Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/BHHuSeQIOrr10lqnZZ2aoNuZh5s.roa
File: BHHuSeQIOrr10lqnZZ2aoNuZh5s.roa (raw, json)
Hash identifier: yYCW0wRjVRsJfInmpoZ0RaqRQ8mEAqTz2C3ZYZ+lLEc=
Subject key identifier: 04:71:EE:49:E4:08:3A:BA:F5:D2:5A:A7:65:9D:9A:A0:DB:99:87:9B
Certificate issuer: /CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Certificate serial: 018AD689747CA75D11E217FEA707F2170C4B
Authority key identifier: 58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/BHHuSeQIOrr10lqnZZ2aoNuZh5s.roa
Signing time: Wed 27 Sep 2023 12:07:27 +0000
ROA not before: Wed 27 Sep 2023 12:07:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39040
IP address blocks: 77.95.120.64/26 maxlen: 26
77.95.120.0/26 maxlen: 26
77.95.120.192/26 maxlen: 26
77.95.120.128/27 maxlen: 27
77.95.120.160/27 maxlen: 27
77.95.120.0/24 maxlen: 24
194.187.90.0/23 maxlen: 23
194.187.89.0/24 maxlen: 24
2a02:388:ffff::/48 maxlen: 48
2a02:388::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d6:89:74:7c:a7:5d:11:e2:17:fe:a7:07:f2:17:0c:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Validity
Not Before: Sep 27 12:07:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0471ee49e4083abaf5d25aa7659d9aa0db99879b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ed:8e:91:72:0c:12:1d:20:0b:7f:22:17:d3:
1f:9f:09:f9:8a:f3:9c:4f:ba:a9:53:7b:90:fb:af:
74:41:2d:30:70:63:10:72:49:8a:8c:ad:05:ee:f1:
51:86:94:a0:ad:cb:3e:c2:3b:47:77:6c:69:6a:95:
02:76:5b:a1:a7:30:54:07:fe:c3:88:05:1d:2d:78:
f8:fb:69:e3:e0:ef:72:17:a1:a5:87:32:0f:07:ec:
7f:5e:fd:4b:73:aa:42:24:d0:af:ef:56:8a:f0:34:
06:e2:67:ff:72:63:83:90:9b:ca:07:6f:9d:c3:f3:
b9:72:ca:f4:cd:28:98:e4:72:67:28:04:b6:0c:fb:
7f:94:04:83:c5:34:d2:fe:94:69:0d:19:45:ab:5d:
0e:38:ca:66:70:08:e2:6e:85:6f:6a:93:30:c2:e1:
0f:fd:3d:e1:42:20:66:04:1d:44:46:e9:0f:6f:cb:
ec:53:ad:1f:20:c6:b8:09:58:79:17:f4:b3:c3:b8:
3c:a8:d2:42:29:6b:ad:1e:d2:ab:24:d9:86:dd:65:
9f:69:ae:c2:0a:bd:a7:8a:1d:4c:66:d4:7d:ef:ac:
68:e5:47:c9:dd:25:2e:16:43:74:35:1a:28:99:d4:
ef:6b:4d:f0:65:c5:48:18:c2:f6:ce:12:ab:2c:49:
c9:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:71:EE:49:E4:08:3A:BA:F5:D2:5A:A7:65:9D:9A:A0:DB:99:87:9B
X509v3 Authority Key Identifier:
keyid:58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/BHHuSeQIOrr10lqnZZ2aoNuZh5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.120.0/24
194.187.89.0-194.187.91.255
IPv6:
2a02:388::/32
