Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BKBfUIjevga5T17ygqyCWAJ7Ecc.roa
File: BKBfUIjevga5T17ygqyCWAJ7Ecc.roa (raw, json)
Hash identifier: 2peP9LrwrPDUUaaxk9TJmBIJtg+p2ur3z0VvqVIaetY=
Subject key identifier: 04:A0:5F:50:88:DE:BE:06:B9:4F:5E:F2:82:AC:82:58:02:7B:11:C7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01878022B5776ACA54AF995CD87059A82F11
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BKBfUIjevga5T17ygqyCWAJ7Ecc.roa
Signing time: Fri 14 Apr 2023 14:19:30 +0000
ROA not before: Fri 14 Apr 2023 14:19:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39521
IP address blocks: 194.31.223.0/24 maxlen: 24
164.40.189.0/24 maxlen: 24
164.40.190.0/24 maxlen: 24
164.40.191.0/24 maxlen: 24
164.40.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:80:22:b5:77:6a:ca:54:af:99:5c:d8:70:59:a8:2f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 14 14:19:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04a05f5088debe06b94f5ef282ac8258027b11c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5e:40:74:95:24:ae:4e:04:b5:dc:9b:25:11:
fa:f8:ce:ba:d6:7d:79:60:d7:73:96:1b:10:73:96:
91:30:de:eb:c0:e2:e3:55:65:e3:58:aa:62:3c:5c:
86:1b:dd:68:07:fb:29:27:e1:3d:4c:a5:a4:13:2a:
ec:c6:6f:fc:42:08:c3:ce:b7:64:f4:ba:e0:9b:3f:
c9:3c:56:97:18:21:bf:5f:a6:59:98:f7:f4:85:db:
e5:6a:21:20:9e:e3:d4:f4:03:fa:31:13:30:59:58:
c6:4c:3e:e6:b6:a2:e8:db:73:bc:c8:4b:ef:60:d6:
20:a1:06:a9:e8:cc:5a:94:dc:31:e8:fe:40:08:b4:
40:18:a8:a9:73:42:25:0f:ee:c5:24:56:90:0a:bc:
ec:89:c1:7d:1a:71:2e:ea:cf:c8:b4:2a:5f:9a:62:
1f:08:db:0a:da:01:cd:da:e6:39:2e:d7:23:93:22:
a8:15:04:c2:25:4f:f7:d6:76:6d:a4:22:7f:e2:64:
1b:38:c3:e5:ef:73:cc:91:85:10:a9:c0:34:e8:f8:
14:9e:14:3f:de:d8:78:0b:ff:dc:5e:a0:71:19:f8:
45:f5:ff:a6:2c:ea:39:10:b4:6d:09:a5:7e:f3:7b:
5c:45:b8:e8:0a:8b:22:e0:18:07:b7:ed:28:7a:2a:
77:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:A0:5F:50:88:DE:BE:06:B9:4F:5E:F2:82:AC:82:58:02:7B:11:C7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BKBfUIjevga5T17ygqyCWAJ7Ecc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.40.188.0/22
194.31.223.0/24
Signature Algorithm: sha256WithRSAEncryption
95:68:3f:9a:6f:f2:e2:c3:68:6a:2d:60:d2:ac:2b:bd:8e:1e:
b2:0d:77:63:6a:d6:3e:02:d8:2f:41:6d:6c:91:f0:ef:49:54:
ce:40:70:11:1c:0a:05:18:7a:7d:16:35:3a:7a:c0:3c:1f:97:
36:4a:dd:ba:19:95:ff:98:5e:e4:72:67:15:cf:f8:4a:dd:0f:
38:3a:8b:ea:c4:e1:e6:2f:ba:93:0a:f6:4f:e9:19:15:bf:e2:
21:bd:15:20:8e:94:38:b2:7d:7b:33:ba:72:34:a3:7f:a6:70:
70:2d:4a:ae:ec:e4:33:5b:d8:7d:a0:be:8b:33:65:65:27:c1:
77:c3:3b:1d:51:25:bb:69:c3:31:e5:79:fc:68:30:87:d8:c7:
18:b2:10:da:6a:27:fb:f6:6d:be:6f:94:b5:bf:01:d9:bc:df:
19:15:ed:3b:3b:60:d5:9c:c6:f0:b9:5e:85:f3:03:c4:88:08:
56:d8:7e:0f:b1:fe:9d:5a:b5:d4:6c:98:65:2a:7e:2c:20:d9:
11:d9:60:de:30:45:fe:09:d7:25:53:4f:bb:bc:d6:d9:b4:b7:
de:9f:e7:e4:5b:0a:f0:6b:a6:04:39:9c:44:e9:29:dc:64:36:
c6:2a:42:cd:45:90:ab:df:57:5e:87:23:64:f8:26:b9:ae:d0:
7f:a8:54:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeAIrV3aspUr5lc2HBZqC8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDE0MTQxOTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGEwNWY1MDg4ZGViZTA2Yjk0ZjVlZjI4MmFjODI1ODAyN2IxMWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl5AdJUkrk4EtdybJRH6+M661n15
YNdzlhsQc5aRMN7rwOLjVWXjWKpiPFyGG91oB/spJ+E9TKWkEyrsxm/8QgjDzrdk
9Lrgmz/JPFaXGCG/X6ZZmPf0hdvlaiEgnuPU9AP6MRMwWVjGTD7mtqLo23O8yEvv
YNYgoQap6MxalNwx6P5ACLRAGKipc0IlD+7FJFaQCrzsicF9GnEu6s/ItCpfmmIf
CNsK2gHN2uY5LtcjkyKoFQTCJU/31nZtpCJ/4mQbOMPl73PMkYUQqcA06PgUnhQ/
3th4C//cXqBxGfhF9f+mLOo5ELRtCaV+83tcRbjoCosi4BgHt+0oeip3+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFASgX1CI3r4GuU9e8oKsglgCexHHMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQktCZlVJamV2Z2E1VDE3eWdxeUNXQUo3RWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCpCi8AwQA
wh/fMA0GCSqGSIb3DQEBCwUAA4IBAQCVaD+ab/Liw2hqLWDSrCu9jh6yDXdjatY+
AtgvQW1skfDvSVTOQHARHAoFGHp9FjU6esA8H5c2St26GZX/mF7kcmcVz/hK3Q84
OovqxOHmL7qTCvZP6RkVv+IhvRUgjpQ4sn17M7pyNKN/pnBwLUqu7OQzW9h9oL6L
M2VlJ8F3wzsdUSW7acMx5Xn8aDCH2McYshDaaif79m2+b5S1vwHZvN8ZFe07O2DV
nMbwuV6F8wPEiAhW2H4Psf6dWrXUbJhlKn4sINkR2WDeMEX+CdclU0+7vNbZtLfe
n+fkWwrwa6YEOZxE6SncZDbGKkLNRZCr31dehyNk+Ca5rtB/qFQv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:26 2024 by rpki-client on console-ams.rpki-client.org