Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/BUCddGK-K56zyXdsHcQg3xXOZVs.roa
File: BUCddGK-K56zyXdsHcQg3xXOZVs.roa (raw, json)
Hash identifier: F4oCeplNztdiTlRbmJ1yMqowhZlCEMsLrl0JFSECwkM=
Subject key identifier: 05:40:9D:74:62:BE:2B:9E:B3:C9:77:6C:1D:C4:20:DF:15:CE:65:5B
Certificate issuer: /CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Certificate serial: 018CC5DCA781DF52E02882F8CEEB204E0289
Authority key identifier: 5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/BUCddGK-K56zyXdsHcQg3xXOZVs.roa
Signing time: Mon 01 Jan 2024 16:30:21 +0000
ROA not before: Mon 01 Jan 2024 16:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39386
IP address blocks: 84.235.56.0/23 maxlen: 23
178.86.50.0/24 maxlen: 24
84.235.0.0/17 maxlen: 17
84.235.0.0/24 maxlen: 24
84.235.14.0/24 maxlen: 24
37.224.192.0/24 maxlen: 24
84.235.95.0/24 maxlen: 24
84.235.110.0/24 maxlen: 24
84.235.108.0/24 maxlen: 24
84.235.111.0/24 maxlen: 24
84.235.109.0/24 maxlen: 24
84.235.122.0/23 maxlen: 23
84.235.120.0/22 maxlen: 22
193.19.244.0/24 maxlen: 24
2001:16a0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 29 Sep 2024 08:41:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:a7:81:df:52:e0:28:82:f8:ce:eb:20:4e:02:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Validity
Not Before: Jan 1 16:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05409d7462be2b9eb3c9776c1dc420df15ce655b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:59:6c:1d:cb:46:31:57:5d:2d:94:89:f3:a0:
8f:1c:b3:98:66:98:e1:35:2e:f9:93:4c:c3:89:02:
2f:fe:78:86:43:e6:bc:a2:a6:0a:ae:1f:f5:08:c2:
4b:2c:c8:b4:5e:9b:51:46:d6:4d:f8:3e:c1:76:82:
86:da:b8:e4:00:f9:bc:23:c3:45:aa:8d:6e:0f:f7:
80:cc:a5:fb:96:43:1e:c5:69:e8:14:69:4e:87:13:
12:e2:c8:eb:30:5a:43:4c:e7:98:95:b0:b1:65:b1:
cf:21:56:0c:b1:69:9f:e4:06:f6:53:53:6b:2f:8e:
6a:5e:f1:18:37:84:cc:00:b5:35:a3:d8:da:41:12:
1d:4e:cd:b8:7f:7c:28:17:c3:d5:d2:85:69:c8:4c:
4a:06:12:b0:62:e1:b3:bc:08:e8:11:a6:09:80:f5:
4d:65:bf:cb:60:90:ad:7d:58:e9:f8:f9:00:91:c0:
6b:fa:c8:0a:a1:03:5a:cd:f6:ea:04:a9:df:fb:65:
3b:d9:7d:a7:52:59:77:09:c9:eb:21:32:4f:6f:cc:
d5:aa:72:a4:31:09:e6:42:f4:70:42:99:f1:da:d2:
7f:3d:a9:05:27:58:62:ab:0c:8b:d6:e5:c5:e3:9e:
d8:ab:9b:c6:f8:dd:4f:10:b8:9d:1b:c5:02:75:cb:
1c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:40:9D:74:62:BE:2B:9E:B3:C9:77:6C:1D:C4:20:DF:15:CE:65:5B
X509v3 Authority Key Identifier:
keyid:5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/BUCddGK-K56zyXdsHcQg3xXOZVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.224.192.0/24
