Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/bJbuVoZhCw00KNaNh48GxiKry5s.roa
File: bJbuVoZhCw00KNaNh48GxiKry5s.roa (raw, json)
Hash identifier: YmDqvlkTndkU9JLjt8djNUU8qAl9eBt6u/wn6s5BnA8=
Subject key identifier: 6C:96:EE:56:86:61:0B:0D:34:28:D6:8D:87:8F:06:C6:22:AB:CB:9B
Certificate issuer: /CN=bdac8f33db4a4a0175d8f8ea7ca747507e7e81e0
Certificate serial: 0190DFF64C1D4E8ABD21845DDB470506A1E8
Authority key identifier: BD:AC:8F:33:DB:4A:4A:01:75:D8:F8:EA:7C:A7:47:50:7E:7E:81:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vayPM9tKSgF12PjqfKdHUH5-geA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/bJbuVoZhCw00KNaNh48GxiKry5s.roa
Signing time: Tue 23 Jul 2024 14:19:38 +0000
ROA not before: Tue 23 Jul 2024 14:19:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53856
IP address blocks: 46.173.64.0/22 maxlen: 22
46.173.68.0/22 maxlen: 22
46.173.72.0/22 maxlen: 22
46.173.76.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 24 Jul 2024 13:39:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:df:f6:4c:1d:4e:8a:bd:21:84:5d:db:47:05:06:a1:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdac8f33db4a4a0175d8f8ea7ca747507e7e81e0
Validity
Not Before: Jul 23 14:19:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c96ee5686610b0d3428d68d878f06c622abcb9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:85:52:f1:a2:91:dc:9d:a9:e6:a5:a1:65:61:
dc:a0:23:49:c8:0b:0b:be:e1:c3:bd:38:9e:56:65:
5c:fe:6a:b5:23:00:4b:28:40:7c:14:1e:18:bb:98:
a6:09:b3:f7:23:39:2c:d0:8f:4d:74:d5:b7:89:38:
b6:d3:6a:ab:e7:cd:c0:68:f7:38:6e:d6:0d:28:d9:
87:23:78:03:77:49:bf:0c:69:b1:49:2e:a2:ae:55:
97:d3:0c:00:ad:37:73:30:3f:6e:9a:25:32:72:d4:
22:06:3a:05:70:39:08:ee:e6:5d:49:87:d2:2c:48:
e3:2a:6b:07:69:18:26:10:c5:33:75:86:b3:cb:41:
a8:01:0f:57:76:86:c7:f1:4a:41:3b:49:89:9f:e5:
6b:6e:fc:2a:03:5f:8a:54:f6:fc:3b:e4:33:90:a1:
0a:2c:7d:80:9c:ef:f7:bf:0a:0b:cf:2a:4e:f3:e5:
4b:9b:a3:35:1b:78:53:09:94:e0:99:b4:14:30:b4:
d9:59:b6:4c:96:ca:fb:7b:a1:c2:6b:d8:c7:d7:75:
ba:c7:31:d8:85:6f:77:7f:54:80:00:95:cc:74:22:
01:f6:a6:ec:0e:31:1b:5b:03:51:ed:9f:7b:8e:c6:
a6:9a:39:19:e7:98:9d:1c:15:bc:5c:cc:11:d3:4b:
c9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:96:EE:56:86:61:0B:0D:34:28:D6:8D:87:8F:06:C6:22:AB:CB:9B
X509v3 Authority Key Identifier:
keyid:BD:AC:8F:33:DB:4A:4A:01:75:D8:F8:EA:7C:A7:47:50:7E:7E:81:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vayPM9tKSgF12PjqfKdHUH5-geA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/bJbuVoZhCw00KNaNh48GxiKry5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/vayPM9tKSgF12PjqfKdHUH5-geA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.173.64.0/20
