Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BnEPVhaABrt_mgdWQZCcOSveBPI.roa
File: BnEPVhaABrt_mgdWQZCcOSveBPI.roa (raw, json)
Hash identifier: VFlSXGaw1lHzkGs7x1MRWMduGeiuBKNUAh5Cg37kwRA=
Subject key identifier: 06:71:0F:56:16:80:06:BB:7F:9A:07:56:41:90:9C:39:2B:DE:04:F2
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0189C1E37BAB8F3AE6F121E4CFDBA0F06381
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BnEPVhaABrt_mgdWQZCcOSveBPI.roa
Signing time: Fri 04 Aug 2023 18:50:58 +0000
ROA not before: Fri 04 Aug 2023 18:50:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 45.9.30.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Aug 2023 12:26:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c1:e3:7b:ab:8f:3a:e6:f1:21:e4:cf:db:a0:f0:63:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 4 18:50:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06710f56168006bb7f9a075641909c392bde04f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1a:75:92:bd:bc:6c:d4:fc:46:ef:76:d0:8d:
33:6e:b8:6c:e1:99:6d:b2:ac:80:37:a8:a6:dd:dd:
12:88:26:4e:35:78:c2:d5:7c:69:65:ef:8e:f4:92:
15:33:85:c5:ba:4b:ea:bb:ac:e5:49:bf:e3:8c:ac:
ee:a5:0f:38:f0:15:09:c9:9d:66:3a:8d:67:41:6d:
b8:54:70:54:48:d9:cf:e6:d3:91:eb:3b:e6:4c:91:
a8:8c:bb:e1:9b:14:8b:fb:df:35:63:a0:93:d8:51:
e7:c7:18:2e:e9:c1:80:c1:30:3b:fd:5b:df:73:40:
c1:56:31:ef:b2:e4:1e:07:74:d5:ac:10:f0:8e:6d:
10:3f:32:5e:d9:de:12:7f:6c:5d:16:df:11:fe:95:
6a:19:50:80:70:a8:b8:2f:a8:4f:5a:e4:d8:f7:6a:
02:f3:91:f3:21:52:20:60:0b:28:b1:30:4c:e6:b3:
e5:a7:0e:fc:cb:43:8d:0d:ca:49:f6:77:64:8c:e7:
f4:52:b7:9b:0b:d5:6d:02:98:5e:64:6d:e0:58:ba:
6c:ed:3f:49:d9:f9:99:51:bf:b2:b5:52:76:45:4c:
e8:62:2d:8b:3e:9d:f5:d9:6b:f2:54:08:bc:79:2a:
cd:02:5f:c7:69:9f:d5:22:ce:ba:1f:ab:dc:86:de:
dd:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:71:0F:56:16:80:06:BB:7F:9A:07:56:41:90:9C:39:2B:DE:04:F2
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BnEPVhaABrt_mgdWQZCcOSveBPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
45.88.137.0/24
45.132.180.0/24
45.144.213.0/24
Signature Algorithm: sha256WithRSAEncryption
32:d7:3f:f2:bf:02:df:3d:ac:9e:63:55:c3:05:30:d9:c8:b6:
05:96:6a:28:fb:38:ad:5f:69:98:7c:f7:56:bf:90:09:1c:93:
dc:4e:32:1d:cd:a7:b3:15:ee:e7:75:d9:4d:83:f8:bb:80:e3:
f9:ff:c6:77:9d:08:c8:64:46:6c:44:8d:bf:44:7b:67:c5:54:
66:6a:29:aa:d2:bb:d8:2d:67:c7:b2:cd:7c:20:7a:8e:4b:8c:
ed:e4:7e:b2:9b:3b:0c:de:f3:4b:55:16:f0:2a:b5:ad:f7:6e:
2d:1c:a9:ca:9a:9b:58:72:d8:69:0f:67:19:12:8f:a8:95:13:
a9:3a:3d:42:42:aa:d3:7f:35:e8:8c:bc:c5:de:c3:df:6a:7e:
73:94:e8:47:00:55:90:91:91:bc:76:1b:63:67:40:13:62:b7:
fe:34:e7:bf:33:02:d1:91:8a:d2:4d:08:d6:e5:70:c1:35:ad:
68:50:aa:b3:84:78:28:b1:77:8b:41:d3:d0:58:cf:b1:f4:05:
3a:3a:79:a0:e8:f7:ab:3f:81:29:b9:38:93:46:ec:a8:89:2f:
d8:a0:bd:9e:0b:4e:1d:a2:57:84:76:3d:e9:f4:0b:f0:85:58:
26:97:d0:68:bd:3e:2a:bb:cc:57:ef:4c:c0:8c:bc:54:b9:b9:
61:58:c1:ce
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYnB43urjzrm8SHkz9ug8GOBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODA0MTg1MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjcxMGY1NjE2ODAwNmJiN2Y5YTA3NTY0MTkwOWMzOTJiZGUwNGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxp1kr28bNT8Ru920I0zbrhs4Zlt
sqyAN6im3d0SiCZONXjC1XxpZe+O9JIVM4XFukvqu6zlSb/jjKzupQ848BUJyZ1m
Oo1nQW24VHBUSNnP5tOR6zvmTJGojLvhmxSL+981Y6CT2FHnxxgu6cGAwTA7/Vvf
c0DBVjHvsuQeB3TVrBDwjm0QPzJe2d4Sf2xdFt8R/pVqGVCAcKi4L6hPWuTY92oC
85HzIVIgYAsosTBM5rPlpw78y0ONDcpJ9ndkjOf0UrebC9VtApheZG3gWLps7T9J
2fmZUb+ytVJ2RUzoYi2LPp312WvyVAi8eSrNAl/HaZ/VIs66H6vcht7dnwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAZxD1YWgAa7f5oHVkGQnDkr3gTyMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvQm5FUFZoYUFCcnRfbWdkV1FaQ2NPU3ZlQlBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQkeAwQA
LViJAwQALYS0AwQALZDVMA0GCSqGSIb3DQEBCwUAA4IBAQAy1z/yvwLfPayeY1XD
BTDZyLYFlmoo+zitX2mYfPdWv5AJHJPcTjIdzaezFe7nddlNg/i7gOP5/8Z3nQjI
ZEZsRI2/RHtnxVRmaimq0rvYLWfHss18IHqOS4zt5H6ymzsM3vNLVRbwKrWt924t
HKnKmptYcthpD2cZEo+olROpOj1CQqrTfzXojLzF3sPfan5zlOhHAFWQkZG8dhtj
Z0ATYrf+NOe/MwLRkYrSTQjW5XDBNa1oUKqzhHgosXeLQdPQWM+x9AU6Onmg6Per
P4EpuTiTRuyoiS/YoL2eC04doleEdj3p9AvwhVgml9BovT4qu8xX70zAjLxUublh
WMHO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org