Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/bjpW4HcKEeAp_lsGkon_ILcfLmc.roa
File: bjpW4HcKEeAp_lsGkon_ILcfLmc.roa (raw, json)
Hash identifier: Phj+Iw/1VRNHajeaE5HzsTcELVHyWcUczpLRYbVJIdA=
Subject key identifier: 6E:3A:56:E0:77:0A:11:E0:29:FE:5B:06:92:89:FF:20:B7:1F:2E:67
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01903F9B74297F5F4ABAE05CE3FE8DFF0F4D
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/bjpW4HcKEeAp_lsGkon_ILcfLmc.roa
Signing time: Sat 22 Jun 2024 11:01:10 +0000
ROA not before: Sat 22 Jun 2024 11:01:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
91.223.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jul 2024 17:04:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3f:9b:74:29:7f:5f:4a:ba:e0:5c:e3:fe:8d:ff:0f:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jun 22 11:01:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e3a56e0770a11e029fe5b069289ff20b71f2e67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:98:a8:44:50:4d:d6:c0:2d:9e:ac:8b:9d:c2:
3d:9b:ed:d8:33:d2:eb:34:97:68:f4:76:9f:4b:8b:
83:bd:9c:a1:15:39:f9:7a:64:2b:27:7d:4f:a6:21:
0f:76:54:80:5f:70:51:db:63:59:92:b3:e6:ed:94:
b1:01:2f:d8:c7:2b:63:c6:a4:3c:b8:70:45:72:8d:
95:0a:e9:f4:b7:0f:ad:e9:4f:fb:33:64:1a:66:1a:
a0:6c:3e:c9:c7:d5:76:2a:b9:a4:07:fa:c4:49:0c:
f7:bd:17:bc:f7:47:f1:54:69:41:4f:92:f3:6d:f6:
33:8d:be:05:7d:8f:bf:0d:04:1c:4c:62:42:fa:6d:
a3:3c:66:b0:6c:f8:9f:b6:84:80:22:69:82:b6:c4:
a0:9f:96:07:59:62:3f:6d:fa:44:e1:c6:80:07:6a:
e8:cf:49:97:cd:22:64:ea:46:c3:b5:5e:e9:06:86:
16:56:e7:7b:bb:23:51:1b:64:fb:95:21:9f:e8:bc:
b3:16:e0:1f:9a:ae:b2:e5:20:9b:80:34:44:70:1e:
0a:db:d4:46:71:50:eb:85:dd:74:3c:db:e3:71:42:
e1:e3:c1:cb:0d:2d:46:fc:dc:1a:20:92:25:fd:73:
ea:b5:62:72:f1:fd:c7:5d:18:b1:5b:93:46:dc:76:
06:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:3A:56:E0:77:0A:11:E0:29:FE:5B:06:92:89:FF:20:B7:1F:2E:67
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/bjpW4HcKEeAp_lsGkon_ILcfLmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
45.94.170.0/24
91.223.110.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:ea:f2:03:9b:f1:5f:f3:84:50:72:1a:11:7a:c4:c7:95:4e:
9c:58:be:bc:a5:f1:8f:d0:a8:48:c2:5d:fc:7f:44:8b:a4:9e:
f0:01:08:13:df:8e:97:15:79:59:ee:29:b6:20:4e:c0:54:af:
ea:50:02:9c:d3:9d:20:10:0c:c6:43:78:a0:ad:b4:9a:12:31:
45:88:22:d3:51:e9:91:d4:7e:db:eb:c3:fc:cb:7f:f9:94:39:
08:1a:78:99:c0:60:17:d5:15:fd:0a:51:52:78:e5:be:e1:01:
96:f2:d9:0e:68:72:15:23:27:0d:20:44:89:77:f0:fe:b6:f6:
4b:fa:a5:fb:60:11:bf:7d:60:85:f9:11:9c:d7:4d:e9:db:c4:
7a:34:93:28:79:77:c5:97:8c:56:2c:02:bc:0b:9b:8f:a5:0a:
37:93:3b:c8:2b:c5:dc:47:ac:cc:fc:e6:c6:aa:12:2c:57:0c:
57:19:ed:49:0d:ee:be:18:96:fb:b1:5c:89:b7:96:84:25:4b:
83:b1:41:a7:92:5a:b0:cb:c2:49:4a:48:5b:23:70:bb:96:39:
2a:f9:dc:c1:75:99:3c:fe:ca:59:1f:ca:18:64:09:c6:8b:db:
05:d8:c5:bf:bd:ad:2d:10:46:eb:29:85:a6:63:cf:b9:20:af:
4d:a2:c9:1f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZA/m3Qpf19KuuBc4/6N/w9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNjIyMTEwMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTNhNTZlMDc3MGExMWUwMjlmZTViMDY5Mjg5ZmYyMGI3MWYyZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpioRFBN1sAtnqyLncI9m+3YM9Lr
NJdo9HafS4uDvZyhFTn5emQrJ31PpiEPdlSAX3BR22NZkrPm7ZSxAS/YxytjxqQ8
uHBFco2VCun0tw+t6U/7M2QaZhqgbD7Jx9V2KrmkB/rESQz3vRe890fxVGlBT5Lz
bfYzjb4FfY+/DQQcTGJC+m2jPGawbPiftoSAImmCtsSgn5YHWWI/bfpE4caAB2ro
z0mXzSJk6kbDtV7pBoYWVud7uyNRG2T7lSGf6LyzFuAfmq6y5SCbgDREcB4K29RG
cVDrhd10PNvjcULh48HLDS1G/NwaIJIl/XPqtWJy8f3HXRixW5NG3HYGPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG46VuB3ChHgKf5bBpKJ/yC3Hy5nMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvYmpwVzRIY0tFZUFwX2xzR2tvbl9JTGNmTG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBbVUAwQA
LV6qAwQAW99uMA0GCSqGSIb3DQEBCwUAA4IBAQCq6vIDm/Ff84RQchoResTHlU6c
WL68pfGP0KhIwl38f0SLpJ7wAQgT346XFXlZ7im2IE7AVK/qUAKc050gEAzGQ3ig
rbSaEjFFiCLTUemR1H7b68P8y3/5lDkIGniZwGAX1RX9ClFSeOW+4QGW8tkOaHIV
IycNIESJd/D+tvZL+qX7YBG/fWCF+RGc103p28R6NJMoeXfFl4xWLAK8C5uPpQo3
kzvIK8XcR6zM/ObGqhIsVwxXGe1JDe6+GJb7sVyJt5aEJUuDsUGnklqwy8JJSkhb
I3C7ljkq+dzBdZk8/spZH8oYZAnGi9sF2MW/va0tEEbrKYWmY8+5IK9Noskf
-----END CERTIFICATE-----
Generated at Mon Jul 1 19:40:48 2024 by rpki-client on console-ams.rpki-client.org