Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/bkmq_pTYn0tGixLFSOH12N2VMq8.roa
File: bkmq_pTYn0tGixLFSOH12N2VMq8.roa (raw, json)
Hash identifier: foz5pTJb8h3kciDw1cdz2ndndZxdEAL5PUhGAcBtobQ=
Subject key identifier: 6E:49:AA:FE:94:D8:9F:4B:46:8B:12:C5:48:E1:F5:D8:DD:95:32:AF
Certificate issuer: /CN=8e626c909eb4951154bcee8221e43951b4257624
Certificate serial: 018CC9BC3B43DA6F51604CE8492BD961D1F9
Authority key identifier: 8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/bkmq_pTYn0tGixLFSOH12N2VMq8.roa
Signing time: Tue 02 Jan 2024 10:33:25 +0000
ROA not before: Tue 02 Jan 2024 10:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51088
IP address blocks: 77.246.245.0/24 maxlen: 24
178.249.152.0/21 maxlen: 21
146.19.97.0/24 maxlen: 24
31.134.200.0/21 maxlen: 21
212.24.126.0/24 maxlen: 24
46.244.96.0/19 maxlen: 19
46.244.0.0/19 maxlen: 19
5.10.192.0/24 maxlen: 24
185.51.52.0/23 maxlen: 23
62.3.55.0/24 maxlen: 24
31.41.255.0/24 maxlen: 24
185.205.52.0/22 maxlen: 22
2a13:800::/29 maxlen: 29
2a02:1668::/32 maxlen: 32
2a13:3400::/29 maxlen: 29
2a02:166b::/32 maxlen: 32
2a0f:ba00::/29 maxlen: 29
2a06:2602::/32 maxlen: 32
2a13:2c00::/29 maxlen: 29
2a0b:1c0::/29 maxlen: 29
2a05:2900::/29 maxlen: 29
2a0a:e80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 21 Mar 2024 10:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:3b:43:da:6f:51:60:4c:e8:49:2b:d9:61:d1:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e626c909eb4951154bcee8221e43951b4257624
Validity
Not Before: Jan 2 10:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e49aafe94d89f4b468b12c548e1f5d8dd9532af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9f:d8:37:10:f0:b7:cf:43:de:bb:12:99:8d:
e4:33:c4:76:e4:90:d3:d6:4a:32:2c:71:2d:2b:10:
aa:95:e1:b6:f4:89:8d:1a:ac:96:95:06:87:8b:5c:
97:75:e7:0a:85:6f:cc:80:61:8f:dc:e0:a4:43:9c:
29:d5:7d:01:5e:ae:98:63:fd:d0:21:91:6c:af:20:
44:09:5f:b1:7f:29:2c:d9:41:84:7f:d5:26:63:f2:
f1:40:e4:26:00:d0:88:08:4c:f3:0b:98:09:b8:da:
9f:62:a3:5b:6b:69:f8:d6:64:af:c1:1c:2c:63:a1:
aa:43:e7:44:86:fd:5e:48:43:e4:a3:90:0e:f0:a3:
8e:82:16:bb:eb:34:f5:04:72:b5:fa:bb:e2:0e:25:
94:29:31:5e:49:a3:fa:20:13:c0:53:28:b0:56:db:
5e:39:56:85:b9:33:e4:b5:2d:aa:27:83:18:04:a2:
57:fe:5d:78:1f:54:0a:b4:86:8d:25:43:2a:c9:1e:
35:0a:1f:96:ce:a7:44:44:fb:1f:91:6b:b1:6c:5b:
1d:d5:bb:9a:35:31:d3:05:15:a9:1f:61:ab:5e:e1:
da:6e:c3:6d:09:fe:11:f4:c1:bb:69:06:cb:06:48:
2d:8d:e8:8b:4c:60:cb:1c:0b:55:39:4f:72:da:ad:
1c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:49:AA:FE:94:D8:9F:4B:46:8B:12:C5:48:E1:F5:D8:DD:95:32:AF
X509v3 Authority Key Identifier:
keyid:8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/bkmq_pTYn0tGixLFSOH12N2VMq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.192.0/24
31.41.255.0/24
31.134.200.0/21
46.244.0.0/19
46.244.96.0/19
62.3.55.0/24
77.246.245.0/24
