d9:88:5f:e8:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1a190504b6d9ed9c18096840425b11d7b22dff4
Validity
Not Before: Mar 8 06:58:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5b135efbd98cd8cf877edace3c5f3d2feabf1df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ca:06:5c:c2:51:f1:1b:f3:24:0f:2a:7d:74:
22:11:0d:15:c8:f2:8c:27:e8:4c:f6:d2:c6:c3:ac:
5d:a5:b0:02:55:91:4c:cc:5c:81:52:64:cd:90:2b:
7b:1a:36:19:db:c4:93:d3:77:26:21:e4:a5:8f:b0:
75:a7:0f:14:73:9e:0a:dd:6d:d2:ea:7c:a6:2f:dd:
10:ef:87:f1:05:7e:db:bf:06:07:41:38:da:16:a2:
e8:05:38:83:97:f9:2b:ab:c0:8b:67:8f:8c:db:54:
cb:08:24:24:96:a5:6c:a2:4c:0b:83:b1:05:9b:a1:
5d:f4:9e:fc:c4:1d:85:88:2c:d1:19:be:af:ff:3a:
7f:3d:d0:31:fe:c6:d3:7f:a3:c9:d0:06:c7:80:bd:
d2:74:3a:67:9e:b3:67:65:6f:da:6f:52:16:fa:b2:
3c:29:72:f4:f8:49:67:e3:3a:0a:c9:3b:62:df:7b:
4d:7b:e5:85:23:74:03:bf:fb:7d:cc:6f:ac:f3:0f:
0b:b0:18:17:50:2f:b4:3e:a3:dd:c4:67:42:dd:27:
59:66:d6:f0:02:a6:f0:ee:48:42:2f:03:3d:50:78:
5f:a0:32:cd:de:80:d3:23:f3:1a:c9:43:f5:21:93:
48:19:3e:d4:b4:cf:dd:a5:bf:d9:c1:91:9a:7e:3d:
4b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B1:35:EF:BD:98:CD:8C:F8:77:ED:AC:E3:C5:F3:D2:FE:AB:F1:DF
X509v3 Authority Key Identifier:
keyid:C1:A1:90:50:4B:6D:9E:D9:C1:80:96:84:04:25:B1:1D:7B:22:DF:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/waGQUEttntnBgJaEBCWxHXsi3_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/tbE1772YzYz4d-2s48Xz0v6r8d8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/waGQUEttntnBgJaEBCWxHXsi3_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.32.0/22
5.57.248.0/21
5.206.208.0/20
77.75.48.0/22
83.143.76.0/22
84.39.204.0/22
91.189.224.0/21
91.195.64.0/22
109.207.72.0/22
185.148.28.0/22
185.229.80.0/22
185.231.24.0/21
185.233.212.0/22
185.236.4.0/22
185.245.88.0/22
185.247.44.0-185.247.51.255
185.248.228.0/22
185.250.136.0/22
185.252.124.0/22
185.254.48.0/22
193.33.134.0/23
193.36.164.0/22
194.49.88.0/22
195.42.224.0-195.42.229.255
IPv6:
2a00:5140::/31
Signature Algorithm: sha256WithRSAEncryption
90:95:9a:45:7d:40:86:38:88:f1:87:88:45:72:9d:cd:e8:45:
51:fa:ee:94:bd:77:db:51:e6:72:6b:41:92:95:d6:49:b0:29:
2f:a2:62:98:ab:ad:f0:a2:6e:26:48:db:d2:c8:b6:eb:91:27:
16:15:d6:bd:0f:b8:db:ed:4b:61:6c:8a:76:f7:74:23:56:33:
1d:ce:e2:70:e2:29:24:0f:e2:db:b9:df:08:5b:a6:a8:fe:3f:
9e:15:71:85:7b:4e:ef:7d:be:f2:8d:04:a3:08:c5:db:ba:18:
5a:9b:27:0c:9d:4e:8b:ce:c4:53:47:bb:f6:b5:f7:83:49:4c:
