Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/vBLAOnV3UWzHjJvW_TxfFpe8cZE.roa
File: vBLAOnV3UWzHjJvW_TxfFpe8cZE.roa (raw, json)
Hash identifier: bjH2ommCI31lTPwplAJTJwCKLYmgKt8aHtgjlHH3cUA=
Subject key identifier: BC:12:C0:3A:75:77:51:6C:C7:8C:9B:D6:FD:3C:5F:16:97:BC:71:91
Certificate issuer: /CN=a4f8436003d37602026b65531755ca8fcd31bed2
Certificate serial: 018FA04847FF8E3C3DEEF0D6BF860A49D26F
Authority key identifier: A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/vBLAOnV3UWzHjJvW_TxfFpe8cZE.roa
Signing time: Wed 22 May 2024 12:30:42 +0000
ROA not before: Wed 22 May 2024 12:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31027
IP address blocks: 5.56.144.0/20 maxlen: 20
5.179.80.0/20 maxlen: 20
37.49.128.0/20 maxlen: 20
46.32.156.0/22 maxlen: 22
62.12.32.0/20 maxlen: 20
62.12.48.0/21 maxlen: 21
62.116.192.0/19 maxlen: 19
77.233.224.0/19 maxlen: 19
78.153.160.0/19 maxlen: 19
80.88.128.0/20 maxlen: 20
80.243.112.0/20 maxlen: 20
82.192.160.0/19 maxlen: 19
83.136.88.0/21 maxlen: 21
83.151.128.0/18 maxlen: 18
87.116.0.0/18 maxlen: 18
88.212.64.0/18 maxlen: 18
89.221.160.0/20 maxlen: 20
92.62.192.0/20 maxlen: 20
93.176.64.0/18 maxlen: 18
130.185.128.0/20 maxlen: 20
185.20.240.0/22 maxlen: 22
185.67.128.0/22 maxlen: 22
188.120.80.0/21 maxlen: 21
193.105.116.0/24 maxlen: 24
193.105.149.0/24 maxlen: 24
194.182.96.0/21 maxlen: 21
195.140.132.0/22 maxlen: 22
212.60.120.0/21 maxlen: 21
212.98.96.0/24 maxlen: 24
217.74.208.0/20 maxlen: 20
217.116.208.0/20 maxlen: 20
217.195.176.0/20 maxlen: 20
217.195.178.0/24 maxlen: 24
2a02:188::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 22 May 2024 12:43:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a0:48:47:ff:8e:3c:3d:ee:f0:d6:bf:86:0a:49:d2:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f8436003d37602026b65531755ca8fcd31bed2
Validity
Not Before: May 22 12:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc12c03a7577516cc78c9bd6fd3c5f1697bc7191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:59:40:e4:89:19:49:5d:54:91:3e:7b:8c:65:
32:a1:75:7b:9d:cd:8f:e4:7f:5c:c7:dc:94:b7:01:
e4:88:ff:f6:dc:5a:25:95:f1:98:5d:90:3b:f2:16:
19:b5:28:31:a4:b3:dc:ae:4e:f0:4e:c7:e3:0d:7d:
29:a0:4a:ee:9e:01:ac:77:7d:e3:e3:14:d1:00:ca:
96:13:c6:dd:c7:b8:99:26:2b:a3:d0:58:4d:85:88:
58:60:67:2a:b8:30:74:46:68:59:73:6e:7b:0c:c2:
df:fa:d3:e4:1d:25:2c:d8:b1:50:0c:71:07:cc:b4:
0d:9a:b0:b9:37:7c:b1:93:16:93:a3:02:cc:f1:d5:
8f:63:c9:9a:34:8a:53:ef:1d:4f:39:f3:50:ab:a8:
3b:36:7c:34:60:5c:28:25:1a:88:86:dc:33:04:3f:
9d:19:7a:fa:11:1c:a8:49:41:b7:e7:3b:bd:1b:8c:
6e:5c:da:55:f8:3e:1c:32:57:0c:9c:27:9f:9c:c9:
23:95:49:f0:05:ea:4c:ba:3e:5e:4f:e1:0b:a8:0d:
87:41:f8:77:fd:0b:e9:b0:d7:de:87:be:99:b1:ac:
19:29:72:9b:da:ec:ab:13:d0:21:57:28:c4:01:6e:
a0:b8:cb:86:c5:b0:3c:b1:3d:0f:5f:a2:67:65:93:
b4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:12:C0:3A:75:77:51:6C:C7:8C:9B:D6:FD:3C:5F:16:97:BC:71:91
X509v3 Authority Key Identifier:
keyid:A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/vBLAOnV3UWzHjJvW_TxfFpe8cZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/pPhDYAPTdgICa2VTF1XKj80xvtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.144.0/20
