Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/bpdmIN14-n1dSezEtowcCt91c8A.roa
File: bpdmIN14-n1dSezEtowcCt91c8A.roa (raw, json)
Hash identifier: r4QRCCRoLs1iiIW/SgZrYBFwOQ9ApTnFLeAeTdR4Ndk=
Subject key identifier: 6E:97:66:20:DD:78:FA:7D:5D:49:EC:C4:B6:8C:1C:0A:DF:75:73:C0
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01856BDCA9E93CB1EA5675C8901859857331
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/bpdmIN14-n1dSezEtowcCt91c8A.roa
Signing time: Sun 01 Jan 2023 05:45:01 +0000
ROA not before: Sun 01 Jan 2023 05:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57217
IP address blocks: 193.36.216.0/22 maxlen: 22
176.116.224.0/22 maxlen: 22
176.107.64.0/21 maxlen: 21
91.237.91.0/24 maxlen: 24
176.121.32.0/21 maxlen: 21
176.121.40.0/21 maxlen: 21
46.174.200.0/22 maxlen: 22
91.232.19.0/24 maxlen: 24
176.121.104.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 31 Aug 2023 16:43:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:a9:e9:3c:b1:ea:56:75:c8:90:18:59:85:73:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e976620dd78fa7d5d49ecc4b68c1c0adf7573c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:60:aa:05:b5:d7:63:c1:92:81:33:f9:ee:bf:
ae:0e:76:7d:89:f5:2a:cf:cf:7f:88:94:ea:5c:26:
f2:c6:2f:fc:f2:fc:ea:d6:c3:b1:cc:04:fe:64:f5:
63:7d:ad:a9:d6:49:cf:cc:ad:10:cf:de:10:c7:29:
1c:c4:30:f8:e5:1a:10:c5:5f:ba:0c:df:b1:43:82:
ce:71:36:52:0f:3e:dd:43:ff:16:6e:1c:93:eb:35:
04:3e:83:fb:9f:18:73:40:6e:dd:7e:de:2d:64:33:
9c:4d:f1:67:a4:9d:02:16:ba:4a:ca:64:0f:b8:00:
75:4d:d0:5b:17:9b:3e:3f:9a:ee:5f:ed:52:3c:72:
c7:59:59:bc:d0:77:2c:32:38:0a:d0:7e:55:2a:20:
03:b6:b6:2c:03:f2:cd:0a:fa:64:93:fa:d2:7d:5c:
6d:ef:2f:81:cd:c7:32:ee:bc:6d:9c:2e:15:ca:96:
50:8b:59:f5:51:f0:a3:f3:40:af:78:0a:58:ff:33:
16:ef:25:9b:a2:f2:4a:ff:2f:fa:a3:eb:f6:94:1e:
31:28:7b:d3:92:08:cd:1d:c3:83:ed:fe:f3:26:e4:
c2:05:48:2f:4b:63:76:d5:21:27:bf:58:43:32:19:
e1:72:c3:9b:ac:16:4f:45:ec:cf:5e:22:19:cd:ea:
75:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:97:66:20:DD:78:FA:7D:5D:49:EC:C4:B6:8C:1C:0A:DF:75:73:C0
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/bpdmIN14-n1dSezEtowcCt91c8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.200.0/22
91.232.19.0/24
91.237.91.0/24
176.107.64.0/21
176.116.224.0/22
176.121.32.0/20
176.121.104.0/22
193.36.216.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:d5:71:94:1e:a0:60:01:db:13:2e:98:6b:ed:60:49:03:33:
94:e2:09:db:5e:4b:19:94:99:02:29:24:87:eb:98:a1:11:18:
5f:75:57:1f:66:3a:3a:fa:c0:ee:24:f5:4d:c5:a9:94:f6:68:
ff:6e:a9:57:87:13:03:e8:8c:18:82:9b:5d:1a:df:2c:34:4a:
9c:13:89:18:44:ff:ff:ce:c5:42:c4:fe:e1:d4:d9:07:32:46:
d1:08:76:db:e8:7c:d7:e8:cc:0f:77:a1:ac:76:9f:fa:36:b9:
6d:e7:ed:07:3a:ba:ae:3e:43:db:55:29:e0:a5:c6:22:f8:83:
06:6a:c7:23:aa:c2:4e:1d:95:65:27:44:4e:55:e2:da:6b:4d:
b9:b8:56:1e:df:f9:f2:2d:31:c5:e5:bc:8e:14:de:f9:72:ac:
bd:60:88:80:6f:bd:37:fd:23:d6:e0:d6:95:7d:69:c4:ea:97:
83:29:6c:1b:45:cc:77:b3:80:3a:a9:fc:c8:80:d3:6a:3b:a0:
70:ca:55:a5:a1:5e:67:5b:3f:f8:8b:8f:54:3a:a4:0e:29:f6:
44:c5:15:73:0f:83:79:a2:56:15:3c:28:57:ef:47:c2:1c:59:
31:78:58:8b:9b:31:f0:c3:59:72:05:13:b2:a4:dc:d3:c8:6b:
69:ff:29:ca
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVr3KnpPLHqVnXIkBhZhXMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMTAxMDU0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTk3NjYyMGRkNzhmYTdkNWQ0OWVjYzRiNjhjMWMwYWRmNzU3M2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mCqBbXXY8GSgTP57r+uDnZ9ifUq
z89/iJTqXCbyxi/88vzq1sOxzAT+ZPVjfa2p1knPzK0Qz94QxykcxDD45RoQxV+6
DN+xQ4LOcTZSDz7dQ/8WbhyT6zUEPoP7nxhzQG7dft4tZDOcTfFnpJ0CFrpKymQP
uAB1TdBbF5s+P5ruX+1SPHLHWVm80HcsMjgK0H5VKiADtrYsA/LNCvpkk/rSfVxt
7y+Bzccy7rxtnC4VypZQi1n1UfCj80CveApY/zMW7yWbovJK/y/6o+v2lB4xKHvT
kgjNHcOD7f7zJuTCBUgvS2N21SEnv1hDMhnhcsObrBZPRezPXiIZzep1YwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFG6XZiDdePp9XUnsxLaMHArfdXPAMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvYnBkbUlOMTQtbjFkU2V6RXRvd2NDdDkxYzhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCLq7IAwQA
W+gTAwQAW+1bAwQDsGtAAwQCsHTgAwQEsHkgAwQCsHloAwQCwSTYMA0GCSqGSIb3
DQEBCwUAA4IBAQAf1XGUHqBgAdsTLphr7WBJAzOU4gnbXksZlJkCKSSH65ihERhf
dVcfZjo6+sDuJPVNxamU9mj/bqlXhxMD6IwYgptdGt8sNEqcE4kYRP//zsVCxP7h
1NkHMkbRCHbb6HzX6MwPd6Gsdp/6Nrlt5+0HOrquPkPbVSngpcYi+IMGascjqsJO
HZVlJ0ROVeLaa025uFYe3/nyLTHF5byOFN75cqy9YIiAb703/SPW4NaVfWnE6peD
KWwbRcx3s4A6qfzIgNNqO6BwylWloV5nWz/4i49UOqQOKfZExRVzD4N5olYVPChX
70fCHFkxeFiLmzHww1lyBROypNzTyGtp/ynK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org