Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/D6IKBWAiyZBteDgIGPH6ljfYgoM.roa
File: D6IKBWAiyZBteDgIGPH6ljfYgoM.roa (raw, json)
Hash identifier: gOsgztERb/S17MDZ68iSY/MiSZp/qXdWYuH2NRZZXIE=
Subject key identifier: 0F:A2:0A:05:60:22:C9:90:6D:78:38:08:18:F1:FA:96:37:D8:82:83
Certificate issuer: /CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Certificate serial: 0186CA13AF60F9CB379DCA430A16E7D75779
Authority key identifier: BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/D6IKBWAiyZBteDgIGPH6ljfYgoM.roa
Signing time: Fri 10 Mar 2023 05:52:13 +0000
ROA not before: Fri 10 Mar 2023 05:52:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 185.71.116.0/24 maxlen: 24
185.71.117.0/24 maxlen: 24
185.71.118.0/24 maxlen: 24
185.71.119.0/24 maxlen: 24
212.50.42.0/24 maxlen: 24
212.50.43.0/24 maxlen: 24
212.50.45.0/24 maxlen: 24
212.50.46.0/24 maxlen: 24
212.50.47.0/24 maxlen: 24
212.50.48.0/24 maxlen: 24
212.50.49.0/24 maxlen: 24
212.50.50.0/24 maxlen: 24
212.50.51.0/24 maxlen: 24
212.50.52.0/24 maxlen: 24
212.50.53.0/24 maxlen: 24
212.50.56.0/24 maxlen: 24
212.50.57.0/24 maxlen: 24
212.50.58.0/24 maxlen: 24
212.50.59.0/24 maxlen: 24
212.50.60.0/24 maxlen: 24
212.50.62.0/24 maxlen: 24
212.50.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Jun 2023 12:40:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ca:13:af:60:f9:cb:37:9d:ca:43:0a:16:e7:d7:57:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Validity
Not Before: Mar 10 05:52:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fa20a056022c9906d78380818f1fa9637d88283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d3:f1:97:0f:67:d7:4e:8f:df:7f:70:cc:8f:
3e:55:f5:cc:c3:5d:a0:4c:ff:c1:bf:e7:b0:0d:7d:
91:ff:59:65:be:ad:a3:24:b4:23:2a:62:5a:37:75:
af:b4:df:63:6f:35:e9:e5:2c:cf:2f:cf:bf:1a:46:
6b:1b:56:26:40:7a:2c:01:74:92:7f:71:c8:63:0b:
7c:e5:c8:60:41:65:66:b8:02:1c:d9:d0:ad:ef:eb:
86:24:f1:7c:2a:1a:ac:83:b6:da:f4:7c:8b:0e:c5:
8c:9d:17:b1:95:6c:2b:49:b3:24:5d:b0:d1:ea:85:
a5:ee:fa:37:5f:18:c5:fa:ea:a9:d0:f5:71:1b:4c:
bf:8e:c3:6a:9a:b7:df:cb:c0:d7:04:6d:e0:9d:a3:
83:e3:25:2e:f3:fc:cf:97:13:28:2f:ac:50:f8:5d:
cb:4a:d6:0e:e0:7d:16:b3:6e:3f:0b:41:23:fa:60:
fd:0f:45:c4:f1:bc:bb:5e:f9:1b:ac:67:78:a6:02:
a8:23:34:5f:b6:92:9e:0a:11:e7:c9:b0:d0:59:68:
1e:ce:08:ea:bd:c5:1d:0e:82:44:ed:07:3a:23:2c:
c2:06:2e:e3:2c:d2:71:57:de:4a:11:63:8f:03:ea:
06:e2:df:96:54:56:25:01:64:92:1d:8e:10:6c:ed:
31:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A2:0A:05:60:22:C9:90:6D:78:38:08:18:F1:FA:96:37:D8:82:83
X509v3 Authority Key Identifier:
keyid:BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/D6IKBWAiyZBteDgIGPH6ljfYgoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.116.0/22