5.179.80.0/20
37.49.128.0/20
46.32.156.0/22
62.12.32.0-62.12.55.255
62.116.192.0/19
77.233.224.0/19
78.153.160.0/19
80.88.128.0/20
80.243.112.0/20
82.192.160.0/19
83.136.88.0/21
83.151.128.0/18
87.116.0.0/18
88.212.64.0/18
89.221.160.0/20
92.62.192.0/20
93.176.64.0/18
130.185.128.0/20
185.20.240.0/22
185.67.128.0/22
188.120.80.0/21
193.105.116.0/24
193.105.149.0/24
194.182.96.0/21
195.140.132.0/22
212.60.120.0/21
212.98.96.0/24
217.74.208.0/20
217.116.208.0/20
217.195.176.0/20
IPv6:
2a02:188::/29
Signature Algorithm: sha256WithRSAEncryption
49:94:89:ec:de:53:4c:a0:97:be:f5:24:fd:ea:62:56:c4:55:
40:dc:d4:b9:47:0e:06:cc:86:f5:72:be:d7:c9:9d:dc:50:36:
8d:ae:0b:26:20:a3:1c:c0:b4:c9:77:52:86:ed:d5:31:c0:99:
97:75:07:fe:4d:57:ab:52:f9:22:62:f0:b6:a4:ac:02:e3:db:
a9:db:85:dc:18:28:e2:48:80:d2:a3:79:61:2c:da:f1:e1:fa:
b7:6b:d6:b1:e7:12:7e:b0:46:18:59:90:57:47:29:c4:ca:b0:
36:db:4e:5f:47:0f:05:1d:dd:f8:cf:8d:e6:32:fa:85:6f:84:
9d:8b:97:c9:c6:0c:45:b7:5e:56:88:d6:ce:1d:f1:f8:bc:b8:
e1:1e:2c:58:14:0c:99:74:f2:53:93:15:fc:fa:a0:b8:a6:01:
5e:8d:81:4f:c4:d2:b0:0b:85:c4:75:68:ce:a4:00:0f:90:a7:
43:f4:80:4d:db:c3:6f:d4:86:7b:23:02:af:8f:40:dd:cd:63:
ae:72:ad:06:0a:df:92:b2:aa:be:c4:86:b6:71:7e:2b:8c:e3:
d9:61:f5:52:a9:fa:97:f5:86:b5:41:03:1f:5d:03:cf:f2:76:
36:a4:ad:87:58:21:4b:c5:cd:59:36:bb:3f:00:61:fe:60:d7:
72:cb:f6:fd
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgISAY+gSEf/jjw97vDWv4YKSdJvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Zjg0MzYwMDNkMzc2MDIwMjZiNjU1MzE3NTVjYThmY2Qz
MWJlZDIwHhcNMjQwNTIyMTIzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzEyYzAzYTc1Nzc1MTZjYzc4YzliZDZmZDNjNWYxNjk3YmM3MTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVlA5IkZSV1UkT57jGUyoXV7nc2P
5H9cx9yUtwHkiP/23FollfGYXZA78hYZtSgxpLPcrk7wTsfjDX0poErungGsd33j
4xTRAMqWE8bdx7iZJiuj0FhNhYhYYGcquDB0RmhZc257DMLf+tPkHSUs2LFQDHEH
zLQNmrC5N3yxkxaTowLM8dWPY8maNIpT7x1POfNQq6g7Nnw0YFwoJRqIhtwzBD+d
GXr6ERyoSUG35zu9G4xuXNpV+D4cMlcMnCefnMkjlUnwBepMuj5eT+ELqA2HQfh3
/QvpsNfeh76ZsawZKXKb2uyrE9AhVyjEAW6guMuGxbA8sT0PX6JnZZO0yQIDAQAB
o4IC2TCCAtUwHQYDVR0OBBYEFLwSwDp1d1Fsx4yb1v08XxaXvHGRMB8GA1UdIwQY
MBaAFKT4Q2AD03YCAmtlUxdVyo/NMb7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQt
MjdiZjgzY2RlZDZiLzEvdkJMQU9uVjNVV3pIakp2V19UeGZGcGU4Y1pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQtMjdiZjgzY2RlZDZi
LzEvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHuBggrBgEFBQcBBwEB/wSB3jCB2zCByQQCAAEwgcIDBAQF
OJADBAQFs1ADBAQlMYADBAIuIJwwDAMEBT4MIAMEAz4MMAMEBT50wAMEBU3p4AME
BU6ZoAMEBFBYgAMEBFDzcAMEBVLAoAMEA1OIWAMEBlOXgAMEBld0AAMEBljUQAME
BFndoAMEBFw+wAMEBl2wQAMEBIK5gAMEArkU8AMEArlDgAMEA7x4UAMEAMFpdAME
AMFplQMEA8K2YAMEAsOMhAMEA9Q8eAMEANRiYAMEBNlK0AMEBNl00AMEBNnDsDAN
BAIAAjAHAwUDKgIBiDANBgkqhkiG9w0BAQsFAAOCAQEASZSJ7N5TTKCXvvUk/epi
VsRVQNzUuUcOBsyG9XK+18md3FA2ja4LJiCjHMC0yXdShu3VMcCZl3UH/k1Xq1L5
ImLwtqSsAuPbqduF3Bgo4kiA0qN5YSza8eH6t2vWsecSfrBGGFmQV0cpxMqwNttO
X0cPBR3d+M+N5jL6hW+EnYuXycYMRbdeVojWzh3x+Ly44R4sWBQMmXTyU5MV/Pqg
uKYBXo2BT8TSsAuFxHVozqQAD5CnQ/SATdvDb9SGeyMCr49A3c1jrnKtBgrfkrKq
vsSGtnF+K4zj2WH1Uqn6l/WGtUEDH10Dz/J2NqSth1ghS8XNWTa7PwBh/mDXcsv2
/Q==
-----END CERTIFICATE-----
Generated at Mon May 12 06:31:04 2025 by rpki-client