Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d572c3-350f-479b-a7b3-153e9182af41/1/BsSwe-grOosfoMOLtkyYpL4NcoU.roa
File: BsSwe-grOosfoMOLtkyYpL4NcoU.roa (raw, json)
Hash identifier: ztReJuMo9HfAzZgPheEFPWv0898KTNMKR4hBevB8liY=
Subject key identifier: 06:C4:B0:7B:E8:2B:3A:8B:1F:A0:C3:8B:B6:4C:98:A4:BE:0D:72:85
Certificate issuer: /CN=553ca7b2e6c1e17f5f3edbe375e19ece39533910
Certificate serial: 018CC94D1E729F216244E1650F4FCF5ABBFA
Authority key identifier: 55:3C:A7:B2:E6:C1:E1:7F:5F:3E:DB:E3:75:E1:9E:CE:39:53:39:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VTynsubB4X9fPtvjdeGezjlTORA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d572c3-350f-479b-a7b3-153e9182af41/1/BsSwe-grOosfoMOLtkyYpL4NcoU.roa
Signing time: Tue 02 Jan 2024 08:32:03 +0000
ROA not before: Tue 02 Jan 2024 08:32:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49318
IP address blocks: 188.93.176.0/21 maxlen: 21
46.28.250.0/24 maxlen: 24
46.28.249.0/24 maxlen: 24
46.28.252.0/24 maxlen: 24
46.28.251.0/24 maxlen: 24
46.28.253.0/24 maxlen: 24
46.28.248.0/24 maxlen: 24
46.28.254.0/24 maxlen: 24
46.28.255.0/24 maxlen: 24
194.110.124.0/24 maxlen: 24
194.110.124.0/23 maxlen: 23
194.110.125.0/24 maxlen: 24
194.110.131.0/24 maxlen: 24
194.110.130.0/23 maxlen: 23
194.110.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 14:03:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:1e:72:9f:21:62:44:e1:65:0f:4f:cf:5a:bb:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=553ca7b2e6c1e17f5f3edbe375e19ece39533910
Validity
Not Before: Jan 2 08:32:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06c4b07be82b3a8b1fa0c38bb64c98a4be0d7285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:51:7b:ea:f2:6f:92:2b:ae:f9:3c:1a:fa:6e:
db:c9:60:79:6d:d0:b3:0c:cc:2c:db:bb:af:c7:4e:
c1:62:d5:c7:47:be:a6:08:d8:f4:48:bc:c7:80:bd:
f0:69:ea:97:6e:bc:d9:00:53:d2:ba:1a:2c:25:b0:
dd:34:46:87:fd:62:2c:32:5c:b6:e1:5d:d8:c0:55:
aa:20:f2:62:5b:25:30:06:88:7b:c7:28:00:a0:ad:
9c:6f:22:74:9e:81:72:fe:ac:cc:19:ec:e2:02:62:
e5:d5:e8:19:cd:34:ff:ef:e5:b1:eb:c6:54:9e:92:
32:90:8e:7a:78:bb:a5:29:72:a5:93:fb:4e:a9:aa:
62:b4:d1:e0:76:c3:13:7d:bd:33:4d:bb:c0:08:6d:
1c:7b:e8:17:12:70:9e:9b:5e:27:b7:5d:39:26:3d:
07:cc:97:92:54:b9:f6:7c:58:49:e0:0f:2d:7d:64:
38:c8:79:7b:22:1d:98:88:fe:3b:0c:96:dd:b3:0f:
68:56:07:01:80:06:50:12:4b:63:fa:03:34:9b:ed:
bd:cf:bd:09:19:09:d8:34:9b:47:04:8c:e6:ae:77:
08:48:56:77:23:a2:ca:bc:fa:f0:2e:55:7f:01:3c:
b1:69:8c:cb:5d:e9:10:7f:00:8f:09:e7:04:bd:b9:
84:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C4:B0:7B:E8:2B:3A:8B:1F:A0:C3:8B:B6:4C:98:A4:BE:0D:72:85
X509v3 Authority Key Identifier:
