Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/bbd64b-ebb8-46d8-b4e3-62eafed5922e/1/Bb3QT-ASpN1YL3CHopaEGSu0ojQ.roa
File: Bb3QT-ASpN1YL3CHopaEGSu0ojQ.roa (raw, json)
Hash identifier: DoPGuFzQd0wx1wkOHEAiXDWV8ceI0Uku6beR8S8e2uk=
Subject key identifier: 05:BD:D0:4F:E0:12:A4:DD:58:2F:70:87:A2:96:84:19:2B:B4:A2:34
Certificate issuer: /CN=4f3bf7ac28e830656cf6e999c4993ba76cb1a98a
Certificate serial: 01856CEF412CBDC1F0CEC330E4C734ED2584
Authority key identifier: 4F:3B:F7:AC:28:E8:30:65:6C:F6:E9:99:C4:99:3B:A7:6C:B1:A9:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tzv3rCjoMGVs9umZxJk7p2yxqYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/bbd64b-ebb8-46d8-b4e3-62eafed5922e/1/Bb3QT-ASpN1YL3CHopaEGSu0ojQ.roa
Signing time: Sun 01 Jan 2023 10:44:57 +0000
ROA not before: Sun 01 Jan 2023 10:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21263
IP address blocks: 185.124.220.0/22 maxlen: 24
185.4.232.0/22 maxlen: 24
178.157.80.0/23 maxlen: 24
178.157.83.0/24 maxlen: 24
5.154.226.0/23 maxlen: 24
5.154.230.0/23 maxlen: 24
188.119.150.0/23 maxlen: 23
188.119.152.0/24 maxlen: 24
185.68.188.0/24 maxlen: 24
128.0.35.0/24 maxlen: 24
2a05:7ac0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:41:2c:bd:c1:f0:ce:c3:30:e4:c7:34:ed:25:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f3bf7ac28e830656cf6e999c4993ba76cb1a98a
Validity
Not Before: Jan 1 10:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05bdd04fe012a4dd582f7087a29684192bb4a234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8e:2c:06:10:7f:cb:15:06:99:a8:7c:8e:6e:
28:b8:48:e2:22:68:56:74:3c:2c:d7:22:09:fa:63:
6f:43:55:53:f7:d8:fc:b7:f9:cc:e4:41:97:88:a0:
b0:3c:e2:80:7f:75:28:7a:90:ad:bd:b2:97:71:99:
1d:ff:c3:c3:b5:3b:ca:2a:d4:24:96:05:0f:7b:2f:
83:07:70:60:60:86:06:fc:59:3c:5f:83:d4:a0:82:
6a:e5:0e:2b:0a:d5:83:00:60:33:47:f8:9e:8b:dd:
c1:55:0c:45:9f:f1:ab:70:d9:25:56:ee:18:fd:bf:
64:f9:73:0c:2a:8b:1c:ed:f8:01:ca:f1:46:5c:4d:
24:b3:a1:45:46:91:41:9f:e8:66:3b:8e:b6:f0:44:
84:59:51:51:f7:22:8c:17:f8:39:c0:ff:05:5f:6d:
34:9a:28:2f:48:39:fa:03:ee:32:3a:c3:f9:94:28:
35:49:33:84:d0:6d:60:83:f7:9c:77:bf:3b:dc:6e:
42:89:dd:4d:6f:7d:03:c8:49:d6:0d:68:e2:2b:04:
df:48:f9:07:ac:ff:c8:ff:60:4b:1a:d2:51:ed:f8:
3f:de:aa:1e:ba:1d:4e:05:72:b5:4a:24:e2:c6:ae:
9b:c3:71:74:57:3d:b0:ad:3e:e1:f5:b6:58:9d:5d:
84:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:BD:D0:4F:E0:12:A4:DD:58:2F:70:87:A2:96:84:19:2B:B4:A2:34
X509v3 Authority Key Identifier:
keyid:4F:3B:F7:AC:28:E8:30:65:6C:F6:E9:99:C4:99:3B:A7:6C:B1:A9:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tzv3rCjoMGVs9umZxJk7p2yxqYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/bbd64b-ebb8-46d8-b4e3-62eafed5922e/1/Bb3QT-ASpN1YL3CHopaEGSu0ojQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/bbd64b-ebb8-46d8-b4e3-62eafed5922e/1/Tzv3rCjoMGVs9umZxJk7p2yxqYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.226.0/23
