Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BDHl9tH7G-J8Ts_wPyLGXuiNkdI.roa
File: BDHl9tH7G-J8Ts_wPyLGXuiNkdI.roa (raw, json)
Hash identifier: a1naVuCFxsew8Zc9cD3ik7TFuCLcUE8OUuX2Jwplcnw=
Subject key identifier: 04:31:E5:F6:D1:FB:1B:E2:7C:4E:CF:F0:3F:22:C6:5E:E8:8D:91:D2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018DD4EBA0874CF8B1FEBBFDD452BF529455
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BDHl9tH7G-J8Ts_wPyLGXuiNkdI.roa
Signing time: Fri 23 Feb 2024 07:43:48 +0000
ROA not before: Fri 23 Feb 2024 07:43:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 192.124.191.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.203.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.142.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.78.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 09:28:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d4:eb:a0:87:4c:f8:b1:fe:bb:fd:d4:52:bf:52:94:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 23 07:43:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0431e5f6d1fb1be27c4ecff03f22c65ee88d91d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:6b:d4:4d:92:b0:22:06:0f:68:23:b6:d4:e1:
3d:72:3d:6c:34:70:fd:3e:a7:db:0a:00:56:5d:c0:
4f:a9:fd:47:d5:0c:bc:d8:96:77:32:12:9d:5c:36:
4d:74:83:5f:66:b3:39:a4:ec:01:a6:e3:7c:78:ed:
0d:88:01:a0:d2:24:c6:74:53:75:bf:e8:e9:2e:ee:
b9:df:d3:32:3d:d7:2e:28:4d:c8:b6:4f:0a:6c:2a:
75:9d:1b:5b:f8:85:43:00:e9:85:26:99:6b:f4:64:
61:b7:78:a8:6f:30:fd:14:50:0e:0d:3e:72:ed:5e:
77:d6:19:6d:79:8c:32:cb:14:7e:5e:7a:18:90:a1:
61:09:b3:2e:87:20:fc:e6:98:86:b1:61:20:66:a1:
a9:0f:02:c9:be:94:ee:75:93:ae:c4:c1:de:f0:4f:
2a:d3:f8:bd:62:9d:13:f8:09:da:27:9f:f6:08:a7:
f5:52:f1:42:5e:eb:1d:0f:ae:85:df:5b:69:07:26:
8d:a7:09:b8:eb:29:8e:4f:c1:36:f2:2a:d9:14:7c:
00:f8:33:5a:be:a2:68:15:57:69:c9:0f:3e:04:4a:
87:42:8c:f6:99:a6:f4:1f:a0:7c:77:cb:97:1f:c3:
62:6d:59:0d:ba:38:09:43:69:90:ae:ad:c3:c7:1f:
29:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:31:E5:F6:D1:FB:1B:E2:7C:4E:CF:F0:3F:22:C6:5E:E8:8D:91:D2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BDHl9tH7G-J8Ts_wPyLGXuiNkdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.191.0/24
193.124.5.0/24
193.124.7.0/24
193.124.203.0/24
194.87.22.0/24
194.87.32.0/24
194.87.142.0/24
194.87.169.0/24
194.87.201.0/24
194.87.245.0/24
195.133.6.0/24
195.133.25.0/24
195.133.72.0/24
195.133.78.0/24
195.133.85.0/24
195.133.192.0/24
212.192.1.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
97:3d:f0:e6:25:47:e1:65:95:08:ca:7b:c6:5a:14:14:77:09:
ab:08:72:9a:e8:1a:f4:8e:57:9e:ad:d3:ff:a5:f1:8c:52:ac:
ba:7f:c7:db:29:a0:38:17:d4:6c:d2:2d:9b:4d:b1:00:0d:f0:
15:16:9f:ec:8d:c8:da:cc:63:1c:c9:aa:da:b7:0e:d4:5d:ea:
e9:36:f1:43:c7:21:d5:44:f3:9c:76:61:9d:3a:54:82:b0:5a:
79:ac:ff:e2:29:34:26:cb:69:5f:f6:0c:5c:05:18:d0:91:ac:
ed:b5:04:be:96:25:00:f2:b5:63:0d:71:2c:74:34:97:c9:67:
97:bf:8a:06:4e:b7:af:b1:69:1c:38:67:ef:be:3b:72:8b:8b:
20:44:f5:d6:f2:61:b0:5a:f7:31:da:6c:75:4c:b8:57:d6:78:
72:8d:39:e8:21:0c:c1:4a:71:a4:a1:b9:e1:00:e7:15:b1:93:
24:ed:1b:95:f6:86:c6:74:3c:c6:86:51:59:6a:94:4c:29:7d:
8c:0c:e8:7e:ea:43:73:8d:40:d7:83:75:ec:7b:c7:c8:5e:67:
e9:7a:b5:0d:fc:b9:42:02:47:44:33:27:20:43:df:5a:50:3e:
13:e5:1b:07:3b:2f:ff:39:ff:0a:d2:73:2c:cb:bb:11:48:0e:
02:65:e3:8c
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAY3U66CHTPix/rv91FK/UpRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjIzMDc0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDMxZTVmNmQxZmIxYmUyN2M0ZWNmZjAzZjIyYzY1ZWU4OGQ5MWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmvUTZKwIgYPaCO21OE9cj1sNHD9
PqfbCgBWXcBPqf1H1Qy82JZ3MhKdXDZNdINfZrM5pOwBpuN8eO0NiAGg0iTGdFN1
v+jpLu6539MyPdcuKE3Itk8KbCp1nRtb+IVDAOmFJplr9GRht3iobzD9FFAODT5y
7V531hlteYwyyxR+XnoYkKFhCbMuhyD85piGsWEgZqGpDwLJvpTudZOuxMHe8E8q
0/i9Yp0T+AnaJ5/2CKf1UvFCXusdD66F31tpByaNpwm46ymOT8E28irZFHwA+DNa
vqJoFVdpyQ8+BEqHQoz2mab0H6B8d8uXH8NibVkNujgJQ2mQrq3Dxx8pTQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFAQx5fbR+xvifE7P8D8ixl7ojZHSMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQkRIbDl0SDdHLUo4VHNfd1B5TEdYdWlOa2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAMB8vwME
AMF8BQMEAMF8BwMEAMF8ywMEAMJXFgMEAMJXIAMEAMJXjgMEAMJXqQMEAMJXyQME
AMJX9QMEAMOFBgMEAMOFGQMEAMOFSAMEAMOFTgMEAMOFVQMEAMOFwAMEANTAAQME
ANTBDjANBgkqhkiG9w0BAQsFAAOCAQEAlz3w5iVH4WWVCMp7xloUFHcJqwhymuga
9I5Xnq3T/6XxjFKsun/H2ymgOBfUbNItm02xAA3wFRaf7I3I2sxjHMmq2rcO1F3q
6TbxQ8ch1UTznHZhnTpUgrBaeaz/4ik0JstpX/YMXAUY0JGs7bUEvpYlAPK1Yw1x
LHQ0l8lnl7+KBk63r7FpHDhn7747couLIET11vJhsFr3MdpsdUy4V9Z4co056CEM
wUpxpKG54QDnFbGTJO0blfaGxnQ8xoZRWWqUTCl9jAzofupDc41A14N17HvHyF5n
6Xq1Dfy5QgJHRDMnIEPfWlA+E+UbBzsv/zn/CtJzLMu7EUgOAmXjjA==
-----END CERTIFICATE-----
Generated at Mon Feb 26 14:29:22 2024 by rpki-client on console-fra.rpki-client.org