Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/bQ056WD-XgGlj26wnPa9mGlKBJE.roa
File: bQ056WD-XgGlj26wnPa9mGlKBJE.roa (raw, json)
Hash identifier: c8ke69DbdOu8pNFPA54mjk/MhJh+W9+EdLvXn6lv5uY=
Subject key identifier: 6D:0D:39:E9:60:FE:5E:01:A5:8F:6E:B0:9C:F6:BD:98:69:4A:04:91
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018E8A3CD16D88ACC03B0A00C7DEE3759E94
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/bQ056WD-XgGlj26wnPa9mGlKBJE.roa
Signing time: Fri 29 Mar 2024 12:43:45 +0000
ROA not before: Fri 29 Mar 2024 12:43:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8570
IP address blocks: 109.172.32.0/22 maxlen: 22
109.172.40.0/22 maxlen: 22
178.234.0.0/16 maxlen: 18
195.34.224.0/19 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 04:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8a:3c:d1:6d:88:ac:c0:3b:0a:00:c7:de:e3:75:9e:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 29 12:43:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d0d39e960fe5e01a58f6eb09cf6bd98694a0491
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a6:19:8a:e1:8a:31:73:74:73:78:68:2a:06:
a6:4a:2e:4f:30:8c:99:e0:ec:6e:a1:49:9b:65:5d:
3c:99:c5:58:71:42:af:71:50:d0:6e:49:31:ad:65:
a9:aa:0e:56:09:dc:bc:a4:eb:46:4a:65:4e:0f:bb:
65:1e:13:dd:1b:94:83:50:16:9d:70:b9:7e:a9:07:
97:81:a7:b9:c8:d9:72:e0:b2:3d:4c:17:b0:10:d2:
7c:04:4f:c4:62:cd:2e:77:a2:02:db:64:0a:13:40:
b0:62:85:84:a7:eb:66:de:51:be:62:e1:83:92:01:
ad:02:33:03:fb:cb:07:40:b5:31:d4:ca:46:e6:dc:
42:ce:a3:2f:62:d0:1c:fe:d3:c8:0c:1d:71:50:c6:
1c:64:ff:df:3f:2d:69:77:8a:ce:64:fb:01:1f:51:
67:25:61:cb:e5:17:3e:3a:bc:4d:b6:f0:34:b8:36:
07:d0:c3:29:20:07:b7:57:a3:cd:79:d1:7e:78:0e:
91:7b:00:db:86:43:80:b9:a9:cd:db:92:8a:da:4d:
de:8a:0f:c8:00:74:f2:a9:15:db:b2:fe:f0:20:0a:
3d:b6:51:73:9a:a9:94:11:42:b3:ae:d2:d1:15:21:
82:26:12:5f:23:f9:bc:86:f8:08:ca:d2:09:c9:ab:
32:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:0D:39:E9:60:FE:5E:01:A5:8F:6E:B0:9C:F6:BD:98:69:4A:04:91
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/bQ056WD-XgGlj26wnPa9mGlKBJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.172.32.0/22
109.172.40.0/22
178.234.0.0/16
195.34.224.0/19
Signature Algorithm: sha256WithRSAEncryption
68:73:9c:6c:db:0b:69:0b:53:e6:4e:28:b7:38:d4:18:eb:5b:
26:d3:9b:d1:d5:b7:0e:e3:51:02:7c:ed:b0:e4:1f:e5:84:1c:
41:2f:e8:67:5b:25:ee:87:4f:8e:26:57:60:04:da:f5:10:65:
1a:6e:3e:03:90:23:65:a5:db:85:9b:8d:ac:5b:79:a2:c3:75:
45:88:a5:47:11:7b:24:41:27:86:06:f7:42:33:5c:0f:1e:ea:
eb:04:be:bc:07:0e:03:9e:c2:5d:2a:b9:b3:00:ac:79:68:07:
5f:e4:9c:c6:5e:3d:df:26:68:43:44:d3:e7:45:33:52:dc:e9:
5b:14:57:bc:50:dc:ec:69:4f:05:dd:7c:1d:2b:aa:f7:97:76:
f1:34:ef:eb:2c:33:01:5a:a6:91:e6:f7:5d:d1:14:ec:a2:b0:
ce:04:19:62:58:3b:46:56:29:ea:48:12:fb:a6:f7:ab:18:22:
81:2e:19:b6:56:37:84:2d:7c:23:c2:e9:ba:b5:c7:4c:7f:e1:
ab:a4:cf:fe:7c:06:cb:55:b2:ef:02:e2:d1:c6:d1:f5:c7:c6:
09:fc:4c:ec:39:6d:72:ac:9b:33:97:1b:8d:64:8b:50:9e:67:
fa:c6:f4:9f:7d:ed:0b:1d:57:ce:e4:ac:ee:fa:f8:63:e9:9a:
5a:aa:03:ee
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6KPNFtiKzAOwoAx97jdZ6UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMzI5MTI0MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDBkMzllOTYwZmU1ZTAxYTU4ZjZlYjA5Y2Y2YmQ5ODY5NGEwNDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqYZiuGKMXN0c3hoKgamSi5PMIyZ
4OxuoUmbZV08mcVYcUKvcVDQbkkxrWWpqg5WCdy8pOtGSmVOD7tlHhPdG5SDUBad
cLl+qQeXgae5yNly4LI9TBewENJ8BE/EYs0ud6IC22QKE0CwYoWEp+tm3lG+YuGD
kgGtAjMD+8sHQLUx1MpG5txCzqMvYtAc/tPIDB1xUMYcZP/fPy1pd4rOZPsBH1Fn
JWHL5Rc+OrxNtvA0uDYH0MMpIAe3V6PNedF+eA6RewDbhkOAuanN25KK2k3eig/I
AHTyqRXbsv7wIAo9tlFzmqmUEUKzrtLRFSGCJhJfI/m8hvgIytIJyasyZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG0NOelg/l4BpY9usJz2vZhpSgSRMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvYlEwNTZXRC1YZ0dsajI2d25QYTltR2xLQkpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAATAXAwQCbawgAwQC
bawoAwMAsuoDBAXDIuAwDQYJKoZIhvcNAQELBQADggEBAGhznGzbC2kLU+ZOKLc4
1BjrWybTm9HVtw7jUQJ87bDkH+WEHEEv6GdbJe6HT44mV2AE2vUQZRpuPgOQI2Wl
24WbjaxbeaLDdUWIpUcReyRBJ4YG90IzXA8e6usEvrwHDgOewl0qubMArHloB1/k
nMZePd8maENE0+dFM1Lc6VsUV7xQ3OxpTwXdfB0rqveXdvE07+ssMwFappHm913R
FOyisM4EGWJYO0ZWKepIEvum96sYIoEuGbZWN4QtfCPC6bq1x0x/4aukz/58BstV
su8C4tHG0fXHxgn8TOw5bXKsmzOXG41ki1CeZ/rG9J997QsdV87krO76+GPpmlqq
A+4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:25 2024 by rpki-client on console-ams.rpki-client.org