Signature Algorithm: sha256WithRSAEncryption
9a:1d:df:67:59:30:9e:50:48:c9:87:74:2c:d3:95:48:95:38:
db:da:ff:0f:1f:aa:7c:56:dc:e9:8a:9d:5c:52:c8:89:46:bd:
c6:5c:84:e1:46:1d:e8:92:c6:bf:06:c5:31:be:9b:97:8f:18:
6e:8c:74:3b:30:59:2e:b4:cf:9b:0c:39:61:6c:0f:85:47:2e:
0f:21:10:1d:42:45:b4:33:bc:16:9f:58:e2:41:52:1c:0a:ae:
36:ed:b8:ef:56:53:04:e4:12:bf:7d:fa:93:07:63:22:2e:dc:
b0:9b:9d:61:21:8b:70:85:cc:eb:f3:5c:c6:db:da:c4:47:0a:
b7:f2:8f:b2:ce:dc:f4:50:b7:bd:09:54:6c:34:fb:e3:d3:a2:
25:81:45:63:4f:c2:93:f6:b8:0a:05:1f:c9:bc:1c:a4:f0:c0:
6e:84:74:d1:92:b1:a1:e0:a7:e7:ed:b5:cb:6d:c5:72:57:93:
c4:9b:8d:11:9b:3c:2a:af:f4:12:00:56:1d:b8:46:09:31:b6:
ae:1c:fb:5d:a5:10:5b:f6:cc:e5:d9:5a:3b:d5:27:bf:55:78:
3f:a9:79:36:3e:b0:2b:be:d5:9c:a6:e3:a7:98:07:5b:c2:e4:
57:0e:84:3d:fa:0d:df:a2:a5:46:f7:33:76:ac:52:1c:45:75:
ff:53:15:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDf9kwdToq9IYRd20cFBqHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYWM4ZjMzZGI0YTRhMDE3NWQ4ZjhlYTdjYTc0NzUwN2U3
ZTgxZTAwHhcNMjQwNzIzMTQxOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzk2ZWU1Njg2NjEwYjBkMzQyOGQ2OGQ4NzhmMDZjNjIyYWJjYjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYVS8aKR3J2p5qWhZWHcoCNJyAsL
vuHDvTieVmVc/mq1IwBLKEB8FB4Yu5imCbP3Izks0I9NdNW3iTi202qr583AaPc4
btYNKNmHI3gDd0m/DGmxSS6irlWX0wwArTdzMD9umiUyctQiBjoFcDkI7uZdSYfS
LEjjKmsHaRgmEMUzdYazy0GoAQ9XdobH8UpBO0mJn+VrbvwqA1+KVPb8O+QzkKEK
LH2AnO/3vwoLzypO8+VLm6M1G3hTCZTgmbQUMLTZWbZMlsr7e6HCa9jH13W6xzHY
hW93f1SAAJXMdCIB9qbsDjEbWwNR7Z97jsammjkZ55idHBW8XMwR00vJwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGyW7laGYQsNNCjWjYePBsYiq8ubMB8GA1UdIwQY
MBaAFL2sjzPbSkoBddj46nynR1B+foHgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmF5UE05dEtTZ0YxMlBqcWZLZEhVSDUtZ2VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8yZTkzZmItNDliMS00YjM5LWIyNTIt
MjUwYmFmNzhlMzBlLzEvYkpidVZvWmhDdzAwS05hTmg0OEd4aUtyeTVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8yZTkzZmItNDliMS00YjM5LWIyNTItMjUwYmFmNzhlMzBl
LzEvdmF5UE05dEtTZ0YxMlBqcWZLZEhVSDUtZ2VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELq1AMA0G
CSqGSIb3DQEBCwUAA4IBAQCaHd9nWTCeUEjJh3Qs05VIlTjb2v8PH6p8Vtzpip1c
UsiJRr3GXIThRh3oksa/BsUxvpuXjxhujHQ7MFkutM+bDDlhbA+FRy4PIRAdQkW0
M7wWn1jiQVIcCq427bjvVlME5BK/ffqTB2MiLtywm51hIYtwhczr81zG29rERwq3
8o+yztz0ULe9CVRsNPvj06IlgUVjT8KT9rgKBR/JvByk8MBuhHTRkrGh4Kfn7bXL
bcVyV5PEm40Rmzwqr/QSAFYduEYJMbauHPtdpRBb9szl2Vo71Se/VXg/qXk2PrAr
vtWcpuOnmAdbwuRXDoQ9+g3foqVG9zN2rFIcRXX/UxVy
-----END CERTIFICATE-----
Generated at Wed Jul 24 19:37:42 2024 by rpki-client on console-ams.rpki-client.org