Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bGRp_WFGVPYiD2cSfrq750PInJs.roa
File: bGRp_WFGVPYiD2cSfrq750PInJs.roa (raw, json)
Hash identifier: BHa11mhAXbDwDz9DBWsAcwkNxHEfCT8dLUEh9Yx+Qwk=
Subject key identifier: 6C:64:69:FD:61:46:54:F6:22:0F:67:12:7E:BA:BB:E7:43:C8:9C:9B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F671AD5E0985C25D07C8E4E07F4CC14
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bGRp_WFGVPYiD2cSfrq750PInJs.roa
Signing time: Sun 01 Jan 2023 22:15:06 +0000
ROA not before: Sun 01 Jan 2023 22:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 212.193.31.0/24 maxlen: 24
193.124.227.0/24 maxlen: 24
212.193.28.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
212.192.4.0/24 maxlen: 24
195.133.13.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
212.192.240.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
195.133.40.0/22 maxlen: 24
195.133.39.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jan 2023 06:59:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:1a:d5:e0:98:5c:25:d0:7c:8e:4e:07:f4:cc:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c6469fd614654f6220f67127ebabbe743c89c9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a4:c8:b7:53:9f:70:d3:68:21:48:03:d0:2b:
46:26:41:de:11:49:58:9f:e9:ce:fc:fa:19:db:5e:
5a:07:8f:5d:eb:af:1a:db:6c:db:b2:b7:68:c7:33:
38:9c:81:23:58:58:73:bb:06:ee:3c:39:98:cd:d5:
ee:dd:02:4c:7e:ba:56:87:b8:ed:2e:e8:c7:36:e0:
1c:5f:24:a6:43:a6:05:7b:da:fb:90:f8:61:b3:d2:
42:a3:51:82:bf:96:2c:3c:49:77:fb:36:dd:5c:4e:
e0:e9:ca:e2:b2:07:da:3a:bd:31:41:25:c4:34:93:
87:06:7a:f8:c1:88:ec:5d:6c:ed:63:04:e7:a4:8f:
20:1f:46:c2:8d:a4:4e:57:ee:23:90:e0:5c:a0:38:
40:08:11:df:5c:e0:45:38:d8:dc:2b:0f:0a:26:ff:
9f:82:a8:6d:1f:9d:b5:38:ff:62:8f:72:90:cb:06:
67:f1:29:e2:30:09:b4:29:73:29:5f:d1:12:2a:d8:
cb:d4:ba:7b:2c:3c:fb:e0:11:ac:38:2f:9a:5f:8c:
91:a6:c3:da:d5:4d:6b:7c:55:b9:5e:d4:28:e1:62:
cc:2b:fc:64:c7:4f:9b:1b:de:42:72:35:19:ec:4e:
c1:93:eb:9a:21:40:76:c7:10:0c:e4:d5:50:43:bc:
96:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:64:69:FD:61:46:54:F6:22:0F:67:12:7E:BA:BB:E7:43:C8:9C:9B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bGRp_WFGVPYiD2cSfrq750PInJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.182.0/24
192.124.188.0/24
193.124.41.0/24
193.124.227.0/24
194.85.249.0/24
194.85.251.0/24
194.87.187.0/24
195.58.59.0/24
195.133.13.0-195.133.14.255
195.133.37.0/24
195.133.39.0-195.133.43.255
212.192.4.0/24
212.192.240.0/24
212.193.28.0/24
212.193.31.0/24
Signature Algorithm: sha256WithRSAEncryption
37:5b:46:1d:08:05:6d:7f:87:23:f6:be:03:92:25:e6:c2:40:
9c:26:63:26:ec:fe:32:8a:38:b2:53:e9:54:ae:e3:58:82:7e:
a7:9f:6a:ec:79:01:df:b4:0d:1b:39:aa:fb:41:e3:1d:5f:ef:
de:01:79:85:88:60:8f:cd:c3:2a:96:44:5e:1f:f6:2e:4b:3c:
55:c3:cb:f1:64:df:7b:80:86:32:08:91:18:68:cc:db:f4:f3:
60:19:8d:bf:d9:82:49:90:45:11:4c:18:1f:0a:38:01:21:85:
ac:ab:e5:9d:e6:53:1e:ef:f2:9d:2a:ba:35:6d:21:be:e3:4b:
b2:c9:c9:c0:3c:fc:57:09:00:c5:fd:81:2d:92:06:35:d6:38:
ac:e4:08:9d:65:4c:35:62:90:61:cf:e5:dc:49:09:98:29:11:
dc:d0:e3:e4:62:ac:93:37:27:4c:f9:05:a1:8a:72:42:84:c4:
cb:2e:bf:35:19:4f:1a:72:1b:4f:cc:33:1e:15:c9:68:cb:f0:
d7:8b:f1:33:e1:e3:28:22:78:bc:6c:25:da:3d:d4:c8:d6:1d:
df:88:8f:b5:c5:56:76:40:c4:fa:36:f2:9c:e7:a3:34:2c:c0:
2c:97:1a:0e:d3:3e:35:bd:82:8c:2d:8e:5c:bd:11:33:e6:4e:
55:d9:1e:75
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYVvZxrV4JhcJdB8jk4H9MwUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzY0NjlmZDYxNDY1NGY2MjIwZjY3MTI3ZWJhYmJlNzQzYzg5YzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKTIt1OfcNNoIUgD0CtGJkHeEUlY
n+nO/PoZ215aB49d668a22zbsrdoxzM4nIEjWFhzuwbuPDmYzdXu3QJMfrpWh7jt
LujHNuAcXySmQ6YFe9r7kPhhs9JCo1GCv5YsPEl3+zbdXE7g6crisgfaOr0xQSXE
NJOHBnr4wYjsXWztYwTnpI8gH0bCjaROV+4jkOBcoDhACBHfXOBFONjcKw8KJv+f
gqhtH521OP9ij3KQywZn8SniMAm0KXMpX9ESKtjL1Lp7LDz74BGsOC+aX4yRpsPa
1U1rfFW5XtQo4WLMK/xkx0+bG95CcjUZ7E7Bk+uaIUB2xxAM5NVQQ7yWUQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFGxkaf1hRlT2Ig9nEn66u+dDyJybMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYkdScF9XRkdWUFlpRDJjU2ZycTc1MFBJbkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAMB8tgME
AMB8vAMEAMF8KQMEAMF84wMEAMJV+QMEAMJV+wMEAMJXuwMEAMM6OzAMAwQAw4UN
AwQAw4UOAwQAw4UlMAwDBADDhScDBALDhSgDBADUwAQDBADUwPADBADUwRwDBADU
wR8wDQYJKoZIhvcNAQELBQADggEBADdbRh0IBW1/hyP2vgOSJebCQJwmYybs/jKK
OLJT6VSu41iCfqefaux5Ad+0DRs5qvtB4x1f794BeYWIYI/NwyqWRF4f9i5LPFXD
y/Fk33uAhjIIkRhozNv082AZjb/ZgkmQRRFMGB8KOAEhhayr5Z3mUx7v8p0qujVt
Ib7jS7LJycA8/FcJAMX9gS2SBjXWOKzkCJ1lTDVikGHP5dxJCZgpEdzQ4+RirJM3
J0z5BaGKckKExMsuvzUZTxpyG0/MMx4VyWjL8NeL8TPh4ygieLxsJdo91MjWHd+I
j7XFVnZAxPo28pznozQswCyXGg7TPjW9gowtjly9ETPmTlXZHnU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:21 2024 by rpki-client on console-fra.rpki-client.org