Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/Bq7r-wTLj56ytd8M2lCRE9eB1i4.roa
File: Bq7r-wTLj56ytd8M2lCRE9eB1i4.roa (raw, json)
Hash identifier: ywbFpR6ufg63newDZtyaxZtJel37V9p2pK784xku6og=
Subject key identifier: 06:AE:EB:FB:04:CB:8F:9E:B2:B5:DF:0C:DA:50:91:13:D7:81:D6:2E
Certificate issuer: /CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Certificate serial: 018CC26CFF50AF6E5BEEB7319CCD33A6B512
Authority key identifier: D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/Bq7r-wTLj56ytd8M2lCRE9eB1i4.roa
Signing time: Mon 01 Jan 2024 00:29:32 +0000
ROA not before: Mon 01 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16371
IP address blocks: 109.70.32.0/21 maxlen: 21
109.70.32.0/24 maxlen: 24
109.70.32.0/22 maxlen: 22
109.70.36.0/22 maxlen: 22
45.6.48.0/22 maxlen: 23
93.90.28.0/22 maxlen: 22
93.90.28.0/23 maxlen: 23
93.90.30.0/23 maxlen: 23
87.238.88.0/21 maxlen: 22
85.187.56.0/23 maxlen: 23
85.187.56.0/22 maxlen: 22
85.187.58.0/23 maxlen: 23
86.109.124.0/22 maxlen: 22
86.109.124.0/23 maxlen: 23
213.149.232.0/21 maxlen: 21
86.109.126.0/23 maxlen: 23
213.149.240.0/21 maxlen: 21
213.149.240.0/20 maxlen: 20
213.149.248.0/21 maxlen: 21
213.149.248.0/24 maxlen: 24
82.194.80.0/20 maxlen: 20
93.90.16.0/20 maxlen: 20
93.90.16.0/21 maxlen: 21
93.90.24.0/21 maxlen: 21
194.116.184.0/24 maxlen: 24
194.116.184.0/23 maxlen: 23
194.116.185.0/24 maxlen: 24
82.194.64.0/24 maxlen: 24
82.194.64.0/19 maxlen: 19
82.194.64.0/20 maxlen: 20
185.2.68.0/22 maxlen: 22
185.2.68.0/24 maxlen: 24
185.2.69.0/24 maxlen: 24
185.2.70.0/23 maxlen: 23
89.17.192.0/20 maxlen: 20
89.17.192.0/21 maxlen: 21
89.17.200.0/21 maxlen: 21
89.17.208.0/20 maxlen: 20
89.17.208.0/21 maxlen: 21
89.17.216.0/21 maxlen: 21
217.116.0.0/24 maxlen: 24
217.116.2.0/24 maxlen: 24
217.116.0.0/21 maxlen: 21
217.116.0.0/20 maxlen: 20
217.116.8.0/21 maxlen: 21
176.28.112.0/20 maxlen: 20
217.116.16.0/21 maxlen: 21
217.116.16.0/20 maxlen: 20
217.116.15.0/24 maxlen: 24
217.116.24.0/21 maxlen: 21
217.116.18.0/24 maxlen: 24
176.28.126.0/24 maxlen: 24
176.28.126.0/23 maxlen: 23
176.28.127.0/24 maxlen: 24
217.116.28.0/24 maxlen: 24
86.109.97.0/24 maxlen: 24
86.109.96.0/19 maxlen: 19
86.109.96.0/20 maxlen: 20
217.116.27.0/24 maxlen: 24
213.149.224.0/20 maxlen: 20
213.149.224.0/21 maxlen: 21
86.109.112.0/20 maxlen: 20
77.240.112.0/20 maxlen: 20
77.240.112.0/21 maxlen: 21
77.240.120.0/21 maxlen: 21
77.240.124.0/24 maxlen: 24
77.240.124.0/23 maxlen: 23
