Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/bBCzBTDUni4cI64DBP8mJPi9caU.roa
File: bBCzBTDUni4cI64DBP8mJPi9caU.roa (raw, json)
Hash identifier: C2KP9ZuLvnSuFqn8uuUFfumg6zpTiQ3wYUl2kha2llY=
Subject key identifier: 6C:10:B3:05:30:D4:9E:2E:1C:23:AE:03:04:FF:26:24:F8:BD:71:A5
Certificate issuer: /CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Certificate serial: 0186356488C32E901B026960924A9D3939DA
Authority key identifier: 14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/bBCzBTDUni4cI64DBP8mJPi9caU.roa
Signing time: Thu 09 Feb 2023 08:57:06 +0000
ROA not before: Thu 09 Feb 2023 08:57:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207728
IP address blocks: 46.28.234.0/24 maxlen: 24
93.88.74.0/24 maxlen: 24
185.162.11.0/24 maxlen: 24
185.162.9.0/24 maxlen: 24
31.10.5.0/24 maxlen: 24
87.236.177.0/24 maxlen: 24
31.210.170.0/23 maxlen: 24
104.192.42.0/24 maxlen: 24
31.210.173.0/24 maxlen: 24
2a12:9cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Mar 2023 17:18:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:35:64:88:c3:2e:90:1b:02:69:60:92:4a:9d:39:39:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Validity
Not Before: Feb 9 08:57:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c10b30530d49e2e1c23ae0304ff2624f8bd71a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:bc:50:a8:4b:8c:69:93:6a:76:05:bd:c3:e3:
81:28:93:5b:88:6c:f6:c3:d7:a2:25:05:e8:0e:f0:
e3:1b:bf:fb:a9:6f:06:13:a6:9c:63:10:6e:f2:da:
49:8d:4f:0a:6d:ce:96:30:c3:99:f1:71:ca:6a:4c:
1e:c9:b7:d1:c7:23:6b:c4:ee:e3:4d:02:a6:a1:96:
5c:1a:85:16:f3:cd:91:01:5d:23:e7:84:3e:b3:65:
c1:f9:46:2a:3e:38:a8:99:72:b1:d9:3e:c8:d2:1a:
59:b5:cb:e4:34:4c:98:07:3a:73:3f:6b:c2:20:2f:
d6:ff:ff:c8:cd:fc:35:61:1c:43:73:c1:23:98:a3:
0b:7c:1b:3e:a5:16:61:68:a1:ec:5c:76:95:eb:9c:
ef:83:a5:5c:72:5b:6c:1c:52:5d:a6:f1:4b:e0:ce:
9f:89:58:9e:83:39:09:fa:88:56:c4:a4:fd:6c:d0:
6c:48:a0:f8:23:fb:b2:14:0d:96:a0:b6:6e:11:58:
5e:1b:34:c4:ee:f6:1f:e8:a0:7c:7a:b8:59:4e:7b:
ce:56:ab:46:91:58:e5:b2:73:f6:e4:34:59:be:68:
f0:c1:bc:53:07:a0:ff:fa:a0:9d:a7:50:5a:42:6d:
a5:ad:74:cf:8d:27:3c:d6:ab:52:79:db:8f:a2:73:
32:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:10:B3:05:30:D4:9E:2E:1C:23:AE:03:04:FF:26:24:F8:BD:71:A5
X509v3 Authority Key Identifier:
keyid:14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/bBCzBTDUni4cI64DBP8mJPi9caU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.5.0/24
31.210.170.0/23
31.210.173.0/24
46.28.234.0/24
87.236.177.0/24
93.88.74.0/24
104.192.42.0/24
185.162.9.0/24