fd:78:9c:ae:d6:ea:a3:cb:3c:fc:e0:af:64:1b:dc:f1:88:b2:
74:c1:15:4b:2e:8a:48:b9:2f:e1:fc:e7:cf:cd:99:de:b1:df:
66:43:d3:95:4f:e0:ab:e2:dc:3c:7d:f0:36:8b:b5:fb:3b:d4:
08:50:5f:47:6f:8a:82:c4:d7:45:5c:94:84:99:2f:71:14:4c:
b4:4c:2b:f3:0d:51:f8:6f:06:af:22:d6:1c:3c:ae:d8:90:c3:
7a:4b:61:d4:c1:c4:d8:16:65:5f:f6:12:c5:ba:80:a9:51:af:
4e:43:6c:46:24:4e:30:06:10:1a:83:72:a0:36:b0:db:ea:29:
0e:16:ca:94
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAYbAAzSdhfd4h9UeXtmIX+huMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYTE5MDUwNGI2ZDllZDljMTgwOTY4NDA0MjViMTFkN2Iy
MmRmZjQwHhcNMjMwMzA4MDY1ODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWIxMzVlZmJkOThjZDhjZjg3N2VkYWNlM2M1ZjNkMmZlYWJmMWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA68oGXMJR8RvzJA8qfXQiEQ0VyPKM
J+hM9tLGw6xdpbACVZFMzFyBUmTNkCt7GjYZ28ST03cmIeSlj7B1pw8Uc54K3W3S
6nymL90Q74fxBX7bvwYHQTjaFqLoBTiDl/krq8CLZ4+M21TLCCQklqVsokwLg7EF
m6Fd9J78xB2FiCzRGb6v/zp/PdAx/sbTf6PJ0AbHgL3SdDpnnrNnZW/ab1IW+rI8
KXL0+Eln4zoKyTti33tNe+WFI3QDv/t9zG+s8w8LsBgXUC+0PqPdxGdC3SdZZtbw
Aqbw7khCLwM9UHhfoDLN3oDTI/MayUP1IZNIGT7UtM/dpb/ZwZGafj1L7wIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFLWxNe+9mM2M+HftrOPF89L+q/HfMB8GA1UdIwQY
MBaAFMGhkFBLbZ7ZwYCWhAQlsR17It/0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2FHUVVFdHRudG5CZ0phRUJDV3hIWHNpM19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zODdmMjEtMTAxYi00ODdlLThhMGYt
MGI4MzhhNTk5NjYyLzEvdGJFMTc3Mll6WXo0ZC0yczQ4WHowdjZyOGQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zODdmMjEtMTAxYi00ODdlLThhMGYtMGI4MzhhNTk5NjYy
LzEvd2FHUVVFdHRudG5CZ0phRUJDV3hIWHNpM19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBpwQCAAEwgaADBAIF
LSADBAMFOfgDBAQFztADBAJNSzADBAJTj0wDBAJUJ8wDBANbveADBAJbw0ADBAJt
z0gDBAK5lBwDBAK55VADBAO55xgDBAK56dQDBAK57AQDBAK59VgwDAMEArn3LAME
Arn3MAMEArn45AMEArn6iAMEArn8fAMEArn+MAMEAcEhhgMEAsEkpAMEAsIxWDAM
AwQFwyrgAwQBwyrkMA0EAgACMAcDBQEqAFFAMA0GCSqGSIb3DQEBCwUAA4IBAQCQ
lZpFfUCGOIjxh4hFcp3N6EVR+u6UvXfbUeZya0GSldZJsCkvomKYq63wom4mSNvS
yLbrkScWFda9D7jb7UthbIp293QjVjMdzuJw4ikkD+Lbud8IW6ao/j+eFXGFe07v
fb7yjQSjCMXbuhhamycMnU6LzsRTR7v2tfeDSUz9eJyu1uqjyzz84K9kG9zxiLJ0
wRVLLopIuS/h/OfPzZnesd9mQ9OVT+Cr4tw8ffA2i7X7O9QIUF9Hb4qCxNdFXJSE
mS9xFEy0TCvzDVH4bwavItYcPK7YkMN6S2HUwcTYFmVf9hLFuoCpUa9OQ2xGJE4w
BhAag3KgNrDb6ikOFsqU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:40 2024 by rpki-client on console-fra.rpki-client.org