Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Bstc3Qs2TNEEIr2Dh39MeaQDIrQ.roa
File: Bstc3Qs2TNEEIr2Dh39MeaQDIrQ.roa (raw, json)
Hash identifier: p0U/elM4tc9Ikalt3b2C8mA1xvl81d/3MPvyN3d/F1E=
Subject key identifier: 06:CB:5C:DD:0B:36:4C:D1:04:22:BD:83:87:7F:4C:79:A4:03:22:B4
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0185708CE01D3EB62C9182E0DF6F4863220E
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Bstc3Qs2TNEEIr2Dh39MeaQDIrQ.roa
Signing time: Mon 02 Jan 2023 03:35:58 +0000
ROA not before: Mon 02 Jan 2023 03:35:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39407
IP address blocks: 87.103.232.0/24 maxlen: 24
87.103.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:e0:1d:3e:b6:2c:91:82:e0:df:6f:48:63:22:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 03:35:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06cb5cdd0b364cd10422bd83877f4c79a40322b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:32:c1:b1:75:c7:d9:d3:7b:12:48:72:10:ce:
ed:21:20:14:cf:1f:68:5d:bf:56:e4:63:73:50:28:
da:59:62:ef:49:56:6f:59:9c:51:66:69:2d:74:40:
0b:86:e4:c7:71:aa:a5:7e:2f:21:cb:e5:37:dd:d3:
a5:0a:e4:70:8c:a1:9c:5f:f2:d0:22:eb:d1:0f:23:
a2:7d:d4:e8:3e:9a:5d:12:cb:a7:da:86:cb:2d:fe:
f1:d2:df:75:8b:d3:ac:59:2e:8d:e0:49:ce:a9:f0:
a6:42:30:71:2b:07:25:a7:8f:6a:b2:c3:a8:6b:5c:
30:d2:ad:2f:23:86:b2:8a:51:2e:3e:e4:00:fe:61:
9a:23:5d:a6:7a:2c:7a:2a:b3:ac:43:ca:77:3c:d5:
a5:1b:d9:0e:71:43:1a:ff:3e:9b:c1:d5:b7:48:8f:
7d:f1:00:9d:b0:22:40:8a:3a:4a:7e:ea:a6:39:79:
71:77:e2:15:47:d4:4f:46:09:a8:f5:5b:c8:76:81:
1b:57:01:58:d2:51:39:8d:be:5d:25:a2:d3:0c:7f:
e1:b9:0b:fc:51:e6:89:25:91:a5:3e:cd:12:70:fc:
a4:c2:8b:a5:65:49:2a:83:28:41:09:3d:e4:30:c6:
d7:e5:fd:58:3f:c0:d0:1b:e0:52:89:bb:f1:c4:fc:
6b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:CB:5C:DD:0B:36:4C:D1:04:22:BD:83:87:7F:4C:79:A4:03:22:B4
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Bstc3Qs2TNEEIr2Dh39MeaQDIrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.103.232.0/24
87.103.234.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:96:39:e8:8b:80:0b:2f:9e:ce:e2:a4:36:79:98:ec:18:b2:
9a:f3:17:c9:df:0e:b8:77:84:00:99:9e:7b:b6:e8:62:bc:2b:
08:f7:c3:b6:ba:9c:56:0c:cc:be:0b:e2:3f:0e:cd:fb:14:da:
2c:b6:50:14:54:64:3d:df:1f:97:d5:cb:c9:96:79:56:fa:04:
cb:49:fe:03:f8:c8:17:ef:d8:ac:db:ce:96:22:54:27:46:eb:
c2:ed:bb:a4:d6:5f:2c:49:e0:ba:0b:21:75:5a:20:42:29:f2:
c7:6e:4b:a8:48:80:4b:5e:ad:f2:17:d2:33:5d:a1:12:62:40:
e1:8c:ed:a9:bb:38:db:35:e7:98:6a:28:a0:4a:c5:e4:2a:58:
e0:da:4d:be:c2:56:be:48:16:62:74:09:eb:62:0d:53:81:ac:
a5:26:2e:87:06:f6:b1:db:ec:a9:d6:26:ac:43:eb:e7:fc:96:
18:a7:98:87:79:1d:df:bc:d4:fd:1a:2b:26:36:65:23:62:97:
55:04:db:50:50:4a:03:0d:f2:67:3d:b9:2b:61:ef:22:45:d4:
3d:0f:b5:42:45:a3:af:00:29:0b:19:a5:15:c1:a8:a2:4b:e2:
83:75:b2:1e:ed:79:8a:de:b9:ed:81:d2:16:e5:f1:fe:a4:0f:
2b:84:2a:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwjOAdPrYskYLg329IYyIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjMwMTAyMDMzNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmNiNWNkZDBiMzY0Y2QxMDQyMmJkODM4NzdmNGM3OWE0MDMyMmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDLBsXXH2dN7EkhyEM7tISAUzx9o
Xb9W5GNzUCjaWWLvSVZvWZxRZmktdEALhuTHcaqlfi8hy+U33dOlCuRwjKGcX/LQ
IuvRDyOifdToPppdEsun2obLLf7x0t91i9OsWS6N4EnOqfCmQjBxKwclp49qssOo
a1ww0q0vI4ayilEuPuQA/mGaI12meix6KrOsQ8p3PNWlG9kOcUMa/z6bwdW3SI99
8QCdsCJAijpKfuqmOXlxd+IVR9RPRgmo9VvIdoEbVwFY0lE5jb5dJaLTDH/huQv8
UeaJJZGlPs0ScPykwoulZUkqgyhBCT3kMMbX5f1YP8DQG+BSibvxxPxrZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAbLXN0LNkzRBCK9g4d/THmkAyK0MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvQnN0YzNRczJUTkVFSXIyRGgzOU1lYVFESXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV2foAwQA
V2fqMA0GCSqGSIb3DQEBCwUAA4IBAQALljnoi4ALL57O4qQ2eZjsGLKa8xfJ3w64
d4QAmZ57tuhivCsI98O2upxWDMy+C+I/Ds37FNostlAUVGQ93x+X1cvJlnlW+gTL
Sf4D+MgX79is286WIlQnRuvC7buk1l8sSeC6CyF1WiBCKfLHbkuoSIBLXq3yF9Iz
XaESYkDhjO2puzjbNeeYaiigSsXkKljg2k2+wla+SBZidAnrYg1TgaylJi6HBvax
2+yp1iasQ+vn/JYYp5iHeR3fvNT9GismNmUjYpdVBNtQUEoDDfJnPbkrYe8iRdQ9
D7VCRaOvACkLGaUVwaiiS+KDdbIe7XmK3rntgdIW5fH+pA8rhCpN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:24 2024 by rpki-client on console-ams.rpki-client.org