Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BVFSMg7e0c4mUTSdIVRqdYgrFOA.roa
File: BVFSMg7e0c4mUTSdIVRqdYgrFOA.roa (raw, json)
Hash identifier: 02PdZmVb4jLZJtel2yZajfteBprNpUAYw8y3jRlC2wo=
Subject key identifier: 05:51:52:32:0E:DE:D1:CE:26:51:34:9D:21:54:6A:75:88:2B:14:E0
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D28A404BD3A6D2527899D57B790AA69AC
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BVFSMg7e0c4mUTSdIVRqdYgrFOA.roa
Signing time: Sat 20 Jan 2024 20:50:54 +0000
ROA not before: Sat 20 Jan 2024 20:50:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 89.34.224.0/23 maxlen: 24
89.34.228.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.42.81.0/24 maxlen: 24
89.42.86.0/24 maxlen: 24
89.42.95.0/24 maxlen: 24
89.43.140.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
89.47.127.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 16:21:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:28:a4:04:bd:3a:6d:25:27:89:9d:57:b7:90:aa:69:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 20 20:50:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=055152320eded1ce2651349d21546a75882b14e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:62:1f:f2:ce:9a:34:76:3b:ad:ce:30:11:a8:
86:38:e5:1a:ed:ca:4c:59:0e:6e:f4:8c:c2:28:7f:
a4:9a:fb:b1:26:e8:0f:ca:fa:ac:a7:36:0a:fb:8f:
7d:0c:5e:8a:a6:39:12:6a:0f:8e:c6:07:08:33:97:
ac:85:68:ef:a9:da:04:c9:dd:12:1c:86:f4:ab:0e:
b5:82:b7:9a:c3:e3:66:9b:a0:5c:1b:d6:c7:05:0b:
3c:52:3c:a5:06:99:e6:16:54:77:58:a5:87:01:78:
ff:f3:bf:64:38:c5:51:99:05:df:18:ea:9e:f7:5f:
b3:91:4c:54:c4:16:2a:f0:e0:61:ee:56:cd:85:96:
78:ce:a7:c4:1c:41:14:ca:8f:66:22:32:87:11:d8:
ba:66:5f:52:5a:ec:9e:4e:ad:56:b6:d0:28:b1:51:
be:43:f8:30:b1:f2:9d:74:c6:92:58:55:9f:71:df:
d2:e2:07:f0:34:d3:27:42:dc:df:d9:0a:b3:23:fe:
08:db:61:a3:b4:8d:ab:f7:ee:66:8c:f1:bf:95:12:
4d:bb:28:79:f7:eb:b4:60:9d:4e:45:dc:10:65:e5:
be:c6:6d:06:a6:93:36:a1:e3:14:9f:1b:20:bd:fa:
31:77:81:e4:8b:11:5f:bf:90:da:4a:a6:3f:af:c5:
4a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:51:52:32:0E:DE:D1:CE:26:51:34:9D:21:54:6A:75:88:2B:14:E0
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BVFSMg7e0c4mUTSdIVRqdYgrFOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
89.34.228.0/24
89.34.231.0/24
89.42.81.0/24
89.42.86.0/24
89.42.95.0/24
89.43.140.0/24
89.43.143.0/24
89.47.125.0/24
89.47.127.0/24
93.113.181.0/24
Signature Algorithm: sha256WithRSAEncryption
69:ce:3d:91:cc:99:3b:74:bb:99:0b:73:11:97:8a:8c:19:66:
3e:7c:b0:00:e1:be:6a:4f:9a:c1:0d:37:6b:b0:29:98:ac:76:
d0:0e:f0:1c:aa:f1:78:27:a3:6a:03:1f:4f:b5:4f:3d:d0:5b:
38:24:55:aa:a6:cd:99:4d:10:84:38:98:46:35:eb:87:5f:01:
7b:3e:22:ca:ab:52:12:43:3c:64:46:48:ea:76:d2:eb:92:c3:
75:89:66:3f:f8:a1:73:6e:d6:f8:c5:df:1a:f5:9c:be:ce:6e:
af:e4:05:67:94:36:4f:18:3f:40:35:62:4b:33:33:fa:2b:4c:
c2:64:87:f7:1d:c4:35:d4:e0:f8:49:f4:ed:19:e9:72:7f:0d:
20:6d:c2:5f:35:cd:38:bd:57:78:39:51:e9:0d:f7:c2:28:42:
12:a9:f0:78:b5:3d:79:2d:1a:35:22:23:67:cb:ce:55:fe:ca:
39:f2:99:04:d9:58:f2:1f:7d:1e:8a:25:1a:f7:df:40:3c:59:
ab:6d:ac:84:bf:7e:e9:54:b5:2e:9b:59:13:dc:e2:3a:76:f6:
f1:ca:58:d0:70:13:de:16:f5:e6:d6:12:e7:5d:ca:15:5f:53:
a9:9c:44:4f:91:07:dd:dd:a3:cc:fc:57:f7:3d:46:14:bc:f0:
16:63:9a:c8
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY0opAS9Om0lJ4mdV7eQqmmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTIwMjA1MDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTUxNTIzMjBlZGVkMWNlMjY1MTM0OWQyMTU0NmE3NTg4MmIxNGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2If8s6aNHY7rc4wEaiGOOUa7cpM
WQ5u9IzCKH+kmvuxJugPyvqspzYK+499DF6KpjkSag+OxgcIM5eshWjvqdoEyd0S
HIb0qw61greaw+Nmm6BcG9bHBQs8UjylBpnmFlR3WKWHAXj/879kOMVRmQXfGOqe
91+zkUxUxBYq8OBh7lbNhZZ4zqfEHEEUyo9mIjKHEdi6Zl9SWuyeTq1WttAosVG+
Q/gwsfKddMaSWFWfcd/S4gfwNNMnQtzf2QqzI/4I22GjtI2r9+5mjPG/lRJNuyh5
9+u0YJ1ORdwQZeW+xm0GppM2oeMUnxsgvfoxd4HkixFfv5DaSqY/r8VKgwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFAVRUjIO3tHOJlE0nSFUanWIKxTgMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvQlZGU01nN2UwYzRtVVRTZElWUnFkWWdyRk9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBWSLgAwQA
WSLkAwQAWSLnAwQAWSpRAwQAWSpWAwQAWSpfAwQAWSuMAwQAWSuPAwQAWS99AwQA
WS9/AwQAXXG1MA0GCSqGSIb3DQEBCwUAA4IBAQBpzj2RzJk7dLuZC3MRl4qMGWY+
fLAA4b5qT5rBDTdrsCmYrHbQDvAcqvF4J6NqAx9PtU890Fs4JFWqps2ZTRCEOJhG
NeuHXwF7PiLKq1ISQzxkRkjqdtLrksN1iWY/+KFzbtb4xd8a9Zy+zm6v5AVnlDZP
GD9ANWJLMzP6K0zCZIf3HcQ11OD4SfTtGelyfw0gbcJfNc04vVd4OVHpDffCKEIS
qfB4tT15LRo1IiNny85V/so58pkE2VjyH30eiiUa999APFmrbayEv37pVLUum1kT
3OI6dvbxyljQcBPeFvXm1hLnXcoVX1OpnERPkQfd3aPM/Ff3PUYUvPAWY5rI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:18 2024 by rpki-client on console-fra.rpki-client.org