Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/bh-HkPhfoh9BHkg3LvnXfWqsE9c.roa
File: bh-HkPhfoh9BHkg3LvnXfWqsE9c.roa (raw, json)
Hash identifier: WUeXkX21uKP34An3KDHAeVAGsFGFIBimIe/OSVMoLSs=
Subject key identifier: 6E:1F:87:90:F8:5F:A2:1F:41:1E:48:37:2E:F9:D7:7D:6A:AC:13:D7
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018D5B4C3E229D2546B98B1CEA8EDD213AAF
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/bh-HkPhfoh9BHkg3LvnXfWqsE9c.roa
Signing time: Tue 30 Jan 2024 16:55:39 +0000
ROA not before: Tue 30 Jan 2024 16:55:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8038
IP address blocks: 45.130.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 04:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5b:4c:3e:22:9d:25:46:b9:8b:1c:ea:8e:dd:21:3a:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 30 16:55:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e1f8790f85fa21f411e48372ef9d77d6aac13d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4e:c2:d2:e3:ca:53:e7:6d:1b:da:f4:a5:6c:
c5:68:33:18:f1:bf:2e:79:ee:55:2e:0a:00:16:a6:
22:b1:57:96:4d:c8:8d:f2:f0:3e:82:8e:fb:0e:ae:
ee:d6:c2:4b:19:5e:1f:d6:f3:af:60:3b:46:80:a0:
62:53:7a:6d:6d:17:ac:e8:51:28:79:a3:5e:2b:f9:
b8:04:fd:6f:bc:9c:e4:a0:fd:ce:60:ef:9a:f3:21:
a3:dc:39:2d:4d:16:fd:4a:d2:6a:64:f7:40:4a:74:
2b:da:50:31:55:95:24:93:45:f0:60:1e:fb:a1:eb:
a7:4d:e4:e7:4c:69:4e:ea:a1:06:68:7b:18:d8:44:
9f:91:01:5e:a0:54:ee:06:b0:42:ad:4b:da:47:6f:
a4:1a:33:9c:b5:de:83:73:fd:e2:5f:c2:4d:bd:09:
df:6d:ef:f6:02:77:38:54:0d:c6:28:dc:cc:9c:44:
5d:b5:20:e0:07:c7:f9:d4:18:b5:b4:0b:b5:17:7d:
c2:14:58:1d:3d:88:73:a2:e1:f2:9e:61:9f:53:1a:
91:d0:3c:ad:33:fe:c9:09:0d:99:6d:b4:69:e3:0c:
a3:fd:64:24:71:9e:1e:0f:e2:99:9b:fc:44:12:4e:
00:8f:09:9a:1c:b6:3a:72:44:38:f6:24:d5:1f:90:
8a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:1F:87:90:F8:5F:A2:1F:41:1E:48:37:2E:F9:D7:7D:6A:AC:13:D7
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/bh-HkPhfoh9BHkg3LvnXfWqsE9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.142.0/24
Signature Algorithm: sha256WithRSAEncryption
30:82:05:3f:ae:fa:a0:ee:b3:db:8d:03:e5:91:b1:32:6f:b9:
4c:77:44:8a:eb:1d:da:ee:9d:6e:ad:2b:87:fd:a2:cc:c9:0f:
bd:33:a9:76:82:f4:cb:3a:60:ba:49:d9:0f:99:d4:63:7e:b9:
c0:ee:df:a3:47:10:c3:f6:7c:db:d6:c3:22:17:04:9c:dc:6e:
a0:a6:95:1f:e8:64:5a:7d:23:3e:a7:ae:15:c3:e1:31:33:fd:
94:1e:6d:9c:27:b9:83:1f:37:75:6b:21:73:0d:2e:d7:e2:29:
6f:f4:31:1c:65:03:3a:1a:87:b8:d9:c8:28:ae:c4:01:0c:19:
3f:1c:00:57:d2:3a:eb:73:9e:e6:87:e4:a4:7b:3d:fe:07:6e:
80:2e:dc:37:d7:b7:d0:af:75:1e:9d:14:22:fe:c3:e4:0f:ae:
c1:2f:22:15:ef:2a:2d:9e:85:8c:d7:55:25:6c:ea:3e:e0:ec:
86:39:c1:14:c1:72:8a:b3:72:25:6c:e8:9f:12:27:6a:2d:c8:
cc:c3:cb:ad:9e:7b:9e:aa:97:00:6d:b2:2e:f3:50:eb:13:a1:
17:a8:b9:2c:78:dc:cb:2b:11:5c:8a:33:15:e0:0b:f9:d0:fa:
91:16:10:09:fc:62:02:37:2f:84:67:44:c5:ab:fa:4f:8f:45:
58:d6:71:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1bTD4inSVGuYsc6o7dITqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTMwMTY1NTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTFmODc5MGY4NWZhMjFmNDExZTQ4MzcyZWY5ZDc3ZDZhYWMxM2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsU7C0uPKU+dtG9r0pWzFaDMY8b8u
ee5VLgoAFqYisVeWTciN8vA+go77Dq7u1sJLGV4f1vOvYDtGgKBiU3ptbRes6FEo
eaNeK/m4BP1vvJzkoP3OYO+a8yGj3DktTRb9StJqZPdASnQr2lAxVZUkk0XwYB77
oeunTeTnTGlO6qEGaHsY2ESfkQFeoFTuBrBCrUvaR2+kGjOctd6Dc/3iX8JNvQnf
be/2Anc4VA3GKNzMnERdtSDgB8f51Bi1tAu1F33CFFgdPYhzouHynmGfUxqR0Dyt
M/7JCQ2ZbbRp4wyj/WQkcZ4eD+KZm/xEEk4AjwmaHLY6ckQ49iTVH5CKvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4fh5D4X6IfQR5INy75131qrBPXMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvYmgtSGtQaGZvaDlCSGtnM0x2blhmV3FzRTljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYKOMA0G
CSqGSIb3DQEBCwUAA4IBAQAwggU/rvqg7rPbjQPlkbEyb7lMd0SK6x3a7p1urSuH
/aLMyQ+9M6l2gvTLOmC6SdkPmdRjfrnA7t+jRxDD9nzb1sMiFwSc3G6gppUf6GRa
fSM+p64Vw+ExM/2UHm2cJ7mDHzd1ayFzDS7X4ilv9DEcZQM6Goe42cgorsQBDBk/
HABX0jrrc57mh+Skez3+B26ALtw317fQr3UenRQi/sPkD67BLyIV7yotnoWM11Ul
bOo+4OyGOcEUwXKKs3IlbOifEidqLcjMw8utnnueqpcAbbIu81DrE6EXqLkseNzL
KxFcijMV4Av50PqRFhAJ/GICNy+EZ0TFq/pPj0VY1nGE
-----END CERTIFICATE-----
Generated at Wed Jan 31 05:25:59 2024 by rpki-client on console-ams.rpki-client.org