Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bvFblzORoDVeBoKyibYOH4HYTUo.roa
File: bvFblzORoDVeBoKyibYOH4HYTUo.roa (raw, json)
Hash identifier: qAYmaUrjhtVh5G0gYZTBkZUbPog1Aq5fH3BLYKwzebw=
Subject key identifier: 6E:F1:5B:97:33:91:A0:35:5E:06:82:B2:89:B6:0E:1F:81:D8:4D:4A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A96AF572BF9E4CC7B41DB383D86A4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bvFblzORoDVeBoKyibYOH4HYTUo.roa
Signing time: Tue 02 Jan 2024 12:33:57 +0000
ROA not before: Tue 02 Jan 2024 12:33:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398343
IP address blocks: 194.135.104.0/24 maxlen: 24
193.124.15.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
193.124.24.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.29.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 26 Jan 2024 13:27:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:96:af:57:2b:f9:e4:cc:7b:41:db:38:3d:86:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ef15b973391a0355e0682b289b60e1f81d84d4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:37:23:9b:ae:6c:8d:d2:9b:b2:a7:e1:5b:6e:
f2:95:73:bd:b9:b6:69:cc:69:67:f3:c6:02:79:23:
4f:0d:60:f1:08:2b:4f:1e:60:0c:fb:20:92:99:08:
ae:d3:f4:25:66:27:c6:50:f1:41:f8:38:e6:87:ed:
7a:cf:1f:9d:78:38:b7:b1:d6:0a:e7:f9:7e:c3:bc:
df:25:46:d7:c1:f5:4b:99:9d:8e:07:c9:b1:8a:64:
8e:b3:f0:90:fb:a2:c3:a2:be:ac:6c:34:22:c4:ed:
c7:1c:42:28:2a:c8:9e:6d:09:97:ee:87:fd:cd:4e:
c4:b2:b6:f8:fb:f4:14:ca:a1:ce:86:b2:ad:63:ed:
20:f8:51:2d:87:99:b1:d0:63:87:d7:46:ae:72:6c:
41:3b:cf:fa:a9:79:ed:8b:ba:0e:d3:95:92:d0:f9:
e3:70:cb:21:c8:bc:00:d5:d0:1c:7c:0c:5e:23:1f:
18:a8:c5:d2:e1:a0:fd:b4:dd:d7:4b:93:f9:e2:38:
87:4f:69:d8:bf:2d:f6:2c:0f:bd:14:ff:0e:0f:4f:
a1:08:d6:6f:d0:89:7f:81:e1:07:61:cf:56:6c:37:
72:b7:12:7c:66:4e:68:e3:e3:61:30:b1:3f:93:51:
4a:06:7f:ec:57:d0:86:1a:6f:8c:50:59:bc:29:71:
da:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F1:5B:97:33:91:A0:35:5E:06:82:B2:89:B6:0E:1F:81:D8:4D:4A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bvFblzORoDVeBoKyibYOH4HYTUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.15.0/24
193.124.24.0/24
194.58.223.0/24
194.87.29.0/24
194.87.123.0/24
194.135.104.0/24
195.133.26.0/23
195.133.30.0/24
195.133.83.0/24
Signature Algorithm: sha256WithRSAEncryption
22:99:4a:bf:c1:7a:a3:f7:95:e5:ce:8d:be:c1:e6:35:6b:2d:
6e:88:b1:95:3d:52:c8:dd:5b:73:36:34:eb:56:3f:fe:0f:e9:
70:a5:a8:37:74:51:98:e8:7a:3a:15:cc:b7:20:71:a6:6d:dd:
a6:5f:9b:c9:d3:c2:0a:2f:16:e2:fa:29:74:6a:ec:e7:3d:19:
13:ce:e1:cf:40:e5:34:94:ba:3b:43:6c:18:f9:ce:bb:92:7f:
e3:7e:2b:be:0e:70:1b:b2:b0:9d:4f:7b:5f:ec:73:c8:0b:3f:
69:ac:c2:d9:77:1b:98:53:14:f5:9b:23:be:d7:c9:cd:5b:c1:
5c:b8:5d:fc:b7:b9:ec:1a:d7:4e:9a:7f:9f:aa:46:de:e5:1e:
02:ac:b6:f1:0f:96:c9:1e:ee:86:87:37:0c:00:f0:39:c7:0c:
4d:a6:62:fe:71:2a:97:18:c8:47:6e:06:61:7d:3c:fb:c5:83:
48:b5:80:6d:91:1b:e9:93:87:c9:ee:67:86:41:b7:ed:10:ea:
68:5a:62:e5:d7:fe:0e:8b:d1:c8:61:12:41:42:d5:db:ce:e2:
38:60:9f:c3:8c:0e:74:91:3a:f3:60:d0:03:25:95:2d:93:4b:
50:6c:5e:6f:b8:90:19:64:79:9f:da:bc:7c:2c:e6:6e:72:de:
c6:28:56:b6
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzKKpavVyv55Mx7Qds4PYakMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWYxNWI5NzMzOTFhMDM1NWUwNjgyYjI4OWI2MGUxZjgxZDg0ZDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDcjm65sjdKbsqfhW27ylXO9ubZp
zGln88YCeSNPDWDxCCtPHmAM+yCSmQiu0/QlZifGUPFB+Djmh+16zx+deDi3sdYK
5/l+w7zfJUbXwfVLmZ2OB8mximSOs/CQ+6LDor6sbDQixO3HHEIoKsiebQmX7of9
zU7Esrb4+/QUyqHOhrKtY+0g+FEth5mx0GOH10aucmxBO8/6qXnti7oO05WS0Pnj
cMshyLwA1dAcfAxeIx8YqMXS4aD9tN3XS5P54jiHT2nYvy32LA+9FP8OD0+hCNZv
0Il/geEHYc9WbDdytxJ8Zk5o4+NhMLE/k1FKBn/sV9CGGm+MUFm8KXHaTwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFG7xW5czkaA1XgaCsom2Dh+B2E1KMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYnZGYmx6T1JvRFZlQm9LeWliWU9INEhZVFVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwXwPAwQA
wXwYAwQAwjrfAwQAwlcdAwQAwld7AwQAwodoAwQBw4UaAwQAw4UeAwQAw4VTMA0G
CSqGSIb3DQEBCwUAA4IBAQAimUq/wXqj95Xlzo2+weY1ay1uiLGVPVLI3VtzNjTr
Vj/+D+lwpag3dFGY6Ho6Fcy3IHGmbd2mX5vJ08IKLxbi+il0auznPRkTzuHPQOU0
lLo7Q2wY+c67kn/jfiu+DnAbsrCdT3tf7HPICz9prMLZdxuYUxT1myO+18nNW8Fc
uF38t7nsGtdOmn+fqkbe5R4CrLbxD5bJHu6GhzcMAPA5xwxNpmL+cSqXGMhHbgZh
fTz7xYNItYBtkRvpk4fJ7meGQbftEOpoWmLl1/4Oi9HIYRJBQtXbzuI4YJ/DjA50
kTrzYNADJZUtk0tQbF5vuJAZZHmf2rx8LOZuct7GKFa2
-----END CERTIFICATE-----
Generated at Fri Jan 26 18:48:38 2024 by rpki-client on console-ams.rpki-client.org