Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BF1OGZjE8_h5bSZI-NE6eNoaBio.roa
File: BF1OGZjE8_h5bSZI-NE6eNoaBio.roa (raw, json)
Hash identifier: Fqy4G2SgX2DUAuty9TRwD2Qpc4JVwQxj71M4/IQ/Rh8=
Subject key identifier: 04:5D:4E:19:98:C4:F3:F8:79:6D:26:48:F8:D1:3A:78:DA:1A:06:2A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018AFA6DF1B088100AAA47543D035065B622
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BF1OGZjE8_h5bSZI-NE6eNoaBio.roa
Signing time: Wed 04 Oct 2023 11:23:43 +0000
ROA not before: Wed 04 Oct 2023 11:23:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.222.28.0/24 maxlen: 24
185.222.30.0/23 maxlen: 24
185.230.52.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Oct 2023 08:56:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:6d:f1:b0:88:10:0a:aa:47:54:3d:03:50:65:b6:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 4 11:23:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=045d4e1998c4f3f8796d2648f8d13a78da1a062a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:74:00:1d:82:02:cd:bc:7f:bb:05:24:40:2e:
02:9c:6d:57:27:41:29:62:e0:f6:a2:99:34:1f:38:
60:f1:ee:2c:d6:78:df:77:da:b4:f0:cf:d7:80:b5:
48:11:a3:5e:68:a5:e9:e2:f2:4d:e2:4b:0f:f2:6d:
78:92:56:70:27:b4:fd:e3:0a:5f:0a:27:33:72:43:
a0:88:15:5e:39:46:71:67:00:b7:5a:93:56:a9:f7:
01:bf:ec:7c:83:6a:e9:f2:89:9e:73:ac:f5:30:c6:
cd:e0:ee:11:db:ba:b0:64:d7:93:23:65:04:44:20:
64:3a:fb:1e:fc:95:55:c2:09:26:26:d3:e5:0a:e9:
92:98:f0:2e:50:e4:f3:ff:2f:37:51:d3:24:91:a4:
b1:7e:ec:81:ca:11:41:1a:74:4e:8e:91:e4:72:8f:
24:5d:21:01:19:51:11:1b:c1:77:12:63:5a:b7:67:
51:d3:1c:cf:94:8f:73:cf:6b:98:48:c7:b2:7a:3f:
67:2b:e2:90:a7:7c:88:77:f4:c7:98:de:e3:3f:a7:
43:ad:c2:5d:ec:2d:91:69:7d:61:29:a1:59:e5:fd:
55:f2:de:e7:7f:48:f9:d7:e3:01:56:cf:ac:e9:92:
33:6c:54:8e:43:d7:49:84:bc:06:69:2d:d3:f7:69:
fb:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:5D:4E:19:98:C4:F3:F8:79:6D:26:48:F8:D1:3A:78:DA:1A:06:2A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BF1OGZjE8_h5bSZI-NE6eNoaBio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.220.250.0/23
185.222.28.0/24
185.222.30.0/23
185.223.80.0/24
185.225.0.0/23
185.226.107.0/24
185.230.52.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
17:92:53:89:72:fc:f9:e6:e7:76:a6:62:a7:8e:3c:32:30:9c:
db:82:31:a2:01:98:87:e3:86:56:28:12:f3:b3:01:c7:bb:b0:
03:c3:9b:85:74:7f:d6:9f:7a:18:68:4f:55:0a:c2:c8:29:f7:
8e:ac:cf:3c:7e:55:a4:6d:35:61:0c:2f:f1:c3:c9:06:cf:d8:
77:25:d1:37:68:63:9f:5d:8f:71:57:94:6c:95:6b:10:09:76:
de:b9:4b:55:64:a9:07:b6:96:be:23:54:11:7c:a5:bd:23:37:
17:f4:dd:0b:ba:5b:32:9b:ff:e4:34:bd:16:7b:a1:50:79:3b:
4d:1c:5f:f6:2a:95:64:84:61:8e:aa:45:4d:85:b9:92:6e:0a:
56:b7:f2:0d:a7:31:17:96:aa:20:20:3a:4c:fa:1d:13:11:bf:
60:8a:56:e4:cf:ad:21:25:dd:b0:9c:56:d0:bd:8b:ec:f0:86:
0c:61:05:32:37:7f:16:03:fb:e7:c1:33:a9:b5:d0:a5:22:45:
19:52:1d:a5:57:dc:0f:e6:4b:61:2f:83:d8:8d:1b:a3:cc:18:
b5:9b:31:04:7e:73:4d:dc:5a:9f:b0:1a:24:12:7d:c8:1e:71:
c5:11:50:58:e2:d1:e5:0c:1d:2c:7f:3d:c3:c2:de:a6:71:a5:
d4:6a:3b:92
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYr6bfGwiBAKqkdUPQNQZbYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMDA0MTEyMzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDVkNGUxOTk4YzRmM2Y4Nzk2ZDI2NDhmOGQxM2E3OGRhMWEwNjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXQAHYICzbx/uwUkQC4CnG1XJ0Ep
YuD2opk0Hzhg8e4s1njfd9q08M/XgLVIEaNeaKXp4vJN4ksP8m14klZwJ7T94wpf
CiczckOgiBVeOUZxZwC3WpNWqfcBv+x8g2rp8omec6z1MMbN4O4R27qwZNeTI2UE
RCBkOvse/JVVwgkmJtPlCumSmPAuUOTz/y83UdMkkaSxfuyByhFBGnROjpHkco8k
XSEBGVERG8F3EmNat2dR0xzPlI9zz2uYSMeyej9nK+KQp3yId/THmN7jP6dDrcJd
7C2RaX1hKaFZ5f1V8t7nf0j51+MBVs+s6ZIzbFSOQ9dJhLwGaS3T92n7KwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFARdThmYxPP4eW0mSPjROnjaGgYqMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQkYxT0daakU4X2g1YlNaSS1ORTZlTm9hQmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALQgVAwQA
LZPgAwQBudz6AwQAud4cAwQBud4eAwQAud9QAwQBueEAAwQAueJrAwQAueY0AwQA
ufvlAwQBwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQAXklOJcvz55ud2pmKnjjwyMJzb
gjGiAZiH44ZWKBLzswHHu7ADw5uFdH/Wn3oYaE9VCsLIKfeOrM88flWkbTVhDC/x
w8kGz9h3JdE3aGOfXY9xV5RslWsQCXbeuUtVZKkHtpa+I1QRfKW9IzcX9N0Lulsy
m//kNL0We6FQeTtNHF/2KpVkhGGOqkVNhbmSbgpWt/INpzEXlqogIDpM+h0TEb9g
ilbkz60hJd2wnFbQvYvs8IYMYQUyN38WA/vnwTOptdClIkUZUh2lV9wP5kthL4PY
jRujzBi1mzEEfnNN3FqfsBokEn3IHnHFEVBY4tHlDB0sfz3Dwt6mcaXUajuS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org