Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/52b481-f303-4a96-97dd-7370fd80df6c/1/bFSY0eaaWZuvKafPMTZpw-f1kQY.roa
File: bFSY0eaaWZuvKafPMTZpw-f1kQY.roa (raw, json)
Hash identifier: XFP5Gtylnq7CNC5TSjSfdJmlg1kYUCx+ZEeaPHBdMPU=
Subject key identifier: 6C:54:98:D1:E6:9A:59:9B:AF:29:A7:CF:31:36:69:C3:E7:F5:91:06
Certificate issuer: /CN=586b0182105bb27b0c8bcf2842bd3c1a85164bd1
Certificate serial: 01936EB7591EC3DDC344607A85CB14D91EE3
Authority key identifier: 58:6B:01:82:10:5B:B2:7B:0C:8B:CF:28:42:BD:3C:1A:85:16:4B:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WGsBghBbsnsMi88oQr08GoUWS9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/52b481-f303-4a96-97dd-7370fd80df6c/1/bFSY0eaaWZuvKafPMTZpw-f1kQY.roa
Signing time: Wed 27 Nov 2024 17:42:09 +0000
ROA not before: Wed 27 Nov 2024 17:42:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 194.179.160.0/19 maxlen: 22
Validation: Failed, certificate revoked on Thu 28 Nov 2024 18:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6e:b7:59:1e:c3:dd:c3:44:60:7a:85:cb:14:d9:1e:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=586b0182105bb27b0c8bcf2842bd3c1a85164bd1
Validity
Not Before: Nov 27 17:42:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c5498d1e69a599baf29a7cf313669c3e7f59106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:34:ba:16:f6:1b:71:ad:d9:a2:26:73:e5:f4:
ee:0d:d4:6b:50:7c:1c:f2:64:6d:4e:7a:f2:dc:b7:
06:23:e2:f2:50:f0:53:eb:99:2b:64:96:bd:43:24:
c9:1a:12:c7:ca:63:2b:cb:26:27:c4:39:b1:d1:60:
a7:86:d0:fb:57:93:0b:5c:96:e7:3e:ce:ae:22:f2:
ea:03:62:57:dd:79:af:6c:d4:70:a0:15:6e:49:fb:
f2:72:b5:e1:a2:25:51:b8:a1:66:9a:52:01:81:81:
53:49:a7:34:9d:82:0a:ba:a6:a6:58:3e:c3:f1:d9:
2a:21:1d:8e:81:a3:57:d0:7c:d5:07:1f:17:ba:70:
22:19:53:d3:64:8f:53:d8:c9:bd:cb:58:bd:f0:75:
99:07:26:70:d5:ad:0e:c3:46:3d:12:49:cb:2a:6e:
d8:05:f4:e9:4a:ff:b6:59:ab:76:ba:7a:79:ba:68:
f0:f5:ef:b1:75:f7:d8:3c:02:e3:8b:6d:1c:9d:a3:
50:3c:53:93:8e:f8:93:72:a0:1b:4a:83:05:ff:79:
d6:b2:35:18:fb:52:64:51:c3:04:af:c1:2f:18:a4:
b1:61:ac:94:9b:cd:ac:0a:17:cd:bc:fe:6a:fb:d7:
01:69:a5:08:a7:cf:7f:ff:66:25:9c:10:a2:7c:71:
ad:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:54:98:D1:E6:9A:59:9B:AF:29:A7:CF:31:36:69:C3:E7:F5:91:06
X509v3 Authority Key Identifier:
keyid:58:6B:01:82:10:5B:B2:7B:0C:8B:CF:28:42:BD:3C:1A:85:16:4B:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGsBghBbsnsMi88oQr08GoUWS9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/52b481-f303-4a96-97dd-7370fd80df6c/1/bFSY0eaaWZuvKafPMTZpw-f1kQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/52b481-f303-4a96-97dd-7370fd80df6c/1/WGsBghBbsnsMi88oQr08GoUWS9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.179.160.0/19
