Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bfw5nQre_YHM2468VTV8_-ZGcTk.roa
File: bfw5nQre_YHM2468VTV8_-ZGcTk.roa (raw, json)
Hash identifier: LQSOYwyupoq1x47GvwhDPZZMztOIdwDttGAWdcP4I2g=
Subject key identifier: 6D:FC:39:9D:0A:DE:FD:81:CC:DB:8E:BC:55:35:7C:FF:E6:46:71:39
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01883A910E649182241F6B21DAA5C8AFBCDE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bfw5nQre_YHM2468VTV8_-ZGcTk.roa
Signing time: Sat 20 May 2023 19:09:24 +0000
ROA not before: Sat 20 May 2023 19:09:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 193.124.226.0/24 maxlen: 24
195.133.79.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
193.124.36.0/24 maxlen: 24
193.124.254.0/24 maxlen: 24
194.135.32.0/24 maxlen: 24
195.133.26.0/23 maxlen: 24
192.124.176.0/24 maxlen: 24
212.192.13.0/24 maxlen: 24
194.58.61.0/24 maxlen: 24
195.133.52.0/23 maxlen: 23
195.133.56.0/22 maxlen: 22
195.133.59.0/24 maxlen: 24
194.87.118.0/23 maxlen: 24
195.133.10.0/23 maxlen: 23
195.133.6.0/23 maxlen: 23
194.87.40.0/24 maxlen: 24
194.87.44.0/24 maxlen: 24
194.87.51.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
194.87.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 May 2023 11:41:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:3a:91:0e:64:91:82:24:1f:6b:21:da:a5:c8:af:bc:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 20 19:09:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6dfc399d0adefd81ccdb8ebc55357cffe6467139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:48:47:f4:0d:81:6b:05:e7:05:63:d6:25:3b:
df:ad:66:65:e8:c6:ac:7d:87:55:1a:b5:14:02:12:
38:6e:7c:b3:9f:0f:26:20:f4:d1:3e:f6:8c:db:ca:
8f:c9:d1:17:91:e3:b2:59:6f:d3:e2:75:8c:54:90:
f9:64:95:aa:20:60:a9:23:20:b1:08:e0:ca:4e:60:
07:51:0c:90:f8:66:e2:11:10:af:88:91:8f:ff:81:
d4:17:b7:84:3b:7c:72:05:d0:49:66:37:aa:02:cc:
3a:d6:60:5f:3b:b6:bf:94:7b:4c:2c:7d:3f:1e:f5:
a7:78:f7:cd:5a:43:ae:ef:2f:a2:d6:3c:15:b2:5d:
76:ca:d1:5c:8e:9c:91:1e:a1:80:d0:63:8d:b8:d0:
3a:1c:7d:24:21:3d:38:2b:c4:8d:15:58:f2:84:09:
fd:e1:35:c9:2d:47:99:36:3f:eb:36:9d:42:43:88:
e0:69:25:aa:b9:33:4c:4e:23:b2:06:ae:1d:12:ad:
3c:33:a6:a5:c2:03:4f:dd:d5:db:a5:0f:76:1e:40:
26:30:f5:6e:d7:95:61:eb:c9:4c:10:cb:76:6d:d8:
c7:33:98:cd:b1:09:d0:52:25:b4:79:a4:0d:e3:47:
6b:13:b6:d0:53:af:c0:12:37:3d:5e:91:69:7c:b1:
a2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:FC:39:9D:0A:DE:FD:81:CC:DB:8E:BC:55:35:7C:FF:E6:46:71:39
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bfw5nQre_YHM2468VTV8_-ZGcTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
192.124.176.0/24
193.124.36.0/24
193.124.226.0/24
193.124.254.0/24
