Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/BgHznSuvHepdMP0-AgnFKr5tES4.roa
File: BgHznSuvHepdMP0-AgnFKr5tES4.roa (raw, json)
Hash identifier: bF9Cj7T9rwAdh08BUm36Aw7R9KD1ZM+qlrrnbqdunYk=
Subject key identifier: 06:01:F3:9D:2B:AF:1D:EA:5D:30:FD:3E:02:09:C5:2A:BE:6D:11:2E
Certificate issuer: /CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Certificate serial: 01856F8B7DC1398B67EACF62F9CD62AEEC96
Authority key identifier: 4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/BgHznSuvHepdMP0-AgnFKr5tES4.roa
Signing time: Sun 01 Jan 2023 22:54:50 +0000
ROA not before: Sun 01 Jan 2023 22:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49788
IP address blocks: 91.223.100.0/24 maxlen: 24
151.252.8.0/21 maxlen: 24
91.90.104.0/21 maxlen: 21
193.202.115.0/24 maxlen: 24
91.225.60.0/22 maxlen: 22
91.189.120.0/21 maxlen: 21
91.221.130.0/23 maxlen: 23
45.153.104.0/22 maxlen: 22
91.209.212.0/24 maxlen: 24
185.7.192.0/22 maxlen: 22
91.193.0.0/22 maxlen: 24
176.111.206.0/23 maxlen: 23
185.55.104.0/22 maxlen: 22
185.80.180.0/22 maxlen: 24
91.218.184.0/22 maxlen: 22
2a04:d340::/29 maxlen: 29
2001:67c:206c::/48 maxlen: 48
2a02:d140::/29 maxlen: 29
2a0f:7900::/29 maxlen: 29
2a04:dc80::/29 maxlen: 29
2001:67c:230::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 22 May 2023 17:41:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:7d:c1:39:8b:67:ea:cf:62:f9:cd:62:ae:ec:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Validity
Not Before: Jan 1 22:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0601f39d2baf1dea5d30fd3e0209c52abe6d112e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:be:88:f0:28:aa:3e:1e:02:5e:84:54:9b:e4:
40:9f:51:a7:4a:a2:9f:78:04:8d:31:ff:2e:f2:a7:
bc:dd:e4:33:62:4e:42:ab:a8:77:a6:b8:dd:04:ff:
57:7d:a9:22:d0:19:04:91:6f:f0:88:ef:2b:65:dc:
e9:e6:3c:c5:d0:6b:49:71:9a:88:a9:2b:e5:a3:24:
44:d9:83:d2:05:9c:d7:0a:4e:fc:ad:d0:01:cd:a0:
ae:88:8e:1c:ad:87:0b:a7:fb:be:35:be:37:df:21:
12:19:29:e2:50:1a:d3:39:48:34:28:1d:a5:9e:32:
99:c2:18:2a:7f:cd:b0:73:14:14:f9:d4:b3:d0:fc:
19:d6:5c:4a:d5:86:71:26:44:04:6c:ef:a2:f1:eb:
05:ef:2a:bc:b0:9b:4a:9f:7a:35:b7:8c:a0:5b:7a:
9f:0c:d9:74:5d:2a:eb:c6:28:c3:9a:80:fb:f2:87:
12:fb:bc:a5:f2:3e:51:c4:ca:41:26:f5:6e:37:a0:
f6:25:66:95:02:86:77:f8:1e:0e:53:b7:ba:bd:2e:
b4:55:ef:52:c3:2b:3f:4b:a2:5f:4a:db:37:b6:66:
34:91:bf:be:25:7e:03:e7:6a:6a:3c:2e:9c:09:2b:
7b:8f:f3:19:0d:d1:b0:12:4c:68:22:ae:30:d3:22:
3b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:01:F3:9D:2B:AF:1D:EA:5D:30:FD:3E:02:09:C5:2A:BE:6D:11:2E
X509v3 Authority Key Identifier:
keyid:4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/BgHznSuvHepdMP0-AgnFKr5tES4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.104.0/22
91.90.104.0/21
91.189.120.0/21
91.193.0.0/22
91.209.212.0/24
91.218.184.0/22
91.221.130.0/23
91.223.100.0/24
91.225.60.0/22
151.252.8.0/21
176.111.206.0/23
185.7.192.0/22
185.55.104.0/22
