Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/bGIrSrCHnuVnC425t_QTutvF3RE.roa
File: bGIrSrCHnuVnC425t_QTutvF3RE.roa (raw, json)
Hash identifier: mJvyMTHlirkVq1jnxAbBRwZ9RVIlo1Zt6BbUFa9IO2Y=
Subject key identifier: 6C:62:2B:4A:B0:87:9E:E5:67:0B:8D:B9:B7:F4:13:BA:DB:C5:DD:11
Certificate issuer: /CN=6506096695f7e6610b19b08e1d7fd9c4d914a4f0
Certificate serial: 01907D08AB5F381E3BF8248299206307090E
Authority key identifier: 65:06:09:66:95:F7:E6:61:0B:19:B0:8E:1D:7F:D9:C4:D9:14:A4:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZQYJZpX35mELGbCOHX_ZxNkUpPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/bGIrSrCHnuVnC425t_QTutvF3RE.roa
Signing time: Thu 04 Jul 2024 09:17:18 +0000
ROA not before: Thu 04 Jul 2024 09:17:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205614
IP address blocks: 45.89.160.0/22 maxlen: 24
45.135.124.0/22 maxlen: 24
185.171.44.0/22 maxlen: 24
193.22.251.0/24 maxlen: 24
2a0b:e880::/29 maxlen: 29
2a0d:1f80::/32 maxlen: 36
2a0e:8b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:51:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7d:08:ab:5f:38:1e:3b:f8:24:82:99:20:63:07:09:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6506096695f7e6610b19b08e1d7fd9c4d914a4f0
Validity
Not Before: Jul 4 09:17:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c622b4ab0879ee5670b8db9b7f413badbc5dd11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:09:c5:82:ef:7c:9d:56:46:9d:38:47:56:e9:
e4:f7:0f:e5:78:43:2f:08:ce:31:ef:eb:1a:b8:2d:
e2:4a:2b:fe:d2:f4:16:24:ef:01:1c:43:48:2a:fb:
38:e1:aa:5a:ef:15:e5:fc:27:0a:46:ee:cb:18:71:
ef:88:b7:6a:a6:ae:75:76:81:28:d9:b3:61:d3:34:
43:d7:28:26:78:6b:05:48:d6:a8:ed:9f:6c:de:9a:
33:48:93:bf:54:97:95:b1:c5:ac:2e:c5:7d:48:0c:
36:47:52:0b:14:6b:08:f9:42:a1:d1:be:46:ba:19:
56:81:ca:4e:b6:bc:6d:ac:ab:ae:26:5b:aa:68:ff:
b6:24:b3:6f:9b:8f:67:95:0d:27:b4:81:01:16:bf:
fb:02:66:e5:b6:83:43:d5:20:9e:92:b1:20:2e:75:
3f:53:27:28:ea:3a:b5:27:13:2f:68:69:8b:c6:25:
05:05:8a:bc:8d:57:fc:c2:5f:2e:f1:80:4a:38:e7:
93:b6:80:68:ad:69:87:7b:b7:04:82:2e:65:70:af:
8e:7a:62:47:f7:b4:8d:e8:3b:57:87:97:e8:49:7c:
32:e2:04:61:e3:d3:6b:ed:72:c8:b4:07:f3:1b:2f:
91:39:7f:af:95:0f:4e:47:ba:e1:0b:c9:52:6f:b0:
11:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:62:2B:4A:B0:87:9E:E5:67:0B:8D:B9:B7:F4:13:BA:DB:C5:DD:11
X509v3 Authority Key Identifier:
keyid:65:06:09:66:95:F7:E6:61:0B:19:B0:8E:1D:7F:D9:C4:D9:14:A4:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZQYJZpX35mELGbCOHX_ZxNkUpPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/bGIrSrCHnuVnC425t_QTutvF3RE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/ZQYJZpX35mELGbCOHX_ZxNkUpPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.160.0/22
