Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BXS5iH-hopYGqYIB9MJGuNRYCC8.roa
File: BXS5iH-hopYGqYIB9MJGuNRYCC8.roa (raw, json)
Hash identifier: 107YYPPo9R7T23b6aLuPmtRJelCEiWam24RCJGoU+/I=
Subject key identifier: 05:74:B9:88:7F:A1:A2:96:06:A9:82:01:F4:C2:46:B8:D4:58:08:2F
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018AD135520857FC346410592DF10B1AA2F2
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BXS5iH-hopYGqYIB9MJGuNRYCC8.roa
Signing time: Tue 26 Sep 2023 11:17:27 +0000
ROA not before: Tue 26 Sep 2023 11:17:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 193.19.192.0/24 maxlen: 24
193.19.192.0/22 maxlen: 24
93.113.176.0/24 maxlen: 24
93.113.180.0/24 maxlen: 24
93.113.182.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
93.113.183.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.141.0/24 maxlen: 24
89.43.140.0/22 maxlen: 22
89.43.140.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.43.142.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
89.34.228.0/24 maxlen: 24
89.34.230.0/23 maxlen: 23
89.34.230.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d1:35:52:08:57:fc:34:64:10:59:2d:f1:0b:1a:a2:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Sep 26 11:17:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0574b9887fa1a29606a98201f4c246b8d458082f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:40:26:f1:9a:8c:84:b9:f2:e6:6f:61:63:bf:
87:ad:d8:b4:98:c0:b3:bc:ea:82:8b:2b:b8:78:7b:
6d:c1:07:78:3b:78:a5:83:5d:d7:b0:9b:fd:28:cc:
f3:e9:05:46:27:b2:82:6e:78:d9:a6:48:54:2a:b8:
c3:a7:51:02:c8:a7:3a:e4:22:02:fe:ef:23:cf:15:
f5:ba:f0:04:6e:e6:fb:f3:44:c2:7d:1c:57:72:c3:
76:6e:19:53:36:4c:fa:a0:74:c3:d1:7c:e8:49:14:
96:0a:22:03:c0:58:4e:38:26:67:5b:be:08:57:51:
78:6e:d3:0e:85:8b:d6:a0:9e:99:85:ec:c0:85:36:
f8:e5:e1:7c:32:30:d8:32:53:12:8f:d3:b6:59:5c:
5f:35:aa:92:ef:37:87:82:90:1a:35:92:be:2a:ab:
74:75:e8:3f:4a:fa:64:7a:5e:76:30:6f:96:4a:1a:
10:5b:d0:ad:7f:7d:d9:80:f7:57:aa:e7:49:13:6d:
63:5a:8d:f0:9b:93:63:9d:a1:e8:e6:bf:39:4b:6c:
e0:55:74:d9:08:82:10:8c:69:7e:6f:4e:87:3c:f8:
f6:39:1b:22:f8:8b:9b:2c:cf:46:55:cd:94:90:15:
a7:82:33:50:f9:da:45:8a:09:41:e2:f3:69:8c:1b:
dd:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:74:B9:88:7F:A1:A2:96:06:A9:82:01:F4:C2:46:B8:D4:58:08:2F
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BXS5iH-hopYGqYIB9MJGuNRYCC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.34.228.0/24
89.34.230.0/23
