Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/BbgtokllNjKtpBknoIPALJUEHT4.roa
File: BbgtokllNjKtpBknoIPALJUEHT4.roa (raw, json)
Hash identifier: G2peuZ4wmujLyxFd2AnsQHAS5f+YnBakV8kgzPxDJGI=
Subject key identifier: 05:B8:2D:A2:49:65:36:32:AD:A4:19:27:A0:83:C0:2C:95:04:1D:3E
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 018DF8F9FA9776E4770D6CDA1B9C0CA47B9C
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/BbgtokllNjKtpBknoIPALJUEHT4.roa
Signing time: Fri 01 Mar 2024 07:45:48 +0000
ROA not before: Fri 01 Mar 2024 07:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25144
IP address blocks: 31.223.128.0/19 maxlen: 19
31.223.128.0/21 maxlen: 21
31.223.136.0/21 maxlen: 21
31.223.144.0/21 maxlen: 21
31.223.152.0/21 maxlen: 21
46.239.0.0/18 maxlen: 18
62.101.144.0/20 maxlen: 20
81.93.64.0/19 maxlen: 19
81.93.66.0/24 maxlen: 24
81.93.67.0/24 maxlen: 24
81.93.69.0/24 maxlen: 24
81.93.73.0/24 maxlen: 24
81.93.84.0/24 maxlen: 24
81.93.86.0/24 maxlen: 24
81.93.91.0/24 maxlen: 24
81.93.92.0/24 maxlen: 24
89.111.192.0/18 maxlen: 18
89.111.192.0/19 maxlen: 19
89.111.192.0/24 maxlen: 24
89.111.200.0/24 maxlen: 24
89.111.224.0/19 maxlen: 19
89.111.225.0/24 maxlen: 24
89.111.226.0/24 maxlen: 24
89.111.227.0/24 maxlen: 24
89.111.231.0/24 maxlen: 24
89.111.235.0/24 maxlen: 24
89.111.236.0/24 maxlen: 24
89.111.240.0/24 maxlen: 24
89.111.244.0/22 maxlen: 22
89.111.246.0/24 maxlen: 24
89.111.248.0/22 maxlen: 22
94.250.0.0/18 maxlen: 18
94.250.64.0/18 maxlen: 18
109.165.128.0/17 maxlen: 17
185.35.156.0/22 maxlen: 22
217.24.128.0/20 maxlen: 20
2a00:cb00::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 01 Mar 2024 07:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f8:f9:fa:97:76:e4:77:0d:6c:da:1b:9c:0c:a4:7b:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Mar 1 07:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05b82da249653632ada41927a083c02c95041d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:05:3b:27:f8:39:17:85:92:a0:b8:56:6f:ab:
65:c0:05:ce:6d:61:c0:c9:2a:75:f0:df:45:5e:a7:
4b:3d:bc:3e:dc:09:90:41:98:99:ac:4f:29:8c:b0:
c5:85:c5:8c:96:05:08:40:81:50:24:37:73:59:01:
39:ae:98:ab:af:39:61:ea:e9:ef:22:76:03:97:99:
78:3e:4d:d0:6c:b5:83:1a:d4:e7:d2:ad:83:ba:30:
27:38:fd:b6:e0:b8:5f:c0:6d:02:9c:b0:f4:94:0e:
6f:d8:b3:81:5a:ee:d9:d7:16:03:c2:2c:2d:07:f6:
e9:5a:d1:23:45:fc:27:ad:9b:a4:ff:8d:93:8f:b9:
d4:a5:fe:13:2d:d2:9c:05:e3:76:5e:6a:64:ad:2e:
74:ad:30:d7:65:84:68:25:e1:88:e9:ed:cc:db:d5:
7f:93:0b:41:50:38:ae:2b:a8:b0:61:90:73:37:3e:
75:e6:05:35:1b:47:fe:34:30:39:4d:b9:e5:69:f5:
73:76:af:02:04:dc:2b:58:b2:2f:c8:46:e6:94:46:
30:7f:64:bd:b9:e1:ef:01:25:8a:46:61:42:e7:5e:
bd:b3:34:f3:4f:8f:21:37:4e:fc:6b:87:5d:31:b8:
56:b9:09:f7:62:7b:b0:a8:0a:08:02:00:23:f7:3f:
57:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:B8:2D:A2:49:65:36:32:AD:A4:19:27:A0:83:C0:2C:95:04:1D:3E
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/BbgtokllNjKtpBknoIPALJUEHT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.128.0/19
46.239.0.0/18
62.101.144.0/20
81.93.64.0/19
89.111.192.0/18
94.250.0.0/17
109.165.128.0/17
185.35.156.0/22
217.24.128.0/20
IPv6:
2a00:cb00::/32
Signature Algorithm: sha256WithRSAEncryption
21:ed:b3:69:31:27:0f:7a:98:1a:51:e8:e4:54:31:61:98:dc:
ba:bf:fa:e8:d9:50:5f:b9:ca:64:90:ed:6e:e2:38:59:05:e0:
e8:de:b5:65:9e:26:55:4e:31:ff:47:df:3c:7f:25:17:69:ee:
24:19:d2:8f:48:de:6a:4b:10:61:41:0c:24:75:4d:48:42:49:
19:82:46:ae:6a:ba:b1:50:30:90:c6:f1:93:66:03:75:91:15:
de:29:81:dd:39:3a:aa:c8:63:5b:8e:71:30:82:86:79:91:d8:
09:57:e9:55:a1:e7:5e:64:f6:3f:2b:8c:10:7e:74:ba:8b:97:
86:c0:4f:51:55:61:6b:af:3e:1f:c9:86:a6:5f:f9:a0:8d:8d:
88:42:8a:29:41:80:3d:b3:88:4b:5b:50:a7:d6:f0:02:82:51:
38:f2:e4:69:21:97:98:21:38:d7:07:ef:1d:85:5e:25:41:28:
cf:8f:59:02:7a:84:20:4f:74:9f:14:ab:6f:2e:77:f0:09:81:
98:6f:ce:a5:a3:a2:d2:4c:e9:7e:50:24:56:9d:f9:ea:ae:42:
df:6a:64:c9:b3:46:7f:1c:02:67:8e:27:92:0e:0a:9f:10:3c:
3b:3d:ce:89:5c:76:03:39:e8:5a:0b:37:02:f3:b1:a5:7a:7f:
06:89:6d:ae
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAY34+fqXduR3DWzaG5wMpHucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjQwMzAxMDc0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWI4MmRhMjQ5NjUzNjMyYWRhNDE5MjdhMDgzYzAyYzk1MDQxZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwU7J/g5F4WSoLhWb6tlwAXObWHA
ySp18N9FXqdLPbw+3AmQQZiZrE8pjLDFhcWMlgUIQIFQJDdzWQE5rpirrzlh6unv
InYDl5l4Pk3QbLWDGtTn0q2DujAnOP224LhfwG0CnLD0lA5v2LOBWu7Z1xYDwiwt
B/bpWtEjRfwnrZuk/42Tj7nUpf4TLdKcBeN2XmpkrS50rTDXZYRoJeGI6e3M29V/
kwtBUDiuK6iwYZBzNz515gU1G0f+NDA5TbnlafVzdq8CBNwrWLIvyEbmlEYwf2S9
ueHvASWKRmFC5169szTzT48hN078a4ddMbhWuQn3YnuwqAoIAgAj9z9XxQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFAW4LaJJZTYyraQZJ6CDwCyVBB0+MB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvQmJndG9rbGxOakt0cEJrbm9JUEFMSlVFSFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQFH9+AAwQG
Lu8AAwQEPmWQAwQFUV1AAwQGWW/AAwQHXvoAAwQHbaWAAwQCuSOcAwQE2RiAMA0E
AgACMAcDBQAqAMsAMA0GCSqGSIb3DQEBCwUAA4IBAQAh7bNpMScPepgaUejkVDFh
mNy6v/ro2VBfucpkkO1u4jhZBeDo3rVlniZVTjH/R988fyUXae4kGdKPSN5qSxBh
QQwkdU1IQkkZgkauarqxUDCQxvGTZgN1kRXeKYHdOTqqyGNbjnEwgoZ5kdgJV+lV
oedeZPY/K4wQfnS6i5eGwE9RVWFrrz4fyYamX/mgjY2IQoopQYA9s4hLW1Cn1vAC
glE48uRpIZeYITjXB+8dhV4lQSjPj1kCeoQgT3SfFKtvLnfwCYGYb86lo6LSTOl+
UCRWnfnqrkLfamTJs0Z/HAJnjieSDgqfEDw7Pc6JXHYDOehaCzcC87Glen8GiW2u
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:28 2024 by rpki-client on console-ams.rpki-client.org