Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/BIkM1ekYr_vHRgK259htbwB2i0c.roa
File: BIkM1ekYr_vHRgK259htbwB2i0c.roa (raw, json)
Hash identifier: r4ilHG0LUADlJhePIWbK31ym2oTd59hU5i2TFRi/uV8=
Subject key identifier: 04:89:0C:D5:E9:18:AF:FB:C7:46:02:B6:E7:D8:6D:6F:00:76:8B:47
Certificate issuer: /CN=588cabf6f523f26e267db03b524347841aaaa465
Certificate serial: 018CC7267EF27C26C5DA75351EB1D9D42F75
Authority key identifier: 58:8C:AB:F6:F5:23:F2:6E:26:7D:B0:3B:52:43:47:84:1A:AA:A4:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIyr9vUj8m4mfbA7UkNHhBqqpGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/BIkM1ekYr_vHRgK259htbwB2i0c.roa
Signing time: Mon 01 Jan 2024 22:30:38 +0000
ROA not before: Mon 01 Jan 2024 22:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48635
IP address blocks: 94.126.32.0/22 maxlen: 24
62.221.192.0/19 maxlen: 24
185.87.248.0/22 maxlen: 24
86.109.16.0/22 maxlen: 24
185.21.242.0/24 maxlen: 24
2001:1460::/32 maxlen: 48
2a05:c4c0::/29 maxlen: 48
2a04:1cc0::/29 maxlen: 48
2a0d:7980::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 May 2024 13:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:7e:f2:7c:26:c5:da:75:35:1e:b1:d9:d4:2f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=588cabf6f523f26e267db03b524347841aaaa465
Validity
Not Before: Jan 1 22:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04890cd5e918affbc74602b6e7d86d6f00768b47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:de:18:f7:16:e7:e1:b2:fe:f8:64:33:b8:f0:
af:ba:da:d0:63:ae:30:8d:fd:e9:c5:ae:6c:56:11:
f7:d2:fb:d4:4e:da:c6:02:8c:c6:2c:79:92:1e:72:
9c:bf:59:77:ac:98:f0:9f:26:c6:e4:de:c6:36:ad:
5f:d7:40:1a:4a:a4:5c:16:2d:e6:53:6d:b4:e9:8b:
3e:92:cc:a5:77:ab:29:90:2d:f7:fd:20:cd:6b:0a:
83:4a:79:b8:e0:59:b8:7a:78:1f:3b:4e:53:7a:c4:
77:4e:61:98:c8:9f:aa:7d:ec:19:16:26:ef:fe:16:
ad:09:8c:55:a2:91:c4:60:8b:00:98:fa:b5:15:54:
93:20:57:b7:e5:5c:99:d7:8b:c3:5e:3f:7e:29:8d:
a0:65:ff:48:ee:a1:25:db:c3:38:57:bb:24:2e:73:
88:19:19:0d:4c:26:6f:89:6e:0e:ba:c3:b7:09:7f:
57:87:dc:b2:b0:ff:e8:89:ec:e9:b7:2b:8d:ad:39:
15:8e:85:13:ec:cc:97:bf:86:07:db:45:73:3a:29:
7d:3c:80:3c:10:e1:e8:cc:06:9e:71:17:c3:0c:ad:
2a:14:42:23:be:57:2b:3b:87:b9:ac:c9:02:da:85:
2c:26:97:3f:f0:d1:9d:63:0a:18:e7:92:14:a6:5b:
e0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:89:0C:D5:E9:18:AF:FB:C7:46:02:B6:E7:D8:6D:6F:00:76:8B:47
X509v3 Authority Key Identifier:
keyid:58:8C:AB:F6:F5:23:F2:6E:26:7D:B0:3B:52:43:47:84:1A:AA:A4:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIyr9vUj8m4mfbA7UkNHhBqqpGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/BIkM1ekYr_vHRgK259htbwB2i0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/WIyr9vUj8m4mfbA7UkNHhBqqpGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.221.192.0/19
86.109.16.0/22