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.43.140.0/22
89.45.164.0/24
89.46.3.0/24
89.47.96.0/19
93.113.176.0/24
93.113.180.0/22
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
16:3d:b7:4d:68:78:5a:e7:6f:78:dd:8c:71:d0:6c:3a:b3:b1:
f7:2b:d8:b8:bc:b1:88:0e:19:77:b5:ea:11:99:18:76:e2:07:
40:1a:ca:02:9b:a2:2c:76:63:a7:6b:55:78:49:6d:fd:9f:f8:
ff:5f:d5:c4:f8:75:77:90:0d:45:b6:02:c4:00:24:dd:b0:a7:
53:cd:91:f3:8f:3d:eb:a4:95:ad:48:53:79:c3:12:3e:05:26:
3c:01:f8:ee:55:14:33:87:07:fc:3b:8f:9b:49:11:ff:24:b2:
63:eb:0a:e9:3a:4b:b6:dd:70:c7:b8:8f:03:41:bb:0b:a1:c7:
41:a6:08:28:00:3a:be:5a:78:9b:c9:9c:07:c9:df:12:f4:3a:
d1:65:7d:03:b8:06:7b:2f:ac:c4:dd:df:da:f6:26:c3:bb:f8:
c5:03:1c:ec:89:1b:ee:1a:7b:59:79:b5:e0:0f:fb:ba:72:76:
8e:70:0b:29:17:56:c0:35:09:2a:a1:06:0e:44:7c:10:73:51:
c6:61:bb:22:54:8b:62:85:d2:3e:67:4c:cc:9c:de:28:74:8d:
a2:e9:f0:8e:8f:f0:da:d5:ca:44:9c:a7:16:d5:a5:bb:3e:81:
93:75:e8:17:0b:3e:8d:99:39:ff:2f:d4:f1:62:b2:94:dd:13:
f2:0b:d6:20
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYrRNVIIV/w0ZBBZLfELGqLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwOTI2MTExNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTc0Yjk4ODdmYTFhMjk2MDZhOTgyMDFmNGMyNDZiOGQ0NTgwODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkAm8ZqMhLny5m9hY7+Hrdi0mMCz
vOqCiyu4eHttwQd4O3ilg13XsJv9KMzz6QVGJ7KCbnjZpkhUKrjDp1ECyKc65CIC
/u8jzxX1uvAEbub780TCfRxXcsN2bhlTNkz6oHTD0XzoSRSWCiIDwFhOOCZnW74I
V1F4btMOhYvWoJ6ZhezAhTb45eF8MjDYMlMSj9O2WVxfNaqS7zeHgpAaNZK+Kqt0
deg/Svpkel52MG+WShoQW9Ctf33ZgPdXqudJE21jWo3wm5NjnaHo5r85S2zgVXTZ
CIIQjGl+b06HPPj2ORsi+IubLM9GVc2UkBWngjNQ+dpFiglB4vNpjBvdPQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFAV0uYh/oaKWBqmCAfTCRrjUWAgvMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvQlhTNWlILWhvcFlHcVlJQjlNSkd1TlJZQ0M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAFkiGwME
AFki5AMEAVki5gMEAFkjngMEAFknbwMEAFkoQwMEAlkrjAMEAFktpAMEAFkuAwME
BVkvYAMEAF1xsAMEAl1xtAMEAF1xzAMEAF1yTwMEAF1ywgMEAsETwAMEAcMcAjAN
BAIAAjAHAwUAIAFNGDANBgkqhkiG9w0BAQsFAAOCAQEAFj23TWh4WudveN2McdBs
OrOx9yvYuLyxiA4Zd7XqEZkYduIHQBrKApuiLHZjp2tVeElt/Z/4/1/VxPh1d5AN
RbYCxAAk3bCnU82R848966SVrUhTecMSPgUmPAH47lUUM4cH/DuPm0kR/ySyY+sK
6TpLtt1wx7iPA0G7C6HHQaYIKAA6vlp4m8mcB8nfEvQ60WV9A7gGey+sxN3f2vYm
w7v4xQMc7Ikb7hp7WXm14A/7unJ2jnALKRdWwDUJKqEGDkR8EHNRxmG7IlSLYoXS
PmdMzJzeKHSNounwjo/w2tXKRJynFtWluz6Bk3XoFws+jZk5/y/U8WKylN0T8gvW
IA==
-----END CERTIFICATE-----
Generated at Wed Sep 27 14:25:15 2023 by rpki-client on console-fra.rpki-client.org