Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BGMLhofSs3yiNab7oJLaHoMsZRM.roa
File: BGMLhofSs3yiNab7oJLaHoMsZRM.roa (raw, json)
Hash identifier: OLXf+mm6tdLfzi4cFiQ+qpjHDna9E+BCbQWHeGkOu8s=
Subject key identifier: 04:63:0B:86:87:D2:B3:7C:A2:35:A6:FB:A0:92:DA:1E:83:2C:65:13
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C1A152120FA85FA79AE5684AB3F5CE8BF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BGMLhofSs3yiNab7oJLaHoMsZRM.roa
Signing time: Wed 29 Nov 2023 07:57:21 +0000
ROA not before: Wed 29 Nov 2023 07:57:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34577
IP address blocks: 93.123.40.0/21 maxlen: 21
87.120.178.0/23 maxlen: 23
87.120.180.0/22 maxlen: 22
87.120.184.0/22 maxlen: 22
93.123.67.0/24 maxlen: 24
212.73.149.0/24 maxlen: 24
93.123.66.0/24 maxlen: 24
87.120.190.0/23 maxlen: 23
87.121.88.0/23 maxlen: 23
87.120.45.119/32 maxlen: 32
94.156.112.0/20 maxlen: 20
94.156.123.0/24 maxlen: 24
37.60.141.0/24 maxlen: 24
87.121.48.0/22 maxlen: 22
87.120.0.0/22 maxlen: 22
93.123.96.0/22 maxlen: 22
87.120.12.0/24 maxlen: 24
87.120.14.0/23 maxlen: 23
87.120.44.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1a:15:21:20:fa:85:fa:79:ae:56:84:ab:3f:5c:e8:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 29 07:57:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04630b8687d2b37ca235a6fba092da1e832c6513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:02:2b:1e:65:10:91:55:b0:a8:18:1c:b7:a3:
a2:44:1c:98:63:21:83:86:37:82:35:9b:f0:89:20:
52:2f:bb:6b:5e:56:24:7e:97:b0:f6:ec:68:91:e1:
8a:8f:dd:a3:db:a7:e1:b4:03:5e:31:33:21:aa:87:
92:b1:df:48:75:95:52:9a:10:69:72:95:2f:0c:e8:
9e:45:2c:8c:70:0d:a6:78:14:e0:2c:2e:34:72:31:
89:4c:fb:43:34:5a:43:dc:c6:5e:64:bf:3f:54:cb:
91:e3:d8:aa:be:fe:c3:69:28:06:65:22:43:d6:f9:
9d:ad:c5:ec:79:6e:2b:47:3b:7b:93:eb:b7:6a:4c:
ad:65:4e:ad:c8:4b:b2:d0:6d:dd:19:46:1f:f9:29:
f6:dd:d6:08:ee:da:cb:bc:46:67:89:1e:ed:c1:53:
1e:9b:eb:59:7f:a7:ea:c5:27:f8:58:1f:b1:0a:b1:
e6:f9:28:0b:33:5e:46:73:76:fd:bf:32:33:2e:dc:
ca:e8:15:63:aa:28:6e:39:df:76:7a:c1:db:0f:e4:
81:a0:0e:4d:9f:18:19:2c:03:23:2c:5e:c1:24:4f:
f9:80:10:1b:21:30:41:8f:ab:e9:bb:95:0f:d4:6f:
df:ea:14:f3:32:9f:c3:d2:09:6f:86:ef:39:9b:91:
8c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:63:0B:86:87:D2:B3:7C:A2:35:A6:FB:A0:92:DA:1E:83:2C:65:13
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BGMLhofSs3yiNab7oJLaHoMsZRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.141.0/24
87.120.0.0/22
87.120.12.0/24
