Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/bgfy1xy3lukeO1St6f12yeGVI0Y.roa
File: bgfy1xy3lukeO1St6f12yeGVI0Y.roa (raw, json)
Hash identifier: hSuvVKdMhjPqf3a1ByvmoGI+JIlvrU3R6YkNB7fEg2s=
Subject key identifier: 6E:07:F2:D7:1C:B7:96:E9:1E:3B:54:AD:E9:FD:76:C9:E1:95:23:46
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 018C68051FAC2E9655AA1EC756D8BC07EAFD
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/bgfy1xy3lukeO1St6f12yeGVI0Y.roa
Signing time: Thu 14 Dec 2023 11:10:15 +0000
ROA not before: Thu 14 Dec 2023 11:10:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210329
IP address blocks: 81.28.4.0/24 maxlen: 24
81.28.5.0/24 maxlen: 24
194.146.24.0/24 maxlen: 24
63.250.58.0/24 maxlen: 24
195.238.123.0/24 maxlen: 24
185.237.98.0/24 maxlen: 24
185.53.211.0/24 maxlen: 24
91.223.236.0/24 maxlen: 24
185.237.99.0/24 maxlen: 24
185.237.12.0/24 maxlen: 24
185.237.13.0/24 maxlen: 24
194.146.25.0/24 maxlen: 24
83.229.68.0/24 maxlen: 24
83.229.69.0/24 maxlen: 24
83.229.75.0/24 maxlen: 24
103.13.209.0/24 maxlen: 24
103.13.208.0/24 maxlen: 24
103.241.64.0/24 maxlen: 24
45.91.170.0/24 maxlen: 24
185.127.17.0/24 maxlen: 24
185.127.16.0/24 maxlen: 24
185.127.18.0/24 maxlen: 24
185.127.19.0/24 maxlen: 24
103.241.65.0/24 maxlen: 24
212.86.104.0/24 maxlen: 24
212.86.105.0/24 maxlen: 24
91.202.170.0/24 maxlen: 24
2a06:c5c0:600::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:68:05:1f:ac:2e:96:55:aa:1e:c7:56:d8:bc:07:ea:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Dec 14 11:10:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e07f2d71cb796e91e3b54ade9fd76c9e1952346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:72:91:dd:5a:e5:0f:2b:f3:ff:4d:d7:65:46:
ea:f4:d0:72:7a:3e:6a:7f:28:7b:57:c6:aa:12:16:
89:ba:35:be:a7:30:6c:41:ef:05:c7:4c:b8:76:96:
3b:c9:29:7f:d6:19:3a:73:b5:3f:86:b3:a3:49:f5:
7a:9d:ff:24:2e:f1:cd:b1:73:1c:8c:6e:bb:96:c7:
63:2e:7a:b4:9f:46:eb:f2:d8:6d:43:66:06:28:c2:
0f:7a:e6:bc:b2:5e:df:70:5b:fd:a1:55:ff:b6:66:
07:c8:67:c8:f5:ae:62:a6:e0:8e:5e:c7:f1:08:13:
78:35:ed:d4:5c:fe:41:dd:2c:19:98:3b:2e:74:88:
13:a6:62:20:70:4d:7a:af:e9:d2:2f:73:7d:db:5e:
a4:c0:cf:bc:96:8d:bf:92:7d:82:9e:1d:68:5b:56:
3c:3c:82:ae:8c:ea:2e:7c:9a:a9:c7:a6:b5:50:0e:
25:cf:f6:c1:c1:29:73:a0:41:8c:62:2e:15:d2:33:
22:1e:a0:28:28:eb:b0:dd:41:6d:4f:df:32:24:04:
32:ec:9e:52:55:cd:28:bf:ba:5b:80:06:dc:9d:43:
f9:69:46:54:b7:2f:e0:88:3d:26:88:0e:18:05:bf:
20:22:5b:81:ed:73:c4:81:ee:2e:a9:d2:e8:e0:8d:
25:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:07:F2:D7:1C:B7:96:E9:1E:3B:54:AD:E9:FD:76:C9:E1:95:23:46
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/bgfy1xy3lukeO1St6f12yeGVI0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.170.0/24
