Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/BvnOs9WO7e1Bcsm_l8JYrI4kxMc.roa
File: BvnOs9WO7e1Bcsm_l8JYrI4kxMc.roa (raw, json)
Hash identifier: ZAG9NS+lbk2xCTqQVRkeXyVzbRIhF94HD+1CY1qgOKQ=
Subject key identifier: 06:F9:CE:B3:D5:8E:ED:ED:41:72:C9:BF:97:C2:58:AC:8E:24:C4:C7
Certificate issuer: /CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Certificate serial: 018A6EEB629ED8300A6924749178ACD98750
Authority key identifier: DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/BvnOs9WO7e1Bcsm_l8JYrI4kxMc.roa
Signing time: Thu 07 Sep 2023 09:13:54 +0000
ROA not before: Thu 07 Sep 2023 09:13:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206805
IP address blocks: 185.159.111.0/24 maxlen: 24
45.84.152.0/23 maxlen: 23
45.84.155.0/24 maxlen: 24
45.84.154.0/24 maxlen: 24
193.19.100.0/23 maxlen: 24
45.145.190.0/23 maxlen: 23
45.145.188.0/23 maxlen: 23
185.247.192.0/22 maxlen: 24
185.228.48.0/22 maxlen: 24
178.159.32.0/23 maxlen: 24
188.64.150.0/23 maxlen: 24
188.64.149.0/24 maxlen: 24
2a0c:ee00:20c::/48 maxlen: 48
2a0c:ee00:100::/40 maxlen: 40
2a0c:ee00::/40 maxlen: 40
2a0c:ee00:200::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 21 Sep 2023 13:46:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6e:eb:62:9e:d8:30:0a:69:24:74:91:78:ac:d9:87:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Validity
Not Before: Sep 7 09:13:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06f9ceb3d58eeded4172c9bf97c258ac8e24c4c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ef:13:97:85:86:13:84:d2:99:3a:ef:4c:80:
bf:3f:51:66:b6:bc:25:27:90:46:c2:01:bd:ad:96:
fb:e1:55:29:47:d8:5e:85:fe:94:31:ed:ff:0d:c9:
59:25:18:31:6c:34:e1:52:e6:d6:ef:63:5a:9f:ff:
0b:09:75:f4:48:61:4e:ce:26:7c:d1:1d:66:d3:7c:
64:22:d7:14:67:5b:9f:f1:2b:27:67:02:62:e7:31:
be:d5:29:7d:aa:55:52:e1:26:3f:05:39:bf:d5:08:
e3:e1:07:81:c5:a4:db:b5:7a:73:e3:d8:2b:da:62:
bb:1e:94:34:6e:0a:ee:cf:4a:c5:3b:43:3c:07:f4:
64:96:b9:42:b4:01:e2:de:81:fa:1f:59:ff:e5:f1:
b8:07:41:70:a8:f1:77:c6:7f:84:74:09:85:c8:5e:
52:a7:ef:06:46:89:61:26:d8:7a:8a:dd:75:dc:43:
9c:15:b4:fe:c2:51:c0:0e:00:b5:64:b1:b6:e8:da:
11:47:0b:3c:c9:58:f9:27:b1:77:be:85:02:6b:f3:
49:34:b3:14:c7:47:9c:7f:fc:58:38:70:09:c7:02:
01:95:3b:88:b5:e0:42:7f:4f:a3:36:44:b2:15:e8:
6c:16:b5:ca:77:75:89:6c:79:da:6d:f6:81:6c:e7:
b2:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:F9:CE:B3:D5:8E:ED:ED:41:72:C9:BF:97:C2:58:AC:8E:24:C4:C7
X509v3 Authority Key Identifier:
keyid:DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/BvnOs9WO7e1Bcsm_l8JYrI4kxMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/3T1AERdeXfej9X0454FQosBf3R0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.152.0/22
45.145.188.0/22
178.159.32.0/23
185.159.111.0/24
185.228.48.0/22
185.247.192.0/22
