Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/BJKfZln-hfO6IJshbC9rcUWVwZU.roa
File: BJKfZln-hfO6IJshbC9rcUWVwZU.roa (raw, json)
Hash identifier: gpu8N8w+dDox98b+WbhogRBqQz9OGXhoXvvdnKoX9wY=
Subject key identifier: 04:92:9F:66:59:FE:85:F3:BA:20:9B:21:6C:2F:6B:71:45:95:C1:95
Certificate issuer: /CN=4f2112cbf6dcc8dd3444e4eced284457310f70d2
Certificate serial: 018CFD1EA7B11DA3D4301D4F8F0BFD4B0F5C
Authority key identifier: 4F:21:12:CB:F6:DC:C8:DD:34:44:E4:EC:ED:28:44:57:31:0F:70:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TyESy_bcyN00ROTs7ShEVzEPcNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/BJKfZln-hfO6IJshbC9rcUWVwZU.roa
Signing time: Fri 12 Jan 2024 10:01:33 +0000
ROA not before: Fri 12 Jan 2024 10:01:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205975
IP address blocks: 212.46.58.0/24 maxlen: 24
176.10.0.0/23 maxlen: 23
176.10.0.0/20 maxlen: 20
80.79.48.0/20 maxlen: 20
80.79.48.0/23 maxlen: 23
147.189.155.0/24 maxlen: 24
2a12:f40::/29 maxlen: 29
2a12:f40::/31 maxlen: 31
2a12:f42::/31 maxlen: 31
Validation: Failed, certificate revoked on Tue 16 Apr 2024 09:39:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fd:1e:a7:b1:1d:a3:d4:30:1d:4f:8f:0b:fd:4b:0f:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f2112cbf6dcc8dd3444e4eced284457310f70d2
Validity
Not Before: Jan 12 10:01:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04929f6659fe85f3ba209b216c2f6b714595c195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a9:d7:fe:f2:d8:8e:47:c7:8f:10:ac:de:19:
5b:9e:a5:85:7c:cb:26:0d:0b:f6:9e:3f:a9:b5:d5:
2b:da:c1:88:fc:d9:b8:cd:0a:44:6c:03:98:a6:69:
d7:52:f9:9b:e1:ba:09:f4:8f:1e:a6:bb:47:c9:6c:
11:6a:d0:72:32:d4:47:3a:c9:ec:8e:39:6e:71:79:
26:01:56:47:54:f5:95:23:a6:e8:c7:58:f3:da:3c:
c3:f1:12:fd:9f:6f:27:e5:bc:1e:b3:be:30:e0:c9:
ce:64:85:72:4e:b5:08:e6:1c:5b:cf:12:2b:aa:40:
54:fe:87:f8:27:ab:50:9d:d4:be:3b:c0:7e:8c:ee:
a0:df:95:68:2d:2b:60:c9:4c:44:1e:2e:da:f0:f8:
15:c6:0d:49:09:43:34:07:08:2a:9c:c5:e5:23:7f:
cb:d7:26:ac:71:b4:f1:e7:5d:0e:1a:cc:ef:ae:8f:
8a:40:ed:bd:14:18:b6:ca:a4:7c:cd:19:3d:08:1c:
95:5f:9a:94:af:21:a3:2d:b6:14:e9:ef:83:58:72:
d9:4a:60:f3:d0:94:76:73:26:85:a1:08:39:54:45:
19:07:67:2d:ff:68:56:87:ac:b8:76:22:e3:e6:67:
76:fd:d7:44:4d:34:69:91:6d:dd:58:d0:43:63:22:
71:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:92:9F:66:59:FE:85:F3:BA:20:9B:21:6C:2F:6B:71:45:95:C1:95
X509v3 Authority Key Identifier:
keyid:4F:21:12:CB:F6:DC:C8:DD:34:44:E4:EC:ED:28:44:57:31:0F:70:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TyESy_bcyN00ROTs7ShEVzEPcNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/BJKfZln-hfO6IJshbC9rcUWVwZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/e080b6-4e09-42d8-b91c-b2798c1a0327/1/TyESy_bcyN00ROTs7ShEVzEPcNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.79.48.0/20