146.19.97.0/24
178.249.152.0/21
185.51.52.0/23
185.205.52.0/22
212.24.126.0/24
IPv6:
2a02:1668::/32
2a02:166b::/32
2a05:2900::/29
2a06:2602::/32
2a0a:e80::/29
2a0b:1c0::/29
2a0f:ba00::/29
2a13:800::/29
2a13:2c00::/29
2a13:3400::/29
Signature Algorithm: sha256WithRSAEncryption
79:a4:b2:23:c5:36:e4:75:3a:d2:e4:88:8d:50:d9:ea:3f:40:
2a:ca:bf:39:f0:ef:af:a4:81:c8:0d:e8:fc:e9:f9:8b:0c:2a:
f4:c4:e3:83:05:ba:48:00:ec:cd:82:95:df:c5:d0:67:aa:16:
37:99:d4:9e:a8:65:3f:1c:e1:14:c0:da:b6:3e:1f:96:89:63:
15:a7:18:49:38:f0:b8:4f:bf:d4:2d:06:ee:43:86:4f:bc:34:
58:5a:2b:a3:fe:64:fb:22:39:5b:8c:1c:62:8e:89:09:51:e8:
3f:a1:3f:75:3b:7b:92:a8:93:ec:3c:db:89:52:2a:20:63:0d:
27:d8:b2:87:f8:a4:2a:b9:21:0a:50:92:0f:0d:8e:bc:e0:ee:
cd:f1:c2:52:80:12:6f:50:07:7d:a4:b6:b9:2b:43:b8:07:e0:
81:d8:c1:18:82:fa:31:1f:24:a4:2a:e2:46:27:fa:d3:3f:ce:
0c:bd:e4:e3:e5:5a:77:d6:0a:85:d0:aa:74:b8:52:73:2f:5d:
16:a1:37:93:62:40:b5:30:4b:68:14:6f:5d:f6:62:d3:26:e1:
7a:54:be:8b:69:a0:3d:74:63:23:f7:35:37:fe:b5:8a:1a:64:
71:7f:4c:bc:60:5f:a5:08:6e:d9:b0:6d:cf:cd:53:e3:59:f4:
9f:cd:fc:2f
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYzJvDtD2m9RYEzoSSvZYdH5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjI2YzkwOWViNDk1MTE1NGJjZWU4MjIxZTQzOTUxYjQy
NTc2MjQwHhcNMjQwMTAyMTAzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQ5YWFmZTk0ZDg5ZjRiNDY4YjEyYzU0OGUxZjVkOGRkOTUzMmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp/YNxDwt89D3rsSmY3kM8R25JDT
1koyLHEtKxCqleG29ImNGqyWlQaHi1yXdecKhW/MgGGP3OCkQ5wp1X0BXq6YY/3Q
IZFsryBECV+xfyks2UGEf9UmY/LxQOQmANCICEzzC5gJuNqfYqNba2n41mSvwRws
Y6GqQ+dEhv1eSEPko5AO8KOOgha76zT1BHK1+rviDiWUKTFeSaP6IBPAUyiwVtte
OVaFuTPktS2qJ4MYBKJX/l14H1QKtIaNJUMqyR41Ch+WzqdERPsfkWuxbFsd1bua
NTHTBRWpH2GrXuHabsNtCf4R9MG7aQbLBkgtjeiLTGDLHAtVOU9y2q0c3wIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFG5Jqv6U2J9LRosSxUjh9djdlTKvMB8GA1UdIwQY
MBaAFI5ibJCetJURVLzugiHkOVG0JXYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAt
ZTk3ZDFkMDIyMGFmLzEvYmttcV9wVFluMHRHaXhMRlNPSDEyTjJWTXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAtZTk3ZDFkMDIyMGFm
LzEvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjBOBAIAATBIAwQABQrA
AwQAHyn/AwQDH4bIAwQFLvQAAwQFLvRgAwQAPgM3AwQATfb1AwQAkhNhAwQDsvmY
AwQBuTM0AwQCuc00AwQA1Bh+MEwEAgACMEYDBQAqAhZoAwUAKgIWawMFAyoFKQAD
BQAqBiYCAwUDKgoOgAMFAyoLAcADBQMqD7oAAwUDKhMIAAMFAyoTLAADBQMqEzQA
MA0GCSqGSIb3DQEBCwUAA4IBAQB5pLIjxTbkdTrS5IiNUNnqP0Aqyr858O+vpIHI
Dej86fmLDCr0xOODBbpIAOzNgpXfxdBnqhY3mdSeqGU/HOEUwNq2Ph+WiWMVpxhJ
OPC4T7/ULQbuQ4ZPvDRYWiuj/mT7IjlbjBxijokJUeg/oT91O3uSqJPsPNuJUiog
Yw0n2LKH+KQquSEKUJIPDY684O7N8cJSgBJvUAd9pLa5K0O4B+CB2MEYgvoxHySk
KuJGJ/rTP84MveTj5Vp31gqF0Kp0uFJzL10WoTeTYkC1MEtoFG9d9mLTJuF6VL6L
aaA9dGMj9zU3/rWKGmRxf0y8YF+lCG7ZsG3PzVPjWfSfzfwv
-----END CERTIFICATE-----
Generated at Thu Mar 21 13:06:03 2024 by rpki-client on console-ams.rpki-client.org