Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/bwaOgH0M0GS0nvzD66e3uyCK738.roa
File: bwaOgH0M0GS0nvzD66e3uyCK738.roa (raw, json)
Hash identifier: KiOlRl3/3xPIm2aVGsoRWztyZ9kz7gTPqZhtflqopKg=
Subject key identifier: 6F:06:8E:80:7D:0C:D0:64:B4:9E:FC:C3:EB:A7:B7:BB:20:8A:EF:7F
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 0185730397F633A77C8CAFAF18E3CAD08485
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/bwaOgH0M0GS0nvzD66e3uyCK738.roa
Signing time: Mon 02 Jan 2023 15:04:53 +0000
ROA not before: Mon 02 Jan 2023 15:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31122
IP address blocks: 78.137.128.0/18 maxlen: 18
185.242.236.0/23 maxlen: 23
92.51.192.0/18 maxlen: 18
84.203.0.0/16 maxlen: 16
185.53.32.0/24 maxlen: 24
185.53.35.0/24 maxlen: 24
83.147.128.0/18 maxlen: 18
89.234.64.0/18 maxlen: 18
176.52.216.0/22 maxlen: 22
46.183.104.0/23 maxlen: 23
212.126.32.0/19 maxlen: 19
176.52.220.0/23 maxlen: 23
212.126.60.0/22 maxlen: 22
80.93.16.0/20 maxlen: 20
92.51.208.0/20 maxlen: 20
217.78.0.0/20 maxlen: 20
2a02:220::/32 maxlen: 32
2a01:258::/32 maxlen: 32
2001:1bb8::/32 maxlen: 32
2a00:15b8:400::/40 maxlen: 40
2a00:15b8::/32 maxlen: 32
2a01:8aa0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 30 Mar 2023 05:14:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:03:97:f6:33:a7:7c:8c:af:af:18:e3:ca:d0:84:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Jan 2 15:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f068e807d0cd064b49efcc3eba7b7bb208aef7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:6f:53:77:b2:83:4b:db:fb:13:42:10:4f:c5:
bb:11:94:eb:24:86:da:89:a6:13:4b:a0:cb:c8:82:
43:b3:5a:02:bd:84:83:62:e9:dd:cb:af:dc:4d:a2:
51:e1:a7:de:ef:c7:b4:43:c5:2d:43:2c:50:49:37:
bf:ed:58:f4:55:1e:39:aa:7d:70:81:04:ac:06:9d:
c1:59:12:23:91:5b:7c:1b:49:29:33:ff:37:69:ed:
ab:77:c0:40:a6:a9:c3:2f:62:15:53:45:e5:26:a0:
a0:95:07:e8:f5:54:46:7b:a1:5c:bf:77:7d:10:72:
bd:33:0d:7a:5d:16:55:74:6e:92:9d:b3:1d:11:6f:
03:1f:26:55:cf:ea:97:cb:ad:28:bb:e8:d5:d7:71:
1c:c3:e4:bd:ee:93:7f:c4:b7:07:fc:69:3e:d3:b6:
ae:79:c7:c1:8b:7e:b1:f0:8b:e7:c7:d0:c6:59:58:
eb:6b:30:6e:f3:d6:61:08:5a:3b:26:99:90:74:91:
60:f0:d0:06:3e:36:30:63:4e:2c:ce:0f:22:ac:54:
57:97:62:9e:4f:e3:84:00:e4:58:44:95:88:46:f9:
de:cb:ad:a0:73:b4:9c:ba:65:e0:fb:35:43:ff:03:
d6:db:39:16:31:4e:d0:40:d9:1b:73:8b:61:ef:a1:
d6:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:06:8E:80:7D:0C:D0:64:B4:9E:FC:C3:EB:A7:B7:BB:20:8A:EF:7F
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/bwaOgH0M0GS0nvzD66e3uyCK738.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.104.0/23
78.137.128.0/18
