Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/BhA7Ndpnowit3DLJHiERPyvlfl4.roa
File: BhA7Ndpnowit3DLJHiERPyvlfl4.roa (raw, json)
Hash identifier: ernoi8uAGO9v053TYW/ziGOvZdtbkt54lNRT3vmV2G0=
Subject key identifier: 06:10:3B:35:DA:67:A3:08:AD:DC:32:C9:1E:21:11:3F:2B:E5:7E:5E
Certificate issuer: /CN=ad109dee6fbdc256df911460ccc915d066a8ff8b
Certificate serial: 01856F66F45D492ACCC57C6236F1E6AE667B
Authority key identifier: AD:10:9D:EE:6F:BD:C2:56:DF:91:14:60:CC:C9:15:D0:66:A8:FF:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rRCd7m-9wlbfkRRgzMkV0Gao_4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/BhA7Ndpnowit3DLJHiERPyvlfl4.roa
Signing time: Sun 01 Jan 2023 22:14:56 +0000
ROA not before: Sun 01 Jan 2023 22:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33924
IP address blocks: 31.222.44.0/24 maxlen: 24
31.222.44.0/22 maxlen: 22
31.222.40.0/22 maxlen: 22
31.222.40.0/21 maxlen: 21
31.222.40.0/24 maxlen: 24
31.222.41.0/24 maxlen: 24
31.222.42.0/24 maxlen: 24
31.222.43.0/24 maxlen: 24
31.222.45.0/24 maxlen: 24
31.222.46.0/24 maxlen: 24
31.222.47.0/24 maxlen: 24
185.55.44.0/22 maxlen: 22
185.55.44.0/24 maxlen: 24
185.55.44.0/23 maxlen: 23
185.55.45.0/24 maxlen: 24
185.55.46.0/23 maxlen: 23
185.55.46.0/24 maxlen: 24
185.55.47.0/24 maxlen: 24
84.20.64.0/19 maxlen: 19
84.20.64.0/20 maxlen: 20
84.20.64.0/24 maxlen: 24
84.20.64.0/22 maxlen: 22
84.20.64.0/21 maxlen: 21
84.20.65.0/24 maxlen: 24
84.20.66.0/24 maxlen: 24
84.20.67.0/24 maxlen: 24
84.20.68.0/24 maxlen: 24
84.20.68.0/22 maxlen: 22
84.20.69.0/24 maxlen: 24
84.20.70.0/24 maxlen: 24
84.20.71.0/24 maxlen: 24
84.20.78.0/24 maxlen: 24
84.20.72.0/24 maxlen: 24
84.20.72.0/22 maxlen: 22
84.20.78.0/23 maxlen: 23
84.20.73.0/24 maxlen: 24
84.20.74.0/24 maxlen: 24
84.20.75.0/24 maxlen: 24
84.20.76.0/23 maxlen: 23
84.20.76.0/24 maxlen: 24
84.20.76.0/22 maxlen: 22
84.20.77.0/24 maxlen: 24
84.20.85.0/24 maxlen: 24
84.20.83.0/24 maxlen: 24
84.20.82.0/24 maxlen: 24
84.20.84.0/24 maxlen: 24
84.20.84.0/22 maxlen: 22
84.20.79.0/24 maxlen: 24
84.20.80.0/22 maxlen: 22
84.20.80.0/24 maxlen: 24
84.20.80.0/21 maxlen: 21
84.20.81.0/24 maxlen: 24
84.20.86.0/24 maxlen: 24
84.20.87.0/24 maxlen: 24
84.20.88.0/23 maxlen: 23
84.20.88.0/24 maxlen: 24
84.20.88.0/22 maxlen: 22
84.20.89.0/24 maxlen: 24
84.20.90.0/24 maxlen: 24
84.20.91.0/24 maxlen: 24
