Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BHEffA_as7lvH-7E2lV8oktRcVI.roa
File: BHEffA_as7lvH-7E2lV8oktRcVI.roa (raw, json)
Hash identifier: XDHsUaGHrYXo3reJfFciZv2uB2Abgq5bz9yQXcPrDIs=
Subject key identifier: 04:71:1F:7C:0F:DA:B3:B9:6F:1F:EE:C4:DA:55:7C:A2:4B:51:71:52
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CE8D325FE46038F81296F9BD2C10EE882
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BHEffA_as7lvH-7E2lV8oktRcVI.roa
Signing time: Mon 08 Jan 2024 11:26:41 +0000
ROA not before: Mon 08 Jan 2024 11:26:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203511
IP address blocks: 45.151.2.0/24 maxlen: 24
45.144.214.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 18:19:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e8:d3:25:fe:46:03:8f:81:29:6f:9b:d2:c1:0e:e8:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 8 11:26:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04711f7c0fdab3b96f1feec4da557ca24b517152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d8:c5:cd:0d:a8:67:a0:54:42:41:09:3b:c4:
80:0b:a2:b2:c3:ab:ac:86:e0:c3:42:b2:d0:a2:6b:
b5:72:39:e2:20:c5:87:dc:66:5f:04:f4:67:56:79:
9f:86:4c:33:bb:0a:c8:04:20:d3:c2:6d:d1:f4:b1:
e8:70:16:15:41:b4:63:5d:8a:25:dc:af:8d:31:e0:
08:1d:93:49:93:a7:0f:0e:04:be:1c:db:37:6c:d6:
e2:26:2e:a8:d5:ae:b5:56:01:fa:32:15:8a:20:6e:
9e:87:e5:dc:2a:2d:8e:cb:e3:46:de:6c:c7:7d:57:
16:7c:93:bc:01:8e:de:59:03:5e:47:58:71:43:ea:
c7:e5:e4:bd:f4:c2:98:13:b0:0c:ca:cd:fa:ab:31:
55:16:63:23:f3:3e:be:75:6b:0a:98:ef:4b:93:a9:
65:5a:4d:04:8c:65:39:16:4f:68:cc:00:bb:a3:7d:
a1:52:10:a8:26:09:0e:0e:6f:8a:41:1d:10:24:21:
8b:90:b1:f9:39:00:27:a8:a8:19:3e:72:85:6f:12:
49:83:37:94:d1:b1:86:dc:58:98:e6:53:e9:ba:90:
fe:fb:d3:80:75:13:bc:7d:99:4b:66:17:22:a2:66:
44:7e:ed:78:bb:b8:9a:d8:ea:16:87:14:78:17:d0:
32:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:71:1F:7C:0F:DA:B3:B9:6F:1F:EE:C4:DA:55:7C:A2:4B:51:71:52
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BHEffA_as7lvH-7E2lV8oktRcVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.138.0/24
45.144.214.0/24
45.151.2.0/24
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:ea:cc:9a:0a:cd:76:bd:a4:20:69:23:2b:79:43:02:0b:1f:
ea:5c:a3:65:78:98:2c:67:3c:b1:79:8c:6e:c2:48:f1:46:cd:
0c:5c:ff:cf:6e:5d:60:3e:b0:33:c5:f4:b0:9b:ff:53:da:78:
44:b6:f4:63:b7:c9:21:be:eb:e6:ef:6c:e2:57:f6:8f:f0:b3:
f9:39:85:7f:91:a1:bb:90:37:15:19:03:fc:d9:d2:db:3d:fe:
cc:b5:40:26:72:e1:a5:4c:34:13:e6:8c:bd:e8:3b:af:d2:6c:
65:82:ee:16:3a:f8:b6:57:ff:eb:75:1d:23:9b:32:87:4d:2c:
09:02:65:5a:6c:ee:91:71:39:0e:c0:5b:09:b3:e0:c8:d5:c4:
b5:cd:f4:2e:b1:48:94:c3:23:a1:b3:82:e4:da:e2:f5:99:42:
86:11:07:c5:a3:b6:2e:9c:24:58:8a:fb:bf:dc:0c:37:3f:97:
52:28:f0:1e:48:70:d3:5c:12:81:9a:38:5f:e1:0b:db:4a:3d:
91:52:1a:88:4c:c3:2c:05:1a:76:cf:ee:21:97:23:8a:96:ae:
30:c1:55:44:1b:4e:86:5f:ee:6a:a6:4a:51:98:0c:34:af:93:
d5:e7:d7:1c:c6:7a:40:07:c5:b8:93:ef:c2:86:8f:ab:ee:8e:
d6:a4:61:da
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzo0yX+RgOPgSlvm9LBDuiCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTA4MTEyNjQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDcxMWY3YzBmZGFiM2I5NmYxZmVlYzRkYTU1N2NhMjRiNTE3MTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNjFzQ2oZ6BUQkEJO8SAC6Kyw6us
huDDQrLQomu1cjniIMWH3GZfBPRnVnmfhkwzuwrIBCDTwm3R9LHocBYVQbRjXYol
3K+NMeAIHZNJk6cPDgS+HNs3bNbiJi6o1a61VgH6MhWKIG6eh+XcKi2Oy+NG3mzH
fVcWfJO8AY7eWQNeR1hxQ+rH5eS99MKYE7AMys36qzFVFmMj8z6+dWsKmO9Lk6ll
Wk0EjGU5Fk9ozAC7o32hUhCoJgkODm+KQR0QJCGLkLH5OQAnqKgZPnKFbxJJgzeU
0bGG3FiY5lPpupD++9OAdRO8fZlLZhciomZEfu14u7ia2OoWhxR4F9AyLwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFARxH3wP2rO5bx/uxNpVfKJLUXFSMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvQkhFZmZBX2FzN2x2SC03RTJsVjhva3RSY1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALViKAwQA
LZDWAwQALZcCAwQAwg80MA0GCSqGSIb3DQEBCwUAA4IBAQCm6syaCs12vaQgaSMr
eUMCCx/qXKNleJgsZzyxeYxuwkjxRs0MXP/Pbl1gPrAzxfSwm/9T2nhEtvRjt8kh
vuvm72ziV/aP8LP5OYV/kaG7kDcVGQP82dLbPf7MtUAmcuGlTDQT5oy96Duv0mxl
gu4WOvi2V//rdR0jmzKHTSwJAmVabO6RcTkOwFsJs+DI1cS1zfQusUiUwyOhs4Lk
2uL1mUKGEQfFo7YunCRYivu/3Aw3P5dSKPAeSHDTXBKBmjhf4QvbSj2RUhqITMMs
BRp2z+4hlyOKlq4wwVVEG06GX+5qpkpRmAw0r5PV59ccxnpAB8W4k+/Cho+r7o7W
pGHa
-----END CERTIFICATE-----
Generated at Wed Jan 10 21:58:40 2024 by rpki-client on console-fra.rpki-client.org