87.120.14.0/23
87.120.44.0/23
87.120.178.0-87.120.187.255
87.120.190.0/23
87.121.48.0/22
87.121.88.0/23
93.123.40.0/21
93.123.66.0/23
93.123.96.0/22
94.156.112.0/20
212.73.149.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:f2:ec:74:fb:3f:88:7a:4a:7d:8e:86:06:92:cc:de:50:d5:
5e:ed:ae:04:9a:32:54:f4:03:61:01:e3:dd:64:7b:9d:16:7f:
cb:56:48:44:c4:18:9a:64:c5:68:ed:e5:57:c6:f0:47:fb:9e:
30:f6:ee:50:5b:98:88:b0:ab:0d:3f:df:24:43:a6:ac:cf:54:
9c:c3:57:e6:e9:5b:91:9f:64:f1:fa:45:83:5a:c1:13:d5:b9:
52:df:c2:a2:47:36:f3:78:e6:51:22:c6:f5:f1:2b:bb:c6:48:
7f:03:d6:92:d5:7a:45:57:1a:e1:c2:91:05:1f:c6:47:0d:f0:
21:c6:12:e0:f9:64:ad:d9:19:5b:fa:6c:65:f9:60:6c:2d:f3:
f2:e0:c1:84:5d:f7:21:e2:df:0d:e1:b1:57:31:b9:81:c5:12:
65:5c:8a:71:f3:9b:df:bc:fd:46:0f:e6:c2:21:f0:77:40:f4:
8a:af:b3:82:81:06:8e:40:b4:36:f5:89:be:d0:71:4f:52:cb:
e3:b6:42:21:89:51:bd:ad:67:fb:83:88:6d:35:02:ea:22:5e:
c8:fd:72:4c:c1:cd:e4:d7:b8:56:13:42:eb:1c:6c:41:5e:d5:
16:42:b4:75:e9:e4:e8:0d:0d:6a:45:2a:1c:44:1b:eb:5c:f9:
32:fe:e6:e2
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYwaFSEg+oX6ea5WhKs/XOi/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTI5MDc1NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDYzMGI4Njg3ZDJiMzdjYTIzNWE2ZmJhMDkyZGExZTgzMmM2NTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgIrHmUQkVWwqBgct6OiRByYYyGD
hjeCNZvwiSBSL7trXlYkfpew9uxokeGKj92j26fhtANeMTMhqoeSsd9IdZVSmhBp
cpUvDOieRSyMcA2meBTgLC40cjGJTPtDNFpD3MZeZL8/VMuR49iqvv7DaSgGZSJD
1vmdrcXseW4rRzt7k+u3akytZU6tyEuy0G3dGUYf+Sn23dYI7trLvEZniR7twVMe
m+tZf6fqxSf4WB+xCrHm+SgLM15Gc3b9vzIzLtzK6BVjqihuOd92esHbD+SBoA5N
nxgZLAMjLF7BJE/5gBAbITBBj6vpu5UP1G/f6hTzMp/D0glvhu85m5GMFQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFARjC4aH0rN8ojWm+6CS2h6DLGUTMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQkdNTGhvZlNzM3lpTmFiN29KTGFIb01zWlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAJTyNAwQC
V3gAAwQAV3gMAwQBV3gOAwQBV3gsMAwDBAFXeLIDBAJXeLgDBAFXeL4DBAJXeTAD
BAFXeVgDBANdeygDBAFde0IDBAJde2ADBARenHADBADUSZUwDQYJKoZIhvcNAQEL
BQADggEBAJ7y7HT7P4h6Sn2OhgaSzN5Q1V7trgSaMlT0A2EB491ke50Wf8tWSETE
GJpkxWjt5VfG8Ef7njD27lBbmIiwqw0/3yRDpqzPVJzDV+bpW5GfZPH6RYNawRPV
uVLfwqJHNvN45lEixvXxK7vGSH8D1pLVekVXGuHCkQUfxkcN8CHGEuD5ZK3ZGVv6
bGX5YGwt8/LgwYRd9yHi3w3hsVcxuYHFEmVcinHzm9+8/UYP5sIh8HdA9Iqvs4KB
Bo5AtDb1ib7QcU9Sy+O2QiGJUb2tZ/uDiG01AuoiXsj9ckzBzeTXuFYTQuscbEFe
1RZCtHXp5OgNDWpFKhxEG+tc+TL+5uI=
-----END CERTIFICATE-----
Generated at Wed Nov 29 09:35:40 2023 by rpki-client on console-ams.rpki-client.org