84.20.94.0/24 maxlen: 24
84.20.94.0/23 maxlen: 23
84.20.95.0/24 maxlen: 24
84.20.92.0/24 maxlen: 24
2a00:6b81::/32 maxlen: 32
2a00:6b82::/32 maxlen: 32
2a00:6b84::/32 maxlen: 32
2a00:6b85::/32 maxlen: 32
2a00:6b80::/29 maxlen: 29
2a00:6b87::/32 maxlen: 32
2a00:6b83::/32 maxlen: 32
2a00:6b86::/32 maxlen: 32
2a00:6b80::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 20 Sep 2023 09:17:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:f4:5d:49:2a:cc:c5:7c:62:36:f1:e6:ae:66:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad109dee6fbdc256df911460ccc915d066a8ff8b
Validity
Not Before: Jan 1 22:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06103b35da67a308addc32c91e21113f2be57e5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:09:02:b5:b6:51:07:30:69:97:a9:5d:70:b5:
55:6c:39:92:75:e7:34:f8:d3:a6:a1:ce:e2:1c:ee:
c9:fd:11:82:78:68:e4:ea:3a:40:a0:e2:46:51:1e:
d6:02:dc:6b:4c:f3:f0:0c:45:4b:ca:a5:8a:b4:03:
b4:cc:52:f4:9c:73:6d:c9:30:b6:2b:e7:52:ba:df:
14:f1:24:36:89:b2:ee:68:48:9f:8a:ba:68:da:f1:
ed:94:af:94:8d:98:06:12:cb:ca:af:f5:32:4f:c7:
de:d5:9b:38:db:2a:76:27:d0:c3:66:22:2a:8f:64:
ac:c9:86:71:e8:fd:e0:77:c1:a6:33:2a:ee:5b:2c:
03:65:92:12:86:ea:8e:eb:e7:04:9b:4e:6b:e2:59:
73:e4:cb:9f:7c:51:11:7c:bd:5c:6c:98:ba:f7:5b:
c4:13:2c:d6:46:c3:50:e8:52:20:73:9a:d7:be:63:
ad:b5:0f:12:f9:27:8b:53:c0:1f:81:7e:b9:fc:ca:
c6:9f:99:10:7b:d2:a3:1b:9d:c2:10:55:06:72:a3:
e4:a9:00:39:10:26:39:6e:b6:68:bc:87:16:3e:99:
05:8e:89:5d:d1:7a:b8:b6:2f:bc:7d:f3:9f:5d:7d:
1f:96:b5:22:49:fe:3b:e4:91:f0:f7:0f:d6:6f:a2:
18:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:10:3B:35:DA:67:A3:08:AD:DC:32:C9:1E:21:11:3F:2B:E5:7E:5E
X509v3 Authority Key Identifier:
keyid:AD:10:9D:EE:6F:BD:C2:56:DF:91:14:60:CC:C9:15:D0:66:A8:FF:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rRCd7m-9wlbfkRRgzMkV0Gao_4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/BhA7Ndpnowit3DLJHiERPyvlfl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/rRCd7m-9wlbfkRRgzMkV0Gao_4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.40.0/21
84.20.64.0/19
185.55.44.0/22
IPv6:
2a00:6b80::/29
Signature Algorithm: sha256WithRSAEncryption
26:bf:8c:25:05:3f:81:32:65:d6:47:ac:43:99:28:73:59:9a:
2b:6a:90:7a:4c:fd:ae:64:de:82:41:6d:4c:cf:ef:df:de:08:
b6:75:9b:34:87:0c:59:9d:66:30:c9:38:2c:b9:ab:94:82:74:
bb:09:a3:0e:bc:61:99:eb:8d:7c:9d:1e:d1:9a:0f:c3:be:58:
24:dc:b2:93:9f:cd:0f:d7:45:43:06:0f:34:b5:1e:ed:70:d8:
91:27:3a:b1:17:37:e7:a1:2e:af:da:a3:64:fd:68:fa:75:ef:
77:c6:46:4c:c2:c7:23:ab:4d:25:2c:e9:67:7b:00:51:ed:97:
52:59:63:c4:f0:36:e7:04:bc:cf:68:2e:43:7e:c2:41:c2:bc:
1c:db:e8:04:01:74:ba:ad:fe:69:6b:cc:85:29:73:f1:e2:38:
37:47:27:23:4e:10:a7:a1:ad:47:1a:a0:c3:8f:6a:6b:e6:96:
52:74:45:92:f2:7d:84:d0:16:b3:92:84:ec:35:21:19:b1:08:
ad:1c:e9:b5:fd:6a:c1:c1:f9:a4:1a:12:52:6c:0e:bb:f9:6d:
57:4d:50:ca:f2:db:f5:33:b5:c5:d1:2c:b5:48:20:4e:57:ac:
e9:9a:8f:d6:5b:35:62:ae:65:2a:32:1f:75:06:b5:8a:70:dc:
9f:af:02:22
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvZvRdSSrMxXxiNvHmrmZ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMTA5ZGVlNmZiZGMyNTZkZjkxMTQ2MGNjYzkxNWQwNjZh
OGZmOGIwHhcNMjMwMTAxMjIxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjEwM2IzNWRhNjdhMzA4YWRkYzMyYzkxZTIxMTEzZjJiZTU3ZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwkCtbZRBzBpl6ldcLVVbDmSdec0
+NOmoc7iHO7J/RGCeGjk6jpAoOJGUR7WAtxrTPPwDEVLyqWKtAO0zFL0nHNtyTC2
K+dSut8U8SQ2ibLuaEifirpo2vHtlK+UjZgGEsvKr/UyT8fe1Zs42yp2J9DDZiIq
j2SsyYZx6P3gd8GmMyruWywDZZIShuqO6+cEm05r4llz5MuffFERfL1cbJi691vE
EyzWRsNQ6FIgc5rXvmOttQ8S+SeLU8AfgX65/MrGn5kQe9KjG53CEFUGcqPkqQA5
ECY5brZovIcWPpkFjold0Xq4ti+8ffOfXX0flrUiSf475JHw9w/Wb6IY/wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAYQOzXaZ6MIrdwyyR4hET8r5X5eMB8GA1UdIwQY
MBaAFK0Qne5vvcJW35EUYMzJFdBmqP+LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclJDZDdtLTl3bGJma1JSZ3pNa1YwR2FvXzRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80NjE1YmUtZTU2Ni00MjUzLTgzZWYt
ZjY2MjZiNjMzODNlLzEvQmhBN05kcG5vd2l0M0RMSkhpRVJQeXZsZmw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80NjE1YmUtZTU2Ni00MjUzLTgzZWYtZjY2MjZiNjMzODNl
LzEvclJDZDdtLTl3bGJma1JSZ3pNa1YwR2FvXzRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH94oAwQF
VBRAAwQCuTcsMA0EAgACMAcDBQMqAGuAMA0GCSqGSIb3DQEBCwUAA4IBAQAmv4wl
BT+BMmXWR6xDmShzWZorapB6TP2uZN6CQW1Mz+/f3gi2dZs0hwxZnWYwyTgsuauU
gnS7CaMOvGGZ6418nR7Rmg/Dvlgk3LKTn80P10VDBg80tR7tcNiRJzqxFzfnoS6v
2qNk/Wj6de93xkZMwscjq00lLOlnewBR7ZdSWWPE8DbnBLzPaC5DfsJBwrwc2+gE
AXS6rf5pa8yFKXPx4jg3RycjThCnoa1HGqDDj2pr5pZSdEWS8n2E0BazkoTsNSEZ
sQitHOm1/WrBwfmkGhJSbA67+W1XTVDK8tv1M7XF0Sy1SCBOV6zpmo/WWzVirmUq
Mh91BrWKcNyfrwIi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:14 2024 by rpki-client on console-ams.rpki-client.org