Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BnHHeOegB5KfXzHrA77GdURkaMI.roa
File: BnHHeOegB5KfXzHrA77GdURkaMI.roa (raw, json)
Hash identifier: ZQzZtzezdX91QdhFw/ePh4AKHP1XjvFIiPxtZFoctzY=
Subject key identifier: 06:71:C7:78:E7:A0:07:92:9F:5F:31:EB:03:BE:C6:75:44:64:68:C2
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01888B38C12D3D6E5DA88B04199473AC85DE
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BnHHeOegB5KfXzHrA77GdURkaMI.roa
Signing time: Mon 05 Jun 2023 11:02:12 +0000
ROA not before: Mon 05 Jun 2023 11:02:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 193.23.130.0/24 maxlen: 24
45.156.158.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8b:38:c1:2d:3d:6e:5d:a8:8b:04:19:94:73:ac:85:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 5 11:02:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0671c778e7a007929f5f31eb03bec675446468c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:e3:ef:5e:0e:c1:e2:3a:1e:e4:12:49:cb:02:
1b:07:20:25:9d:33:15:af:c6:c0:3b:c2:f1:fd:e4:
84:5c:05:db:a1:fb:35:93:0a:9d:36:f9:54:a1:cf:
f4:96:a5:a8:19:3a:6b:55:e2:83:a1:2f:59:e4:34:
27:65:35:f6:91:2c:9f:d7:d3:bf:29:87:8f:3c:23:
fc:c2:13:6e:4e:3b:08:e9:9b:bd:3c:e0:fd:35:2e:
8e:e7:b3:e8:0d:97:c5:a4:99:23:cc:28:21:bd:3e:
a8:98:1f:b7:42:89:13:19:df:14:4b:31:96:1c:93:
f9:5b:fd:df:4f:17:50:ae:1b:74:08:d3:3e:33:97:
7e:c0:4a:99:22:39:57:ec:d1:83:e0:29:fb:62:b5:
15:0a:a5:e5:7b:0a:c3:b2:23:11:9a:95:eb:5d:7a:
0e:d4:7a:6e:17:51:69:df:1e:09:8b:e5:2f:bc:e8:
f9:b8:2e:98:ff:01:80:db:3c:63:ef:57:98:da:6f:
8f:fc:54:cc:87:88:cf:4d:a4:d8:70:de:17:a3:f1:
57:cf:c0:b6:14:ff:58:ac:32:47:96:ef:14:10:73:
c9:09:fa:5f:79:b7:bc:cd:be:a3:e5:c9:fb:2f:62:
3a:88:45:f3:4c:20:af:bb:fa:32:bc:44:e5:42:50:
a2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:71:C7:78:E7:A0:07:92:9F:5F:31:EB:03:BE:C6:75:44:64:68:C2
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BnHHeOegB5KfXzHrA77GdURkaMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.158.0/24
89.33.84.0/24
93.115.109.0/24
188.240.232.0/24
193.23.130.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:f8:09:dd:2e:1f:bd:76:af:11:91:e0:58:2c:71:f4:43:c8:
ad:ac:fc:cb:5a:4c:ba:f0:54:56:b6:d8:4f:da:87:25:bb:5b:
97:3a:87:0d:5f:4b:67:92:78:5c:d6:dc:1d:79:c3:e1:64:f1:
67:ec:5a:61:f5:98:13:81:d0:aa:88:bc:8a:01:08:f3:e0:63:
77:0d:3f:eb:f5:d0:7c:81:34:83:5c:1f:d1:0e:4e:01:1f:e2:
12:db:c6:a1:31:de:ac:b4:42:53:8c:95:96:b7:82:9f:92:61:
57:43:f8:76:0b:c2:c4:2f:cc:a4:ac:00:c0:05:d0:43:43:86:
0d:35:ec:39:fc:26:5e:62:1e:2f:f9:5b:fa:b1:3f:33:47:4d:
3a:f3:de:b6:1f:fe:ad:9f:16:0c:e6:14:11:49:f8:bf:2f:da:
af:89:15:d0:a6:fe:a6:95:95:d2:3d:50:97:05:83:fd:5e:b7:
13:27:39:f2:15:1c:7b:e4:d6:c6:a3:a0:36:66:a2:75:1a:5e:
e9:99:6a:0c:a7:dd:99:28:18:51:96:a9:01:09:64:66:39:82:
a4:e9:8e:ec:a5:d9:31:f1:90:10:bc:15:6d:ba:d5:55:52:89:
53:62:9e:56:8e:25:c1:57:17:c5:d1:a5:db:45:0d:b2:db:ae:
c3:74:a5:96
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYiLOMEtPW5dqIsEGZRzrIXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjA1MTEwMjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjcxYzc3OGU3YTAwNzkyOWY1ZjMxZWIwM2JlYzY3NTQ0NjQ2OGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9uPvXg7B4joe5BJJywIbByAlnTMV
r8bAO8Lx/eSEXAXbofs1kwqdNvlUoc/0lqWoGTprVeKDoS9Z5DQnZTX2kSyf19O/
KYePPCP8whNuTjsI6Zu9POD9NS6O57PoDZfFpJkjzCghvT6omB+3QokTGd8USzGW
HJP5W/3fTxdQrht0CNM+M5d+wEqZIjlX7NGD4Cn7YrUVCqXlewrDsiMRmpXrXXoO
1HpuF1Fp3x4Ji+UvvOj5uC6Y/wGA2zxj71eY2m+P/FTMh4jPTaTYcN4Xo/FXz8C2
FP9YrDJHlu8UEHPJCfpfebe8zb6j5cn7L2I6iEXzTCCvu/oyvETlQlCihQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAZxx3jnoAeSn18x6wO+xnVEZGjCMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQm5ISGVPZWdCNUtmWHpIckE3N0dkVVJrYU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZyeAwQA
WSFUAwQAXXNtAwQAvPDoAwQAwReCMA0GCSqGSIb3DQEBCwUAA4IBAQAN+AndLh+9
dq8RkeBYLHH0Q8itrPzLWky68FRWtthP2oclu1uXOocNX0tnknhc1twdecPhZPFn
7Fph9ZgTgdCqiLyKAQjz4GN3DT/r9dB8gTSDXB/RDk4BH+IS28ahMd6stEJTjJWW
t4KfkmFXQ/h2C8LEL8ykrADABdBDQ4YNNew5/CZeYh4v+Vv6sT8zR0068962H/6t
nxYM5hQRSfi/L9qviRXQpv6mlZXSPVCXBYP9XrcTJznyFRx75NbGo6A2ZqJ1Gl7p
mWoMp92ZKBhRlqkBCWRmOYKk6Y7spdkx8ZAQvBVtutVVUolTYp5WjiXBVxfF0aXb
RQ2y267DdKWW
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:53 2023 by rpki-client on console-ams.rpki-client.org