Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/BNVjgvKEfliWulotlKoxpG0KP1c.roa
File: BNVjgvKEfliWulotlKoxpG0KP1c.roa (raw, json)
Hash identifier: xhyiOE/T9R6rJKFvdOa09DbAyWUQ08IsAt8VNmW69hc=
Subject key identifier: 04:D5:63:82:F2:84:7E:58:96:BA:5A:2D:94:AA:31:A4:6D:0A:3F:57
Certificate issuer: /CN=b0fa0c7abc10796915e335ba19780e473e027969
Certificate serial: 018BA4DB21A6F80815617F1A024BDA8EDE39
Authority key identifier: B0:FA:0C:7A:BC:10:79:69:15:E3:35:BA:19:78:0E:47:3E:02:79:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPoMerwQeWkV4zW6GXgORz4CeWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/BNVjgvKEfliWulotlKoxpG0KP1c.roa
Signing time: Mon 06 Nov 2023 13:38:26 +0000
ROA not before: Mon 06 Nov 2023 13:38:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9211
IP address blocks: 213.238.32.0/20 maxlen: 20
213.238.50.0/23 maxlen: 23
213.238.52.0/22 maxlen: 22
212.12.32.0/20 maxlen: 20
212.12.56.0/21 maxlen: 21
194.49.7.0/24 maxlen: 24
2a00:ea8::/32 maxlen: 32
2a00:eab::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a4:db:21:a6:f8:08:15:61:7f:1a:02:4b:da:8e:de:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0fa0c7abc10796915e335ba19780e473e027969
Validity
Not Before: Nov 6 13:38:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04d56382f2847e5896ba5a2d94aa31a46d0a3f57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:fb:13:d2:92:e3:5e:6e:b1:bc:42:ed:e4:82:
96:fc:15:1f:7e:e4:b1:72:c3:0f:d0:cc:f5:89:96:
14:e4:dd:63:e5:cc:3a:60:9d:d8:72:3d:dc:05:ec:
2d:59:64:96:9c:f4:0c:bc:d4:0f:18:47:79:8f:86:
22:14:4b:1f:7f:53:ce:15:5a:35:44:62:9b:4c:4c:
a1:06:e2:71:bc:f0:55:97:33:89:f9:19:95:2e:96:
07:73:eb:60:b9:78:b8:50:11:10:49:64:22:95:83:
51:5e:a9:2a:a8:e7:40:46:aa:2d:12:9a:6f:44:d7:
b2:90:12:18:ac:e6:f6:ca:a2:b0:42:62:a2:bf:37:
43:14:c1:dd:eb:2d:7e:d4:29:59:f4:b8:18:33:52:
ae:66:4b:aa:9e:bf:56:b2:86:f7:07:21:e2:b6:e4:
8c:ec:73:fe:a1:d3:c8:b9:ca:ff:5e:14:c9:28:6b:
2f:b1:c3:28:00:b9:d5:3a:0a:1d:4c:77:03:47:5d:
59:2d:13:3c:92:52:8c:ed:74:04:e5:0a:ba:ea:5a:
06:9c:7c:5a:41:01:20:83:d2:06:f1:08:87:81:c9:
18:70:9f:e9:d3:32:d1:3e:36:48:95:5e:fd:f2:c8:
0d:66:e4:17:f6:c4:4d:37:63:d3:64:82:2a:b2:ac:
ae:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:D5:63:82:F2:84:7E:58:96:BA:5A:2D:94:AA:31:A4:6D:0A:3F:57
X509v3 Authority Key Identifier:
keyid:B0:FA:0C:7A:BC:10:79:69:15:E3:35:BA:19:78:0E:47:3E:02:79:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPoMerwQeWkV4zW6GXgORz4CeWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/BNVjgvKEfliWulotlKoxpG0KP1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/974749-4d7e-4450-9793-df854f47baf4/1/sPoMerwQeWkV4zW6GXgORz4CeWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.7.0/24
212.12.32.0/20
212.12.56.0/21