94.126.32.0/22
185.21.242.0/24
185.87.248.0/22
IPv6:
2001:1460::/32
2a04:1cc0::/29
2a05:c4c0::/29
2a0d:7980::/32
Signature Algorithm: sha256WithRSAEncryption
26:42:68:24:d6:90:a4:e7:dd:91:e5:55:00:d2:1a:2f:5d:1a:
d3:72:b1:de:24:0d:ed:23:4c:62:c9:18:ac:19:0a:c5:2c:e2:
69:e5:7b:1b:3f:14:d4:0f:64:12:ad:66:6a:f0:41:b5:40:f8:
c3:b9:7c:2f:04:ee:19:97:c4:c0:26:04:97:fd:d0:ed:f7:69:
56:82:50:7a:3d:64:76:73:d3:f1:95:fe:c4:41:9e:9e:b3:05:
20:9c:a6:86:96:11:8c:fd:74:3b:33:f6:8d:6d:33:35:4a:c0:
92:d8:1f:c5:a4:3e:c0:94:ab:6b:99:85:5a:f2:da:cb:50:e5:
91:cc:51:87:6e:88:7f:5f:be:0b:95:71:6d:bb:09:6c:76:7c:
f7:30:2b:17:09:d9:5a:0f:21:6d:c4:f8:c0:d0:04:a0:2f:71:
ac:4c:76:04:c0:d8:94:05:27:81:bc:27:2b:c7:2d:01:b0:51:
41:5e:91:07:c1:8b:2b:1e:23:33:d2:19:22:a7:a7:55:ec:ef:
bd:8b:f0:e8:81:59:71:ae:52:29:e6:af:4b:a9:50:1a:64:2d:
37:13:81:f6:dd:20:58:7b:ba:28:65:9b:18:84:d5:fa:5a:60:
5b:c7:c0:a0:9a:dc:e9:ec:cf:d9:00:1d:59:80:a0:53:5f:f3:
6c:c7:52:96
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYzHJn7yfCbF2nU1HrHZ1C91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4OGNhYmY2ZjUyM2YyNmUyNjdkYjAzYjUyNDM0Nzg0MWFh
YWE0NjUwHhcNMjQwMTAxMjIzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDg5MGNkNWU5MThhZmZiYzc0NjAyYjZlN2Q4NmQ2ZjAwNzY4YjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzd4Y9xbn4bL++GQzuPCvutrQY64w
jf3pxa5sVhH30vvUTtrGAozGLHmSHnKcv1l3rJjwnybG5N7GNq1f10AaSqRcFi3m
U2206Ys+ksyld6spkC33/SDNawqDSnm44Fm4engfO05TesR3TmGYyJ+qfewZFibv
/hatCYxVopHEYIsAmPq1FVSTIFe35VyZ14vDXj9+KY2gZf9I7qEl28M4V7skLnOI
GRkNTCZviW4OusO3CX9Xh9yysP/oiezptyuNrTkVjoUT7MyXv4YH20VzOil9PIA8
EOHozAaecRfDDK0qFEIjvlcrO4e5rMkC2oUsJpc/8NGdYwoY55IUplvgjwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFASJDNXpGK/7x0YCtufYbW8AdotHMB8GA1UdIwQY
MBaAFFiMq/b1I/JuJn2wO1JDR4QaqqRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0l5cjl2VWo4bTRtZmJBN1VrTkhoQnFxcEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMTg3ZDYtOGJmYy00YzU5LWE2YzQt
NmFkMzI1MmExNDI3LzEvQklrTTFla1lyX3ZIUmdLMjU5aHRid0IyaTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMTg3ZDYtOGJmYy00YzU5LWE2YzQtNmFkMzI1MmExNDI3
LzEvV0l5cjl2VWo4bTRtZmJBN1VrTkhoQnFxcEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAkBAIAATAeAwQFPt3AAwQC
Vm0QAwQCXn4gAwQAuRXyAwQCuVf4MCIEAgACMBwDBQAgARRgAwUDKgQcwAMFAyoF
xMADBQAqDXmAMA0GCSqGSIb3DQEBCwUAA4IBAQAmQmgk1pCk592R5VUA0hovXRrT
crHeJA3tI0xiyRisGQrFLOJp5XsbPxTUD2QSrWZq8EG1QPjDuXwvBO4Zl8TAJgSX
/dDt92lWglB6PWR2c9Pxlf7EQZ6eswUgnKaGlhGM/XQ7M/aNbTM1SsCS2B/FpD7A
lKtrmYVa8trLUOWRzFGHboh/X74LlXFtuwlsdnz3MCsXCdlaDyFtxPjA0ASgL3Gs
THYEwNiUBSeBvCcrxy0BsFFBXpEHwYsrHiMz0hkip6dV7O+9i/DogVlxrlIp5q9L
qVAaZC03E4H23SBYe7ooZZsYhNX6WmBbx8Cgmtzp7M/ZAB1ZgKBTX/Nsx1KW
-----END CERTIFICATE-----
Generated at Tue May 14 15:20:43 2024 by rpki-client on console-ams.rpki-client.org