Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/BfqAlEMKAcapkM4QjOjLhUTRbi4.roa
File: BfqAlEMKAcapkM4QjOjLhUTRbi4.roa (raw, json)
Hash identifier: 6pBQfV2F45XDgwXRIm/kdjkYDTUT5Bbke6qlAyos0rI=
Subject key identifier: 05:FA:80:94:43:0A:01:C6:A9:90:CE:10:8C:E8:CB:85:44:D1:6E:2E
Certificate issuer: /CN=954a2aee086174b01272fae779ad431eb092aeb7
Certificate serial: 018CAD73D4627AEF26D27D0BFDF8A5061642
Authority key identifier: 95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/BfqAlEMKAcapkM4QjOjLhUTRbi4.roa
Signing time: Wed 27 Dec 2023 22:44:58 +0000
ROA not before: Wed 27 Dec 2023 22:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29141
IP address blocks: 37.247.112.0/24 maxlen: 24
37.247.118.0/24 maxlen: 24
37.247.113.0/24 maxlen: 24
37.247.115.0/24 maxlen: 24
37.247.114.0/24 maxlen: 24
2a03:402::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ad:73:d4:62:7a:ef:26:d2:7d:0b:fd:f8:a5:06:16:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=954a2aee086174b01272fae779ad431eb092aeb7
Validity
Not Before: Dec 27 22:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05fa8094430a01c6a990ce108ce8cb8544d16e2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:54:70:5e:a0:45:1e:58:f4:72:de:89:95:13:
f1:d1:2d:03:dd:aa:59:d2:f3:5a:80:f2:d0:95:d1:
a5:4e:3c:18:b8:ac:b8:5c:96:52:f9:d6:04:ee:f2:
19:6c:dd:a5:cf:02:aa:42:c7:be:1d:1a:3d:8a:f0:
af:ad:40:1e:57:b0:1e:58:98:c2:66:77:22:47:e0:
00:25:d9:43:31:19:78:12:3b:67:06:0f:e7:c4:8f:
32:2c:ad:d8:08:5b:51:d3:d7:43:bf:c0:06:8e:5c:
a6:c1:45:df:c6:77:cc:15:a7:d2:44:fb:8c:9a:14:
ce:d5:00:e3:83:5c:cd:4d:90:6b:71:74:ef:f7:35:
49:ef:2e:fc:86:6c:0d:64:3d:44:f5:86:00:10:a8:
af:ce:3d:04:05:cf:92:8a:91:69:09:67:98:ba:8e:
d7:3d:53:86:a6:7e:44:8f:56:1b:55:0a:fc:e8:f3:
c1:b4:b0:e4:4b:27:72:0e:56:20:55:66:e0:fd:c2:
22:3c:06:06:e2:9b:60:b6:83:03:1d:58:df:65:d3:
9a:39:c3:65:3d:d4:76:6d:28:ef:aa:35:5c:5d:2f:
d9:3a:77:75:ee:1e:ef:de:98:7b:c6:17:26:22:f4:
9d:67:54:42:01:51:4b:07:6a:3d:c3:91:9b:52:29:
ef:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:FA:80:94:43:0A:01:C6:A9:90:CE:10:8C:E8:CB:85:44:D1:6E:2E
X509v3 Authority Key Identifier:
keyid:95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/BfqAlEMKAcapkM4QjOjLhUTRbi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.247.112.0/22
37.247.118.0/24
IPv6:
2a03:402::/32
Signature Algorithm: sha256WithRSAEncryption
