Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e80231-53b8-4225-8523-947de3868cd5/1/BSQznB9rja91rAZyFeux6rsxJmw.roa
File: BSQznB9rja91rAZyFeux6rsxJmw.roa (raw, json)
Hash identifier: bnRvHhaFWZFkGjf5z2DXd54D6bKpRF1XMf6uiDEQAGQ=
Subject key identifier: 05:24:33:9C:1F:6B:8D:AF:75:AC:06:72:15:EB:B1:EA:BB:31:26:6C
Certificate issuer: /CN=d78ac174e852b71c31163ec1d8649fff6b07ba79
Certificate serial: 01856D0A9D7D740A05DF841F75DB10431B8D
Authority key identifier: D7:8A:C1:74:E8:52:B7:1C:31:16:3E:C1:D8:64:9F:FF:6B:07:BA:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/14rBdOhStxwxFj7B2GSf_2sHunk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e80231-53b8-4225-8523-947de3868cd5/1/BSQznB9rja91rAZyFeux6rsxJmw.roa
Signing time: Sun 01 Jan 2023 11:14:50 +0000
ROA not before: Sun 01 Jan 2023 11:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31263
IP address blocks: 195.182.242.0/23 maxlen: 23
195.182.241.0/24 maxlen: 24
195.182.240.0/20 maxlen: 20
195.182.244.0/22 maxlen: 22
195.182.248.0/21 maxlen: 21
88.214.44.0/22 maxlen: 22
195.182.226.0/24 maxlen: 24
195.182.225.0/24 maxlen: 24
195.182.229.0/24 maxlen: 24
195.182.228.0/24 maxlen: 24
195.182.227.0/24 maxlen: 24
195.182.232.0/21 maxlen: 21
195.182.231.0/24 maxlen: 24
195.182.230.0/24 maxlen: 24
195.182.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:9d:7d:74:0a:05:df:84:1f:75:db:10:43:1b:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d78ac174e852b71c31163ec1d8649fff6b07ba79
Validity
Not Before: Jan 1 11:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0524339c1f6b8daf75ac067215ebb1eabb31266c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:59:ab:33:4a:42:ea:6b:a1:ea:b3:01:e1:b4:
5f:d8:23:e0:ad:b7:ba:5a:1e:a9:72:d5:41:0e:14:
b7:8a:a7:d3:89:d9:7c:7e:18:4b:64:3a:5f:d1:c7:
f2:c0:c3:c5:e2:72:9e:21:b2:be:39:35:fa:cc:32:
60:9b:3b:13:68:f6:67:27:a4:be:11:16:e7:6e:dc:
a1:56:e0:36:8b:6a:a2:23:70:54:63:f4:fe:a2:37:
48:9a:dd:63:6d:f4:46:c8:db:22:76:c7:a8:0f:77:
10:36:fb:2b:be:46:2d:18:57:f8:1f:fd:b4:04:9a:
02:73:91:bc:4a:7e:de:76:42:90:2f:5f:35:30:0e:
aa:b0:d7:71:4f:d8:67:77:dd:df:94:7b:d4:ab:01:
42:a7:0c:ac:dd:31:64:5f:14:7c:4f:67:07:d5:54:
67:c9:21:16:eb:55:2f:45:bb:ef:14:17:27:3c:8d:
1a:60:c5:fe:e9:9d:21:af:2f:76:e6:41:e6:c4:b5:
b1:40:9a:d0:ff:bf:a2:8e:ca:10:f1:4c:53:82:a4:
e2:39:7b:87:b1:c0:33:4f:7f:9e:04:0a:90:aa:82:
e8:69:51:7a:48:2b:84:14:2f:de:4c:6e:f4:45:07:
83:26:c3:2c:f6:70:2f:f5:e1:b0:37:05:ae:a5:be:
47:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:24:33:9C:1F:6B:8D:AF:75:AC:06:72:15:EB:B1:EA:BB:31:26:6C
X509v3 Authority Key Identifier:
keyid:D7:8A:C1:74:E8:52:B7:1C:31:16:3E:C1:D8:64:9F:FF:6B:07:BA:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/14rBdOhStxwxFj7B2GSf_2sHunk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e80231-53b8-4225-8523-947de3868cd5/1/BSQznB9rja91rAZyFeux6rsxJmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e80231-53b8-4225-8523-947de3868cd5/1/14rBdOhStxwxFj7B2GSf_2sHunk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.44.0/22
