Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/BghVQixQHLbIds1nugAzXl591dY.roa
File: BghVQixQHLbIds1nugAzXl591dY.roa (raw, json)
Hash identifier: 34yVou22+n6EHs7E9NvOaqGuwGvsbcVZJYWr1xY4NrM=
Subject key identifier: 06:08:55:42:2C:50:1C:B6:C8:76:CD:67:BA:00:33:5E:5E:7D:D5:D6
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0189468AD82B601FCF79D59B7B60A226A9AC
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/BghVQixQHLbIds1nugAzXl591dY.roa
Signing time: Tue 11 Jul 2023 20:00:51 +0000
ROA not before: Tue 11 Jul 2023 20:00:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.200.222.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
89.251.16.0/24 maxlen: 24
91.226.56.0/24 maxlen: 24
89.251.21.0/24 maxlen: 24
193.93.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Jul 2023 03:14:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:46:8a:d8:2b:60:1f:cf:79:d5:9b:7b:60:a2:26:a9:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jul 11 20:00:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=060855422c501cb6c876cd67ba00335e5e7dd5d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2b:7d:5d:62:08:74:70:b9:52:0e:47:97:9e:
75:ce:f1:91:eb:37:6a:a8:94:e3:61:9e:a0:d2:38:
ec:b4:30:f8:76:32:b9:d3:59:80:12:92:3d:29:7d:
c6:2f:d5:83:d7:1b:f1:c1:04:20:a4:6b:86:23:95:
ac:56:fd:7f:86:0b:a6:70:84:02:50:e5:c6:9c:f7:
de:55:65:03:c3:84:f6:41:33:45:57:c5:fb:c2:0e:
b6:f2:88:c9:31:be:5f:fa:1f:18:5b:e5:2e:5b:96:
f3:d4:51:60:33:e3:1b:2a:42:79:77:f5:be:1a:34:
bd:9e:34:82:39:e4:68:e8:b3:e9:dd:13:34:61:cc:
a2:0f:29:67:c0:8e:f1:32:2b:1e:a4:62:20:87:84:
0a:7b:d6:e6:8d:19:e7:f3:6f:6f:30:04:ec:3e:71:
30:b5:ed:b5:0f:99:61:b8:9d:f0:12:03:5d:4c:0a:
f2:36:59:37:f3:4d:da:5a:c2:1e:d5:7d:53:7a:78:
22:44:3b:e6:67:7b:03:fa:3f:89:85:3f:b8:22:7d:
0c:dd:d5:41:68:bf:16:f3:44:87:0b:78:68:ac:f5:
51:99:d4:92:c3:99:5e:0a:f7:30:b0:5e:26:79:99:
32:56:d9:b4:35:42:8b:4f:05:7c:66:52:0c:3a:6e:
39:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:08:55:42:2C:50:1C:B6:C8:76:CD:67:BA:00:33:5E:5E:7D:D5:D6
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/BghVQixQHLbIds1nugAzXl591dY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.16.0/24
89.251.21.0/24
91.200.222.0/24
91.226.56.0/24
109.122.46.0/24
193.93.52.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:42:cf:d0:5f:c7:d3:2c:f0:2c:d9:21:7c:75:b9:67:73:e7:
cb:f9:82:72:92:2a:5f:80:73:3a:8c:7d:b5:be:8e:83:8b:fe:
cd:f9:a8:ae:b1:e6:ec:f2:49:55:17:89:63:23:43:9e:fd:83:
54:53:54:57:2c:2a:db:95:39:e0:70:59:26:15:37:ff:e1:5b:
a0:f8:80:7b:40:c7:03:6c:98:f6:42:f7:3e:01:8f:1c:2e:0c:
37:b4:19:9d:34:21:9a:bc:32:c5:59:b7:b7:98:5f:22:7e:d0:
58:39:ce:71:56:b9:76:2b:c1:58:e7:5e:2c:bf:b4:31:c3:11:
f8:9f:26:17:4c:3e:66:b4:ef:52:2c:cf:17:99:8d:c5:10:ae:
1f:3b:c9:29:b3:df:1d:bc:13:d1:37:0f:7e:f3:0e:2c:74:76:
4a:b8:a9:33:4b:12:b9:71:3c:7c:46:0e:86:b5:68:e8:c2:e2:
13:66:62:76:9c:a5:69:fb:26:ed:af:9b:41:26:60:ce:c1:8d:
82:c3:ad:b2:97:0b:c1:22:9e:99:df:6e:4e:10:d4:e0:a7:16:
ea:ce:7b:b2:70:83:ad:8e:65:46:b9:06:de:bd:15:19:9e:db:
2c:d2:06:32:71:02:2e:4f:47:f8:ae:a9:53:bc:f7:65:5a:70:
9e:92:e9:d9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYlGitgrYB/PedWbe2CiJqmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNzExMjAwMDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjA4NTU0MjJjNTAxY2I2Yzg3NmNkNjdiYTAwMzM1ZTVlN2RkNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCt9XWIIdHC5Ug5Hl551zvGR6zdq
qJTjYZ6g0jjstDD4djK501mAEpI9KX3GL9WD1xvxwQQgpGuGI5WsVv1/hgumcIQC
UOXGnPfeVWUDw4T2QTNFV8X7wg628ojJMb5f+h8YW+UuW5bz1FFgM+MbKkJ5d/W+
GjS9njSCOeRo6LPp3RM0YcyiDylnwI7xMisepGIgh4QKe9bmjRnn829vMATsPnEw
te21D5lhuJ3wEgNdTAryNlk3803aWsIe1X1TengiRDvmZ3sD+j+JhT+4In0M3dVB
aL8W80SHC3horPVRmdSSw5leCvcwsF4meZkyVtm0NUKLTwV8ZlIMOm457QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAYIVUIsUBy2yHbNZ7oAM15efdXWMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvQmdoVlFpeFFITGJJZHMxbnVnQXpYbDU5MWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWfsQAwQA
WfsVAwQAW8jeAwQAW+I4AwQAbXouAwQAwV00MA0GCSqGSIb3DQEBCwUAA4IBAQBO
Qs/QX8fTLPAs2SF8dblnc+fL+YJykipfgHM6jH21vo6Di/7N+aiusebs8klVF4lj
I0Oe/YNUU1RXLCrblTngcFkmFTf/4Vug+IB7QMcDbJj2Qvc+AY8cLgw3tBmdNCGa
vDLFWbe3mF8iftBYOc5xVrl2K8FY514sv7QxwxH4nyYXTD5mtO9SLM8XmY3FEK4f
O8kps98dvBPRNw9+8w4sdHZKuKkzSxK5cTx8Rg6GtWjowuITZmJ2nKVp+ybtr5tB
JmDOwY2Cw62ylwvBIp6Z325OENTgpxbqznuycIOtjmVGuQbevRUZntss0gYycQIu
T0f4rqlTvPdlWnCekunZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org