213.238.32.0/20
213.238.50.0-213.238.55.255
IPv6:
2a00:ea8::/32
2a00:eab::/32
Signature Algorithm: sha256WithRSAEncryption
99:e3:5e:a8:8f:3f:fd:84:94:54:94:35:29:bb:3f:bb:93:29:
63:22:53:75:3e:a2:6a:bf:c8:22:38:cd:ff:b1:43:9a:c1:e1:
dd:3b:bb:f6:97:c8:8e:98:cf:13:32:8b:b4:0a:d0:d5:fc:99:
4e:0b:dc:8e:51:d8:2a:2e:c9:72:a4:26:12:e8:35:94:e0:82:
69:14:d9:98:14:b9:96:99:c7:c2:d1:aa:ee:88:52:95:74:20:
be:ea:e7:4e:2a:ab:37:1a:69:43:eb:8d:e8:1f:16:1a:be:6e:
23:cf:ad:bd:32:e3:5c:76:1a:7d:14:57:6c:ff:71:74:47:0b:
aa:75:c7:39:3a:8c:e0:ca:99:36:e4:89:46:15:c7:f3:eb:19:
a0:59:07:ac:32:1f:5a:02:7c:da:92:5c:f6:02:2e:44:4b:cb:
0c:e2:ab:7b:a1:8b:92:23:7f:48:4f:6a:f4:dd:13:4b:54:3e:
ed:b4:99:de:d9:cb:22:16:44:77:22:14:48:e3:21:ee:90:2b:
4c:36:57:22:04:41:ca:47:e6:c7:2b:40:13:6b:9c:a7:0f:5e:
89:80:73:56:1a:fc:df:ae:a8:85:43:ff:2f:9e:5d:85:ef:9d:
d2:93:1c:1c:9e:51:15:ab:f3:11:36:52:01:0a:6c:b0:0d:08:
3a:da:6a:03
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYuk2yGm+AgVYX8aAkvajt45MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZmEwYzdhYmMxMDc5NjkxNWUzMzViYTE5NzgwZTQ3M2Uw
Mjc5NjkwHhcNMjMxMTA2MTMzODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGQ1NjM4MmYyODQ3ZTU4OTZiYTVhMmQ5NGFhMzFhNDZkMGEzZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPsT0pLjXm6xvELt5IKW/BUffuSx
csMP0Mz1iZYU5N1j5cw6YJ3Ycj3cBewtWWSWnPQMvNQPGEd5j4YiFEsff1POFVo1
RGKbTEyhBuJxvPBVlzOJ+RmVLpYHc+tguXi4UBEQSWQilYNRXqkqqOdARqotEppv
RNeykBIYrOb2yqKwQmKivzdDFMHd6y1+1ClZ9LgYM1KuZkuqnr9Wsob3ByHituSM
7HP+odPIucr/XhTJKGsvscMoALnVOgodTHcDR11ZLRM8klKM7XQE5Qq66loGnHxa
QQEgg9IG8QiHgckYcJ/p0zLRPjZIlV798sgNZuQX9sRNN2PTZIIqsqyuHwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFATVY4LyhH5YlrpaLZSqMaRtCj9XMB8GA1UdIwQY
MBaAFLD6DHq8EHlpFeM1uhl4Dkc+AnlpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BvTWVyd1FlV2tWNHpXNkdYZ09SejRDZVdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC85NzQ3NDktNGQ3ZS00NDUwLTk3OTMt
ZGY4NTRmNDdiYWY0LzEvQk5Wamd2S0VmbGlXdWxvdGxLb3hwRzBLUDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC85NzQ3NDktNGQ3ZS00NDUwLTk3OTMtZGY4NTRmNDdiYWY0
LzEvc1BvTWVyd1FlV2tWNHpXNkdYZ09SejRDZVdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAsBAIAATAmAwQAwjEHAwQE
1AwgAwQD1Aw4AwQE1e4gMAwDBAHV7jIDBAPV7jAwFAQCAAIwDgMFACoADqgDBQAq
AA6rMA0GCSqGSIb3DQEBCwUAA4IBAQCZ416ojz/9hJRUlDUpuz+7kyljIlN1PqJq
v8giOM3/sUOaweHdO7v2l8iOmM8TMou0CtDV/JlOC9yOUdgqLslypCYS6DWU4IJp
FNmYFLmWmcfC0aruiFKVdCC+6udOKqs3GmlD643oHxYavm4jz629MuNcdhp9FFds
/3F0Rwuqdcc5Oozgypk25IlGFcfz6xmgWQesMh9aAnzaklz2Ai5ES8sM4qt7oYuS
I39IT2r03RNLVD7ttJne2csiFkR3IhRI4yHukCtMNlciBEHKR+bHK0ATa5ynD16J
gHNWGvzfrqiFQ/8vnl2F753SkxwcnlEVq/MRNlIBCmywDQg62moD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:09 2024 by rpki-client on console-fra.rpki-client.org