84.235.0.0/17
178.86.50.0/24
193.19.244.0/24
IPv6:
2001:16a0::/29
Signature Algorithm: sha256WithRSAEncryption
4e:e8:e0:9b:1a:ee:77:98:a8:af:47:9a:ce:f8:51:ea:0a:ef:
b5:70:f2:8b:cf:c2:a9:34:b0:a7:60:de:bf:80:3a:c3:87:4d:
7b:72:fd:b1:f1:6f:7b:02:e7:c7:c9:2a:e7:81:6c:a0:58:f4:
b1:49:da:5a:42:32:59:73:21:16:13:1d:5b:83:c2:f6:b1:d3:
67:17:dc:18:eb:7a:0e:cc:d7:d5:14:7f:32:a0:cc:b1:2e:66:
e6:4c:fe:42:17:d8:d8:00:24:1f:94:99:64:1e:aa:77:19:16:
66:09:e6:04:3c:b4:f3:ba:38:57:25:9e:92:5e:5a:57:94:48:
54:5e:e9:74:a0:df:3c:be:6d:74:4e:dd:95:89:a8:f4:13:36:
2f:fa:d0:30:0a:4f:70:5b:31:1e:fe:46:e1:6b:f9:3b:5f:8a:
a5:f8:6d:95:f4:95:2d:04:b0:81:8d:39:6e:d0:0c:70:28:b3:
f7:c4:1f:01:70:01:c1:33:94:7f:17:04:e9:01:15:39:84:c6:
ce:a9:c2:58:ef:98:50:78:13:95:49:85:92:0c:8e:47:9e:cf:
f9:be:0a:d5:44:69:70:a5:72:e5:46:df:f1:e1:e6:0f:4a:22:
21:f6:48:c9:3a:bf:01:51:aa:43:f8:0a:37:3a:c8:5a:bb:de:
0b:b1:e8:2c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzF3KeB31LgKIL4zusgTgKJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWJmNmEzMTlkYTI0ODk4MTZhZWRiYTFiNGZkMGNjN2Rk
ZjNlMWUwHhcNMjQwMTAxMTYzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTQwOWQ3NDYyYmUyYjllYjNjOTc3NmMxZGM0MjBkZjE1Y2U2NTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1lsHctGMVddLZSJ86CPHLOYZpjh
NS75k0zDiQIv/niGQ+a8oqYKrh/1CMJLLMi0XptRRtZN+D7BdoKG2rjkAPm8I8NF
qo1uD/eAzKX7lkMexWnoFGlOhxMS4sjrMFpDTOeYlbCxZbHPIVYMsWmf5Ab2U1Nr
L45qXvEYN4TMALU1o9jaQRIdTs24f3woF8PV0oVpyExKBhKwYuGzvAjoEaYJgPVN
Zb/LYJCtfVjp+PkAkcBr+sgKoQNazfbqBKnf+2U72X2nUll3CcnrITJPb8zVqnKk
MQnmQvRwQpnx2tJ/PakFJ1hiqwyL1uXF457Yq5vG+N1PELidG8UCdcscwwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAVAnXRiviues8l3bB3EIN8VzmVbMB8GA1UdIwQY
MBaAFF4b9qMZ2iSJgWrtuhtP0Mx93z4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYt
YjU5MDk1N2Q5NDE1LzEvQlVDZGRHSy1LNTZ6eVhkc0hjUWczeFhPWlZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYtYjU5MDk1N2Q5NDE1
LzEvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAJeDAAwQH
VOsAAwQAslYyAwQAwRP0MA0EAgACMAcDBQMgARagMA0GCSqGSIb3DQEBCwUAA4IB
AQBO6OCbGu53mKivR5rO+FHqCu+1cPKLz8KpNLCnYN6/gDrDh017cv2x8W97AufH
ySrngWygWPSxSdpaQjJZcyEWEx1bg8L2sdNnF9wY63oOzNfVFH8yoMyxLmbmTP5C
F9jYACQflJlkHqp3GRZmCeYEPLTzujhXJZ6SXlpXlEhUXul0oN88vm10Tt2Viaj0
EzYv+tAwCk9wWzEe/kbha/k7X4ql+G2V9JUtBLCBjTlu0AxwKLP3xB8BcAHBM5R/
FwTpARU5hMbOqcJY75hQeBOVSYWSDI5Hns/5vgrVRGlwpXLlRt/x4eYPSiIh9kjJ
Or8BUapD+Ao3Oshau94Lsegs
-----END CERTIFICATE-----
Generated at Sun Sep 29 11:05:00 2024 by rpki-client on console-fra.rpki-client.org