Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/bgJC8HE0cp9BZqj4QgsRrxzMfh8.roa
File: bgJC8HE0cp9BZqj4QgsRrxzMfh8.roa (raw, json)
Hash identifier: yUyvDwTsAwRwAvjxIrUiEfA2ix1Ct5X8SZjBcIKbZKk=
Subject key identifier: 6E:02:42:F0:71:34:72:9F:41:66:A8:F8:42:0B:11:AF:1C:CC:7E:1F
Certificate issuer: /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial: 018571B9E6D2A1D04AD18C8C8E438E6952A5
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/bgJC8HE0cp9BZqj4QgsRrxzMfh8.roa
Signing time: Mon 02 Jan 2023 09:04:46 +0000
ROA not before: Mon 02 Jan 2023 09:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 45.67.4.0/22 maxlen: 32
92.119.168.0/22 maxlen: 32
213.173.60.0/22 maxlen: 32
2.58.76.0/22 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b9:e6:d2:a1:d0:4a:d1:8c:8c:8e:43:8e:69:52:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Validity
Not Before: Jan 2 09:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e0242f07134729f4166a8f8420b11af1ccc7e1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:58:b4:43:09:67:f3:46:ef:27:5b:43:fb:a0:
e7:38:b6:51:47:00:7f:52:ed:3e:8f:ba:c3:a8:48:
5b:68:ca:1b:7e:fc:49:70:38:69:e9:37:39:b2:55:
50:7c:9f:c2:3e:fe:d6:d8:79:f3:ab:5f:98:ec:b0:
62:3c:34:e3:cb:50:59:85:38:67:81:52:a1:6f:8a:
13:7a:ef:da:13:7f:47:24:aa:b5:f2:c4:bd:3e:45:
65:bc:65:de:1a:ef:dc:43:a9:d1:6a:67:71:79:7c:
38:15:cf:20:a4:3e:cd:ab:10:09:1c:c9:05:35:61:
07:d5:84:9e:c7:6b:be:7b:e3:4d:cc:44:86:02:75:
7f:28:c5:6f:d2:92:3c:5b:f2:83:b6:a6:2a:26:90:
34:16:96:16:db:ee:01:64:61:07:28:ec:99:1f:e1:
ff:e0:38:02:fe:ec:10:bb:45:b8:0c:da:fd:05:49:
de:8b:34:1a:65:6f:5b:6f:5d:cc:35:d5:d2:e5:11:
7b:c1:25:36:2e:89:9b:2c:c4:3f:a4:2b:eb:08:3c:
af:ff:bd:a2:3c:10:f3:50:dd:c6:70:43:08:98:b3:
67:56:5e:ba:63:78:4a:9f:82:ae:ff:73:1b:8c:8e:
8b:11:14:a6:4d:c1:2c:a1:a5:99:77:bd:92:73:f1:
ef:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:02:42:F0:71:34:72:9F:41:66:A8:F8:42:0B:11:AF:1C:CC:7E:1F
X509v3 Authority Key Identifier:
keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/bgJC8HE0cp9BZqj4QgsRrxzMfh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.76.0/22
45.67.4.0/22
92.119.168.0/22
213.173.60.0/22
Signature Algorithm: sha256WithRSAEncryption
32:e4:fa:2b:2e:fd:90:5a:03:88:bb:22:b1:05:72:20:34:55:
f6:32:20:14:6d:de:ab:8d:98:b5:cc:96:c4:28:52:33:a8:40:
36:df:19:00:a6:1c:7d:a8:3e:4f:29:cb:96:6f:a5:ca:5b:d1:
22:53:81:ac:91:9f:da:39:8c:a7:35:69:42:39:5a:59:a8:35:
36:d7:14:b0:1b:ef:68:57:62:8f:c0:59:92:0a:42:12:b3:43:
5d:d1:4c:e6:ae:bd:c4:af:9c:ad:4f:97:a0:c5:ee:c7:6f:e9:
28:53:06:8a:17:f3:0e:e9:a3:59:21:16:b0:60:f6:e6:9c:d3:
39:81:17:a0:ad:ef:83:a6:26:47:04:51:e2:bd:ae:df:02:e6:
3c:b1:7a:b6:10:49:06:5b:8c:3f:7d:f4:d0:ab:b9:b5:05:f3:
4d:36:8b:40:00:66:36:af:b2:f8:54:7a:ff:14:ef:6e:b0:72:
ce:b2:05:ed:9c:ef:48:7b:1a:a0:5b:48:cf:8c:56:d5:0a:66:
2c:87:07:24:a7:2b:82:e2:43:5a:c9:1c:b1:4f:6f:ac:23:ee:
cd:b5:e5:89:de:77:3d:d0:0e:24:f6:e8:90:10:77:b1:ce:3a:
7a:02:1b:ac:63:16:82:05:f4:37:f7:38:65:09:53:f9:22:b0:
9a:d2:a9:89
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxuebSodBK0YyMjkOOaVKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOTkxYWZjZDQ1NWViMWIxNzRmY2Y4OWY4ZTEwZWFmN2Y3
MGIzNTUwHhcNMjMwMTAyMDkwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTAyNDJmMDcxMzQ3MjlmNDE2NmE4Zjg0MjBiMTFhZjFjY2M3ZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFi0Qwln80bvJ1tD+6DnOLZRRwB/
Uu0+j7rDqEhbaMobfvxJcDhp6Tc5slVQfJ/CPv7W2Hnzq1+Y7LBiPDTjy1BZhThn
gVKhb4oTeu/aE39HJKq18sS9PkVlvGXeGu/cQ6nRamdxeXw4Fc8gpD7NqxAJHMkF
NWEH1YSex2u+e+NNzESGAnV/KMVv0pI8W/KDtqYqJpA0FpYW2+4BZGEHKOyZH+H/
4DgC/uwQu0W4DNr9BUneizQaZW9bb13MNdXS5RF7wSU2LombLMQ/pCvrCDyv/72i
PBDzUN3GcEMImLNnVl66Y3hKn4Ku/3MbjI6LERSmTcEsoaWZd72Sc/HvbQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG4CQvBxNHKfQWao+EILEa8czH4fMB8GA1UdIwQY
MBaAFIOZGvzUVesbF0/PifjhDq9/cLNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmIt
ZTE1NDM3MzgwMDk5LzEvYmdKQzhIRTBjcDlCWnFqNFFnc1JyeHpNZmg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmItZTE1NDM3MzgwMDk5
LzEvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjpMAwQC
LUMEAwQCXHeoAwQC1a08MA0GCSqGSIb3DQEBCwUAA4IBAQAy5PorLv2QWgOIuyKx
BXIgNFX2MiAUbd6rjZi1zJbEKFIzqEA23xkAphx9qD5PKcuWb6XKW9EiU4GskZ/a
OYynNWlCOVpZqDU21xSwG+9oV2KPwFmSCkISs0Nd0Uzmrr3Er5ytT5egxe7Hb+ko
UwaKF/MO6aNZIRawYPbmnNM5gRegre+DpiZHBFHiva7fAuY8sXq2EEkGW4w/ffTQ
q7m1BfNNNotAAGY2r7L4VHr/FO9usHLOsgXtnO9IexqgW0jPjFbVCmYshwckpyuC
4kNayRyxT2+sI+7NteWJ3nc90A4k9uiQEHexzjp6AhusYxaCBfQ39zhlCVP5IrCa
0qmJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:07 2024 by rpki-client on console-fra.rpki-client.org