Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BQc3GPC-8T9A6nAmP_2AYFdkq38.roa
File: BQc3GPC-8T9A6nAmP_2AYFdkq38.roa (raw, json)
Hash identifier: MPhHOi6BXZV2mVY4w1oYJMMzH/IuRFkC3RDGeLxVofc=
Subject key identifier: 05:07:37:18:F0:BE:F1:3F:40:EA:70:26:3F:FD:80:60:57:64:AB:7F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A2C3B04C7557482ED1C863BE147C2216B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BQc3GPC-8T9A6nAmP_2AYFdkq38.roa
Signing time: Fri 25 Aug 2023 10:26:19 +0000
ROA not before: Fri 25 Aug 2023 10:26:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197450
IP address blocks: 62.76.226.0/24 maxlen: 24
193.124.17.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.118.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2c:3b:04:c7:55:74:82:ed:1c:86:3b:e1:47:c2:21:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 25 10:26:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05073718f0bef13f40ea70263ffd80605764ab7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3b:e9:82:f0:5c:6f:2c:9c:72:15:d4:c8:28:
eb:88:f6:ac:1a:2d:07:47:10:47:c0:b1:31:76:a2:
1d:8e:78:61:9b:16:fb:74:f4:a2:ca:a5:e0:2e:bb:
af:c1:25:69:a7:59:d4:dc:0f:3a:0a:bb:2c:4f:2d:
5f:99:0c:dc:00:cc:9e:03:7e:3e:cf:50:1f:bb:3d:
9b:12:8b:14:ae:52:e4:c3:47:cf:41:e2:54:84:76:
31:aa:15:c6:1c:ad:cb:3c:89:28:90:9f:9d:b7:d3:
4e:83:f6:c0:ad:f5:05:8a:13:dd:2b:83:18:5d:4a:
ba:c4:ac:84:c1:f1:53:70:1c:33:72:e8:15:21:93:
3d:1b:ef:eb:ad:2e:5f:d5:c3:e5:c5:bf:64:63:bc:
fe:03:d8:95:e4:a2:83:be:5d:94:16:13:57:c5:e0:
18:9d:2f:ba:ee:69:c1:a8:75:b7:e3:ce:f6:24:eb:
06:30:4e:e4:5c:d4:d2:f9:a2:d3:08:7a:3b:b0:12:
73:3b:e8:d6:83:38:f9:74:5c:06:09:c5:eb:00:a7:
c4:27:0b:48:ad:14:6e:b2:18:d8:49:d9:19:bb:c1:
c2:7a:1a:77:94:64:e1:e6:7a:45:22:48:47:6d:bf:
ba:fd:d0:54:bf:29:4d:15:35:0c:9f:a5:aa:21:8d:
a1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:07:37:18:F0:BE:F1:3F:40:EA:70:26:3F:FD:80:60:57:64:AB:7F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BQc3GPC-8T9A6nAmP_2AYFdkq38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
193.124.17.0/24
194.87.3.0/24
194.87.16.0/24
194.87.36.0/24
194.87.118.0/23
194.87.176.0/24
212.192.8.0/24
Signature Algorithm: sha256WithRSAEncryption
47:e0:e9:36:45:1b:9d:62:1b:e9:2e:d7:e5:d7:a6:62:41:80:
20:fc:c5:8a:32:37:5d:45:bd:1f:23:30:ce:b5:29:e4:32:c1:
9a:bd:aa:7c:75:03:fb:0c:dc:ff:dd:c4:85:96:2b:3c:a5:d4:
ec:e0:f1:0e:0a:cb:4d:8a:ff:2c:46:c5:52:60:28:14:ae:d8:
ae:37:b7:7a:10:32:46:d0:70:71:c6:1a:aa:60:fc:ee:1a:a9:
be:c2:52:82:0a:e3:ba:bd:6e:da:ad:cc:12:4b:96:27:d8:3b:
01:54:50:c7:9e:09:49:a4:26:55:7e:f2:e7:c8:a7:bd:4b:24:
df:15:49:fb:0c:a6:1b:90:7b:75:7a:b0:85:7f:c4:fd:0c:aa:
20:d1:9f:bc:74:39:44:6d:1a:21:d5:18:ac:42:d3:23:31:5a:
5a:69:5b:87:77:e1:35:76:78:0c:71:3f:84:e6:70:8d:46:88:
65:6d:3b:11:c6:41:b3:4b:1b:76:9c:74:82:0e:0a:ed:ac:9f:
f0:d3:a9:97:41:7a:5e:93:a5:76:c2:23:8c:80:3b:f7:38:b5:
28:2d:1d:0f:94:88:08:14:a8:03:0f:1b:9d:42:0b:37:a1:3c:
72:2a:40:dc:8e:4d:73:95:5a:76:0b:d3:cf:d1:c3:af:ff:a3:
07:59:f8:bf
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYosOwTHVXSC7RyGO+FHwiFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODI1MTAyNjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTA3MzcxOGYwYmVmMTNmNDBlYTcwMjYzZmZkODA2MDU3NjRhYjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTvpgvBcbyycchXUyCjriPasGi0H
RxBHwLExdqIdjnhhmxb7dPSiyqXgLruvwSVpp1nU3A86CrssTy1fmQzcAMyeA34+
z1Afuz2bEosUrlLkw0fPQeJUhHYxqhXGHK3LPIkokJ+dt9NOg/bArfUFihPdK4MY
XUq6xKyEwfFTcBwzcugVIZM9G+/rrS5f1cPlxb9kY7z+A9iV5KKDvl2UFhNXxeAY
nS+67mnBqHW34872JOsGME7kXNTS+aLTCHo7sBJzO+jWgzj5dFwGCcXrAKfEJwtI
rRRushjYSdkZu8HCehp3lGTh5npFIkhHbb+6/dBUvylNFTUMn6WqIY2hxQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAUHNxjwvvE/QOpwJj/9gGBXZKt/MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQlFjM0dQQy04VDlBNm5BbVBfMkFZRmRrcTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAPkziAwQA
wXwRAwQAwlcDAwQAwlcQAwQAwlckAwQBwld2AwQAwlewAwQA1MAIMA0GCSqGSIb3
DQEBCwUAA4IBAQBH4Ok2RRudYhvpLtfl16ZiQYAg/MWKMjddRb0fIzDOtSnkMsGa
vap8dQP7DNz/3cSFlis8pdTs4PEOCstNiv8sRsVSYCgUrtiuN7d6EDJG0HBxxhqq
YPzuGqm+wlKCCuO6vW7arcwSS5Yn2DsBVFDHnglJpCZVfvLnyKe9SyTfFUn7DKYb
kHt1erCFf8T9DKog0Z+8dDlEbRoh1RisQtMjMVpaaVuHd+E1dngMcT+E5nCNRohl
bTsRxkGzSxt2nHSCDgrtrJ/w06mXQXpek6V2wiOMgDv3OLUoLR0PlIgIFKgDDxud
Qgs3oTxyKkDcjk1zlVp2C9PP0cOv/6MHWfi/
-----END CERTIFICATE-----
Generated at Fri Aug 25 13:58:58 2023 by rpki-client on console-ams.rpki-client.org