Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/BGjNU8oHXnL8UQKehLAm1TftVqg.roa
File: BGjNU8oHXnL8UQKehLAm1TftVqg.roa (raw, json)
Hash identifier: K2D+eBQP11O69bLX5CJAKV8Tp+/mhlz+NcWLI6hAJ4g=
Subject key identifier: 04:68:CD:53:CA:07:5E:72:FC:51:02:9E:84:B0:26:D5:37:ED:56:A8
Certificate issuer: /CN=34531c54b1e7956c2cc371b23e0a75567aa27518
Certificate serial: 01856DCB04B6B5311E1EA99887C85F6D7705
Authority key identifier: 34:53:1C:54:B1:E7:95:6C:2C:C3:71:B2:3E:0A:75:56:7A:A2:75:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/BGjNU8oHXnL8UQKehLAm1TftVqg.roa
Signing time: Sun 01 Jan 2023 14:44:59 +0000
ROA not before: Sun 01 Jan 2023 14:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51235
IP address blocks: 185.136.182.0/24 maxlen: 24
185.136.180.0/24 maxlen: 24
185.136.183.0/24 maxlen: 24
185.136.181.0/24 maxlen: 24
195.2.234.0/24 maxlen: 24
185.107.245.0/24 maxlen: 24
185.107.246.0/24 maxlen: 24
185.107.244.0/24 maxlen: 24
185.107.247.0/24 maxlen: 24
2a12:5440::/45 maxlen: 45
Validation: Failed, certificate revoked on Sun 20 Aug 2023 13:13:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:cb:04:b6:b5:31:1e:1e:a9:98:87:c8:5f:6d:77:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34531c54b1e7956c2cc371b23e0a75567aa27518
Validity
Not Before: Jan 1 14:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0468cd53ca075e72fc51029e84b026d537ed56a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:68:6e:2b:3a:fa:e7:5a:9d:29:3e:68:21:28:
37:34:b0:b3:55:3c:64:48:7b:31:d2:3e:ca:51:b2:
ec:6d:ab:44:5b:6e:b1:18:7d:c5:6d:d7:06:94:bf:
ef:9c:75:5b:62:b0:28:f2:c4:70:55:2c:f1:ab:2f:
b7:cc:8a:5c:aa:af:3f:f6:7d:ce:bc:db:8d:0a:a0:
cc:61:6c:a9:bf:d2:7c:e3:f9:36:3f:7a:7f:13:0a:
29:9b:71:b6:40:d0:b5:13:da:db:a8:1b:b0:eb:b7:
f4:e5:23:e1:91:c5:1d:39:05:7d:11:83:b4:f1:4c:
3a:d2:b2:37:e7:ca:6a:6c:0b:cf:8d:6e:f8:ca:fb:
23:cb:5b:4e:c3:06:82:88:60:46:4e:aa:b4:91:04:
cd:2f:a0:6e:61:c5:f1:be:dd:3a:b0:e3:47:97:9a:
ff:72:13:a6:67:e9:15:da:2c:dd:7d:14:93:e9:4f:
7b:4f:fd:39:5f:f9:95:10:68:74:c6:67:96:e1:ad:
58:6c:58:69:ba:45:29:d2:44:5d:65:77:ef:d6:24:
22:dc:2f:55:19:96:43:9c:64:12:1d:01:e9:8c:ea:
8f:4a:44:57:6d:c0:1e:fa:7e:90:70:d1:9c:c2:10:
48:60:84:41:33:ba:d8:54:ec:c1:3e:1a:55:31:55:
60:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:68:CD:53:CA:07:5E:72:FC:51:02:9E:84:B0:26:D5:37:ED:56:A8
X509v3 Authority Key Identifier:
keyid:34:53:1C:54:B1:E7:95:6C:2C:C3:71:B2:3E:0A:75:56:7A:A2:75:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/BGjNU8oHXnL8UQKehLAm1TftVqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/NFMcVLHnlWwsw3GyPgp1VnqidRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.244.0/22
