Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/bHjWk_GoKqqzQk51M7UR9hF4t1A.roa
File: bHjWk_GoKqqzQk51M7UR9hF4t1A.roa (raw, json)
Hash identifier: MNAv4EOK7bSaAT6q/4ITZwEZye6Ro3yYB5lIzIfGClo=
Subject key identifier: 6C:78:D6:93:F1:A8:2A:AA:B3:42:4E:75:33:B5:11:F6:11:78:B7:50
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018C86FEFA419B3139DD0FEF6D9FAF2DB3E1
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/bHjWk_GoKqqzQk51M7UR9hF4t1A.roa
Signing time: Wed 20 Dec 2023 11:31:46 +0000
ROA not before: Wed 20 Dec 2023 11:31:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48749
IP address blocks: 85.122.84.0/23 maxlen: 23
217.156.108.0/23 maxlen: 23
85.121.18.0/23 maxlen: 23
85.121.36.0/23 maxlen: 23
81.180.252.0/23 maxlen: 23
81.180.36.0/23 maxlen: 23
81.180.172.0/23 maxlen: 23
80.96.236.0/23 maxlen: 23
81.180.94.0/23 maxlen: 23
85.120.44.0/23 maxlen: 23
81.180.204.0/23 maxlen: 23
81.181.172.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:86:fe:fa:41:9b:31:39:dd:0f:ef:6d:9f:af:2d:b3:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Dec 20 11:31:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c78d693f1a82aaab3424e7533b511f61178b750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:af:38:39:e6:91:08:5b:c6:85:26:ca:c1:85:
88:62:60:23:be:b4:ce:b5:a8:40:91:cd:28:98:ac:
08:1c:c8:24:d0:e7:78:bc:28:c7:14:5c:23:d7:ce:
ee:20:78:3e:49:9f:6e:00:c1:49:8d:7b:a9:da:c0:
0f:76:8a:e3:40:56:2e:36:12:59:a1:50:64:28:71:
c5:94:e5:ba:6e:02:e3:8b:9d:1f:55:22:97:60:d4:
d4:89:65:a6:28:b0:ae:a8:56:ac:60:51:ea:b2:a5:
84:db:cb:ac:ca:f1:7c:4a:ad:81:53:5e:74:ff:e8:
ef:c3:79:87:71:36:45:2a:79:21:07:42:f1:fa:f1:
84:5c:af:20:ee:a1:e4:f6:8c:50:fc:f9:2b:8b:d3:
d3:9b:10:df:f2:77:d9:28:11:05:8a:fc:2d:56:33:
7e:b2:72:8b:b4:0d:33:4f:c0:9d:be:5c:f1:6a:ff:
33:b9:be:6b:3f:d1:a7:56:6d:03:d2:44:f3:ae:51:
31:c3:fb:b0:cd:de:e5:6d:ea:4a:92:47:4d:80:6b:
f5:83:85:5d:06:bd:2f:aa:57:d9:f1:11:03:3c:d6:
48:c9:c0:25:58:5e:23:e6:6f:73:f8:bc:30:ed:dd:
68:06:88:cb:6a:55:14:06:74:97:a4:06:71:6f:0c:
e9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:78:D6:93:F1:A8:2A:AA:B3:42:4E:75:33:B5:11:F6:11:78:B7:50
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/bHjWk_GoKqqzQk51M7UR9hF4t1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.236.0/23
81.180.36.0/23
81.180.94.0/23
81.180.172.0/23
81.180.204.0/23
