Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/BNURZCm-RYEFmY49NAdv2VC4WWE.roa
File: BNURZCm-RYEFmY49NAdv2VC4WWE.roa (raw, json)
Hash identifier: lQYPxHD4u+USTiUOYJKbeFNsblPbAUrFEg0od1BNrwM=
Subject key identifier: 04:D5:11:64:29:BE:45:81:05:99:8E:3D:34:07:6F:D9:50:B8:59:61
Certificate issuer: /CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Certificate serial: 0190E8F5AF8E41E3ECDFA49000771086779D
Authority key identifier: 50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/BNURZCm-RYEFmY49NAdv2VC4WWE.roa
Signing time: Thu 25 Jul 2024 08:15:33 +0000
ROA not before: Thu 25 Jul 2024 08:15:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201086
IP address blocks: 185.86.80.0/24 maxlen: 24
185.205.19.0/24 maxlen: 24
185.254.95.0/24 maxlen: 24
193.36.63.0/24 maxlen: 24
194.145.138.0/24 maxlen: 24
2a0a:fa40::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 22 Aug 2024 15:06:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e8:f5:af:8e:41:e3:ec:df:a4:90:00:77:10:86:77:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Validity
Not Before: Jul 25 08:15:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04d5116429be458105998e3d34076fd950b85961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:86:dd:69:6f:39:b4:42:a4:d5:20:6a:ca:88:
ba:dc:8e:14:6e:10:15:88:21:8c:6a:51:a6:eb:1a:
d8:01:c6:0b:0e:2e:de:28:6e:98:02:1b:80:92:4f:
ae:95:86:ef:3a:c4:8a:bb:0c:83:29:06:9b:e5:64:
96:96:39:c0:23:29:78:d3:22:4b:5d:d0:65:12:71:
4a:da:b0:5e:68:68:6f:a1:06:2c:6a:18:28:f2:5b:
ab:f3:03:c7:a5:df:87:c9:a6:b1:19:b9:52:2b:40:
f3:a4:07:bc:60:85:92:fc:97:03:ab:d6:8f:da:da:
a7:bd:7c:40:1d:5e:2a:79:31:1c:cd:a3:6a:5b:aa:
5f:93:a3:b0:c0:63:98:51:04:6b:a3:b9:91:62:1a:
e0:91:6b:5a:62:a3:95:f8:38:6b:00:c2:b7:2a:b9:
a1:b6:e4:3a:e5:ef:b6:da:db:04:e7:7d:3e:11:19:
b2:b9:88:60:60:fc:95:f4:1f:9c:bd:87:ce:c2:a5:
0c:d4:6e:dc:d7:96:b4:b7:3c:30:8b:e7:7e:88:da:
c7:77:53:f0:8f:2a:73:d2:54:ec:fb:cf:6f:c2:2f:
fb:25:39:99:48:f6:c0:6a:9e:4b:3e:32:e1:ca:d8:
3a:25:fc:5e:d1:c6:62:c6:12:53:dd:ea:64:b2:e4:
a5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:D5:11:64:29:BE:45:81:05:99:8E:3D:34:07:6F:D9:50:B8:59:61
X509v3 Authority Key Identifier:
keyid:50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/BNURZCm-RYEFmY49NAdv2VC4WWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.80.0/24
185.205.19.0/24
185.254.95.0/24
193.36.63.0/24
194.145.138.0/24
IPv6:
2a0a:fa40::/32