185.80.180.0/22
193.202.115.0/24
IPv6:
2001:67c:230::/48
2001:67c:206c::/48
2a02:d140::/29
2a04:d340::/29
2a04:dc80::/29
2a0f:7900::/29
Signature Algorithm: sha256WithRSAEncryption
a7:6d:a7:d5:5f:c3:bc:88:1f:b2:c1:2e:4c:64:08:59:c8:b6:
12:c5:05:0f:9c:70:d5:32:4f:e2:07:60:09:03:ec:7f:46:f9:
21:da:1e:91:d2:95:57:42:ab:27:c7:91:08:95:19:06:b8:ef:
c1:76:7a:57:ac:90:b7:77:ea:11:cf:92:f0:13:88:f3:1f:63:
2f:3f:d2:8a:52:61:bb:22:49:ed:d2:31:16:c5:87:40:16:22:
80:15:9b:1d:27:ba:69:54:fd:52:a9:a8:d1:d8:27:c1:f0:5c:
5e:a3:c0:9a:2a:59:e7:ca:96:f2:af:61:77:42:06:24:22:fc:
4f:ce:9a:5d:ae:26:c4:9b:5b:e8:e0:4d:44:03:20:71:39:c5:
34:94:98:c5:54:b3:15:2b:8b:2e:af:d1:3c:79:85:6a:e3:0d:
c1:f2:43:23:8a:f9:a2:74:5e:35:db:61:ec:b4:15:08:1f:f2:
0d:75:cc:4b:7f:8d:86:13:ec:f3:2d:1f:ee:71:bc:0e:93:5e:
67:56:9c:44:99:ae:dc:21:26:85:92:81:82:82:a8:41:bb:45:
10:e6:a2:5b:77:ce:5d:3e:2c:c4:3c:e9:67:b9:34:f1:b9:55:
f8:c5:f5:24:9e:ce:e9:2c:15:bc:9c:14:9c:fd:7c:d6:27:91:
ed:cc:2f:0e
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYVvi33BOYtn6s9i+c1iruyWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGFkZTU0YzI3ZTZmY2RkYWNlMjYyYzRmZGY3OTBmMzIw
ZmVkOWMwHhcNMjMwMTAxMjI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjAxZjM5ZDJiYWYxZGVhNWQzMGZkM2UwMjA5YzUyYWJlNmQxMTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmr6I8CiqPh4CXoRUm+RAn1GnSqKf
eASNMf8u8qe83eQzYk5Cq6h3prjdBP9Xfaki0BkEkW/wiO8rZdzp5jzF0GtJcZqI
qSvloyRE2YPSBZzXCk78rdABzaCuiI4crYcLp/u+Nb433yESGSniUBrTOUg0KB2l
njKZwhgqf82wcxQU+dSz0PwZ1lxK1YZxJkQEbO+i8esF7yq8sJtKn3o1t4ygW3qf
DNl0XSrrxijDmoD78ocS+7yl8j5RxMpBJvVuN6D2JWaVAoZ3+B4OU7e6vS60Ve9S
wys/S6JfSts3tmY0kb++JX4D52pqPC6cCSt7j/MZDdGwEkxoIq4w0yI79QIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFAYB850rrx3qXTD9PgIJxSq+bREuMB8GA1UdIwQY
MBaAFE0K3lTCfm/N2s4mLE/feQ8yD+2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFyZVZNSi1iODNhemlZc1Q5OTVEeklQN1p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC84ZWZkOGItZTUxNi00YzQ5LTkyY2It
ODkyOTZjY2IzNWY1LzEvQmdIem5TdXZIZXBkTVAwLUFnbkZLcjV0RVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC84ZWZkOGItZTUxNi00YzQ5LTkyY2ItODkyOTZjY2IzNWY1
LzEvVFFyZVZNSi1iODNhemlZc1Q5OTVEeklQN1p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDBgBAIAATBaAwQCLZlo
AwQDW1poAwQDW714AwQCW8EAAwQAW9HUAwQCW9q4AwQBW92CAwQAW99kAwQCW+E8
AwQDl/wIAwQBsG/OAwQCuQfAAwQCuTdoAwQCuVC0AwQAwcpzMDQEAgACMC4DBwAg
AQZ8AjADBwAgAQZ8IGwDBQMqAtFAAwUDKgTTQAMFAyoE3IADBQMqD3kAMA0GCSqG
SIb3DQEBCwUAA4IBAQCnbafVX8O8iB+ywS5MZAhZyLYSxQUPnHDVMk/iB2AJA+x/
Rvkh2h6R0pVXQqsnx5EIlRkGuO/BdnpXrJC3d+oRz5LwE4jzH2MvP9KKUmG7Iknt
0jEWxYdAFiKAFZsdJ7ppVP1SqajR2CfB8Fxeo8CaKlnnypbyr2F3QgYkIvxPzppd
ribEm1vo4E1EAyBxOcU0lJjFVLMVK4sur9E8eYVq4w3B8kMjivmidF4122HstBUI
H/INdcxLf42GE+zzLR/ucbwOk15nVpxEma7cISaFkoGCgqhBu0UQ5qJbd85dPizE
POlnuTTxuVX4xfUkns7pLBW8nBSc/XzWJ5HtzC8O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:30 2024 by rpki-client on console-fra.rpki-client.org