Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/Bl8_BVqJUIM7a1gUb9E7kuLTOG0.roa
File: Bl8_BVqJUIM7a1gUb9E7kuLTOG0.roa (raw, json)
Hash identifier: TW3oN0T6b88q+noJt4UbN8q7i3e7uvgTC8SIBVlKHmY=
Subject key identifier: 06:5F:3F:05:5A:89:50:83:3B:6B:58:14:6F:D1:3B:92:E2:D3:38:6D
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 018CC9BCAD1E73CE3674B65A41ED787D2C3D
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/Bl8_BVqJUIM7a1gUb9E7kuLTOG0.roa
Signing time: Tue 02 Jan 2024 10:33:54 +0000
ROA not before: Tue 02 Jan 2024 10:33:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39494
IP address blocks: 89.104.64.0/19 maxlen: 19
89.104.76.0/24 maxlen: 24
89.111.128.0/18 maxlen: 18
79.174.72.0/22 maxlen: 22
89.111.144.0/20 maxlen: 20
89.111.160.0/20 maxlen: 24
31.177.86.0/23 maxlen: 24
89.111.176.0/20 maxlen: 20
89.111.177.0/24 maxlen: 24
89.111.176.0/22 maxlen: 22
2a01:d8::/32 maxlen: 48
2a02:2090::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 13 Mar 2024 09:17:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ad:1e:73:ce:36:74:b6:5a:41:ed:78:7d:2c:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Jan 2 10:33:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=065f3f055a8950833b6b58146fd13b92e2d3386d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:32:4b:d6:ce:64:1c:66:e6:11:66:05:d1:16:
02:ff:d8:f8:40:43:33:4d:33:19:db:e1:cd:2d:6e:
11:c0:85:2a:67:20:58:7b:2f:c2:46:e9:d7:de:d4:
cd:d1:71:39:ec:4a:9f:55:2c:c1:22:64:4b:b1:42:
3b:79:e5:2a:a1:fd:3e:46:11:f4:8c:c0:80:91:c8:
1b:fa:67:f2:bb:87:c1:90:9e:c2:55:bf:d0:82:92:
f3:26:73:a5:c8:d8:4b:cc:ec:34:7b:53:94:7e:17:
af:cd:a3:67:7b:da:9e:8c:c1:da:d2:9e:7a:c9:3b:
1c:14:50:8a:c8:33:05:fb:ea:ad:3a:18:80:bc:d4:
a5:25:2f:ac:86:bb:f9:0f:2a:84:74:f5:21:26:ef:
89:1c:4f:ab:93:6c:e5:a9:5c:de:88:c4:d1:7a:ad:
27:5a:e9:99:a6:fb:c9:16:24:c2:e9:cb:5f:60:5f:
4f:48:8e:08:c9:37:1a:39:85:ce:91:0c:ca:1b:27:
da:27:1b:d5:b1:14:46:fe:81:e0:88:c5:4d:0a:fd:
6f:5e:ca:b0:fe:87:1f:31:eb:b8:bb:84:52:73:14:
13:05:8b:96:12:cf:d7:70:e1:7b:64:f6:16:34:e8:
db:43:44:ce:5f:e6:28:84:58:e6:bb:b0:dd:33:96:
b0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:5F:3F:05:5A:89:50:83:3B:6B:58:14:6F:D1:3B:92:E2:D3:38:6D
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/Bl8_BVqJUIM7a1gUb9E7kuLTOG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.86.0/23
79.174.72.0/22
89.104.64.0/19
89.111.128.0/18
IPv6:
2a01:d8::/32
2a02:2090::/32
Signature Algorithm: sha256WithRSAEncryption
90:fe:96:1c:54:ab:2e:c5:c3:be:4a:e3:b3:bb:31:5e:f6:64:
fb:af:d2:34:cf:d8:98:2f:38:3e:4c:ed:cc:d0:9b:01:d2:5c:
f1:49:4f:85:41:f4:65:aa:fc:3b:d5:71:c8:37:83:40:4b:55:
c9:7e:9b:5e:d4:25:25:f1:c8:9e:46:b9:77:c4:26:b3:f5:78:
93:aa:8a:61:8f:42:8c:62:64:7e:79:33:c3:93:ee:1d:d9:d7:
bc:05:e9:1c:61:77:8e:94:93:15:2c:bb:a3:58:b8:ec:e9:ec:
54:cb:62:b5:f5:08:a2:4f:e4:48:34:e7:f1:aa:3d:10:9a:dc:
0f:e7:9e:ce:c0:18:49:b7:6a:69:69:58:29:22:62:4a:aa:15:
dd:d2:0c:b8:b5:2f:d5:5a:44:92:a6:02:2f:2c:17:58:71:f0:
3e:34:96:a1:ba:bc:38:f9:d1:e1:fb:5b:7f:15:8e:dd:b4:b9:
b0:bd:a4:f2:23:68:58:8e:16:fa:81:38:94:e8:e9:81:19:b0:
67:39:d2:f9:ae:d2:22:0c:9e:66:1f:91:59:fe:00:8c:ab:00:
71:d2:dd:80:2f:33:22:2d:2a:6a:2d:53:43:54:40:cd:58:2f:
34:58:40:50:c3:58:d0:82:47:78:fd:4e:47:1b:7b:3e:4f:bf:
f7:43:58:09
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzJvK0ec842dLZaQe14fSw9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjQwMTAyMTAzMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjVmM2YwNTVhODk1MDgzM2I2YjU4MTQ2ZmQxM2I5MmUyZDMzODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzJL1s5kHGbmEWYF0RYC/9j4QEMz
TTMZ2+HNLW4RwIUqZyBYey/CRunX3tTN0XE57EqfVSzBImRLsUI7eeUqof0+RhH0
jMCAkcgb+mfyu4fBkJ7CVb/QgpLzJnOlyNhLzOw0e1OUfhevzaNne9qejMHa0p56
yTscFFCKyDMF++qtOhiAvNSlJS+shrv5DyqEdPUhJu+JHE+rk2zlqVzeiMTReq0n
WumZpvvJFiTC6ctfYF9PSI4IyTcaOYXOkQzKGyfaJxvVsRRG/oHgiMVNCv1vXsqw
/ocfMeu4u4RScxQTBYuWEs/XcOF7ZPYWNOjbQ0TOX+YohFjmu7DdM5awzQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAZfPwVaiVCDO2tYFG/RO5Li0zhtMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvQmw4X0JWcUpVSU03YTFnVWI5RTdrdUxUT0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQBH7FWAwQC
T65IAwQFWWhAAwQGWW+AMBQEAgACMA4DBQAqAQDYAwUAKgIgkDANBgkqhkiG9w0B
AQsFAAOCAQEAkP6WHFSrLsXDvkrjs7sxXvZk+6/SNM/YmC84PkztzNCbAdJc8UlP
hUH0Zar8O9VxyDeDQEtVyX6bXtQlJfHInka5d8Qms/V4k6qKYY9CjGJkfnkzw5Pu
HdnXvAXpHGF3jpSTFSy7o1i47OnsVMtitfUIok/kSDTn8ao9EJrcD+eezsAYSbdq
aWlYKSJiSqoV3dIMuLUv1VpEkqYCLywXWHHwPjSWobq8OPnR4ftbfxWO3bS5sL2k
8iNoWI4W+oE4lOjpgRmwZznS+a7SIgyeZh+RWf4AjKsAcdLdgC8zIi0qai1TQ1RA
zVgvNFhAUMNY0IJHeP1ORxt7Pk+/90NYCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:15 2024 by rpki-client on console-fra.rpki-client.org