188.64.149.0-188.64.151.255
193.19.100.0/23
IPv6:
2a0c:ee00::-2a0c:ee00:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
95:c7:07:f4:f6:00:5d:72:7b:f4:29:75:e0:0b:0e:4d:54:9b:
6a:4a:12:ab:ab:9e:58:21:8d:b9:b9:a0:ed:49:00:4d:ed:28:
fa:0f:69:2f:64:f0:cf:ac:41:95:40:5e:94:75:60:4b:8f:89:
20:74:b4:df:6e:08:d6:50:df:ca:b6:77:31:9e:71:b8:94:bd:
b4:28:81:17:f7:8b:c5:70:23:d7:46:b8:7e:bf:2a:ea:a3:8e:
13:d4:79:46:4c:3d:19:87:ea:f4:aa:ec:a7:f2:2e:10:28:4a:
43:72:12:a8:b7:8a:2e:1d:9d:c3:7c:ad:c9:e2:d6:78:01:ee:
6c:86:a5:cb:65:34:15:88:e9:70:c4:99:2a:a0:31:12:db:3a:
e3:dd:6d:c5:ff:0c:77:77:0f:84:26:bd:6d:30:f3:64:f3:3f:
9d:8e:72:29:dc:1b:65:49:83:57:fe:92:5f:5d:c4:78:10:07:
7a:2c:82:0e:43:92:3c:e4:00:32:35:de:de:8d:2a:ad:28:01:
32:e4:8f:e3:7c:87:a6:69:90:45:e6:2f:60:29:98:30:25:7f:
a1:87:18:0b:e2:bb:4b:14:af:ab:3b:65:6b:cb:1c:1c:6a:5c:
7e:fe:7c:02:88:80:8e:7f:b9:f8:a0:38:de:46:78:65:fe:ab:
15:8a:ee:77
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYpu62Ke2DAKaSR0kXis2YdQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkM2Q0MDExMTc1ZTVkZjdhM2Y1N2QzOGU3ODE1MGEyYzA1
ZmRkMWQwHhcNMjMwOTA3MDkxMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmY5Y2ViM2Q1OGVlZGVkNDE3MmM5YmY5N2MyNThhYzhlMjRjNGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+8Tl4WGE4TSmTrvTIC/P1Fmtrwl
J5BGwgG9rZb74VUpR9hehf6UMe3/DclZJRgxbDThUubW72Nan/8LCXX0SGFOziZ8
0R1m03xkItcUZ1uf8SsnZwJi5zG+1Sl9qlVS4SY/BTm/1Qjj4QeBxaTbtXpz49gr
2mK7HpQ0bgruz0rFO0M8B/RklrlCtAHi3oH6H1n/5fG4B0FwqPF3xn+EdAmFyF5S
p+8GRolhJth6it113EOcFbT+wlHADgC1ZLG26NoRRws8yVj5J7F3voUCa/NJNLMU
x0ecf/xYOHAJxwIBlTuIteBCf0+jNkSyFehsFrXKd3WJbHnabfaBbOeyTQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFAb5zrPVju3tQXLJv5fCWKyOJMTHMB8GA1UdIwQY
MBaAFN09QBEXXl33o/V9OOeBUKLAX90dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1QxQUVSZGVYZmVqOVgwNDU0RlFvc0JmM1IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zMDg1ODktOTJmZS00NTkzLTkzZTQt
MmQwYTc4YmU4OTJkLzEvQnZuT3M5V083ZTFCY3NtX2w4SllySTRreE1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zMDg1ODktOTJmZS00NTkzLTkzZTQtMmQwYTc4YmU4OTJk
LzEvM1QxQUVSZGVYZmVqOVgwNDU0RlFvc0JmM1IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDA+BAIAATA4AwQCLVSYAwQC
LZG8AwQBsp8gAwQAuZ9vAwQCueQwAwQCuffAMAwDBAC8QJUDBAO8QJADBAHBE2Qw
FgQCAAIwEDAOAwQBKgzuAwYAKgzuAAIwDQYJKoZIhvcNAQELBQADggEBAJXHB/T2
AF1ye/QpdeALDk1Um2pKEqurnlghjbm5oO1JAE3tKPoPaS9k8M+sQZVAXpR1YEuP
iSB0tN9uCNZQ38q2dzGecbiUvbQogRf3i8VwI9dGuH6/KuqjjhPUeUZMPRmH6vSq
7KfyLhAoSkNyEqi3ii4dncN8rcni1ngB7myGpctlNBWI6XDEmSqgMRLbOuPdbcX/
DHd3D4QmvW0w82TzP52OcincG2VJg1f+kl9dxHgQB3osgg5DkjzkADI13t6NKq0o
ATLkj+N8h6ZpkEXmL2ApmDAlf6GHGAviu0sUr6s7ZWvLHBxqXH7+fAKIgI5/ufig
ON5GeGX+qxWK7nc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:28 2024 by rpki-client on console-ams.rpki-client.org