Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BYRxd1-gtK0qokbqdvXOGwVbbds.roa
File: BYRxd1-gtK0qokbqdvXOGwVbbds.roa (raw, json)
Hash identifier: hZ5gbw+VET9sOUx2qrqHKYAV3jcracXGYYDyUJvkqCU=
Subject key identifier: 05:84:71:77:5F:A0:B4:AD:2A:A2:46:EA:76:F5:CE:1B:05:5B:6D:DB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A8A4F5826FFD983979748A10227B27C1C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BYRxd1-gtK0qokbqdvXOGwVbbds.roa
Signing time: Tue 12 Sep 2023 16:52:50 +0000
ROA not before: Tue 12 Sep 2023 16:52:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.26.0/23 maxlen: 23
195.58.36.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/24 maxlen: 24
195.58.53.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.133.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.40.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Sep 2023 08:51:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8a:4f:58:26:ff:d9:83:97:97:48:a1:02:27:b2:7c:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 12 16:52:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=058471775fa0b4ad2aa246ea76f5ce1b055b6ddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5f:66:42:48:a5:08:55:1e:09:9b:44:13:73:
94:c9:e4:f3:3f:4d:74:67:e8:05:94:9e:57:b3:d9:
31:4b:5e:84:f9:5c:cf:6d:50:12:30:93:0f:c2:b6:
22:55:6c:9e:9d:1f:af:a8:4b:19:1e:a1:9f:a8:9e:
06:66:e6:a9:b1:c6:de:9b:80:0b:9b:92:c0:d8:26:
0e:b9:38:68:a2:9f:9b:9f:fa:9e:27:69:14:78:45:
af:38:12:65:33:79:5d:a5:9b:2f:9b:bf:65:61:78:
34:08:b7:65:dc:d7:90:56:c6:5c:b4:38:0f:ef:e8:
b6:ed:fb:67:67:9a:72:5e:49:70:d2:05:4f:cb:29:
18:8e:8a:e0:39:a6:e3:31:fb:e6:f9:77:19:79:44:
9e:95:fb:2a:5c:a2:d9:23:59:1b:da:38:7d:6e:a3:
46:d7:66:97:45:71:78:3b:d5:f3:ed:7f:86:5d:39:
a0:01:22:73:76:a2:60:39:82:11:1b:e3:c9:9a:87:
c4:51:66:eb:e8:51:45:fc:fd:06:8d:39:6f:ec:f6:
3c:47:1d:19:9d:48:55:30:e5:6d:35:cf:2d:e7:82:
0c:a1:f9:e4:88:1c:84:04:0b:32:af:c3:f6:fc:76:
15:50:bc:71:09:78:92:7b:d4:24:07:17:c9:da:72:
86:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:84:71:77:5F:A0:B4:AD:2A:A2:46:EA:76:F5:CE:1B:05:5B:6D:DB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BYRxd1-gtK0qokbqdvXOGwVbbds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.21.0/24
194.87.26.0/23
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.133.0-194.87.135.255
194.87.151.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.36.0/24
195.58.53.0-195.58.54.255
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:b2:d6:20:e1:39:35:55:0b:49:52:be:8a:22:d1:e8:b4:66:
ba:dd:a6:34:46:ab:fb:14:8b:ae:fb:cb:5d:ed:fa:38:33:24:
3f:66:58:b4:87:b5:23:60:79:31:f0:2f:ec:e3:cb:a3:2d:60:
7d:4a:d3:f0:cb:d9:79:62:25:14:fd:0d:19:0d:34:e5:e3:a5:
fc:97:39:f0:33:be:0a:21:72:a9:16:92:66:6a:ee:d0:46:de:
00:25:ce:9b:b2:28:c9:92:f1:5e:85:76:13:82:61:8f:1c:bf:
e0:62:82:da:6b:ed:33:cb:31:e0:4d:90:04:a3:4a:ab:8b:98:
6b:65:f4:d1:97:c2:8d:e9:29:c5:38:b2:e1:4c:3d:fd:72:29:
ed:aa:a3:89:77:6b:99:79:c4:1f:0c:31:de:c4:68:35:40:b6:
4e:3d:77:5f:a8:2e:3e:d7:8f:f6:9e:6f:fa:fb:72:51:3f:ff:
09:76:04:da:d7:1f:ab:a2:46:03:b9:fe:3f:b7:0d:6b:c1:92:
c6:40:d8:89:22:0a:0f:b3:3d:f2:c1:16:31:62:a0:04:13:19:
62:b0:fb:be:fb:e2:25:6a:98:f4:cd:97:0c:37:06:d4:5c:bc:
a0:55:f6:99:e6:45:0b:dd:05:56:db:7f:c1:c9:e2:68:f0:56:
5d:28:72:c6
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAYqKT1gm/9mDl5dIoQInsnwcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTEyMTY1MjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTg0NzE3NzVmYTBiNGFkMmFhMjQ2ZWE3NmY1Y2UxYjA1NWI2ZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn19mQkilCFUeCZtEE3OUyeTzP010
Z+gFlJ5Xs9kxS16E+VzPbVASMJMPwrYiVWyenR+vqEsZHqGfqJ4GZuapscbem4AL
m5LA2CYOuThoop+bn/qeJ2kUeEWvOBJlM3ldpZsvm79lYXg0CLdl3NeQVsZctDgP
7+i27ftnZ5pyXklw0gVPyykYjorgOabjMfvm+XcZeUSelfsqXKLZI1kb2jh9bqNG
12aXRXF4O9Xz7X+GXTmgASJzdqJgOYIRG+PJmofEUWbr6FFF/P0GjTlv7PY8Rx0Z
nUhVMOVtNc8t54IMofnkiByEBAsyr8P2/HYVULxxCXiSe9QkBxfJ2nKGQwIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFAWEcXdfoLStKqJG6nb1zhsFW23bMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQllSeGQxLWd0SzBxb2ticWR2WE9Hd1ZiYmRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCCAQoEAgABMIIB
AgMEAMB8sgMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6LwMEAMI6
mgMEAMJXATAMAwQAwlcLAwQAwlcMAwQAwlcVAwQBwlcaAwQAwlcoAwQAwlc4AwQA
wldJAwQAwldTAwQAwldsAwQBwldyAwQAwld6AwQAwld8AwQBwleCMAwDBADCV4UD
BAPCV4ADBADCV5cDBADCV6gDBADCV7MDBADCV7sDBADCV74DBADCV8gDBADCV94D
BADDOiQwDAMEAMM6NQMEAMM6NgMEAcM6OgMEAcM6PgMEAMOFAAMEAcOFBgMEAMOF
HgMEAcOFKAMEAMOFSQMEAcOFVDANBgkqhkiG9w0BAQsFAAOCAQEAbrLWIOE5NVUL
SVK+iiLR6LRmut2mNEar+xSLrvvLXe36ODMkP2ZYtIe1I2B5MfAv7OPLoy1gfUrT
8MvZeWIlFP0NGQ005eOl/Jc58DO+CiFyqRaSZmru0EbeACXOm7IoyZLxXoV2E4Jh
jxy/4GKC2mvtM8sx4E2QBKNKq4uYa2X00ZfCjekpxTiy4Uw9/XIp7aqjiXdrmXnE
Hwwx3sRoNUC2Tj13X6guPteP9p5v+vtyUT//CXYE2tcfq6JGA7n+P7cNa8GSxkDY
iSIKD7M98sEWMWKgBBMZYrD7vvviJWqY9M2XDDcG1Fy8oFX2meZFC90FVtt/wcni
aPBWXShyxg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:08 2024 by rpki-client on console-fra.rpki-client.org