45.135.124.0/22
185.171.44.0/22
193.22.251.0/24
IPv6:
2a0b:e880::/29
2a0d:1f80::/32
2a0e:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
06:0e:02:07:82:84:e1:f4:fe:95:9f:9b:d3:a4:d9:b4:20:52:
ba:8b:35:b5:37:e6:29:c8:7f:3c:5e:38:3a:d0:9a:67:90:37:
cd:19:13:70:4e:1d:64:a8:53:77:29:97:8a:38:1b:ab:d5:d7:
a3:b3:e5:b9:4c:ee:76:84:a9:29:2a:19:01:ee:ec:91:54:8d:
5a:08:cc:86:8f:75:71:d0:72:43:3f:a4:4f:82:a0:af:34:0e:
b5:ac:99:64:44:bc:06:ab:a8:dc:ac:b2:f2:16:9d:6e:ca:f0:
98:22:39:15:b3:a0:a1:5f:3c:1f:83:b8:e1:87:6e:39:30:91:
8f:d8:31:ab:69:08:3b:f6:04:11:36:20:46:7a:b1:24:e8:b4:
6e:16:e9:50:4b:f7:ed:ad:90:dc:00:b7:8f:9a:db:b4:6d:e4:
ef:cd:75:50:83:bc:e9:4d:cf:a0:fa:9d:44:3b:d7:39:27:59:
53:09:17:f2:51:d8:cf:3e:71:7d:bd:6d:9f:4c:c7:7b:a5:73:
44:e9:29:0d:a1:a4:6a:22:a6:bb:95:e1:52:08:c4:8d:f4:aa:
ff:0c:32:22:4e:75:6b:52:62:b5:91:6c:af:07:85:b9:2e:63:
e2:a7:eb:51:01:c5:82:d3:77:ee:1e:15:d9:10:96:cb:03:65:
76:6f:3a:c5
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZB9CKtfOB47+CSCmSBjBwkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MDYwOTY2OTVmN2U2NjEwYjE5YjA4ZTFkN2ZkOWM0ZDkx
NGE0ZjAwHhcNMjQwNzA0MDkxNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzYyMmI0YWIwODc5ZWU1NjcwYjhkYjliN2Y0MTNiYWRiYzVkZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwnFgu98nVZGnThHVunk9w/leEMv
CM4x7+sauC3iSiv+0vQWJO8BHENIKvs44apa7xXl/CcKRu7LGHHviLdqpq51doEo
2bNh0zRD1ygmeGsFSNao7Z9s3pozSJO/VJeVscWsLsV9SAw2R1ILFGsI+UKh0b5G
uhlWgcpOtrxtrKuuJluqaP+2JLNvm49nlQ0ntIEBFr/7AmbltoND1SCekrEgLnU/
Uyco6jq1JxMvaGmLxiUFBYq8jVf8wl8u8YBKOOeTtoBorWmHe7cEgi5lcK+OemJH
97SN6DtXh5foSXwy4gRh49Nr7XLItAfzGy+ROX+vlQ9OR7rhC8lSb7AR1QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFGxiK0qwh57lZwuNubf0E7rbxd0RMB8GA1UdIwQY
MBaAFGUGCWaV9+ZhCxmwjh1/2cTZFKTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlFZSlpwWDM1bUVMR2JDT0hYX1p4TmtVcFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9mNWJhYTQtZjY3MC00Mzg1LWJjMzgt
YTQxNTI1NThkMThjLzEvYkdJclNyQ0hudVZuQzQyNXRfUVR1dHZGM1JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9mNWJhYTQtZjY3MC00Mzg1LWJjMzgtYTQxNTI1NThkMThj
LzEvWlFZSlpwWDM1bUVMR2JDT0hYX1p4TmtVcFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCLVmgAwQC
LYd8AwQCuassAwQAwRb7MBsEAgACMBUDBQMqC+iAAwUAKg0fgAMFAyoOi0AwDQYJ
KoZIhvcNAQELBQADggEBAAYOAgeChOH0/pWfm9Ok2bQgUrqLNbU35inIfzxeODrQ
mmeQN80ZE3BOHWSoU3cpl4o4G6vV16Oz5blM7naEqSkqGQHu7JFUjVoIzIaPdXHQ
ckM/pE+CoK80DrWsmWREvAarqNyssvIWnW7K8JgiORWzoKFfPB+DuOGHbjkwkY/Y
MatpCDv2BBE2IEZ6sSTotG4W6VBL9+2tkNwAt4+a27Rt5O/NdVCDvOlNz6D6nUQ7
1zknWVMJF/JR2M8+cX29bZ9Mx3ulc0TpKQ2hpGoipruV4VIIxI30qv8MMiJOdWtS
YrWRbK8HhbkuY+Kn61EBxYLTd+4eFdkQlssDZXZvOsU=
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:05:36 2025 by rpki-client