77.240.125.0/24 maxlen: 24
77.240.126.0/24 maxlen: 24
79.139.120.0/22 maxlen: 22
79.139.124.0/22 maxlen: 22
79.139.120.0/21 maxlen: 21
176.28.96.0/19 maxlen: 19
176.28.96.0/20 maxlen: 20
176.28.97.0/24 maxlen: 24
176.28.103.0/24 maxlen: 24
89.37.224.0/23 maxlen: 23
89.37.224.0/24 maxlen: 24
89.37.225.0/24 maxlen: 24
185.78.24.0/22 maxlen: 23
2a02:3b8::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 09 May 2024 15:23:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:ff:50:af:6e:5b:ee:b7:31:9c:cd:33:a6:b5:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Validity
Not Before: Jan 1 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06aeebfb04cb8f9eb2b5df0cda509113d781d62e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:bb:84:0f:4b:e1:91:fd:a7:e1:8f:46:d8:32:
fe:ec:08:46:56:bf:c1:d6:53:a1:6b:02:d4:6e:4a:
82:3a:90:5a:bc:5f:3e:c2:2a:9b:0a:2f:88:0d:ee:
aa:4c:61:0f:54:7a:11:ac:ff:78:93:b3:f3:bc:c8:
58:ba:83:99:4a:4d:36:e3:d3:56:31:c2:86:58:8d:
e2:84:84:c6:45:7c:0f:15:74:ab:12:57:02:3b:60:
38:2a:d0:e8:95:af:b2:f3:21:5c:07:63:40:6c:94:
77:58:71:f6:0e:88:4b:0d:d4:97:17:b7:b3:4a:0b:
5e:e7:a6:90:87:3b:7c:31:04:71:71:8e:25:10:c9:
15:f3:44:1b:fb:88:f1:cf:71:5f:dd:7e:7b:95:70:
37:f6:ac:61:17:36:c6:50:9f:b7:51:71:52:ea:e2:
70:f8:6d:f2:0e:2a:1c:43:ab:fe:3f:0b:10:ed:cf:
e0:82:30:95:e3:d8:af:17:f4:df:51:b9:a2:47:8f:
f4:dd:06:f8:2e:c7:c7:c3:bb:be:50:3d:c1:6b:c0:
bc:df:7e:2e:13:e2:13:a3:89:2b:eb:8d:2b:a4:e3:
4c:02:31:59:8e:bd:69:58:e8:f9:da:8a:79:14:e2:
c2:3f:f6:b4:2b:2e:cc:d4:6a:fc:95:85:45:fe:cb:
14:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:AE:EB:FB:04:CB:8F:9E:B2:B5:DF:0C:DA:50:91:13:D7:81:D6:2E
X509v3 Authority Key Identifier:
keyid:D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/Bq7r-wTLj56ytd8M2lCRE9eB1i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/2P9x8rGo1ir0Rqkror3qM_m2ndw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.6.48.0/22
77.240.112.0/20
79.139.120.0/21
82.194.64.0/19
85.187.56.0/22
86.109.96.0/19
87.238.88.0/21
89.17.192.0/19
89.37.224.0/23
93.90.16.0/20
109.70.32.0/21
176.28.96.0/19
185.2.68.0/22
185.78.24.0/22
194.116.184.0/23
213.149.224.0/19
217.116.0.0/19
IPv6:
2a02:3b8::/32
Signature Algorithm: sha256WithRSAEncryption
9b:18:e6:d0:cc:51:59:08:dc:60:00:9b:37:cb:2a:40:ac:97:
60:52:a1:13:fa:02:12:8e:d5:75:93:b9:10:b7:d4:7e:c0:80:
27:95:64:b6:ef:6e:7c:0e:94:2d:6f:74:0c:ea:02:e8:58:3d:
b3:9f:51:a7:09:0d:52:d3:0a:d8:de:ac:a5:f8:d8:61:20:10:
b6:6c:61:e2:5f:b2:32:c3:b4:e4:66:d0:7a:6b:f1:b4:47:c8:
80:c5:0c:bd:bc:db:b0:03:15:21:e2:1b:a5:47:a2:c2:a3:61:
3c:12:1a:40:7b:6b:b7:35:da:0f:70:0c:09:df:e3:bd:40:b4:
a3:8d:a9:44:92:57:9f:ce:5c:ac:ba:b1:fb:90:e9:3f:98:ce:
79:8f:29:1a:93:e9:7b:94:34:4d:c8:a0:32:43:0c:46:ad:09:
1c:3b:f6:05:2e:f0:2f:fd:38:a0:fa:b5:1b:c3:b1:06:44:5d:
d0:15:53:b9:2b:55:02:b8:0b:5b:dd:9f:b3:e5:cf:31:41:96:
1e:47:bc:8f:5f:fe:1e:63:2f:fa:4d:00:27:92:bc:d1:01:85:
f1:a4:23:e4:49:8d:f4:7f:04:02:47:de:80:1e:74:b6:16:f0:
20:ac:c5:12:72:7c:ae:2f:25:c6:72:a5:93:42:ea:8c:0d:b1:
19:91:f8:d4
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYzCbP9Qr25b7rcxnM0zprUSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZmY3MWYyYjFhOGQ2MmFmNDQ2YTkyYmEyYmRlYTMzZjli
NjlkZGMwHhcNMjQwMTAxMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmFlZWJmYjA0Y2I4ZjllYjJiNWRmMGNkYTUwOTExM2Q3ODFkNjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7uED0vhkf2n4Y9G2DL+7AhGVr/B
1lOhawLUbkqCOpBavF8+wiqbCi+IDe6qTGEPVHoRrP94k7PzvMhYuoOZSk0249NW
McKGWI3ihITGRXwPFXSrElcCO2A4KtDola+y8yFcB2NAbJR3WHH2DohLDdSXF7ez
Sgte56aQhzt8MQRxcY4lEMkV80Qb+4jxz3Ff3X57lXA39qxhFzbGUJ+3UXFS6uJw
+G3yDiocQ6v+PwsQ7c/ggjCV49ivF/TfUbmiR4/03Qb4LsfHw7u+UD3Ba8C8334u
E+ITo4kr640rpONMAjFZjr1pWOj52op5FOLCP/a0Ky7M1Gr8lYVF/ssU8wIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFAau6/sEy4+esrXfDNpQkRPXgdYuMB8GA1UdIwQY
MBaAFNj/cfKxqNYq9EapK6K96jP5tp3cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlA5eDhyR28xaXIwUnFrcm9yM3FNX20ybmR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lYTcxZDQtNGRiYi00NDUxLWIyNmIt
M2I3NWE1NjdmNzNhLzEvQnE3ci13VExqNTZ5dGQ4TTJsQ1JFOWVCMWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lYTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNh
LzEvMlA5eDhyR28xaXIwUnFrcm9yM3FNX20ybmR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAi0GMAME
BE3wcAMEA0+LeAMEBVLCQAMEAlW7OAMEBVZtYAMEA1fuWAMEBVkRwAMEAVkl4AME
BF1aEAMEA21GIAMEBbAcYAMEArkCRAMEArlOGAMEAcJ0uAMEBdWV4AMEBdl0ADAN
BAIAAjAHAwUAKgIDuDANBgkqhkiG9w0BAQsFAAOCAQEAmxjm0MxRWQjcYACbN8sq
QKyXYFKhE/oCEo7VdZO5ELfUfsCAJ5Vktu9ufA6ULW90DOoC6Fg9s59RpwkNUtMK
2N6spfjYYSAQtmxh4l+yMsO05GbQemvxtEfIgMUMvbzbsAMVIeIbpUeiwqNhPBIa
QHtrtzXaD3AMCd/jvUC0o42pRJJXn85crLqx+5DpP5jOeY8pGpPpe5Q0TcigMkMM
Rq0JHDv2BS7wL/04oPq1G8OxBkRd0BVTuStVArgLW92fs+XPMUGWHke8j1/+HmMv
+k0AJ5K80QGF8aQj5EmN9H8EAkfegB50thbwIKzFEnJ8ri8lxnKlk0LqjA2xGZH4
1A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:18 2024 by rpki-client on console-fra.rpki-client.org