147.189.155.0/24
176.10.0.0/20
212.46.58.0/24
IPv6:
2a12:f40::/29
Signature Algorithm: sha256WithRSAEncryption
5d:4d:51:ad:b0:43:05:90:61:4e:e0:d1:be:da:c0:84:69:ae:
bf:4c:88:35:72:52:59:b9:b0:ad:e2:41:95:25:d8:91:20:ce:
1c:e4:99:e9:e1:2d:66:1c:af:d5:7f:ce:d6:31:3b:40:f0:53:
45:22:24:73:5f:38:c8:91:50:09:2d:7f:16:ca:ef:70:86:99:
19:4d:14:42:70:b0:a0:38:42:ad:41:ba:2c:0b:c4:a0:2d:cf:
69:0a:9a:9c:22:6f:a6:46:5c:e3:da:78:19:e9:d8:29:b4:98:
b9:7c:b2:7a:ab:36:6a:08:b0:e8:eb:fc:44:5c:88:29:86:58:
d4:8b:8e:7b:9a:bf:1c:24:5e:f2:8f:8e:a5:cd:51:34:1b:30:
4e:6a:b3:18:3c:18:b0:82:f5:6d:2e:d8:57:14:9a:d3:3c:8e:
b9:4c:fb:82:2f:c5:5d:90:85:be:d9:16:30:6c:43:df:ec:09:
16:2b:56:1f:c2:f8:14:05:e4:9b:d3:19:3a:d1:96:73:8f:78:
10:59:2e:a5:02:48:92:93:a3:8f:28:25:32:a4:7e:80:76:e2:
26:fa:7e:25:5b:a1:98:fb:a2:59:07:21:41:e9:6e:1a:8b:d3:
b7:e1:26:d8:a3:6b:f8:50:fd:c1:7f:d6:23:f8:85:63:5c:0d:
aa:b9:fc:49
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYz9HqexHaPUMB1Pjwv9Sw9cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMjExMmNiZjZkY2M4ZGQzNDQ0ZTRlY2VkMjg0NDU3MzEw
ZjcwZDIwHhcNMjQwMTEyMTAwMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDkyOWY2NjU5ZmU4NWYzYmEyMDliMjE2YzJmNmI3MTQ1OTVjMTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKnX/vLYjkfHjxCs3hlbnqWFfMsm
DQv2nj+ptdUr2sGI/Nm4zQpEbAOYpmnXUvmb4boJ9I8eprtHyWwRatByMtRHOsns
jjlucXkmAVZHVPWVI6box1jz2jzD8RL9n28n5bwes74w4MnOZIVyTrUI5hxbzxIr
qkBU/of4J6tQndS+O8B+jO6g35VoLStgyUxEHi7a8PgVxg1JCUM0BwgqnMXlI3/L
1yascbTx510OGszvro+KQO29FBi2yqR8zRk9CByVX5qUryGjLbYU6e+DWHLZSmDz
0JR2cyaFoQg5VEUZB2ct/2hWh6y4diLj5md2/ddETTRpkW3dWNBDYyJxfQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFASSn2ZZ/oXzuiCbIWwva3FFlcGVMB8GA1UdIwQY
MBaAFE8hEsv23MjdNETk7O0oRFcxD3DSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHlFU3lfYmN5TjAwUk9UczdTaEVWekVQY05JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9lMDgwYjYtNGUwOS00MmQ4LWI5MWMt
YjI3OThjMWEwMzI3LzEvQkpLZlpsbi1oZk82SUpzaGJDOXJjVVdWd1pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9lMDgwYjYtNGUwOS00MmQ4LWI5MWMtYjI3OThjMWEwMzI3
LzEvVHlFU3lfYmN5TjAwUk9UczdTaEVWekVQY05JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUE8wAwQA
k72bAwQEsAoAAwQA1C46MA0EAgACMAcDBQMqEg9AMA0GCSqGSIb3DQEBCwUAA4IB
AQBdTVGtsEMFkGFO4NG+2sCEaa6/TIg1clJZubCt4kGVJdiRIM4c5Jnp4S1mHK/V
f87WMTtA8FNFIiRzXzjIkVAJLX8Wyu9whpkZTRRCcLCgOEKtQbosC8SgLc9pCpqc
Im+mRlzj2ngZ6dgptJi5fLJ6qzZqCLDo6/xEXIgphljUi457mr8cJF7yj46lzVE0
GzBOarMYPBiwgvVtLthXFJrTPI65TPuCL8VdkIW+2RYwbEPf7AkWK1YfwvgUBeSb
0xk60ZZzj3gQWS6lAkiSk6OPKCUypH6AduIm+n4lW6GY+6JZByFB6W4ai9O34SbY
o2v4UP3Bf9Yj+IVjXA2qufxJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:39 2024 by rpki-client on console-fra.rpki-client.org