Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/BAHfdlFDDk9lLPXBIE59Ya3rZRA.roa
File: BAHfdlFDDk9lLPXBIE59Ya3rZRA.roa (raw, json)
Hash identifier: bpaxRkgxz8/lDl/w1S0WDvQB8lI0C+cflXp//rGAlkI=
Subject key identifier: 04:01:DF:76:51:43:0E:4F:65:2C:F5:C1:20:4E:7D:61:AD:EB:65:10
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0192D0D86C1D72F5FDE35ED0101C48E3B356
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/BAHfdlFDDk9lLPXBIE59Ya3rZRA.roa
Signing time: Mon 28 Oct 2024 01:58:17 +0000
ROA not before: Mon 28 Oct 2024 01:58:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.138.0/24 maxlen: 24
5.231.70.0/24 maxlen: 24
77.90.42.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
77.90.55.0/24 maxlen: 24
85.118.162.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.249.138.0/24 maxlen: 24
94.249.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 02:03:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d0:d8:6c:1d:72:f5:fd:e3:5e:d0:10:1c:48:e3:b3:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 28 01:58:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0401df7651430e4f652cf5c1204e7d61adeb6510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fc:9b:bb:fc:ce:9b:ea:d2:4a:4c:62:05:9a:
cf:e0:90:dd:74:bb:d3:19:74:45:d7:82:6c:29:a4:
b7:1c:34:20:36:0e:e6:20:d0:89:69:c8:9c:f9:92:
48:e5:30:0c:97:38:70:45:44:60:13:6d:fd:ad:b3:
c2:d6:1c:18:54:33:7a:12:04:b1:ca:b4:69:17:f9:
7a:a1:9e:c7:89:42:fa:41:4f:d3:9b:7f:9b:d2:75:
d1:2a:07:a6:20:de:d0:ca:f5:8c:1e:69:dd:26:49:
65:a3:64:ae:5f:c3:be:b6:90:4d:9b:31:e0:a2:27:
59:7c:05:bd:50:b2:40:9f:9c:a2:a4:00:e0:f7:b0:
b8:0b:8e:c9:79:86:aa:52:ae:0c:35:61:af:47:1d:
9a:fe:51:54:e8:99:dd:1e:a1:25:2e:63:0a:69:b3:
32:fb:55:87:47:71:d8:fc:f7:af:4b:d2:46:bd:43:
04:01:da:49:11:23:a1:06:08:28:d6:dd:c8:bb:fb:
e7:71:d6:cc:e7:59:84:41:2f:ce:e1:e5:8a:62:49:
16:4f:53:a1:e8:b8:7e:a0:4c:df:30:49:5c:71:3b:
c2:d9:ed:4d:24:50:fa:03:4e:9e:63:9c:12:b9:5b:
e2:d5:f9:2b:66:72:44:43:29:9f:0b:2c:9f:7d:99:
20:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:01:DF:76:51:43:0E:4F:65:2C:F5:C1:20:4E:7D:61:AD:EB:65:10
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/BAHfdlFDDk9lLPXBIE59Ya3rZRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.138.0/24
5.231.70.0/24
77.90.42.0/24
77.90.54.0/23
85.118.162.0/24
87.239.131.0/24
94.249.138.0/24
94.249.148.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:46:c3:db:0f:c7:e1:94:9d:e0:70:9b:09:31:88:68:c2:f7:
b9:53:ff:bd:6e:7f:00:c8:fb:54:7d:f4:43:39:4b:0e:0f:a5:
2f:e5:5b:d1:02:06:c1:04:c1:5b:ce:a4:10:8e:36:b8:06:87:
61:9c:af:d3:c8:03:df:bc:41:8d:9d:44:d3:50:1d:be:a8:76:
18:fe:b3:ea:26:f7:b7:2b:ba:70:2b:73:bb:5a:ed:e7:10:6d:
f9:c5:9c:c9:29:f6:a1:c6:cf:ff:4c:22:3a:f4:9f:e9:05:85:
52:33:1e:b1:38:10:47:af:ad:0c:73:0d:d3:09:c8:ab:e4:69:
41:28:12:58:18:99:d3:c2:b9:68:c9:17:9c:82:96:92:30:e8:
97:f2:6a:02:b0:5e:41:a3:6d:d4:13:1d:70:e9:6c:d3:14:8b:
1a:65:28:37:a8:29:8d:55:01:8e:77:e4:0b:b4:4f:ee:e8:12:
a5:c7:a8:b3:ef:52:d7:da:69:77:92:a2:29:db:4a:1a:60:38:
5a:e3:4f:39:1a:8a:f4:37:a1:f6:83:72:3e:c2:4b:7b:7d:d2:
6e:39:5b:29:12:70:da:a3:05:09:ce:1d:9b:dd:b1:70:67:11:
82:45:fc:34:f9:f7:13:ac:7a:6d:03:f9:d5:1f:8c:db:27:a3:
b9:f0:ed:18
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZLQ2GwdcvX9417QEBxI47NWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMDI4MDE1ODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDAxZGY3NjUxNDMwZTRmNjUyY2Y1YzEyMDRlN2Q2MWFkZWI2NTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfybu/zOm+rSSkxiBZrP4JDddLvT
GXRF14JsKaS3HDQgNg7mINCJacic+ZJI5TAMlzhwRURgE239rbPC1hwYVDN6EgSx
yrRpF/l6oZ7HiUL6QU/Tm3+b0nXRKgemIN7QyvWMHmndJkllo2SuX8O+tpBNmzHg
oidZfAW9ULJAn5yipADg97C4C47JeYaqUq4MNWGvRx2a/lFU6JndHqElLmMKabMy
+1WHR3HY/PevS9JGvUMEAdpJESOhBggo1t3Iu/vncdbM51mEQS/O4eWKYkkWT1Oh
6Lh+oEzfMElccTvC2e1NJFD6A06eY5wSuVvi1fkrZnJEQymfCyyffZkgXwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAQB33ZRQw5PZSz1wSBOfWGt62UQMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvQkFIZmRsRkREazlsTFBYQklFNTlZYTNyWlJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABVOBAwQA
Ba+KAwQABedGAwQATVoqAwQBTVo2AwQAVXaiAwQAV++DAwQAXvmKAwQAXvmUMA0G
CSqGSIb3DQEBCwUAA4IBAQBbRsPbD8fhlJ3gcJsJMYhowve5U/+9bn8AyPtUffRD
OUsOD6Uv5VvRAgbBBMFbzqQQjja4BodhnK/TyAPfvEGNnUTTUB2+qHYY/rPqJve3
K7pwK3O7Wu3nEG35xZzJKfahxs//TCI69J/pBYVSMx6xOBBHr60Mcw3TCcir5GlB
KBJYGJnTwrloyRecgpaSMOiX8moCsF5Bo23UEx1w6WzTFIsaZSg3qCmNVQGOd+QL
tE/u6BKlx6iz71LX2ml3kqIp20oaYDha4085Gor0N6H2g3I+wkt7fdJuOVspEnDa
owUJzh2b3bFwZxGCRfw0+fcTrHptA/nVH4zbJ6O58O0Y
-----END CERTIFICATE-----
Generated at Tue Oct 29 04:54:50 2024 by rpki-client on console-fra.rpki-client.org