Signature Algorithm: sha256WithRSAEncryption
24:41:4c:b9:c2:86:d4:74:48:35:79:38:a7:7e:ee:76:46:34:
7a:82:79:7d:9d:48:e3:62:43:8f:a2:a5:f9:7b:b9:ad:75:8e:
49:42:81:2f:4c:23:f7:ab:7c:9b:cd:3d:26:bb:43:a3:67:b4:
4c:97:4d:fd:dc:b8:51:aa:74:5b:31:cf:12:33:c3:a4:64:8f:
b8:5b:7c:bd:c3:92:7d:cd:de:44:f6:28:c0:8a:e6:fb:91:0a:
ab:65:9e:d9:21:27:ae:04:63:ab:bd:9d:fc:5c:2d:f3:23:5f:
cb:dd:d3:2e:27:e1:34:e3:7f:dc:d6:a7:be:d1:64:01:63:dc:
0a:97:f7:3e:39:99:d7:83:4b:f2:73:41:64:f1:27:58:61:84:
e8:1b:05:41:4c:8e:82:c8:9d:8b:57:e1:c7:f5:77:e6:93:1c:
72:66:da:73:b5:8a:ab:fb:b4:c7:41:95:ba:e4:14:e1:ce:b9:
2c:92:f9:fd:e2:4c:c0:fa:13:e6:60:8a:58:77:8c:8a:fb:bb:
11:5e:ee:2d:1a:1e:fd:3e:68:ed:5f:40:db:1c:4f:92:b5:a5:
67:9a:c4:a4:77:3b:b3:8c:9e:4e:6a:e6:8f:57:3a:78:1c:07:
c2:32:67:c3:ea:b7:2b:2f:9d:5f:3a:58:31:d0:ca:6c:a4:b0:
d1:67:f8:7f
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZDo9a+OQePs36SQAHcQhnedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTkyZTY4ODk1YzcwNjhiNDY1NTUwODkxN2FkNWJiZGRi
ZDBhNWYwHhcNMjQwNzI1MDgxNTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGQ1MTE2NDI5YmU0NTgxMDU5OThlM2QzNDA3NmZkOTUwYjg1OTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIbdaW85tEKk1SBqyoi63I4UbhAV
iCGMalGm6xrYAcYLDi7eKG6YAhuAkk+ulYbvOsSKuwyDKQab5WSWljnAIyl40yJL
XdBlEnFK2rBeaGhvoQYsahgo8lur8wPHpd+HyaaxGblSK0DzpAe8YIWS/JcDq9aP
2tqnvXxAHV4qeTEczaNqW6pfk6OwwGOYUQRro7mRYhrgkWtaYqOV+DhrAMK3Krmh
tuQ65e+22tsE530+ERmyuYhgYPyV9B+cvYfOwqUM1G7c15a0tzwwi+d+iNrHd1Pw
jypz0lTs+89vwi/7JTmZSPbAap5LPjLhytg6Jfxe0cZixhJT3epksuSlwQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFATVEWQpvkWBBZmOPTQHb9lQuFlhMB8GA1UdIwQY
MBaAFFBZLmiJXHBotGVVCJF61bvdvQpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEt
N2JiZDI4Y2U0YTc1LzEvQk5VUlpDbS1SWUVGbVk0OU5BZHYyVkM0V1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEtN2JiZDI4Y2U0YTc1
LzEvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAuVZQAwQA
uc0TAwQAuf5fAwQAwSQ/AwQAwpGKMA0EAgACMAcDBQAqCvpAMA0GCSqGSIb3DQEB
CwUAA4IBAQAkQUy5wobUdEg1eTinfu52RjR6gnl9nUjjYkOPoqX5e7mtdY5JQoEv
TCP3q3ybzT0mu0OjZ7RMl0393LhRqnRbMc8SM8OkZI+4W3y9w5J9zd5E9ijAiub7
kQqrZZ7ZISeuBGOrvZ38XC3zI1/L3dMuJ+E043/c1qe+0WQBY9wKl/c+OZnXg0vy
c0Fk8SdYYYToGwVBTI6CyJ2LV+HH9XfmkxxyZtpztYqr+7THQZW65BThzrkskvn9
4kzA+hPmYIpYd4yK+7sRXu4tGh79PmjtX0DbHE+StaVnmsSkdzuzjJ5OauaPVzp4
HAfCMmfD6rcrL51fOlgx0MpspLDRZ/h/
-----END CERTIFICATE-----
Generated at Thu Aug 22 18:55:03 2024 by rpki-client on console-fra.rpki-client.org