80.93.16.0/20
83.147.128.0/18
84.203.0.0/16
89.234.64.0/18
92.51.192.0/18
176.52.216.0-176.52.221.255
185.53.32.0/24
185.53.35.0/24
185.242.236.0/23
212.126.32.0/19
217.78.0.0/20
IPv6:
2001:1bb8::/32
2a00:15b8::/32
2a01:258::/32
2a01:8aa0::/32
2a02:220::/32
Signature Algorithm: sha256WithRSAEncryption
86:a8:e2:95:11:c9:27:9f:12:ce:c7:6f:a2:4e:27:18:46:27:
51:1e:9c:5e:8e:18:23:8f:46:ea:88:a5:e3:fa:af:a6:41:3a:
0d:de:2d:83:4c:d0:da:e3:f9:03:29:96:00:e6:fc:4e:b0:eb:
e4:8c:5f:d5:22:29:40:1e:12:aa:0d:81:db:48:58:6a:2a:df:
b2:14:48:2f:be:a8:42:c4:e1:3b:df:66:a7:39:6b:6e:17:e4:
b0:17:4b:9e:16:09:fb:71:0c:37:f2:23:1e:cb:ba:80:28:35:
74:c1:df:f2:0b:da:ac:2e:42:7b:0c:52:c1:3e:fd:4a:b7:a1:
7c:04:37:a1:fd:41:b5:e6:0b:53:6f:ef:e7:76:63:9b:89:8a:
46:3e:bf:06:eb:ac:a2:64:f9:b5:20:11:7b:75:e0:12:2d:a4:
3e:f9:fd:ea:3f:28:1f:17:d0:35:6e:db:cd:75:3d:b5:49:7f:
c8:ff:fb:2c:07:b9:ba:c9:fc:90:e4:f7:08:6e:d9:b7:d4:2c:
c9:f8:05:c8:cd:b3:21:f5:4d:33:ff:fa:52:95:6c:a7:4e:ce:
57:ab:fb:4f:ac:70:ff:55:be:94:b1:0c:d7:b9:21:71:28:68:
59:38:2e:54:be:37:b8:86:8c:7f:a6:33:37:70:2d:9c:92:0d:
a9:2f:eb:28
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAYVzA5f2M6d8jK+vGOPK0ISFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjMwMTAyMTUwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjA2OGU4MDdkMGNkMDY0YjQ5ZWZjYzNlYmE3YjdiYjIwOGFlZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgW9Td7KDS9v7E0IQT8W7EZTrJIba
iaYTS6DLyIJDs1oCvYSDYundy6/cTaJR4afe78e0Q8UtQyxQSTe/7Vj0VR45qn1w
gQSsBp3BWRIjkVt8G0kpM/83ae2rd8BApqnDL2IVU0XlJqCglQfo9VRGe6Fcv3d9
EHK9Mw16XRZVdG6SnbMdEW8DHyZVz+qXy60ou+jV13Ecw+S97pN/xLcH/Gk+07au
ecfBi36x8Ivnx9DGWVjrazBu89ZhCFo7JpmQdJFg8NAGPjYwY04szg8irFRXl2Ke
T+OEAORYRJWIRvney62gc7ScumXg+zVD/wPW2zkWMU7QQNkbc4th76HWZQIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFG8GjoB9DNBktJ78w+unt7sgiu9/MB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvYndhT2dIME0wR1MwbnZ6RDY2ZTN1eUNLNzM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBbBAIAATBVAwQBLrdo
AwQGTomAAwQEUF0QAwQGU5OAAwMAVMsDBAZZ6kADBAZcM8AwDAMEA7A02AMEAbA0
3AMEALk1IAMEALk1IwMEAbny7AMEBdR+IAMEBNlOADApBAIAAjAjAwUAIAEbuAMF
ACoAFbgDBQAqAQJYAwUAKgGKoAMFACoCAiAwDQYJKoZIhvcNAQELBQADggEBAIao
4pURySefEs7Hb6JOJxhGJ1EenF6OGCOPRuqIpeP6r6ZBOg3eLYNM0Nrj+QMplgDm
/E6w6+SMX9UiKUAeEqoNgdtIWGoq37IUSC++qELE4TvfZqc5a24X5LAXS54WCftx
DDfyIx7LuoAoNXTB3/IL2qwuQnsMUsE+/Uq3oXwEN6H9QbXmC1Nv7+d2Y5uJikY+
vwbrrKJk+bUgEXt14BItpD75/eo/KB8X0DVu2811PbVJf8j/+ywHubrJ/JDk9whu
2bfULMn4BcjNsyH1TTP/+lKVbKdOzler+0+scP9VvpSxDNe5IXEoaFk4LlS+N7iG
jH+mMzdwLZySDakv6yg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:05 2024 by rpki-client on console-ams.rpki-client.org