Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/BFvlRSPt1c1uEyM3l6zq5FfddvQ.roa
File: BFvlRSPt1c1uEyM3l6zq5FfddvQ.roa (raw, json)
Hash identifier: sVVaEY8GgZNvkApsyL+haSM36RdpKTTeVimVUlijZ/M=
Subject key identifier: 04:5B:E5:45:23:ED:D5:CD:6E:13:23:37:97:AC:EA:E4:57:DD:76:F4
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 0188FD88B477EBCD47F14632E1D9BDBA0977
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/BFvlRSPt1c1uEyM3l6zq5FfddvQ.roa
Signing time: Tue 27 Jun 2023 15:46:14 +0000
ROA not before: Tue 27 Jun 2023 15:46:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 85.153.47.0/24 maxlen: 24
85.153.57.0/24 maxlen: 24
85.153.76.0/22 maxlen: 22
85.153.112.0/24 maxlen: 24
85.153.116.0/24 maxlen: 24
85.153.117.0/24 maxlen: 24
85.153.114.0/24 maxlen: 24
85.153.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Aug 2023 13:30:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fd:88:b4:77:eb:cd:47:f1:46:32:e1:d9:bd:ba:09:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Jun 27 15:46:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=045be54523edd5cd6e13233797aceae457dd76f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:67:24:a9:58:23:5f:47:e1:f7:7a:e9:d9:e2:
6c:86:e0:a9:a2:48:d4:16:8e:80:ae:48:34:83:50:
c1:2b:4a:99:f8:c4:ba:23:ca:59:83:0d:3c:d8:8c:
3f:a2:13:fc:4e:30:e0:d7:80:2a:93:7c:bd:7a:4e:
42:d6:0d:75:91:d7:f8:73:fe:fa:ea:70:8f:dd:74:
9a:a0:77:dd:6a:6d:6a:18:2b:54:19:a5:2a:00:41:
84:7b:63:69:c2:fb:46:3a:2b:0b:db:00:c9:b7:97:
44:bc:e1:6b:dd:7e:25:4f:46:aa:91:3e:84:81:45:
aa:ec:4a:48:bf:54:b7:78:e0:95:65:29:36:43:f2:
a9:36:50:1d:63:7c:b0:84:fe:80:02:03:36:10:c8:
6b:f4:ad:83:6d:5b:74:63:51:65:56:ec:63:6c:f7:
cb:7d:a0:26:4b:2a:59:06:4b:df:e2:d8:34:9d:8e:
c7:be:ab:39:c0:ec:ca:df:5e:34:3e:e5:7a:0f:53:
33:ba:20:93:ca:53:34:43:63:b1:b5:19:19:67:01:
76:c0:b2:cd:af:e5:0d:0e:4e:7e:54:f2:4f:b0:fa:
d0:9e:f5:e6:b6:5a:0c:ca:52:76:9f:53:e8:65:47:
37:92:71:22:4d:a4:d1:13:bb:9d:1e:c0:05:b0:86:
c2:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:5B:E5:45:23:ED:D5:CD:6E:13:23:37:97:AC:EA:E4:57:DD:76:F4
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/BFvlRSPt1c1uEyM3l6zq5FfddvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.47.0/24
85.153.57.0/24
85.153.76.0/22
85.153.112.0/24
85.153.114.0-85.153.117.255
Signature Algorithm: sha256WithRSAEncryption
0b:9d:56:b3:34:d0:70:8a:a4:01:d1:8a:99:20:fa:b4:8b:8c:
c3:c7:1f:40:7b:4f:05:e1:07:f3:7f:d6:98:d5:8d:b9:98:42:
d2:5c:1e:ef:4b:22:5c:a0:ca:d2:52:96:8b:53:4e:5b:29:7b:
30:3c:bb:2f:06:d3:09:4c:2e:64:8f:56:9d:2c:ca:55:cf:ce:
04:fc:a8:56:93:27:8e:a4:a5:09:0f:21:ad:7e:f4:3d:81:5d:
29:74:9c:47:3a:eb:e3:4b:52:8b:79:c9:45:27:df:54:fa:6b:
40:f5:b8:87:05:df:6e:b9:ef:8c:fa:28:eb:f2:21:5c:fa:7e:
6b:97:58:14:8c:45:3d:4e:04:20:a8:d2:d2:da:e2:c7:2d:70:
cb:f7:5d:89:c1:dd:08:ef:1b:82:4a:3d:51:93:2b:ec:a6:91:
39:ed:95:63:9a:a8:af:7b:4c:f5:c1:41:2e:7a:4f:80:e9:3d:
32:f7:1c:26:d0:89:49:2f:fc:98:96:39:c4:71:cb:46:17:20:
e4:86:a7:73:fc:1d:ac:1e:e2:a3:a5:5d:e0:36:5d:6a:09:85:
4d:2f:73:84:5e:00:99:63:0b:53:8c:af:49:21:23:53:35:a1:
79:61:57:97:ca:c8:ab:29:a6:14:2a:bf:36:9d:17:39:38:ed:
2f:66:92:62
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYj9iLR3681H8UYy4dm9ugl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjMwNjI3MTU0NjE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDViZTU0NTIzZWRkNWNkNmUxMzIzMzc5N2FjZWFlNDU3ZGQ3NmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWckqVgjX0fh93rp2eJshuCpokjU
Fo6Arkg0g1DBK0qZ+MS6I8pZgw082Iw/ohP8TjDg14Aqk3y9ek5C1g11kdf4c/76
6nCP3XSaoHfdam1qGCtUGaUqAEGEe2NpwvtGOisL2wDJt5dEvOFr3X4lT0aqkT6E
gUWq7EpIv1S3eOCVZSk2Q/KpNlAdY3ywhP6AAgM2EMhr9K2DbVt0Y1FlVuxjbPfL
faAmSypZBkvf4tg0nY7Hvqs5wOzK3140PuV6D1MzuiCTylM0Q2OxtRkZZwF2wLLN
r+UNDk5+VPJPsPrQnvXmtloMylJ2n1PoZUc3knEiTaTRE7udHsAFsIbCZwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFARb5UUj7dXNbhMjN5es6uRX3Xb0MB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvQkZ2bFJTUHQxYzF1RXlNM2w2enE1RmZkZHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAVZkvAwQA
VZk5AwQCVZlMAwQAVZlwMAwDBAFVmXIDBAFVmXQwDQYJKoZIhvcNAQELBQADggEB
AAudVrM00HCKpAHRipkg+rSLjMPHH0B7TwXhB/N/1pjVjbmYQtJcHu9LIlygytJS
lotTTlspezA8uy8G0wlMLmSPVp0sylXPzgT8qFaTJ46kpQkPIa1+9D2BXSl0nEc6
6+NLUot5yUUn31T6a0D1uIcF326574z6KOvyIVz6fmuXWBSMRT1OBCCo0tLa4sct
cMv3XYnB3QjvG4JKPVGTK+ymkTntlWOaqK97TPXBQS56T4DpPTL3HCbQiUkv/JiW
OcRxy0YXIOSGp3P8Hawe4qOlXeA2XWoJhU0vc4ReAJljC1OMr0khI1M1oXlhV5fK
yKspphQqvzadFzk47S9mkmI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:40 2024 by rpki-client on console-ams.rpki-client.org