Signature Algorithm: sha256WithRSAEncryption
b1:73:5d:16:13:dc:f6:46:81:bb:9b:d1:cb:47:9d:f1:88:3d:
3b:4e:10:b8:d1:3a:7a:98:97:44:ce:3d:e2:64:23:4b:fa:69:
e3:6c:2c:ac:2a:e9:ff:18:44:d8:2e:d3:9d:8f:b2:52:6f:22:
8f:d6:b8:6a:91:55:d9:b2:53:25:5e:ad:d0:9b:9e:94:79:c8:
e0:93:a1:89:cb:ca:52:c7:cb:2a:31:aa:fc:8d:e9:cc:08:ed:
88:8b:69:93:c8:7e:6c:dd:f0:bf:fd:88:a7:29:ae:53:9e:4f:
c9:32:31:79:ee:78:6f:d9:dc:a9:8c:a5:fb:ab:2d:ca:78:8d:
1a:53:20:cd:93:d1:3f:64:98:d9:53:6d:c8:6a:2c:f8:bd:8a:
cb:a0:4a:36:c1:6a:a5:26:01:7a:49:c1:ce:f8:19:04:1e:40:
f2:70:36:7d:e3:89:3f:78:c4:09:33:14:06:65:ca:76:9b:8c:
b9:60:6a:1b:db:e2:56:e5:4b:e9:3f:6a:fe:88:51:4c:5e:c1:
17:5e:11:99:fe:06:45:aa:47:9f:66:1a:3a:75:5d:8c:65:c2:
59:76:56:5b:eb:0d:bd:a1:af:f1:2f:94:e3:e7:44:03:63:a5:
5d:1d:05:bb:7f:16:4a:85:00:b3:5c:4e:1b:6f:80:84:64:08:
50:b6:00:83
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYrWiXR8p10R4hf+pwfyFwxLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE1Y2M4ZGExZjFiYmYzNDNlMjZhYjIwOGRmOGJiMjZm
ZDUzYWUwHhcNMjMwOTI3MTIwNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDcxZWU0OWU0MDgzYWJhZjVkMjVhYTc2NTlkOWFhMGRiOTk4NzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoe2OkXIMEh0gC38iF9Mfnwn5ivOc
T7qpU3uQ+690QS0wcGMQckmKjK0F7vFRhpSgrcs+wjtHd2xpapUCdluhpzBUB/7D
iAUdLXj4+2nj4O9yF6GlhzIPB+x/Xv1Lc6pCJNCv71aK8DQG4mf/cmODkJvKB2+d
w/O5csr0zSiY5HJnKAS2DPt/lASDxTTS/pRpDRlFq10OOMpmcAjiboVvapMwwuEP
/T3hQiBmBB1ERukPb8vsU60fIMa4CVh5F/Szw7g8qNJCKWutHtKrJNmG3WWfaa7C
Cr2nih1MZtR976xo5UfJ3SUuFkN0NRoomdTva03wZcVIGML2zhKrLEnJGQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFARx7knkCDq69dJap2WdmqDbmYebMB8GA1UdIwQY
MBaAFFgBXMjaHxu/ND4mqyCN+Lsm/VOuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYt
OGVlMjFiNzRkZDU2LzEvQkhIdVNlUUlPcnIxMGxxblpaMmFvTnVaaDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYtOGVlMjFiNzRkZDU2
LzEvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQATV94MAwD
BADCu1kDBALCu1gwDQQCAAIwBwMFACoCA4gwDQYJKoZIhvcNAQELBQADggEBALFz
XRYT3PZGgbub0ctHnfGIPTtOELjROnqYl0TOPeJkI0v6aeNsLKwq6f8YRNgu052P
slJvIo/WuGqRVdmyUyVerdCbnpR5yOCToYnLylLHyyoxqvyN6cwI7YiLaZPIfmzd
8L/9iKcprlOeT8kyMXnueG/Z3KmMpfurLcp4jRpTIM2T0T9kmNlTbchqLPi9isug
SjbBaqUmAXpJwc74GQQeQPJwNn3jiT94xAkzFAZlynabjLlgahvb4lblS+k/av6I
UUxewRdeEZn+BkWqR59mGjp1XYxlwll2VlvrDb2hr/EvlOPnRANjpV0dBbt/FkqF
ALNcThtvgIRkCFC2AIM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:37 2024 by rpki-client on console-fra.rpki-client.org