185.136.180.0/22
195.2.234.0/24
IPv6:
2a12:5440::/45
Signature Algorithm: sha256WithRSAEncryption
59:ac:f6:7c:a4:e3:d4:17:40:83:e0:56:92:c6:db:4d:53:9e:
1b:25:78:0c:7c:7b:fe:41:c4:61:71:0e:53:0e:ad:fc:e7:2f:
36:92:85:7f:7e:b9:46:f9:66:d3:56:37:cb:47:55:8d:38:af:
c9:29:00:bc:c9:d4:45:74:50:fb:c3:7d:f9:fd:2c:a2:d0:8d:
e3:e4:db:06:38:8b:70:6c:1a:91:40:55:9a:19:84:a2:fd:8b:
0b:61:a6:f1:93:2a:35:f0:38:ee:ab:20:2a:5c:61:b0:d5:54:
9d:4c:e4:35:dd:4a:c6:f2:2a:60:d6:db:7a:19:af:c3:a1:63:
99:c8:2d:64:6f:74:77:1d:c0:cf:bd:ab:6b:99:0e:d1:17:33:
45:6a:f7:29:16:b5:d0:81:f8:8b:9f:e8:42:27:d2:87:89:48:
99:e3:e8:93:3f:71:a6:f4:b1:34:1f:c7:0c:81:0c:49:51:94:
27:55:cd:fe:d0:b6:40:08:f3:97:78:69:65:52:fa:c0:05:84:
40:e0:e3:60:67:8b:52:11:31:92:ee:56:50:fb:07:82:fb:31:
6a:0c:7a:c7:7c:30:05:48:59:33:a4:3d:14:84:04:cd:ae:f0:
d3:5f:51:19:61:99:c2:12:ba:2c:31:47:af:9c:7b:39:74:68:
67:6e:ea:f5
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVtywS2tTEeHqmYh8hfbXcFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NTMxYzU0YjFlNzk1NmMyY2MzNzFiMjNlMGE3NTU2N2Fh
Mjc1MTgwHhcNMjMwMTAxMTQ0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDY4Y2Q1M2NhMDc1ZTcyZmM1MTAyOWU4NGIwMjZkNTM3ZWQ1NmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA62huKzr651qdKT5oISg3NLCzVTxk
SHsx0j7KUbLsbatEW26xGH3FbdcGlL/vnHVbYrAo8sRwVSzxqy+3zIpcqq8/9n3O
vNuNCqDMYWypv9J84/k2P3p/Ewopm3G2QNC1E9rbqBuw67f05SPhkcUdOQV9EYO0
8Uw60rI358pqbAvPjW74yvsjy1tOwwaCiGBGTqq0kQTNL6BuYcXxvt06sONHl5r/
chOmZ+kV2izdfRST6U97T/05X/mVEGh0xmeW4a1YbFhpukUp0kRdZXfv1iQi3C9V
GZZDnGQSHQHpjOqPSkRXbcAe+n6QcNGcwhBIYIRBM7rYVOzBPhpVMVVgOQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFARozVPKB15y/FECnoSwJtU37VaoMB8GA1UdIwQY
MBaAFDRTHFSx55VsLMNxsj4KdVZ6onUYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkZNY1ZMSG5sV3dzdzNHeVBncDFWbnFpZFJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84ZWZhODYtYzM1Zi00MWI2LWFkMDEt
NDkwNjEwM2RiZDE2LzEvQkdqTlU4b0hYbkw4VVFLZWhMQW0xVGZ0VnFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84ZWZhODYtYzM1Zi00MWI2LWFkMDEtNDkwNjEwM2RiZDE2
LzEvTkZNY1ZMSG5sV3dzdzNHeVBncDFWbnFpZFJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCuWv0AwQC
uYi0AwQAwwLqMA8EAgACMAkDBwMqElRAAAAwDQYJKoZIhvcNAQELBQADggEBAFms
9nyk49QXQIPgVpLG201TnhsleAx8e/5BxGFxDlMOrfznLzaShX9+uUb5ZtNWN8tH
VY04r8kpALzJ1EV0UPvDffn9LKLQjePk2wY4i3BsGpFAVZoZhKL9iwthpvGTKjXw
OO6rICpcYbDVVJ1M5DXdSsbyKmDW23oZr8OhY5nILWRvdHcdwM+9q2uZDtEXM0Vq
9ykWtdCB+Iuf6EIn0oeJSJnj6JM/cab0sTQfxwyBDElRlCdVzf7QtkAI85d4aWVS
+sAFhEDg42Bni1IRMZLuVlD7B4L7MWoMesd8MAVIWTOkPRSEBM2u8NNfURlhmcIS
uiwxR6+cezl0aGdu6vU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:37 2024 by rpki-client on console-ams.rpki-client.org