Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/vMH5xOQqIICaxZTADohHDP_w9CQ.roa
File: vMH5xOQqIICaxZTADohHDP_w9CQ.roa (raw, json)
Hash identifier: tdTcr2pnWE3DpTu5BuTEFaGqGbOrAYJp0nsb+KLMbtE=
Subject key identifier: BC:C1:F9:C4:E4:2A:20:80:9A:C5:94:C0:0E:88:47:0C:FF:F0:F4:24
Certificate issuer: /CN=449b18e3296d795d3a9c959be25c70aaab365200
Certificate serial: 01856F301FCB5EAACA32EF5EF482D73C83CF
Authority key identifier: 44:9B:18:E3:29:6D:79:5D:3A:9C:95:9B:E2:5C:70:AA:AB:36:52:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RJsY4ylteV06nJWb4lxwqqs2UgA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/vMH5xOQqIICaxZTADohHDP_w9CQ.roa
Signing time: Sun 01 Jan 2023 21:15:02 +0000
ROA not before: Sun 01 Jan 2023 21:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49808
IP address blocks: 63.247.208.0/20 maxlen: 24
185.21.96.0/22 maxlen: 23
162.211.104.0/22 maxlen: 24
109.68.104.0/21 maxlen: 21
185.44.210.0/23 maxlen: 24
198.89.232.0/21 maxlen: 24
139.178.96.0/19 maxlen: 19
5.159.0.0/21 maxlen: 22
31.193.160.0/21 maxlen: 21
85.193.160.0/20 maxlen: 24
85.118.184.0/21 maxlen: 21
185.16.112.0/22 maxlen: 22
89.249.184.0/21 maxlen: 21
86.109.24.0/21 maxlen: 24
145.40.32.0/19 maxlen: 24
193.41.207.0/24 maxlen: 24
162.213.160.0/22 maxlen: 24
194.107.144.0/24 maxlen: 32
2a03:c100::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:1f:cb:5e:aa:ca:32:ef:5e:f4:82:d7:3c:83:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=449b18e3296d795d3a9c959be25c70aaab365200
Validity
Not Before: Jan 1 21:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcc1f9c4e42a20809ac594c00e88470cfff0f424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:47:ec:ec:68:dd:23:8a:9d:8c:8f:f7:2c:ab:
79:c5:64:dd:8f:97:91:13:4d:4c:38:aa:be:b8:fe:
fa:cd:b7:e8:ab:bd:14:6a:ed:2d:0c:26:ac:63:96:
fc:a7:da:17:57:b5:1d:5a:0b:e4:17:f6:91:5b:fd:
c9:f5:be:de:f6:0d:c2:78:a4:b5:73:06:c6:f0:87:
d4:bd:61:68:97:4f:78:a3:55:ee:54:1c:91:2a:15:
c2:9e:c2:87:e9:62:65:39:00:0f:62:af:5a:eb:31:
17:d7:85:4d:60:3b:dc:7b:65:c3:dc:df:43:45:08:
b8:be:06:15:96:6f:3f:8b:e3:7c:22:59:9f:07:60:
c1:1a:2d:a6:da:aa:6a:d3:62:98:83:87:37:55:73:
b5:bf:b8:35:5e:34:7d:3f:09:75:68:b3:b8:24:e0:
0f:a1:b7:26:3d:a1:20:77:13:99:4a:d8:66:f5:f6:
d6:3c:20:95:c2:65:cd:57:af:b7:68:7c:2c:f4:f2:
50:a3:dc:10:bc:8a:da:b7:11:51:1a:c9:2e:3e:a0:
41:39:f9:f2:82:c5:44:9f:cc:11:79:d9:46:0d:e3:
46:06:4a:0a:54:13:b2:30:32:a9:58:cd:06:11:15:
38:32:83:88:11:ec:93:06:03:37:1a:0b:43:fe:9f:
bd:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:C1:F9:C4:E4:2A:20:80:9A:C5:94:C0:0E:88:47:0C:FF:F0:F4:24
X509v3 Authority Key Identifier:
keyid:44:9B:18:E3:29:6D:79:5D:3A:9C:95:9B:E2:5C:70:AA:AB:36:52:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RJsY4ylteV06nJWb4lxwqqs2UgA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/vMH5xOQqIICaxZTADohHDP_w9CQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/RJsY4ylteV06nJWb4lxwqqs2UgA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.0.0/21
31.193.160.0/21
63.247.208.0/20