77:6d:4a:1e:4c:42:16:cd:82:a5:c3:e5:cc:54:38:3c:95:19:
e4:d5:48:51:37:19:e5:b8:d5:19:29:81:6e:c7:a9:f6:a2:35:
2a:f3:d2:32:66:5e:bf:c4:9e:52:09:2a:e1:d0:62:2c:9e:0c:
32:d1:9d:85:e4:69:e2:2c:e1:99:de:a9:da:01:18:a7:e3:d4:
0d:14:f1:bf:1a:8a:dd:d4:3c:a2:ed:85:01:fd:4d:fe:9d:df:
ae:81:1b:4d:2d:d3:a3:71:66:15:95:fc:c6:5d:7e:1e:2e:94:
9b:be:85:94:e1:b7:33:5d:2f:40:37:06:a8:a7:1f:dc:f2:ba:
b4:4a:a1:23:2a:dc:c7:6d:6b:73:18:90:92:f5:8b:9c:cf:73:
51:7f:05:35:b4:ad:60:cc:1f:dd:8c:b1:c9:9a:db:99:d0:62:
33:58:64:ed:2b:21:8a:b8:49:f6:b0:88:cc:86:14:c5:f7:57:
e5:ff:4d:5c:f4:d3:8c:1f:4c:ab:0a:b6:09:1f:ed:42:eb:94:
04:4b:fd:0c:5f:54:13:bb:a0:20:d1:f1:46:ed:28:a3:98:18:
4a:a7:f6:1a:4c:2a:f8:99:c6:1e:d3:46:56:f3:da:14:12:93:
d3:0b:cd:d0:6f:07:12:06:b3:0f:93:89:1a:0b:a4:6f:8b:5c:
31:86:d3:b4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYytc9Rieu8m0n0L/filBhZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGEyYWVlMDg2MTc0YjAxMjcyZmFlNzc5YWQ0MzFlYjA5
MmFlYjcwHhcNMjMxMjI3MjI0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWZhODA5NDQzMGEwMWM2YTk5MGNlMTA4Y2U4Y2I4NTQ0ZDE2ZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVRwXqBFHlj0ct6JlRPx0S0D3apZ
0vNagPLQldGlTjwYuKy4XJZS+dYE7vIZbN2lzwKqQse+HRo9ivCvrUAeV7AeWJjC
ZnciR+AAJdlDMRl4EjtnBg/nxI8yLK3YCFtR09dDv8AGjlymwUXfxnfMFafSRPuM
mhTO1QDjg1zNTZBrcXTv9zVJ7y78hmwNZD1E9YYAEKivzj0EBc+SipFpCWeYuo7X
PVOGpn5Ej1YbVQr86PPBtLDkSydyDlYgVWbg/cIiPAYG4ptgtoMDHVjfZdOaOcNl
PdR2bSjvqjVcXS/ZOnd17h7v3ph7xhcmIvSdZ1RCAVFLB2o9w5GbUinvTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAX6gJRDCgHGqZDOEIzoy4VE0W4uMB8GA1UdIwQY
MBaAFJVKKu4IYXSwEnL653mtQx6wkq63MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEt
NDU2NWYwNGY4ZDg1LzEvQmZxQWxFTUtBY2Fwa000UWpPakxoVVRSYmk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEtNDU2NWYwNGY4ZDg1
LzEvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCJfdwAwQA
Jfd2MA0EAgACMAcDBQAqAwQCMA0GCSqGSIb3DQEBCwUAA4IBAQB3bUoeTEIWzYKl
w+XMVDg8lRnk1UhRNxnluNUZKYFux6n2ojUq89IyZl6/xJ5SCSrh0GIsngwy0Z2F
5GniLOGZ3qnaARin49QNFPG/Gord1Dyi7YUB/U3+nd+ugRtNLdOjcWYVlfzGXX4e
LpSbvoWU4bczXS9ANwaopx/c8rq0SqEjKtzHbWtzGJCS9Yucz3NRfwU1tK1gzB/d
jLHJmtuZ0GIzWGTtKyGKuEn2sIjMhhTF91fl/01c9NOMH0yrCrYJH+1C65QES/0M
X1QTu6Ag0fFG7SijmBhKp/YaTCr4mcYe00ZW89oUEpPTC83QbwcSBrMPk4kaC6Rv
i1wxhtO0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:18 2024 by rpki-client on console-ams.rpki-client.org