Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/BND7z-3wzaAOD_EIukP3xvHJTDk.roa
File: BND7z-3wzaAOD_EIukP3xvHJTDk.roa (raw, json)
Hash identifier: l1ovC8V26oasYlfHY88IDqYQByhsbtDpaXx0yOpnkFs=
Subject key identifier: 04:D0:FB:CF:ED:F0:CD:A0:0E:0F:F1:08:BA:43:F7:C6:F1:C9:4C:39
Certificate issuer: /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial: 0190E94227074C0245E27D5D56179A950225
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/BND7z-3wzaAOD_EIukP3xvHJTDk.roa
Signing time: Thu 25 Jul 2024 09:39:04 +0000
ROA not before: Thu 25 Jul 2024 09:39:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215235
IP address blocks: 46.31.68.0/24 maxlen: 24
193.56.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 09:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e9:42:27:07:4c:02:45:e2:7d:5d:56:17:9a:95:02:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
Validity
Not Before: Jul 25 09:39:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04d0fbcfedf0cda00e0ff108ba43f7c6f1c94c39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3b:2f:72:b6:e6:5b:c7:a8:ba:9e:64:c1:b4:
4f:30:32:bc:c3:61:5c:21:44:e7:ee:b6:ec:81:68:
cb:10:e8:9f:36:c1:da:bb:ce:fe:73:fb:6d:67:4e:
c1:37:37:ed:f6:4c:71:6e:c9:db:9d:e8:31:c0:26:
59:17:84:ba:74:ea:de:d2:3b:eb:5d:3d:f4:c3:86:
55:fa:1b:98:36:cc:37:6a:b4:83:44:09:31:cf:2e:
e8:8e:1a:63:ea:9f:96:ab:1e:64:cc:18:28:61:f1:
ca:73:0d:2d:8c:7b:de:9a:c5:2e:48:67:fa:81:83:
29:24:36:7d:f5:a4:41:c4:3f:34:1a:f5:69:73:3b:
e7:e6:da:25:c5:ed:53:f0:37:08:4b:23:5d:dc:a9:
64:48:bb:c7:89:03:e3:4d:19:d7:6c:70:34:4e:4e:
b2:79:03:01:13:6b:7b:1a:5c:4b:4d:b4:b3:3a:4b:
ee:50:eb:ad:8f:1b:8e:9e:43:a8:d0:9f:b2:6c:54:
d4:72:10:99:a5:7f:5a:0c:b8:a5:ed:7a:a7:80:2b:
8c:35:46:5b:1f:83:9b:44:99:8a:a7:68:f2:54:e3:
47:11:cd:42:a1:30:11:b9:d1:ff:83:b2:1c:f1:4b:
e4:47:5a:5a:27:33:22:e1:18:9e:33:ee:fe:66:ff:
c1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:D0:FB:CF:ED:F0:CD:A0:0E:0F:F1:08:BA:43:F7:C6:F1:C9:4C:39
X509v3 Authority Key Identifier:
keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/BND7z-3wzaAOD_EIukP3xvHJTDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.68.0/24
193.56.3.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:8b:69:7d:a3:52:2d:ec:c2:9d:a8:92:e5:b8:fe:1b:d1:cb:
64:1a:67:cf:61:3c:91:3e:55:df:4a:35:0e:cf:fb:3c:9b:05:
aa:3e:1a:86:da:4e:0f:92:2a:7f:5d:ae:71:e9:a3:f1:09:f1:
b9:30:5c:bc:57:0a:20:46:6c:21:1c:4e:0e:e2:47:d6:d4:c7:
ee:41:87:ff:99:2c:ad:49:6c:ab:f1:96:13:a0:0a:42:5e:d5:
88:07:b4:e7:a0:ac:79:41:76:ce:14:35:64:46:49:90:8f:c1:
61:c3:21:98:1a:ad:a3:ac:88:93:73:35:1f:22:df:88:eb:68:
0c:76:51:33:8e:3e:94:76:04:a1:0b:5c:7e:cd:dd:b0:b1:49:
e5:d9:75:df:2b:8a:44:2b:76:ce:65:40:d3:1f:e9:6c:43:40:
31:d4:f9:b3:97:f2:1e:bc:76:4e:a2:0f:c8:54:fc:b1:a4:7e:
8e:ff:8c:d9:f4:fb:b6:f0:99:fd:46:67:41:77:3c:ac:ee:8e:
68:92:76:fa:5e:47:06:50:7e:30:70:f7:68:f6:cc:5f:60:23:
96:1a:9b:63:17:68:c9:39:dd:c9:1c:6f:34:e4:f0:e5:d4:19:
60:97:1f:13:45:02:db:22:36:3f:3e:f6:8b:a2:73:a5:6e:9d:
ef:75:f4:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZDpQicHTAJF4n1dVhealQIlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjQwNzI1MDkzOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGQwZmJjZmVkZjBjZGEwMGUwZmYxMDhiYTQzZjdjNmYxYzk0YzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5TsvcrbmW8eoup5kwbRPMDK8w2Fc
IUTn7rbsgWjLEOifNsHau87+c/ttZ07BNzft9kxxbsnbnegxwCZZF4S6dOre0jvr
XT30w4ZV+huYNsw3arSDRAkxzy7ojhpj6p+Wqx5kzBgoYfHKcw0tjHvemsUuSGf6
gYMpJDZ99aRBxD80GvVpczvn5tolxe1T8DcISyNd3KlkSLvHiQPjTRnXbHA0Tk6y
eQMBE2t7GlxLTbSzOkvuUOutjxuOnkOo0J+ybFTUchCZpX9aDLil7XqngCuMNUZb
H4ObRJmKp2jyVONHEc1CoTARudH/g7Ic8UvkR1paJzMi4RieM+7+Zv/B7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFATQ+8/t8M2gDg/xCLpD98bxyUw5MB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvQk5EN3otM3d6YUFPRF9FSXVrUDN4dkhKVERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALh9EAwQA
wTgDMA0GCSqGSIb3DQEBCwUAA4IBAQAei2l9o1It7MKdqJLluP4b0ctkGmfPYTyR
PlXfSjUOz/s8mwWqPhqG2k4Pkip/Xa5x6aPxCfG5MFy8VwogRmwhHE4O4kfW1Mfu
QYf/mSytSWyr8ZYToApCXtWIB7TnoKx5QXbOFDVkRkmQj8FhwyGYGq2jrIiTczUf
It+I62gMdlEzjj6UdgShC1x+zd2wsUnl2XXfK4pEK3bOZUDTH+lsQ0Ax1Pmzl/Ie
vHZOog/IVPyxpH6O/4zZ9Pu28Jn9RmdBdzys7o5oknb6XkcGUH4wcPdo9sxfYCOW
GptjF2jJOd3JHG805PDl1Blglx8TRQLbIjY/PvaLonOlbp3vdfRq
-----END CERTIFICATE-----
Generated at Mon Aug 26 13:14:58 2024 by rpki-client on console-ams.rpki-client.org