85.118.184.0/21
85.193.160.0/20
86.109.24.0/21
89.249.184.0/21
109.68.104.0/21
139.178.96.0/19
145.40.32.0/19
162.211.104.0/22
162.213.160.0/22
185.16.112.0/22
185.21.96.0/22
185.44.210.0/23
193.41.207.0/24
194.107.144.0/24
198.89.232.0/21
IPv6:
2a03:c100::/32
Signature Algorithm: sha256WithRSAEncryption
4b:38:5c:b9:1b:37:71:f5:85:e5:e9:93:46:92:a4:85:13:36:
a7:66:c4:96:db:85:fd:f5:da:ec:e7:c8:49:48:45:70:2e:37:
f5:c6:80:3c:a5:1f:92:87:db:25:0f:51:4a:35:4f:40:ad:8e:
9e:99:f2:b4:9b:cd:3c:4a:2c:a7:ce:58:78:0b:98:2d:28:63:
82:cc:40:a5:c4:0f:48:bb:e7:bf:ce:53:2b:70:29:4e:0f:c2:
16:e6:3f:7a:1c:f7:08:39:9c:dd:75:c1:0f:1b:d2:eb:d5:92:
29:87:46:e0:0f:e4:af:b9:19:69:10:0b:c9:0e:6e:c3:8c:2a:
8e:3b:fa:df:7c:62:81:31:a3:d8:98:f8:f8:a9:77:6a:0d:25:
fe:90:8e:eb:7b:b2:c7:c7:f2:99:0a:25:74:4e:1c:b5:74:86:
10:d1:ef:84:c9:98:af:f1:bd:71:e8:a5:96:9d:8d:5f:68:07:
48:60:ae:30:24:a7:1c:db:99:60:6d:e9:f0:d3:8b:97:cc:44:
84:4c:9d:d9:a1:0b:fe:4f:de:be:dd:2c:0a:fb:b9:25:c9:df:
67:b1:14:13:f7:49:29:bf:e7:8a:0b:b9:d0:04:65:3a:36:bc:
d7:1d:12:2f:3c:72:7d:79:83:ca:a3:43:c8:ea:89:e4:23:1f:
a3:98:3f:16
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYVvMB/LXqrKMu9e9ILXPIPPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0OWIxOGUzMjk2ZDc5NWQzYTljOTU5YmUyNWM3MGFhYWIz
NjUyMDAwHhcNMjMwMTAxMjExNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2MxZjljNGU0MmEyMDgwOWFjNTk0YzAwZTg4NDcwY2ZmZjBmNDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkfs7GjdI4qdjI/3LKt5xWTdj5eR
E01MOKq+uP76zbfoq70Uau0tDCasY5b8p9oXV7UdWgvkF/aRW/3J9b7e9g3CeKS1
cwbG8IfUvWFol094o1XuVByRKhXCnsKH6WJlOQAPYq9a6zEX14VNYDvce2XD3N9D
RQi4vgYVlm8/i+N8IlmfB2DBGi2m2qpq02KYg4c3VXO1v7g1XjR9Pwl1aLO4JOAP
obcmPaEgdxOZSthm9fbWPCCVwmXNV6+3aHws9PJQo9wQvIratxFRGskuPqBBOfny
gsVEn8wRedlGDeNGBkoKVBOyMDKpWM0GERU4MoOIEeyTBgM3GgtD/p+90wIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFLzB+cTkKiCAmsWUwA6IRwz/8PQkMB8GA1UdIwQY
MBaAFESbGOMpbXldOpyVm+JccKqrNlIAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkpzWTR5bHRlVjA2bkpXYjRseHdxcXMyVWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9mYjM5ZWQtN2M3My00NDc4LTkwMWQt
NjVhODk5YTYwMzY2LzEvdk1INXhPUXFJSUNheFpUQURvaEhEUF93OUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9mYjM5ZWQtN2M3My00NDc4LTkwMWQtNjVhODk5YTYwMzY2
LzEvUkpzWTR5bHRlVjA2bkpXYjRseHdxcXMyVWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQDBZ8A
AwQDH8GgAwQEP/fQAwQDVXa4AwQEVcGgAwQDVm0YAwQDWfm4AwQDbURoAwQFi7Jg
AwQFkSggAwQCotNoAwQCotWgAwQCuRBwAwQCuRVgAwQBuSzSAwQAwSnPAwQAwmuQ
AwQDxlnoMA0EAgACMAcDBQAqA8EAMA0GCSqGSIb3DQEBCwUAA4IBAQBLOFy5Gzdx
9YXl6ZNGkqSFEzanZsSW24X99drs58hJSEVwLjf1xoA8pR+Sh9slD1FKNU9ArY6e
mfK0m808Siynzlh4C5gtKGOCzEClxA9Iu+e/zlMrcClOD8IW5j96HPcIOZzddcEP
G9Lr1ZIph0bgD+SvuRlpEAvJDm7DjCqOO/rffGKBMaPYmPj4qXdqDSX+kI7re7LH
x/KZCiV0Thy1dIYQ0e+EyZiv8b1x6KWWnY1faAdIYK4wJKcc25lgbenw04uXzESE
TJ3ZoQv+T96+3SwK+7klyd9nsRQT90kpv+eKC7nQBGU6NrzXHRIvPHJ9eYPKo0PI
6onkIx+jmD8W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:56 2024 by rpki-client on console-fra.rpki-client.org