Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/BbLjnKsymsCrq8LluaHEVpfrglk.roa
File: BbLjnKsymsCrq8LluaHEVpfrglk.roa (raw, json)
Hash identifier: ctzFn1Y8/L4qqk8zP9LGVkEy0rxqqFAYfrWlxDSgq24=
Subject key identifier: 05:B2:E3:9C:AB:32:9A:C0:AB:AB:C2:E5:B9:A1:C4:56:97:EB:82:59
Certificate issuer: /CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Certificate serial: 018CDFFCFD12D5C4FA6852BEBFAC9137C964
Authority key identifier: 7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/BbLjnKsymsCrq8LluaHEVpfrglk.roa
Signing time: Sat 06 Jan 2024 18:15:48 +0000
ROA not before: Sat 06 Jan 2024 18:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2116
IP address blocks: 85.252.0.0/16 maxlen: 16
194.29.200.0/22 maxlen: 22
37.191.128.0/17 maxlen: 17
213.160.224.0/20 maxlen: 20
213.160.240.0/21 maxlen: 21
31.185.24.0/21 maxlen: 21
81.175.0.0/20 maxlen: 20
178.74.0.0/18 maxlen: 18
81.175.24.0/21 maxlen: 21
81.175.20.0/22 maxlen: 22
213.151.128.0/19 maxlen: 19
81.175.32.0/19 maxlen: 19
217.77.32.0/20 maxlen: 20
195.204.0.0/16 maxlen: 16
85.221.0.0/17 maxlen: 17
217.8.128.0/19 maxlen: 19
77.234.48.0/21 maxlen: 21
86.62.128.0/18 maxlen: 18
62.63.0.0/18 maxlen: 18
89.191.0.0/19 maxlen: 19
81.191.0.0/16 maxlen: 16
193.90.0.0/16 maxlen: 16
80.241.80.0/20 maxlen: 20
194.19.0.0/17 maxlen: 17
212.62.224.0/19 maxlen: 19
64.28.0.0/19 maxlen: 19
85.196.64.0/18 maxlen: 18
193.75.0.0/17 maxlen: 17
195.139.0.0/16 maxlen: 16
213.172.192.0/19 maxlen: 19
78.24.144.0/21 maxlen: 21
109.199.192.0/19 maxlen: 19
195.1.0.0/16 maxlen: 16
213.52.0.0/17 maxlen: 17
185.129.156.0/22 maxlen: 22
185.35.80.0/22 maxlen: 22
193.69.0.0/16 maxlen: 16
195.18.128.0/17 maxlen: 17
185.8.16.0/22 maxlen: 22
85.112.128.0/19 maxlen: 19
82.196.192.0/19 maxlen: 19
91.202.80.0/22 maxlen: 22
217.118.32.0/19 maxlen: 19
79.135.0.0/19 maxlen: 19
193.71.0.0/16 maxlen: 16
91.135.32.0/20 maxlen: 20
217.144.224.0/19 maxlen: 19
77.40.128.0/17 maxlen: 17
185.67.116.0/22 maxlen: 22
213.239.64.0/18 maxlen: 18
87.118.0.0/18 maxlen: 18
84.20.96.0/19 maxlen: 19
77.88.64.0/18 maxlen: 18
195.159.0.0/16 maxlen: 16
62.101.192.0/18 maxlen: 18
80.64.192.0/20 maxlen: 20
88.84.160.0/19 maxlen: 19
194.54.96.0/19 maxlen: 19
81.0.128.0/18 maxlen: 18
212.71.64.0/19 maxlen: 19
195.0.128.0/17 maxlen: 17
217.14.0.0/20 maxlen: 20
193.91.128.0/17 maxlen: 17
213.158.224.0/19 maxlen: 19
2a00:c440::/29 maxlen: 29
2001:840::/29 maxlen: 29
2a03:c000::/29 maxlen: 29
2a01:520::/29 maxlen: 29
2a02:270::/29 maxlen: 29
2001:4dd8::/29 maxlen: 29
2001:8c0::/29 maxlen: 29
2a04:6340::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 07 Feb 2024 12:08:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:df:fc:fd:12:d5:c4:fa:68:52:be:bf:ac:91:37:c9:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Validity
