Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/BDK_ewjshhUuT6BEN-u91X7tJw4.roa
File: BDK_ewjshhUuT6BEN-u91X7tJw4.roa (raw, json)
Hash identifier: Sebk1dkeQH4lcL6hUeNvPm0C41xu2F66vPBRZBNCHDg=
Subject key identifier: 04:32:BF:7B:08:EC:86:15:2E:4F:A0:44:37:EB:BD:D5:7E:ED:27:0E
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018C957DCADAC33EF42295FB5DEE8A237A68
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/BDK_ewjshhUuT6BEN-u91X7tJw4.roa
Signing time: Sat 23 Dec 2023 07:04:58 +0000
ROA not before: Sat 23 Dec 2023 07:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.111.32.0/20 maxlen: 24
176.221.16.0/21 maxlen: 21
95.82.32.0/21 maxlen: 24
37.128.248.0/22 maxlen: 24
37.128.248.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Dec 2023 13:06:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:95:7d:ca:da:c3:3e:f4:22:95:fb:5d:ee:8a:23:7a:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Dec 23 07:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0432bf7b08ec86152e4fa04437ebbdd57eed270e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d1:bc:ee:3c:2a:06:9f:e4:af:49:0d:01:52:
55:f6:9c:89:d9:63:71:40:3d:d3:b3:ea:96:4f:7b:
2d:b6:bb:27:ce:fa:43:28:d8:9c:e0:ba:8b:99:b8:
bc:bc:36:83:77:c6:e6:f9:29:31:79:43:88:38:9a:
1f:ab:b7:32:f2:ac:04:01:20:62:a7:8a:bd:73:46:
f8:b5:cf:7b:d3:80:ba:42:00:9b:e9:db:e0:92:e9:
02:2c:e0:ea:cf:c4:bb:81:fe:d2:b1:7e:6c:61:49:
27:0c:c7:84:85:32:92:8c:61:a7:1c:19:30:5c:34:
73:0a:f3:5e:93:fc:12:f9:52:c3:5b:fe:77:3b:8a:
e5:7c:5a:7f:81:3d:bc:62:0c:63:20:48:fa:46:35:
09:71:85:12:a5:04:57:12:a7:fa:a7:58:44:70:79:
39:7e:c0:e1:49:bd:4f:72:a9:39:4d:c2:5d:22:f4:
28:b0:26:13:23:89:d5:9e:7e:37:11:41:30:47:47:
9c:dd:ac:7a:5b:46:06:53:23:cb:b0:05:42:c5:c3:
b7:4b:ce:4a:44:c1:02:b0:fa:83:af:82:5d:bb:ee:
07:64:14:d3:f0:77:93:3d:c5:b2:6a:16:15:24:36:
c7:f7:f6:47:b5:59:b7:75:f3:28:15:c6:3a:e7:2a:
82:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:32:BF:7B:08:EC:86:15:2E:4F:A0:44:37:EB:BD:D5:7E:ED:27:0E
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/BDK_ewjshhUuT6BEN-u91X7tJw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/22
95.82.32.0/21
109.111.32.0/20
176.221.16.0/21
Signature Algorithm: sha256WithRSAEncryption
06:84:75:3b:20:e6:2e:34:a3:16:c9:bd:ab:92:4c:ca:e1:05:
cf:a7:8d:fa:36:55:a4:a5:3b:43:1b:46:23:f3:e6:5d:7b:88:
e9:c4:47:81:a5:cf:d0:ad:9d:f8:05:00:6e:2b:0f:2d:a0:c6:
51:05:05:27:e9:f7:e0:3e:66:56:9e:ab:4b:68:c5:3b:bc:88:
18:7e:f1:79:f0:99:7d:7d:19:ec:df:d6:a5:95:88:f3:82:e3:
80:e7:61:92:ed:26:af:9b:16:bc:a8:b7:d4:7e:99:a3:6e:08:
5e:63:62:3e:25:a3:da:11:fc:2a:a3:d3:7e:22:ed:9b:46:bd:
e9:a6:30:89:d4:a8:87:9a:6b:da:fc:8c:9f:88:39:ec:34:36:
61:45:c3:dc:91:57:dd:4b:b3:29:c3:ef:de:bf:b2:b1:d9:ae:
94:44:b7:c2:8a:cb:f2:32:d1:12:4e:1c:7c:c8:71:f5:13:de:
46:b8:cb:d6:8b:76:83:e1:5b:6a:c3:04:e1:33:62:52:a2:76:
ff:ce:dd:7f:b6:e4:1e:8e:2b:03:57:ee:e2:ea:05:b1:4a:02:
6e:e6:90:6a:d2:62:fc:ca:3e:44:3f:a8:f6:c1:39:0f:b5:28:
66:9c:74:3a:37:49:f7:3d:34:32:1d:45:1d:a4:6f:91:6c:8e:
ca:c4:b9:87
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYyVfcrawz70IpX7Xe6KI3poMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMxMjIzMDcwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDMyYmY3YjA4ZWM4NjE1MmU0ZmEwNDQzN2ViYmRkNTdlZWQyNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitG87jwqBp/kr0kNAVJV9pyJ2WNx
QD3Ts+qWT3sttrsnzvpDKNic4LqLmbi8vDaDd8bm+SkxeUOIOJofq7cy8qwEASBi
p4q9c0b4tc9704C6QgCb6dvgkukCLODqz8S7gf7SsX5sYUknDMeEhTKSjGGnHBkw
XDRzCvNek/wS+VLDW/53O4rlfFp/gT28YgxjIEj6RjUJcYUSpQRXEqf6p1hEcHk5
fsDhSb1Pcqk5TcJdIvQosCYTI4nVnn43EUEwR0ec3ax6W0YGUyPLsAVCxcO3S85K
RMECsPqDr4Jdu+4HZBTT8HeTPcWyahYVJDbH9/ZHtVm3dfMoFcY65yqCIQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAQyv3sI7IYVLk+gRDfrvdV+7ScOMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvQkRLX2V3anNoaFV1VDZCRU4tdTkxWDd0Snc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJYD4AwQD
X1IgAwQEbW8gAwQDsN0QMA0GCSqGSIb3DQEBCwUAA4IBAQAGhHU7IOYuNKMWyb2r
kkzK4QXPp436NlWkpTtDG0Yj8+Zde4jpxEeBpc/QrZ34BQBuKw8toMZRBQUn6ffg
PmZWnqtLaMU7vIgYfvF58Jl9fRns39allYjzguOA52GS7Savmxa8qLfUfpmjbghe
Y2I+JaPaEfwqo9N+Iu2bRr3ppjCJ1KiHmmva/IyfiDnsNDZhRcPckVfdS7Mpw+/e
v7Kx2a6URLfCisvyMtESThx8yHH1E95GuMvWi3aD4VtqwwThM2JSonb/zt1/tuQe
jisDV+7i6gWxSgJu5pBq0mL8yj5EP6j2wTkPtShmnHQ6N0n3PTQyHUUdpG+RbI7K
xLmH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:04 2024 by rpki-client on console-fra.rpki-client.org