Signature Algorithm: sha256WithRSAEncryption
b1:d2:24:f5:7c:ce:df:08:68:dd:80:94:88:3d:c5:a1:9c:53:
11:18:67:a3:61:f5:ae:9d:32:e9:a2:96:0b:56:ac:db:00:79:
1a:3d:72:39:cb:a9:e6:25:60:e4:26:b5:ef:5b:bc:d3:1b:dd:
8f:d8:0e:eb:67:90:d1:37:b3:ac:4c:5e:5d:a6:af:94:8a:f7:
9e:66:a3:30:3b:06:ab:f7:94:1b:72:4c:5b:d4:d6:cc:6e:4f:
32:d1:af:30:03:64:ba:d4:e4:ab:85:3d:87:1a:ad:6c:a6:14:
02:65:3a:fb:6f:a8:11:e5:ff:1d:0e:d7:75:27:5e:cf:c1:2c:
f9:e0:33:19:90:a7:d8:8e:cd:77:9c:65:5f:dc:e9:86:84:f4:
1f:e5:77:3f:3d:29:55:3b:bc:09:cb:9d:68:6b:26:40:ae:1c:
93:f8:24:61:27:fd:f7:81:f0:c6:d0:76:83:df:43:1f:fe:8e:
d8:e9:94:95:c7:f1:1d:47:b6:b9:3e:ec:c7:be:39:6a:1d:02:
2e:33:90:2a:a6:d2:72:ff:d1:10:a3:f4:97:17:88:5a:89:7d:
db:07:08:04:25:64:1b:27:06:a4:93:b1:93:72:71:c7:76:27:
bd:bd:82:72:f4:34:c9:a6:ab:69:e1:78:4e:94:cc:52:ae:55:
f1:cd:17:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNut1kew93DRGB6hcsU2R7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NmIwMTgyMTA1YmIyN2IwYzhiY2YyODQyYmQzYzFhODUx
NjRiZDEwHhcNMjQxMTI3MTc0MjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzU0OThkMWU2OWE1OTliYWYyOWE3Y2YzMTM2NjljM2U3ZjU5MTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjS6FvYbca3ZoiZz5fTuDdRrUHwc
8mRtTnry3LcGI+LyUPBT65krZJa9QyTJGhLHymMryyYnxDmx0WCnhtD7V5MLXJbn
Ps6uIvLqA2JX3XmvbNRwoBVuSfvycrXhoiVRuKFmmlIBgYFTSac0nYIKuqamWD7D
8dkqIR2OgaNX0HzVBx8XunAiGVPTZI9T2Mm9y1i98HWZByZw1a0Ow0Y9EknLKm7Y
BfTpSv+2Wat2unp5umjw9e+xdffYPALji20cnaNQPFOTjviTcqAbSoMF/3nWsjUY
+1JkUcMEr8EvGKSxYayUm82sChfNvP5q+9cBaaUIp89//2YlnBCifHGtJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGxUmNHmmlmbrymnzzE2acPn9ZEGMB8GA1UdIwQY
MBaAFFhrAYIQW7J7DIvPKEK9PBqFFkvRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0dzQmdoQmJzbnNNaTg4b1FyMDhHb1VXUzlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81MmI0ODEtZjMwMy00YTk2LTk3ZGQt
NzM3MGZkODBkZjZjLzEvYkZTWTBlYWFXWnV2S2FmUE1UWnB3LWYxa1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81MmI0ODEtZjMwMy00YTk2LTk3ZGQtNzM3MGZkODBkZjZj
LzEvV0dzQmdoQmJzbnNNaTg4b1FyMDhHb1VXUzlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFwrOgMA0G
CSqGSIb3DQEBCwUAA4IBAQCx0iT1fM7fCGjdgJSIPcWhnFMRGGejYfWunTLpopYL
VqzbAHkaPXI5y6nmJWDkJrXvW7zTG92P2A7rZ5DRN7OsTF5dpq+UiveeZqMwOwar
95Qbckxb1NbMbk8y0a8wA2S61OSrhT2HGq1sphQCZTr7b6gR5f8dDtd1J17PwSz5
4DMZkKfYjs13nGVf3OmGhPQf5Xc/PSlVO7wJy51oayZArhyT+CRhJ/33gfDG0HaD
30Mf/o7Y6ZSVx/EdR7a5PuzHvjlqHQIuM5AqptJy/9EQo/SXF4haiX3bBwgEJWQb
Jwakk7GTcnHHdie9vYJy9DTJpqtp4XhOlMxSrlXxzRc2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:10 2025 by rpki-client