185.162.11.0/24
IPv6:
2a12:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
d6:3e:0e:90:c5:0d:fa:28:e2:4e:b9:11:50:02:b5:7a:0b:1d:
bd:50:a7:d9:c4:fa:e4:58:a3:9f:05:68:3e:77:29:0f:27:94:
d3:07:54:e1:c8:10:b4:b7:36:31:cd:ef:d5:95:0f:57:36:a4:
cc:2c:43:3c:b4:3a:b0:44:c7:6f:a8:aa:59:66:f0:93:76:a3:
72:ad:c1:30:65:5a:81:30:74:92:57:b7:23:91:40:18:59:cf:
51:dd:57:11:f7:c9:59:79:53:37:92:ef:66:2f:8e:4d:59:d1:
ba:b8:dc:93:be:15:97:a1:39:10:70:2f:9c:11:9d:90:f4:ec:
01:d7:99:7a:6d:83:26:48:89:a6:7d:03:f3:a2:0a:7e:91:d3:
60:b4:ec:4c:6c:e4:a1:c0:57:de:f3:25:a6:98:b2:56:a7:54:
2f:a6:ff:f7:7c:f1:ce:15:a5:9a:88:7e:93:44:b8:54:df:d9:
89:71:f9:96:38:ad:20:ba:2b:fd:6f:8f:0a:79:40:27:6f:1c:
1c:62:fb:ae:36:59:e7:06:36:1e:e4:0e:5a:5f:e2:d6:66:f8:
3f:59:89:2a:07:98:cf:49:5e:81:5d:47:3b:f8:2b:95:fd:d4:
d0:31:e2:9a:05:27:09:ec:48:cc:33:91:18:4d:c8:75:e8:f2:
8e:e8:36:72
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYY1ZIjDLpAbAmlgkkqdOTnaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0OWQxZjY3YTQxY2EyZTQwNTAxN2NiZTQ4YmFmZmYxNzMz
ZTM4NjkwHhcNMjMwMjA5MDg1NzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzEwYjMwNTMwZDQ5ZTJlMWMyM2FlMDMwNGZmMjYyNGY4YmQ3MWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLxQqEuMaZNqdgW9w+OBKJNbiGz2
w9eiJQXoDvDjG7/7qW8GE6acYxBu8tpJjU8Kbc6WMMOZ8XHKakweybfRxyNrxO7j
TQKmoZZcGoUW882RAV0j54Q+s2XB+UYqPjiomXKx2T7I0hpZtcvkNEyYBzpzP2vC
IC/W///Izfw1YRxDc8EjmKMLfBs+pRZhaKHsXHaV65zvg6VccltsHFJdpvFL4M6f
iViegzkJ+ohWxKT9bNBsSKD4I/uyFA2WoLZuEVheGzTE7vYf6KB8erhZTnvOVqtG
kVjlsnP25DRZvmjwwbxTB6D/+qCdp1BaQm2lrXTPjSc81qtSeduPonMyFwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFGwQswUw1J4uHCOuAwT/JiT4vXGlMB8GA1UdIwQY
MBaAFBSdH2ekHKLkBQF8vki6//FzPjhpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDkt
NTQ4NTY4MmEwNWY1LzEvYkJDekJURFVuaTRjSTY0REJQOG1KUGk5Y2FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDktNTQ4NTY4MmEwNWY1
LzEvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQAHwoFAwQB
H9KqAwQAH9KtAwQALhzqAwQAV+yxAwQAXVhKAwQAaMAqAwQAuaIJAwQAuaILMA0E
AgACMAcDBQMqEpzAMA0GCSqGSIb3DQEBCwUAA4IBAQDWPg6QxQ36KOJOuRFQArV6
Cx29UKfZxPrkWKOfBWg+dykPJ5TTB1ThyBC0tzYxze/VlQ9XNqTMLEM8tDqwRMdv
qKpZZvCTdqNyrcEwZVqBMHSSV7cjkUAYWc9R3VcR98lZeVM3ku9mL45NWdG6uNyT
vhWXoTkQcC+cEZ2Q9OwB15l6bYMmSImmfQPzogp+kdNgtOxMbOShwFfe8yWmmLJW
p1Qvpv/3fPHOFaWaiH6TRLhU39mJcfmWOK0guiv9b48KeUAnbxwcYvuuNlnnBjYe
5A5aX+LWZvg/WYkqB5jPSV6BXUc7+CuV/dTQMeKaBScJ7EjMM5EYTch16PKO6DZy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:03 2024 by rpki-client on console-fra.rpki-client.org