81.180.252.0/23
81.181.172.0/23
85.120.44.0/23
85.121.18.0/23
85.121.36.0/23
85.122.84.0/23
217.156.108.0/23
Signature Algorithm: sha256WithRSAEncryption
13:a7:44:1d:67:f6:36:0e:df:98:66:3f:93:1e:e9:ef:cf:5d:
fd:d5:b7:3c:ca:d7:63:a7:f8:91:5a:5f:5c:ce:8e:47:6e:93:
d8:8d:5a:89:0f:70:2e:6a:d0:7f:a5:1a:dd:40:98:ac:52:c5:
a5:b0:dd:49:a5:4b:18:4e:ab:d7:35:47:22:72:18:65:9e:22:
50:7d:19:45:b2:9e:92:f9:14:4b:44:52:88:04:64:98:67:92:
17:69:43:d1:fd:ff:9b:4a:58:cc:61:d6:17:69:65:34:a1:fc:
e6:f6:af:83:4a:7f:dd:40:1f:87:0a:28:0e:51:1f:51:70:ca:
e1:46:be:cf:9a:2d:c2:bb:af:cf:7f:8d:79:d2:c3:25:60:22:
fa:2b:a1:e9:79:3c:e2:a8:9e:6d:82:27:94:59:df:37:0a:3a:
2a:39:4f:fd:fa:44:0e:0e:ac:4c:3e:ce:72:ea:68:05:33:92:
41:20:e9:21:84:16:fd:d9:19:f3:ac:4b:3a:6b:05:1e:3f:04:
19:6f:c7:7b:39:b2:bf:c3:5f:c9:0f:26:0c:af:d3:32:10:01:
36:a2:d6:9d:09:23:4c:76:d9:26:45:41:aa:5c:9f:21:4b:28:
96:8e:19:07:8e:ee:f6:3f:e9:58:f7:b5:f9:29:74:8f:c8:32:
41:f3:a1:39
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYyG/vpBmzE53Q/vbZ+vLbPhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMxMjIwMTEzMTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzc4ZDY5M2YxYTgyYWFhYjM0MjRlNzUzM2I1MTFmNjExNzhiNzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwq84OeaRCFvGhSbKwYWIYmAjvrTO
tahAkc0omKwIHMgk0Od4vCjHFFwj187uIHg+SZ9uAMFJjXup2sAPdorjQFYuNhJZ
oVBkKHHFlOW6bgLji50fVSKXYNTUiWWmKLCuqFasYFHqsqWE28usyvF8Sq2BU150
/+jvw3mHcTZFKnkhB0Lx+vGEXK8g7qHk9oxQ/Pkri9PTmxDf8nfZKBEFivwtVjN+
snKLtA0zT8Cdvlzxav8zub5rP9GnVm0D0kTzrlExw/uwzd7lbepKkkdNgGv1g4Vd
Br0vqlfZ8REDPNZIycAlWF4j5m9z+Lww7d1oBojLalUUBnSXpAZxbwzpvQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGx41pPxqCqqs0JOdTO1EfYReLdQMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvYkhqV2tfR29LcXF6UWs1MU03VVI5aEY0dDFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBUGDsAwQB
UbQkAwQBUbReAwQBUbSsAwQBUbTMAwQBUbT8AwQBUbWsAwQBVXgsAwQBVXkSAwQB
VXkkAwQBVXpUAwQB2ZxsMA0GCSqGSIb3DQEBCwUAA4IBAQATp0QdZ/Y2Dt+YZj+T
Hunvz1391bc8ytdjp/iRWl9czo5HbpPYjVqJD3AuatB/pRrdQJisUsWlsN1JpUsY
TqvXNUcichhlniJQfRlFsp6S+RRLRFKIBGSYZ5IXaUPR/f+bSljMYdYXaWU0ofzm
9q+DSn/dQB+HCigOUR9RcMrhRr7Pmi3Cu6/Pf4150sMlYCL6K6HpeTziqJ5tgieU
Wd83CjoqOU/9+kQODqxMPs5y6mgFM5JBIOkhhBb92RnzrEs6awUePwQZb8d7ObK/
w1/JDyYMr9MyEAE2otadCSNMdtkmRUGqXJ8hSyiWjhkHju72P+lY97X5KXSPyDJB
86E5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org