Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bxZ-zoZNuiYvP-VT46Mm2wVnfyI.roa
File: bxZ-zoZNuiYvP-VT46Mm2wVnfyI.roa (raw, json)
Hash identifier: inkn5uzlSHJl54Ac5aiddU3IYUzJtW+nVNAM0XPPOPI=
Subject key identifier: 6F:16:7E:CE:86:4D:BA:26:2F:3F:E5:53:E3:A3:26:DB:05:67:7F:22
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018FAFF6DF6DC8AE4783733F469DB5BB6193
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bxZ-zoZNuiYvP-VT46Mm2wVnfyI.roa
Signing time: Sat 25 May 2024 13:35:42 +0000
ROA not before: Sat 25 May 2024 13:35:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51396
IP address blocks: 2.58.95.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
87.121.105.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.156.10.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 May 2024 18:55:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:af:f6:df:6d:c8:ae:47:83:73:3f:46:9d:b5:bb:61:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 25 13:35:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f167ece864dba262f3fe553e3a326db05677f22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:50:01:01:a4:cb:ae:5e:34:62:0e:93:0a:28:
da:17:8e:08:d8:aa:ad:5a:de:5b:46:25:4e:36:e3:
a5:38:0f:21:58:f1:ff:98:fa:6f:c8:01:07:a1:e3:
46:d4:60:4c:7a:e1:69:7e:f0:47:29:b0:95:a1:3f:
f9:28:b0:4d:34:ae:e6:90:b5:ee:c6:57:4c:45:76:
f8:cd:6f:93:22:63:6c:ce:96:c8:7c:83:79:38:4a:
dd:0d:dc:10:9a:0f:e0:db:c3:19:96:41:01:71:92:
56:01:79:db:f9:e2:90:c1:d4:74:ae:63:67:3d:99:
0a:62:cc:e9:c3:71:1e:cf:16:f2:f6:2d:93:d7:46:
9a:10:57:49:20:62:22:35:5d:4d:d2:92:5c:26:69:
d7:b2:28:00:33:61:27:a5:50:eb:05:13:3f:85:74:
ac:2a:e9:ec:17:f9:b6:f4:15:e6:82:8b:8e:a0:5b:
62:7a:85:00:37:1a:d4:06:2b:23:73:03:20:b3:bb:
f2:3a:a4:cc:cf:31:52:0a:ca:a4:eb:43:ec:37:29:
fa:75:c9:e2:0b:b7:cf:d5:e0:a6:d7:fc:23:21:8d:
f6:03:92:2e:c9:ca:5f:2d:38:65:56:5b:fc:cd:c2:
41:be:a0:51:88:e9:6a:d8:4c:b2:64:f3:e5:d7:4f:
c4:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:16:7E:CE:86:4D:BA:26:2F:3F:E5:53:E3:A3:26:DB:05:67:7F:22
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bxZ-zoZNuiYvP-VT46Mm2wVnfyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
45.128.232.0/24
84.54.51.0/24
87.121.58.0/24
87.121.69.0/24
87.121.105.0/24
94.103.124.0/23
94.156.10.0/24
141.98.4.0/24
147.78.102.0/24
193.35.18.0/24
Signature Algorithm: sha256WithRSAEncryption
01:d6:ec:aa:e5:6a:00:23:5e:27:c3:e6:9a:ff:c4:0d:1f:f6:
3d:ca:7a:e2:1e:b8:ef:26:ef:67:b3:10:5b:bc:a1:fb:8b:25:
d9:86:7c:b5:b7:df:18:ec:99:15:27:a9:1e:3b:0e:45:fb:97:
38:ad:7d:a9:d4:5b:59:c9:fb:90:58:7d:73:38:93:8b:44:d8:
f2:49:15:84:22:c6:12:17:33:56:b3:ed:8f:01:bb:6b:f8:b6:
49:a9:eb:01:75:84:f7:fd:60:d3:1a:8b:c1:4d:cf:1f:18:a3:
92:a1:bd:30:c5:40:34:95:03:71:5b:be:21:7f:d7:ed:ff:d9:
ef:85:0f:fe:b8:da:62:ae:94:5b:84:72:42:d2:59:b3:0e:49:
3c:7b:ab:b6:ba:68:0c:2c:79:0e:56:d3:e2:6c:b3:aa:24:09:
e2:84:c7:69:ed:f2:95:d9:a2:da:21:fb:e9:bd:c0:c1:61:38:
cd:ff:21:5c:ff:ad:c5:e1:09:f6:f7:54:23:f3:ec:9e:38:28:
24:98:1d:09:7d:71:0c:33:4b:ac:a8:37:32:0d:50:5a:ae:9b:
52:2c:0e:55:ab:1d:a2:de:bc:13:dd:48:98:f8:e1:7c:59:03:
b7:56:6c:cb:44:85:8c:bd:f1:fb:6e:e0:37:07:23:a8:e9:9d:
33:10:6d:5b
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY+v9t9tyK5Hg3M/Rp21u2GTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNTI1MTMzNTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjE2N2VjZTg2NGRiYTI2MmYzZmU1NTNlM2EzMjZkYjA1Njc3ZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1ABAaTLrl40Yg6TCijaF44I2Kqt
Wt5bRiVONuOlOA8hWPH/mPpvyAEHoeNG1GBMeuFpfvBHKbCVoT/5KLBNNK7mkLXu
xldMRXb4zW+TImNszpbIfIN5OErdDdwQmg/g28MZlkEBcZJWAXnb+eKQwdR0rmNn
PZkKYszpw3Eezxby9i2T10aaEFdJIGIiNV1N0pJcJmnXsigAM2EnpVDrBRM/hXSs
KunsF/m29BXmgouOoFtieoUANxrUBisjcwMgs7vyOqTMzzFSCsqk60PsNyn6dcni
C7fP1eCm1/wjIY32A5IuycpfLThlVlv8zcJBvqBRiOlq2EyyZPPl10/ErQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFG8Wfs6GTbomLz/lU+OjJtsFZ38iMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYnhaLXpvWk51aVl2UC1WVDQ2TW0yd1ZuZnlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAAjpfAwQA
LYDoAwQAVDYzAwQAV3k6AwQAV3lFAwQAV3lpAwQBXmd8AwQAXpwKAwQAjWIEAwQA
k05mAwQAwSMSMA0GCSqGSIb3DQEBCwUAA4IBAQAB1uyq5WoAI14nw+aa/8QNH/Y9
ynriHrjvJu9nsxBbvKH7iyXZhny1t98Y7JkVJ6keOw5F+5c4rX2p1FtZyfuQWH1z
OJOLRNjySRWEIsYSFzNWs+2PAbtr+LZJqesBdYT3/WDTGovBTc8fGKOSob0wxUA0
lQNxW74hf9ft/9nvhQ/+uNpirpRbhHJC0lmzDkk8e6u2umgMLHkOVtPibLOqJAni
hMdp7fKV2aLaIfvpvcDBYTjN/yFc/63F4Qn291Qj8+yeOCgkmB0JfXEMM0usqDcy
DVBarptSLA5Vqx2i3rwT3UiY+OF8WQO3VmzLRIWMvfH7buA3ByOo6Z0zEG1b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:15 2024 by rpki-client on console-fra.rpki-client.org