Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/BYmYdKhIerUxYgHGnTGAujiZpK8.roa
File: BYmYdKhIerUxYgHGnTGAujiZpK8.roa (raw, json)
Hash identifier: IvmASObN7aabLBPN8+X6VMI6twe4dGgqUa3wtLWC6Lg=
Subject key identifier: 05:89:98:74:A8:48:7A:B5:31:62:01:C6:9D:31:80:BA:38:99:A4:AF
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 018CC492310EE6F1F5C7B69DBC459E861538
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/BYmYdKhIerUxYgHGnTGAujiZpK8.roa
Signing time: Mon 01 Jan 2024 10:29:24 +0000
ROA not before: Mon 01 Jan 2024 10:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205585
IP address blocks: 185.220.226.0/24 maxlen: 24
185.143.232.0/24 maxlen: 24
185.143.232.0/22 maxlen: 24
185.143.233.0/24 maxlen: 24
185.143.234.0/24 maxlen: 24
185.143.235.0/24 maxlen: 24
2a0c:a7c0::/48 maxlen: 48
2a0c:a7c0:3::/48 maxlen: 48
2a0c:a7c0::/46 maxlen: 48
2a0c:a7c0:1::/48 maxlen: 48
2a0c:a7c0:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 13 Mar 2024 07:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:31:0e:e6:f1:f5:c7:b6:9d:bc:45:9e:86:15:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: Jan 1 10:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05899874a8487ab5316201c69d3180ba3899a4af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d7:31:0d:78:fb:79:38:e2:3b:2b:f9:19:e5:
0a:9a:fd:2d:4e:d7:84:6b:c0:35:d1:24:cb:a5:da:
78:69:a8:de:8d:44:63:77:62:ab:9d:81:b6:8f:87:
91:38:61:8c:15:2e:80:5e:bd:46:9d:04:92:8b:1c:
bc:a7:0b:50:be:38:f2:fe:56:0d:e1:85:bb:98:52:
33:98:af:a0:d5:97:65:23:2d:ba:85:b0:2b:08:6e:
3e:ef:ce:1a:e8:e1:03:87:b7:fd:43:81:8e:f1:d1:
7e:fe:e8:f7:68:fe:5a:b5:61:b6:ca:a6:fc:30:89:
74:74:5d:7d:96:22:b4:3c:38:1f:24:c2:7d:70:81:
ad:4c:c7:95:db:41:ab:b0:d1:40:d3:a0:cc:cf:18:
26:ee:03:99:9b:8c:30:fb:69:e5:dc:de:5f:2e:0b:
2a:87:27:3c:64:2c:9f:28:08:96:10:d9:55:74:6a:
fd:dc:ad:27:c2:ea:ef:b5:13:5d:bf:82:ab:8d:29:
65:97:ff:04:1f:77:27:d9:d0:75:63:2b:ab:79:ae:
da:4b:a4:e9:12:e1:0a:76:f0:5a:32:d2:11:70:2f:
17:de:1a:31:71:61:6d:ac:7e:e8:0a:50:2b:91:d4:
aa:61:7a:8f:28:94:42:61:04:15:2e:0d:f6:91:4f:
94:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:89:98:74:A8:48:7A:B5:31:62:01:C6:9D:31:80:BA:38:99:A4:AF
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/BYmYdKhIerUxYgHGnTGAujiZpK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.232.0/22
185.220.226.0/24
IPv6:
2a0c:a7c0::/46
Signature Algorithm: sha256WithRSAEncryption
86:a8:2c:e8:c6:8b:cf:6a:da:fe:1f:f8:19:7b:e9:32:70:14:
62:35:be:c8:53:70:1c:f9:e3:60:9d:a9:63:2c:6d:f5:a8:24:
39:5a:2a:f9:d9:bc:83:10:24:bf:75:ec:4f:58:33:b5:aa:f3:
2e:06:d8:ea:00:16:65:1a:4a:c6:a4:c6:ef:83:6c:aa:bd:0e:
2a:26:bd:70:60:ce:4d:8c:ca:0d:16:ac:09:75:c7:92:45:64:
2f:c9:fe:e7:f4:ea:4f:af:a1:54:9a:ea:2e:93:d0:cd:4c:74:
3a:bd:cd:0c:57:43:8d:1a:fe:98:87:76:d0:11:31:0b:4a:33:
7c:b8:61:a3:a9:32:d1:c1:b9:eb:c7:77:fc:0d:9e:59:6c:ad:
3d:68:0d:5c:f6:31:ad:d7:7e:a6:4e:fa:de:c1:5d:57:09:d9:
45:27:3f:55:3a:ed:67:ef:3a:57:7a:26:8e:05:9d:93:2f:39:
c4:d1:35:0a:da:81:9a:92:7a:55:dc:05:05:8c:f9:cc:5c:cd:
ab:31:c4:1d:a1:52:37:a6:26:62:2f:a3:bc:98:fa:2b:24:4e:
31:c8:0d:84:ad:3a:c1:c0:20:42:75:31:c7:b0:94:4b:54:46:
04:8c:6d:35:55:23:0b:2c:37:af:87:fc:2f:5a:74:ec:00:e8:
fb:21:ce:e0
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzEkjEO5vH1x7advEWehhU4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw
N2VjMDIwHhcNMjQwMTAxMTAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTg5OTg3NGE4NDg3YWI1MzE2MjAxYzY5ZDMxODBiYTM4OTlhNGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9cxDXj7eTjiOyv5GeUKmv0tTteE
a8A10STLpdp4aajejURjd2KrnYG2j4eROGGMFS6AXr1GnQSSixy8pwtQvjjy/lYN
4YW7mFIzmK+g1ZdlIy26hbArCG4+784a6OEDh7f9Q4GO8dF+/uj3aP5atWG2yqb8
MIl0dF19liK0PDgfJMJ9cIGtTMeV20GrsNFA06DMzxgm7gOZm4ww+2nl3N5fLgsq
hyc8ZCyfKAiWENlVdGr93K0nwurvtRNdv4KrjSlll/8EH3cn2dB1Yyurea7aS6Tp
EuEKdvBaMtIRcC8X3hoxcWFtrH7oClArkdSqYXqPKJRCYQQVLg32kU+U0QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAWJmHSoSHq1MWIBxp0xgLo4maSvMB8GA1UdIwQY
MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt
MWJiMTdhOGIyNmZlLzEvQlltWWRLaEllclV4WWdIR25UR0F1amlacEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl
LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuY/oAwQA
udziMA8EAgACMAkDBwIqDKfAAAAwDQYJKoZIhvcNAQELBQADggEBAIaoLOjGi89q
2v4f+Bl76TJwFGI1vshTcBz542CdqWMsbfWoJDlaKvnZvIMQJL917E9YM7Wq8y4G
2OoAFmUaSsakxu+DbKq9DiomvXBgzk2Myg0WrAl1x5JFZC/J/uf06k+voVSa6i6T
0M1MdDq9zQxXQ40a/piHdtARMQtKM3y4YaOpMtHBuevHd/wNnllsrT1oDVz2Ma3X
fqZO+t7BXVcJ2UUnP1U67WfvOld6Jo4FnZMvOcTRNQragZqSelXcBQWM+cxczasx
xB2hUjemJmIvo7yY+iskTjHIDYStOsHAIEJ1McewlEtURgSMbTVVIwssN6+H/C9a
dOwA6PshzuA=
-----END CERTIFICATE-----
Generated at Wed Mar 13 10:59:29 2024 by rpki-client on console-ams.rpki-client.org