keyid:55:3C:A7:B2:E6:C1:E1:7F:5F:3E:DB:E3:75:E1:9E:CE:39:53:39:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VTynsubB4X9fPtvjdeGezjlTORA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d572c3-350f-479b-a7b3-153e9182af41/1/BsSwe-grOosfoMOLtkyYpL4NcoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d572c3-350f-479b-a7b3-153e9182af41/1/VTynsubB4X9fPtvjdeGezjlTORA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.248.0/21
188.93.176.0/21
194.110.124.0/23
194.110.130.0/23
Signature Algorithm: sha256WithRSAEncryption
14:dd:38:94:31:fe:ee:7b:83:d8:28:1d:28:0d:7d:56:b3:da:
f9:75:42:7d:60:1c:5d:03:be:13:d3:36:8b:5e:ac:41:bc:4e:
5e:ce:95:2d:67:d8:bb:00:6c:bd:f8:a9:b0:e2:10:bb:e0:ee:
b0:40:cc:db:df:1d:6a:61:4a:e4:23:15:93:42:61:26:80:19:
62:a7:21:b2:ee:2f:af:85:be:c8:02:49:d4:e2:ae:fe:d4:35:
69:78:4f:ec:6a:49:2e:19:79:ac:55:d4:a4:a7:cf:9f:ca:d1:
3c:97:4e:df:4f:ad:85:7f:c2:7b:16:12:00:7c:ea:f4:a4:75:
ca:b2:2a:a3:d9:98:95:7c:f5:9f:b8:a6:20:68:73:b4:22:75:
08:84:d4:49:ae:a9:a3:79:94:e0:77:58:ba:14:57:f5:f0:37:
1c:af:88:ab:0c:ad:20:d5:bc:95:91:ea:b8:9b:55:cd:ab:6a:
1d:10:05:5f:b3:f6:91:be:8a:8f:a2:db:25:f1:9b:0d:83:5c:
c2:3e:70:b4:d6:39:37:49:68:85:e3:1f:54:66:58:87:9f:8c:
71:8c:9a:a4:14:6b:5a:d8:90:79:4a:b6:bd:d4:a6:42:86:a1:
5c:0a:cb:7e:7e:88:29:37:16:a3:c3:d4:6d:fb:9f:ac:28:d4:
6e:a0:82:95
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJTR5ynyFiROFlD0/PWrv6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1M2NhN2IyZTZjMWUxN2Y1ZjNlZGJlMzc1ZTE5ZWNlMzk1
MzM5MTAwHhcNMjQwMTAyMDgzMjAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmM0YjA3YmU4MmIzYThiMWZhMGMzOGJiNjRjOThhNGJlMGQ3Mjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlF76vJvkiuu+Twa+m7byWB5bdCz
DMws27uvx07BYtXHR76mCNj0SLzHgL3waeqXbrzZAFPSuhosJbDdNEaH/WIsMly2
4V3YwFWqIPJiWyUwBoh7xygAoK2cbyJ0noFy/qzMGeziAmLl1egZzTT/7+Wx68ZU
npIykI56eLulKXKlk/tOqapitNHgdsMTfb0zTbvACG0ce+gXEnCem14nt105Jj0H
zJeSVLn2fFhJ4A8tfWQ4yHl7Ih2YiP47DJbdsw9oVgcBgAZQEktj+gM0m+29z70J
GQnYNJtHBIzmrncISFZ3I6LKvPrwLlV/ATyxaYzLXekQfwCPCecEvbmENwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAbEsHvoKzqLH6DDi7ZMmKS+DXKFMB8GA1UdIwQY
MBaAFFU8p7LmweF/Xz7b43Xhns45UzkQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlR5bnN1YkI0WDlmUHR2amRlR2V6amxUT1JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kNTcyYzMtMzUwZi00NzliLWE3YjMt
MTUzZTkxODJhZjQxLzEvQnNTd2UtZ3JPb3Nmb01PTHRreVlwTDROY29VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kNTcyYzMtMzUwZi00NzliLWE3YjMtMTUzZTkxODJhZjQx
LzEvVlR5bnN1YkI0WDlmUHR2amRlR2V6amxUT1JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLhz4AwQD
vF2wAwQBwm58AwQBwm6CMA0GCSqGSIb3DQEBCwUAA4IBAQAU3TiUMf7ue4PYKB0o
DX1Ws9r5dUJ9YBxdA74T0zaLXqxBvE5ezpUtZ9i7AGy9+Kmw4hC74O6wQMzb3x1q
YUrkIxWTQmEmgBlipyGy7i+vhb7IAknU4q7+1DVpeE/sakkuGXmsVdSkp8+fytE8
l07fT62Ff8J7FhIAfOr0pHXKsiqj2ZiVfPWfuKYgaHO0InUIhNRJrqmjeZTgd1i6
FFf18Dccr4irDK0g1byVkeq4m1XNq2odEAVfs/aRvoqPotsl8ZsNg1zCPnC01jk3
SWiF4x9UZliHn4xxjJqkFGta2JB5Sra91KZChqFcCst+fogpNxajw9Rt+5+sKNRu
oIKV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:05 2025 by rpki-client