Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BFUIhGQPtJZ6FcVSXwFbpRT8OtU.roa
File: BFUIhGQPtJZ6FcVSXwFbpRT8OtU.roa (raw, json)
Hash identifier: nUj21uDyTTOsrmPB0fJFnK1Ubbn7GnngETNE4ML2fUw=
Subject key identifier: 04:55:08:84:64:0F:B4:96:7A:15:C5:52:5F:01:5B:A5:14:FC:3A:D5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187957062CEEF33F29A148B915DA1389BAD
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BFUIhGQPtJZ6FcVSXwFbpRT8OtU.roa
Signing time: Tue 18 Apr 2023 17:36:23 +0000
ROA not before: Tue 18 Apr 2023 17:36:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 93.114.192.0/24 maxlen: 24
193.23.130.0/24 maxlen: 24
45.156.158.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.241.214.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:95:70:62:ce:ef:33:f2:9a:14:8b:91:5d:a1:38:9b:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 18 17:36:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04550884640fb4967a15c5525f015ba514fc3ad5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:13:81:5e:65:00:d3:62:b1:51:61:eb:58:0a:
cb:a4:94:56:2d:f7:54:1f:2d:e7:16:67:d6:91:00:
98:29:4d:c6:97:2a:96:3d:a0:78:a2:2f:0a:a2:18:
38:ea:87:46:b3:17:f5:22:7a:dc:bd:03:c9:d4:c9:
3f:d2:4e:dc:b6:90:45:76:9f:5f:fd:04:25:b2:73:
6d:e4:15:5c:48:02:56:bf:8d:26:a8:2c:5e:a9:1d:
58:dc:e8:fa:66:4f:ba:b4:82:9e:9a:34:63:8f:a9:
2e:96:f3:a2:58:52:25:d3:af:75:a0:7c:04:1a:e9:
34:2d:b1:fe:a6:49:4b:0c:2f:6b:96:d7:3e:b7:ea:
bd:8b:08:73:01:b0:63:af:63:3c:95:7e:90:df:76:
c2:14:7e:ab:2d:bf:76:76:81:f2:75:66:5f:45:5c:
89:d9:12:3a:4b:a3:44:61:f5:47:b6:5f:22:3d:73:
52:20:ed:6e:0b:e5:42:e2:f2:e9:16:2f:98:88:57:
92:09:f9:72:12:c5:d4:90:c0:7f:98:4c:f8:58:a4:
14:10:ff:0a:95:6f:06:ae:87:c8:56:7c:48:fd:93:
dd:bf:d9:5d:50:00:69:14:17:2e:18:2f:b5:9e:86:
e2:45:b3:e1:3f:9d:62:17:67:fb:be:c9:f8:6b:6d:
b6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:55:08:84:64:0F:B4:96:7A:15:C5:52:5F:01:5B:A5:14:FC:3A:D5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BFUIhGQPtJZ6FcVSXwFbpRT8OtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.158.0/24
89.33.84.0/24
93.114.192.0/24
93.115.109.0/24
188.240.232.0/24
188.241.214.0/24
193.23.130.0/24
Signature Algorithm: sha256WithRSAEncryption
18:e0:91:31:3b:e1:85:9c:34:20:6f:41:3f:0f:1d:cb:4e:bc:
12:0f:a3:e1:c6:16:8a:94:97:0f:18:a0:71:7e:60:f4:f7:01:
e5:e0:35:98:18:d7:9a:fd:6b:75:4a:db:c6:55:4e:a1:85:8c:
b1:58:f0:bc:60:8d:60:8e:2b:73:9c:c5:be:6c:99:04:56:c9:
06:e4:7e:df:1c:aa:d0:19:b2:47:3b:f6:2a:1b:52:3f:d2:b8:
bd:0d:68:83:6d:a5:de:6a:d0:fd:bf:92:e3:c8:10:68:15:73:
a1:d7:eb:5a:a3:d4:e5:c4:0c:bd:b0:e0:47:08:68:35:a0:4b:
49:f9:4b:ac:5c:67:6e:75:12:d4:4e:e8:74:23:ea:b6:12:a8:
94:de:38:d5:8a:5f:b2:e7:a3:fd:b4:c1:63:3b:3b:bd:42:20:
eb:7b:e0:05:b0:d8:11:d6:4a:f2:09:db:76:78:55:cc:72:d4:
39:bd:a8:a4:f6:b7:c5:f9:60:8a:23:ca:84:8a:a8:27:0a:f3:
d9:40:e7:6b:a2:4b:54:0f:a7:b2:ba:2b:a4:09:41:2d:65:71:
56:f1:48:33:01:bf:53:49:85:b5:6a:7c:b5:93:c7:89:be:4b:
06:97:48:d8:00:5e:63:40:af:b6:e7:62:7b:44:73:ee:8f:16:
b8:94:c8:46
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYeVcGLO7zPymhSLkV2hOJutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDE4MTczNjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDU1MDg4NDY0MGZiNDk2N2ExNWM1NTI1ZjAxNWJhNTE0ZmMzYWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hOBXmUA02KxUWHrWArLpJRWLfdU
Hy3nFmfWkQCYKU3GlyqWPaB4oi8Kohg46odGsxf1InrcvQPJ1Mk/0k7ctpBFdp9f
/QQlsnNt5BVcSAJWv40mqCxeqR1Y3Oj6Zk+6tIKemjRjj6kulvOiWFIl0691oHwE
Guk0LbH+pklLDC9rltc+t+q9iwhzAbBjr2M8lX6Q33bCFH6rLb92doHydWZfRVyJ
2RI6S6NEYfVHtl8iPXNSIO1uC+VC4vLpFi+YiFeSCflyEsXUkMB/mEz4WKQUEP8K
lW8GrofIVnxI/ZPdv9ldUABpFBcuGC+1nobiRbPhP51iF2f7vsn4a222wwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFARVCIRkD7SWehXFUl8BW6UU/DrVMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQkZVSWhHUVB0Slo2RmNWU1h3RmJwUlQ4T3RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZyeAwQA
WSFUAwQAXXLAAwQAXXNtAwQAvPDoAwQAvPHWAwQAwReCMA0GCSqGSIb3DQEBCwUA
A4IBAQAY4JExO+GFnDQgb0E/Dx3LTrwSD6PhxhaKlJcPGKBxfmD09wHl4DWYGNea
/Wt1StvGVU6hhYyxWPC8YI1gjitznMW+bJkEVskG5H7fHKrQGbJHO/YqG1I/0ri9
DWiDbaXeatD9v5LjyBBoFXOh1+tao9TlxAy9sOBHCGg1oEtJ+UusXGdudRLUTuh0
I+q2EqiU3jjVil+y56P9tMFjOzu9QiDre+AFsNgR1kryCdt2eFXMctQ5vaik9rfF
+WCKI8qEiqgnCvPZQOdroktUD6eyuiukCUEtZXFW8UgzAb9TSYW1any1k8eJvksG
l0jYAF5jQK+252J7RHPujxa4lMhG
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:57 2023 by rpki-client on console-fra.rpki-client.org