212.50.42.0/23
212.50.45.0-212.50.53.255
212.50.56.0-212.50.60.255
212.50.62.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:1a:44:d1:78:3b:28:9c:80:bf:45:6a:ea:ae:75:00:43:e6:
94:23:42:6b:28:46:6f:e1:62:74:30:48:07:77:af:b7:b7:c8:
d0:d0:65:03:03:5a:86:df:12:b1:06:bd:94:32:d4:44:07:eb:
3b:e9:f1:2c:85:c2:5d:ec:23:a0:48:c7:b0:ef:0f:f5:95:2a:
e6:3a:8c:17:8c:ce:42:7b:b9:83:f2:80:19:2e:e5:c0:8b:88:
7c:cb:d9:b1:e6:a4:8d:26:b2:3a:4e:1f:c9:96:50:9f:66:e7:
ad:0a:c8:e7:7a:61:45:bd:45:2c:af:64:2a:6f:f3:20:30:b7:
e2:3f:86:d9:28:7c:34:f1:71:eb:bd:ed:06:89:c4:91:18:8b:
8f:e8:16:a2:d7:5d:18:53:15:f2:d3:e6:98:57:0c:96:1d:f6:
b6:b6:10:43:4b:68:d5:e3:85:3b:44:ae:b1:6e:7c:ce:e1:45:
8e:93:f7:bc:1c:03:fc:df:83:4b:b3:9d:b1:d1:92:90:b5:e8:
6d:ae:a6:ee:31:d7:d8:5c:0b:72:b8:a1:ce:a2:c4:a6:07:6c:
67:7d:86:90:05:50:51:c4:71:53:3e:eb:c0:41:1b:85:5e:4f:
d6:2f:ac:49:ad:e5:4e:e9:a3:70:7e:81:15:c9:67:21:95:a6:
7d:d3:0d:5c
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYbKE69g+cs3ncpDChbn11d5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiOGQ2NGEwZGMyMTk5NmIxYzk5ZTY4Y2M5NTE2OTRlMjkz
ZWRlZmUwHhcNMjMwMzEwMDU1MjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmEyMGEwNTYwMjJjOTkwNmQ3ODM4MDgxOGYxZmE5NjM3ZDg4MjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NPxlw9n106P339wzI8+VfXMw12g
TP/Bv+ewDX2R/1llvq2jJLQjKmJaN3WvtN9jbzXp5SzPL8+/GkZrG1YmQHosAXSS
f3HIYwt85chgQWVmuAIc2dCt7+uGJPF8Khqsg7ba9HyLDsWMnRexlWwrSbMkXbDR
6oWl7vo3XxjF+uqp0PVxG0y/jsNqmrffy8DXBG3gnaOD4yUu8/zPlxMoL6xQ+F3L
StYO4H0Ws24/C0Ej+mD9D0XE8by7XvkbrGd4pgKoIzRftpKeChHnybDQWWgezgjq
vcUdDoJE7Qc6IyzCBi7jLNJxV95KEWOPA+oG4t+WVFYlAWSSHY4QbO0xvwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFA+iCgVgIsmQbXg4CBjx+pY32IKDMB8GA1UdIwQY
MBaAFLuNZKDcIZlrHJnmjMlRaU4pPt7+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTQxa29Od2htV3NjbWVhTXlWRnBUaWstM3Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8yMjAzMTgtNDZmMS00ZWJmLWE3OTUt
ZGQ0YTIxN2Q2MDZiLzEvRDZJS0JXQWl5WkJ0ZURnSUdQSDZsamZZZ29NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8yMjAzMTgtNDZmMS00ZWJmLWE3OTUtZGQ0YTIxN2Q2MDZi
LzEvdTQxa29Od2htV3NjbWVhTXlWRnBUaWstM3Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCuUd0AwQB
1DIqMAwDBADUMi0DBAHUMjQwDAMEA9QyOAMEANQyPAMEAdQyPjANBgkqhkiG9w0B
AQsFAAOCAQEAbBpE0Xg7KJyAv0Vq6q51AEPmlCNCayhGb+FidDBIB3evt7fI0NBl
AwNaht8SsQa9lDLURAfrO+nxLIXCXewjoEjHsO8P9ZUq5jqMF4zOQnu5g/KAGS7l
wIuIfMvZseakjSayOk4fyZZQn2bnrQrI53phRb1FLK9kKm/zIDC34j+G2Sh8NPFx
673tBonEkRiLj+gWotddGFMV8tPmmFcMlh32trYQQ0to1eOFO0SusW58zuFFjpP3
vBwD/N+DS7OdsdGSkLXoba6m7jHX2FwLcrihzqLEpgdsZ32GkAVQUcRxUz7rwEEb
hV5P1i+sSa3lTumjcH6BFclnIZWmfdMNXA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:57 2024 by rpki-client on console-fra.rpki-client.org