5.154.230.0/23
128.0.35.0/24
178.157.80.0/23
178.157.83.0/24
185.4.232.0/22
185.68.188.0/24
185.124.220.0/22
188.119.150.0-188.119.152.255
IPv6:
2a05:7ac0::/29
Signature Algorithm: sha256WithRSAEncryption
52:e1:3b:27:d8:e1:08:d3:6e:57:07:76:09:b7:cd:b4:a4:68:
d8:84:47:61:5a:e5:19:68:cb:b8:21:aa:c5:79:6b:50:af:80:
99:44:8d:1b:1d:bb:44:ed:fc:96:f6:52:da:70:74:c9:fb:73:
77:e0:31:78:56:7a:3b:63:63:82:14:95:54:73:3e:5e:c6:14:
80:4e:be:45:bf:7c:62:55:27:e8:0d:27:72:50:54:63:d7:1d:
99:08:1f:0b:00:b7:aa:f2:a7:fb:b2:17:5e:05:01:83:24:0d:
75:02:13:ac:62:90:09:48:86:bc:f0:9b:1a:c4:08:88:82:f0:
ba:1c:88:12:90:a3:74:8a:32:86:18:42:07:59:3f:50:46:4c:
8b:2b:55:67:5d:cc:a5:1e:fc:c4:c6:ba:88:b2:92:f4:00:dc:
0a:91:fe:4b:9d:05:52:ef:df:c7:43:b0:6c:c6:17:1d:08:17:
b9:3a:4e:f6:d1:bd:4f:4f:18:ab:0f:9a:26:09:1e:b5:35:8f:
1b:f2:48:d2:9d:f4:ed:8c:a0:9d:e8:dc:e8:3a:d9:ee:ae:11:
db:d0:48:a0:97:ab:e8:fd:33:8e:03:6b:65:af:b1:30:3a:c1:
9f:c7:09:ab:8e:f7:f4:d6:6a:a9:40:67:1c:d5:48:e6:31:4c:
42:ce:cb:4d
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYVs70EsvcHwzsMw5Mc07SWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmM2JmN2FjMjhlODMwNjU2Y2Y2ZTk5OWM0OTkzYmE3NmNi
MWE5OGEwHhcNMjMwMTAxMTA0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWJkZDA0ZmUwMTJhNGRkNTgyZjcwODdhMjk2ODQxOTJiYjRhMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxo4sBhB/yxUGmah8jm4ouEjiImhW
dDws1yIJ+mNvQ1VT99j8t/nM5EGXiKCwPOKAf3UoepCtvbKXcZkd/8PDtTvKKtQk
lgUPey+DB3BgYIYG/Fk8X4PUoIJq5Q4rCtWDAGAzR/iei93BVQxFn/GrcNklVu4Y
/b9k+XMMKosc7fgByvFGXE0ks6FFRpFBn+hmO4628ESEWVFR9yKMF/g5wP8FX200
migvSDn6A+4yOsP5lCg1STOE0G1gg/ecd7873G5Cid1Nb30DyEnWDWjiKwTfSPkH
rP/I/2BLGtJR7fg/3qoeuh1OBXK1SiTixq6bw3F0Vz2wrT7h9bZYnV2EaQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFAW90E/gEqTdWC9wh6KWhBkrtKI0MB8GA1UdIwQY
MBaAFE8796wo6DBlbPbpmcSZO6dssamKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHp2M3JDam9NR1ZzOXVtWnhKazdwMnl4cVlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9iYmQ2NGItZWJiOC00NmQ4LWI0ZTMt
NjJlYWZlZDU5MjJlLzEvQmIzUVQtQVNwTjFZTDNDSG9wYUVHU3Uwb2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9iYmQ2NGItZWJiOC00NmQ4LWI0ZTMtNjJlYWZlZDU5MjJl
LzEvVHp2M3JDam9NR1ZzOXVtWnhKazdwMnl4cVlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQBBZriAwQB
BZrmAwQAgAAjAwQBsp1QAwQAsp1TAwQCuQToAwQAuUS8AwQCuXzcMAwDBAG8d5YD
BAC8d5gwDQQCAAIwBwMFAyoFesAwDQYJKoZIhvcNAQELBQADggEBAFLhOyfY4QjT
blcHdgm3zbSkaNiER2Fa5Rloy7ghqsV5a1CvgJlEjRsdu0Tt/Jb2UtpwdMn7c3fg
MXhWejtjY4IUlVRzPl7GFIBOvkW/fGJVJ+gNJ3JQVGPXHZkIHwsAt6ryp/uyF14F
AYMkDXUCE6xikAlIhrzwmxrECIiC8LociBKQo3SKMoYYQgdZP1BGTIsrVWddzKUe
/MTGuoiykvQA3AqR/kudBVLv38dDsGzGFx0IF7k6TvbRvU9PGKsPmiYJHrU1jxvy
SNKd9O2MoJ3o3Og62e6uEdvQSKCXq+j9M44Da2WvsTA6wZ/HCauO9/TWaqlAZxzV
SOYxTELOy00=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:42 2023 by rpki-client on console.sobornost.net