194.58.61.0/24
194.87.6.0/24
194.87.40.0/24
194.87.44.0/24
194.87.51.0/24
194.87.67.0/24
194.87.118.0/23
194.87.221.0/24
194.87.227.0/24
194.135.32.0/24
195.133.6.0/23
195.133.10.0/23
195.133.26.0/23
195.133.52.0/23
195.133.56.0/22
195.133.79.0/24
212.192.13.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:be:cb:d8:3d:c3:42:97:93:eb:1b:cd:d4:98:80:11:94:af:
a5:e2:35:93:9c:df:49:1c:28:56:54:fe:ab:f6:e7:eb:1a:03:
e1:72:58:03:dc:03:27:be:96:d6:6d:73:85:4b:73:6e:e0:01:
e0:ff:1e:80:99:16:82:8f:2d:39:e3:48:0e:1a:b8:58:45:c1:
b9:c8:55:27:9e:3c:ce:69:6a:08:0c:7a:54:41:7b:56:4f:84:
8c:0c:95:20:de:06:21:06:72:6e:39:ea:e1:86:b1:8b:2f:0d:
ae:7c:2d:73:6d:a5:4a:b6:87:a0:37:f3:58:d6:e9:11:35:88:
6c:4c:60:ad:81:5b:c7:1e:85:c6:9f:29:cb:6a:af:68:67:5f:
71:ca:a3:5f:6b:e2:40:a3:dc:07:f5:da:de:2e:15:0e:6c:c0:
11:a4:a0:ba:6a:bb:85:06:13:80:8f:13:dc:8f:5d:f4:5c:1c:
6e:aa:a6:a5:f6:35:28:1a:75:a8:83:0b:f2:62:b0:cc:1b:d4:
7d:fb:9d:f1:df:e6:32:d6:92:9a:42:aa:d9:df:dc:3e:c7:36:
0e:84:7b:ab:6d:9b:79:86:33:6c:3e:3a:60:6f:76:a6:71:fb:
df:02:9f:67:a3:f9:03:cf:21:6d:98:38:ea:f3:d2:3d:19:8a:
94:3f:e0:03
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYg6kQ5kkYIkH2sh2qXIr7zeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTIwMTkwOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGZjMzk5ZDBhZGVmZDgxY2NkYjhlYmM1NTM1N2NmZmU2NDY3MTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEhH9A2BawXnBWPWJTvfrWZl6Mas
fYdVGrUUAhI4bnyznw8mIPTRPvaM28qPydEXkeOyWW/T4nWMVJD5ZJWqIGCpIyCx
CODKTmAHUQyQ+GbiERCviJGP/4HUF7eEO3xyBdBJZjeqAsw61mBfO7a/lHtMLH0/
HvWnePfNWkOu7y+i1jwVsl12ytFcjpyRHqGA0GONuNA6HH0kIT04K8SNFVjyhAn9
4TXJLUeZNj/rNp1CQ4jgaSWquTNMTiOyBq4dEq08M6alwgNP3dXbpQ92HkAmMPVu
15Vh68lMEMt2bdjHM5jNsQnQUiW0eaQN40drE7bQU6/AEjc9XpFpfLGihQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFG38OZ0K3v2BzNuOvFU1fP/mRnE5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYmZ3NW5RcmVfWUhNMjQ2OFZUVjhfLVpHY1RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAC5
SAoDBADAfLADBADBfCQDBADBfOIDBADBfP4DBADCOj0DBADCVwYDBADCVygDBADC
VywDBADCVzMDBADCV0MDBAHCV3YDBADCV90DBADCV+MDBADChyADBAHDhQYDBAHD
hQoDBAHDhRoDBAHDhTQDBALDhTgDBADDhU8DBADUwA0wDQYJKoZIhvcNAQELBQAD
ggEBAEq+y9g9w0KXk+sbzdSYgBGUr6XiNZOc30kcKFZU/qv25+saA+FyWAPcAye+
ltZtc4VLc27gAeD/HoCZFoKPLTnjSA4auFhFwbnIVSeePM5paggMelRBe1ZPhIwM
lSDeBiEGcm456uGGsYsvDa58LXNtpUq2h6A381jW6RE1iGxMYK2BW8cehcafKctq
r2hnX3HKo19r4kCj3Af12t4uFQ5swBGkoLpqu4UGE4CPE9yPXfRcHG6qpqX2NSga
daiDC/JisMwb1H37nfHf5jLWkppCqtnf3D7HNg6Ee6ttm3mGM2w+OmBvdqZx+98C
n2ej+QPPIW2YOOrz0j0ZipQ/4AM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:21 2024 by rpki-client on console-fra.rpki-client.org