63.250.58.0/24
81.28.4.0/23
83.229.68.0/23
83.229.75.0/24
91.202.170.0/24
91.223.236.0/24
103.13.208.0/23
103.241.64.0/23
185.53.211.0/24
185.127.16.0/22
185.237.12.0/23
185.237.98.0/23
194.146.24.0/23
195.238.123.0/24
212.86.104.0/23
IPv6:
2a06:c5c0:600::/48
Signature Algorithm: sha256WithRSAEncryption
1b:77:8d:f9:77:e2:51:e3:8b:79:46:5b:d5:57:16:93:b5:8c:
9e:3b:83:2b:73:1c:5f:f9:a6:9a:30:a4:6d:9c:79:f6:9a:2b:
cb:b1:69:e8:35:01:09:0d:75:f4:58:a1:42:41:d0:09:e5:da:
7c:51:c8:68:14:c8:da:d1:5c:cf:3a:d7:04:b4:ea:12:cd:18:
92:26:75:52:dc:34:c6:71:aa:b7:73:cc:b3:94:ae:28:c7:db:
c4:c2:f1:1d:38:54:df:74:91:dc:5d:d6:2e:89:84:1c:c9:7e:
90:15:c7:26:24:a2:98:5a:a3:c5:d2:9e:01:4a:a6:96:24:ce:
9d:bf:ff:54:3e:32:8b:ad:6b:59:c1:da:57:63:33:ae:66:75:
96:3a:43:7a:6b:ab:5f:a3:36:f7:04:bb:dc:6c:ce:0a:70:62:
74:32:f9:f7:8b:5d:5a:a0:a3:26:e9:72:ca:12:58:6e:af:21:
2f:38:fe:7f:d4:7e:c7:05:31:20:05:8a:c3:4f:82:93:45:74:
17:5e:ef:de:02:26:29:9f:72:30:93:6c:a6:bd:34:81:f6:93:
1e:57:a1:74:44:be:c8:f5:b3:d3:2a:02:41:20:a3:00:fb:14:
8c:52:0b:d6:b1:bc:47:08:e6:51:53:d4:75:a1:17:f2:ee:66:
43:94:c2:36
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYxoBR+sLpZVqh7HVti8B+r9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjMxMjE0MTExMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTA3ZjJkNzFjYjc5NmU5MWUzYjU0YWRlOWZkNzZjOWUxOTUyMzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3KR3VrlDyvz/03XZUbq9NByej5q
fyh7V8aqEhaJujW+pzBsQe8Fx0y4dpY7ySl/1hk6c7U/hrOjSfV6nf8kLvHNsXMc
jG67lsdjLnq0n0br8thtQ2YGKMIPeua8sl7fcFv9oVX/tmYHyGfI9a5ipuCOXsfx
CBN4Ne3UXP5B3SwZmDsudIgTpmIgcE16r+nSL3N9216kwM+8lo2/kn2Cnh1oW1Y8
PIKujOoufJqpx6a1UA4lz/bBwSlzoEGMYi4V0jMiHqAoKOuw3UFtT98yJAQy7J5S
Vc0ov7pbgAbcnUP5aUZUty/giD0miA4YBb8gIluB7XPEge4uqdLo4I0lYwIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFG4H8tcct5bpHjtUren9dsnhlSNGMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvYmdmeTF4eTNsdWtlTzFTdDZmMTJ5ZUdWSTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwZgQCAAEwYAMEAC1bqgME
AD/6OgMEAVEcBAMEAVPlRAMEAFPlSwMEAFvKqgMEAFvf7AMEAWcN0AMEAWfxQAME
ALk10wMEArl/EAMEAbntDAMEAbntYgMEAcKSGAMEAMPuewMEAdRWaDAPBAIAAjAJ
AwcAKgbFwAYAMA0GCSqGSIb3DQEBCwUAA4IBAQAbd435d+JR44t5RlvVVxaTtYye
O4Mrcxxf+aaaMKRtnHn2mivLsWnoNQEJDXX0WKFCQdAJ5dp8UchoFMja0VzPOtcE
tOoSzRiSJnVS3DTGcaq3c8yzlK4ox9vEwvEdOFTfdJHcXdYuiYQcyX6QFccmJKKY
WqPF0p4BSqaWJM6dv/9UPjKLrWtZwdpXYzOuZnWWOkN6a6tfozb3BLvcbM4KcGJ0
Mvn3i11aoKMm6XLKElhuryEvOP5/1H7HBTEgBYrDT4KTRXQXXu/eAiYpn3Iwk2ym
vTSB9pMeV6F0RL7I9bPTKgJBIKMA+xSMUgvWsbxHCOZRU9R1oRfy7mZDlMI2
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:48 2024 by rpki-client on console-fra.rpki-client.org