195.182.225.0-195.182.255.255
Signature Algorithm: sha256WithRSAEncryption
94:0a:b5:bb:e1:e2:9c:35:b8:f6:94:55:0d:fa:f8:f8:9f:78:
5e:f8:8e:4c:c9:bf:8f:ea:8a:e7:e8:c2:8c:b5:55:19:42:40:
8e:87:43:0a:e6:62:ed:58:5d:00:f2:16:ff:f2:0d:f7:80:d8:
00:8f:33:dd:1a:38:68:8d:18:fb:16:b5:8d:05:2d:a1:0a:5d:
b2:4b:fc:6e:05:a0:72:a1:eb:a7:1e:32:17:52:d0:65:6e:06:
20:8e:0f:53:bc:3b:27:e6:b1:45:49:b1:f6:21:eb:09:a1:fd:
df:d8:65:90:99:72:ca:a6:23:c5:82:9c:50:2b:93:60:1e:fe:
ff:93:06:ce:a9:c2:1b:7c:aa:4b:39:85:06:30:df:fc:0d:de:
94:c4:3a:0b:ad:ba:35:41:b7:cc:5c:95:86:d4:be:e8:7f:9f:
a0:3f:45:f7:ac:4b:43:64:1e:46:b2:4f:5d:c6:6a:4e:ea:82:
cb:4b:05:8f:cf:00:dc:14:45:65:46:b9:f8:af:45:7c:57:17:
75:13:a1:40:d1:fc:af:74:b2:06:f7:99:cd:2d:56:c0:43:00:
df:b4:0c:f5:4e:66:81:e5:cc:75:bd:f9:a6:23:57:1c:aa:94:
4a:32:7d:fc:e6:aa:fa:17:49:a8:9c:90:33:87:d2:3f:62:79:
7f:8d:81:82
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVtCp19dAoF34QfddsQQxuNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OGFjMTc0ZTg1MmI3MWMzMTE2M2VjMWQ4NjQ5ZmZmNmIw
N2JhNzkwHhcNMjMwMTAxMTExNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTI0MzM5YzFmNmI4ZGFmNzVhYzA2NzIxNWViYjFlYWJiMzEyNjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlmrM0pC6muh6rMB4bRf2CPgrbe6
Wh6pctVBDhS3iqfTidl8fhhLZDpf0cfywMPF4nKeIbK+OTX6zDJgmzsTaPZnJ6S+
ERbnbtyhVuA2i2qiI3BUY/T+ojdImt1jbfRGyNsidseoD3cQNvsrvkYtGFf4H/20
BJoCc5G8Sn7edkKQL181MA6qsNdxT9hnd93flHvUqwFCpwys3TFkXxR8T2cH1VRn
ySEW61UvRbvvFBcnPI0aYMX+6Z0hry925kHmxLWxQJrQ/7+ijsoQ8UxTgqTiOXuH
scAzT3+eBAqQqoLoaVF6SCuEFC/eTG70RQeDJsMs9nAv9eGwNwWupb5HMwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAUkM5wfa42vdawGchXrseq7MSZsMB8GA1UdIwQY
MBaAFNeKwXToUrccMRY+wdhkn/9rB7p5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTRyQmRPaFN0eHd4Rmo3QjJHU2ZfMnNIdW5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lODAyMzEtNTNiOC00MjI1LTg1MjMt
OTQ3ZGUzODY4Y2Q1LzEvQlNRem5COXJqYTkxckFaeUZldXg2cnN4Sm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lODAyMzEtNTNiOC00MjI1LTg1MjMtOTQ3ZGUzODY4Y2Q1
LzEvMTRyQmRPaFN0eHd4Rmo3QjJHU2ZfMnNIdW5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwQCWNYsMAsD
BADDtuEDAwDDtjANBgkqhkiG9w0BAQsFAAOCAQEAlAq1u+HinDW49pRVDfr4+J94
XviOTMm/j+qK5+jCjLVVGUJAjodDCuZi7VhdAPIW//IN94DYAI8z3Ro4aI0Y+xa1
jQUtoQpdskv8bgWgcqHrpx4yF1LQZW4GII4PU7w7J+axRUmx9iHrCaH939hlkJly
yqYjxYKcUCuTYB7+/5MGzqnCG3yqSzmFBjDf/A3elMQ6C626NUG3zFyVhtS+6H+f
oD9F96xLQ2QeRrJPXcZqTuqCy0sFj88A3BRFZUa5+K9FfFcXdROhQNH8r3SyBveZ
zS1WwEMA37QM9U5mgeXMdb35piNXHKqUSjJ9/Oaq+hdJqJyQM4fSP2J5f42Bgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:35 2024 by rpki-client on console-fra.rpki-client.org