Not Before: Jan 6 18:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05b2e39cab329ac0ababc2e5b9a1c45697eb8259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d8:41:65:1b:e1:ac:6a:51:be:a3:80:23:2e:
6d:fc:f3:cf:a5:74:7f:05:fd:ac:66:a8:65:b6:c8:
95:66:a8:49:c7:89:a3:9c:c6:bd:64:04:fa:dd:62:
09:32:27:84:39:b0:41:bf:39:4c:c1:17:5b:8f:ed:
5e:14:31:87:88:ed:21:43:7e:48:88:e3:d3:3b:b7:
c4:d6:2d:85:48:fa:fd:d7:f8:b9:48:a4:aa:76:fa:
56:aa:dc:87:80:35:25:0f:8a:5b:7d:a0:28:19:ef:
85:27:81:f4:21:d6:38:37:70:c3:ca:3e:ba:a7:67:
e8:66:06:c3:79:89:4b:be:b4:39:a8:c7:55:17:e9:
c0:75:3a:16:ee:83:b0:9f:97:31:38:9f:bb:4d:b6:
95:1c:3f:65:d0:da:8f:db:64:91:a0:28:e8:73:82:
b5:7d:73:dd:f9:72:ad:66:02:3f:98:51:2a:c1:25:
d8:41:71:9d:1e:9e:84:08:ec:40:65:6b:42:fc:8b:
c8:af:29:7f:68:b2:29:08:2e:61:85:ef:3e:d5:e4:
90:b6:15:d6:64:82:8e:15:f6:17:49:7d:78:2a:d9:
f3:61:98:eb:4a:53:93:99:d9:8f:b0:c5:69:7d:8c:
a1:9c:46:54:8b:50:e5:82:df:f1:a4:49:64:2a:b1:
7c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:B2:E3:9C:AB:32:9A:C0:AB:AB:C2:E5:B9:A1:C4:56:97:EB:82:59
X509v3 Authority Key Identifier:
keyid:7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/BbLjnKsymsCrq8LluaHEVpfrglk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.24.0/21
37.191.128.0/17
62.63.0.0/18
62.101.192.0/18
64.28.0.0/19
77.40.128.0/17
77.88.64.0/18
77.234.48.0/21
78.24.144.0/21
79.135.0.0/19
80.64.192.0/20
80.241.80.0/20
81.0.128.0/18
81.175.0.0/20
81.175.20.0-81.175.63.255
81.191.0.0/16
82.196.192.0/19
84.20.96.0/19
85.112.128.0/19
85.196.64.0/18
85.221.0.0/17
85.252.0.0/16
86.62.128.0/18
87.118.0.0/18
88.84.160.0/19
89.191.0.0/19
91.135.32.0/20
91.202.80.0/22
109.199.192.0/19
178.74.0.0/18
185.8.16.0/22
185.35.80.0/22
185.67.116.0/22
185.129.156.0/22
193.69.0.0/16
193.71.0.0/16
193.75.0.0/17
193.90.0.0/16
193.91.128.0/17
194.19.0.0/17
194.29.200.0/22
194.54.96.0/19
195.0.128.0-195.1.255.255
195.18.128.0/17
195.139.0.0/16
195.159.0.0/16
195.204.0.0/16
212.62.224.0/19
212.71.64.0/19
213.52.0.0/17
213.151.128.0/19
213.158.224.0/19
213.160.224.0-213.160.247.255
213.172.192.0/19
213.239.64.0/18
217.8.128.0/19
217.14.0.0/20
217.77.32.0/20
217.118.32.0/19
217.144.224.0/19
IPv6:
2001:840::/29
2001:8c0::/29
2001:4dd8::/29
2a00:c440::/29
2a01:520::/29
2a02:270::/29
2a03:c000::/29
2a04:6340::/29
Signature Algorithm: sha256WithRSAEncryption
ca:41:14:06:3e:d6:c6:20:60:63:2f:d0:45:23:96:b2:10:22:
1c:2c:d1:61:a4:e0:77:f6:bb:61:3b:2c:a3:8b:2f:1b:da:7a:
df:a6:8b:7a:e9:3f:b5:c1:ad:70:13:31:ca:b6:68:ca:ec:c6:
25:ee:57:18:ce:d3:6b:1e:9e:f0:8a:25:98:fb:ba:e1:32:6f:
1c:25:55:84:95:39:08:f5:a3:9c:e9:36:87:4d:cb:56:b5:51:
ad:a1:84:35:63:a4:d5:86:14:8a:a6:40:4d:0b:3b:b3:13:ae:
6f:35:cf:36:bb:a5:6a:72:c4:f7:71:62:73:96:11:c2:66:d2:
e2:b9:07:56:f7:77:be:61:11:dd:4e:18:82:05:bf:66:7c:ac:
c6:6f:57:60:81:5d:3d:7d:08:7d:09:67:fc:6f:2b:4f:95:6c:
de:20:9b:d8:b4:3e:b7:5c:a5:f6:4c:72:0e:39:76:c5:dc:33:
15:7f:83:04:84:8d:c4:c9:12:9d:39:12:2a:bc:e3:6e:10:28:
f2:d4:76:89:45:75:4b:8f:ae:21:5a:f6:77:b1:e2:2c:ec:60:
a5:a9:79:0e:1e:21:92:dd:7c:ef:3b:7f:40:d8:47:5e:5f:ee:
ba:70:b3:aa:33:23:7e:a7:42:a6:75:ec:11:08:39:80:d1:9c:
ea:a7:7c:0d
-----BEGIN CERTIFICATE-----
MIIGuDCCBaCgAwIBAgISAYzf/P0S1cT6aFK+v6yRN8lkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYzRhY2VkY2I4NmNkZGZlZDdmNmRlOGNhZGZjYTAwNDY5
YmJjOGUwHhcNMjQwMTA2MTgxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWIyZTM5Y2FiMzI5YWMwYWJhYmMyZTViOWExYzQ1Njk3ZWI4MjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NhBZRvhrGpRvqOAIy5t/PPPpXR/
Bf2sZqhltsiVZqhJx4mjnMa9ZAT63WIJMieEObBBvzlMwRdbj+1eFDGHiO0hQ35I
iOPTO7fE1i2FSPr91/i5SKSqdvpWqtyHgDUlD4pbfaAoGe+FJ4H0IdY4N3DDyj66
p2foZgbDeYlLvrQ5qMdVF+nAdToW7oOwn5cxOJ+7TbaVHD9l0NqP22SRoCjoc4K1
fXPd+XKtZgI/mFEqwSXYQXGdHp6ECOxAZWtC/IvIryl/aLIpCC5hhe8+1eSQthXW
ZIKOFfYXSX14KtnzYZjrSlOTmdmPsMVpfYyhnEZUi1Dlgt/xpElkKrF84wIDAQAB
o4IDxDCCA8AwHQYDVR0OBBYEFAWy45yrMprAq6vC5bmhxFaX64JZMB8GA1UdIwQY
MBaAFH3ErO3Lhs3f7X9t6MrfygBGm7yOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1Nzkt
Mzk0ODAyODVhOTQ4LzEvQmJMam5Lc3ltc0NycThMbHVhSEVWcGZyZ2xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1NzktMzk0ODAyODVhOTQ4
LzEvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB2AYIKwYBBQUHAQcBAf8EggHHMIIBwzCCAX8EAgABMIIB
dwMEAx+5GAMEByW/gAMEBj4/AAMEBj5lwAMEBUAcAAMEB00ogAMEBk1YQAMEA03q
MAMEA04YkAMEBU+HAAMEBFBAwAMEBFDxUAMEBlEAgAMEBFGvADAMAwQCUa8UAwQG
Ua8AAwMAUb8DBAVSxMADBAVUFGADBAVVcIADBAZVxEADBAdV3QADAwBV/AMEBlY+
gAMEBld2AAMEBVhUoAMEBVm/AAMEBFuHIAMEAlvKUAMEBW3HwAMEBrJKAAMEArkI
EAMEArkjUAMEArlDdAMEArmBnAMDAMFFAwMAwUcDBAfBSwADAwDBWgMEB8FbgAME
B8ITAAMEAsIdyAMEBcI2YDALAwQHwwCAAwMBwwADBAfDEoADAwDDiwMDAMOfAwMA
w8wDBAXUPuADBAXUR0ADBAfVNAADBAXVl4ADBAXVnuAwDAMEBdWg4AMEA9Wg8AME
BdWswAMEBtXvQAMEBdkIgAMEBNkOAAMEBNlNIAMEBdl2IAMEBdmQ4DA+BAIAAjA4
AwUDIAEIQAMFAyABCMADBQMgAU3YAwUDKgDEQAMFAyoBBSADBQMqAgJwAwUDKgPA
AAMFAyoEY0AwDQYJKoZIhvcNAQELBQADggEBAMpBFAY+1sYgYGMv0EUjlrIQIhws
0WGk4Hf2u2E7LKOLLxvaet+mi3rpP7XBrXATMcq2aMrsxiXuVxjO02senvCKJZj7
uuEybxwlVYSVOQj1o5zpNodNy1a1Ua2hhDVjpNWGFIqmQE0LO7MTrm81zza7pWpy
xPdxYnOWEcJm0uK5B1b3d75hEd1OGIIFv2Z8rMZvV2CBXT19CH0JZ/xvK0+VbN4g
m9i0PrdcpfZMcg45dsXcMxV/gwSEjcTJEp05Eiq8424QKPLUdolFdUuPriFa9nex
4izsYKWpeQ4eIZLdfO87f0DYR15f7rpws6ozI36nQqZ17BEIOYDRnOqnfA0=
-----END CERTIFICATE-----
Generated at Wed Feb 7 17:55:35 2024 by rpki-client on console-ams.rpki-client.org