Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/BWeNyGvEb3otq8wSEdj1WoH8aGM.roa
File: BWeNyGvEb3otq8wSEdj1WoH8aGM.roa (raw, json)
Hash identifier: hbCdKktKCNo0UkcGusMOeTTiU0i88ZcE/uQ6ksRUnMs=
Subject key identifier: 05:67:8D:C8:6B:C4:6F:7A:2D:AB:CC:12:11:D8:F5:5A:81:FC:68:63
Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Certificate serial: 01882531BF37C71BF5C7EB2C1F16560E369D
Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/BWeNyGvEb3otq8wSEdj1WoH8aGM.roa
Signing time: Tue 16 May 2023 15:33:17 +0000
ROA not before: Tue 16 May 2023 15:33:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44592
IP address blocks: 45.153.34.0/24 maxlen: 24
195.62.46.0/24 maxlen: 24
45.153.35.0/24 maxlen: 24
45.142.182.0/24 maxlen: 24
45.142.181.0/24 maxlen: 24
45.142.180.0/24 maxlen: 24
92.246.85.0/24 maxlen: 24
92.246.84.0/24 maxlen: 24
92.246.86.0/24 maxlen: 24
2a10:ca80::/29 maxlen: 29
2a0d:c2c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 01 Jun 2023 15:24:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:25:31:bf:37:c7:1b:f5:c7:eb:2c:1f:16:56:0e:36:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Validity
Not Before: May 16 15:33:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05678dc86bc46f7a2dabcc1211d8f55a81fc6863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5a:3a:45:5a:bb:52:6f:be:9b:07:04:37:20:
01:6e:08:d4:32:2a:3c:a0:81:21:d4:a5:3c:78:3f:
68:bb:6a:4a:9c:bc:e6:f7:35:c2:ef:3b:67:c0:f3:
45:c1:84:44:fa:27:51:23:55:57:b9:e9:55:c0:d8:
87:c2:f6:5c:db:cb:26:13:97:a0:fe:de:35:b0:aa:
04:06:23:63:5f:37:08:23:a6:37:fd:b0:97:c9:99:
ac:05:42:fa:d3:68:fe:eb:ff:cc:24:77:21:b8:bb:
26:cf:99:ed:99:bc:30:05:e8:20:b1:9d:4c:3f:17:
42:ac:5e:07:2c:8d:f4:e0:62:88:12:5f:2c:29:c3:
d4:89:a7:a4:c6:da:88:a9:57:97:87:e4:b6:73:b1:
fe:af:2d:e1:55:9a:5c:ca:74:49:10:49:50:c2:25:
22:c8:a8:f4:7d:55:6e:d4:ae:aa:23:de:bd:89:8b:
3e:59:ac:13:15:b6:c9:89:36:2a:2a:75:82:1e:bd:
d8:93:f8:31:2f:7d:12:ed:52:5d:2a:1e:36:3e:48:
ad:23:d0:cd:9f:20:38:b6:6d:5f:1e:a1:f3:30:19:
f2:70:82:88:27:7f:42:6e:7a:e7:2c:ce:c8:1f:79:
b1:9c:1a:72:35:54:07:b7:eb:f6:00:26:b7:09:da:
22:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:67:8D:C8:6B:C4:6F:7A:2D:AB:CC:12:11:D8:F5:5A:81:FC:68:63
X509v3 Authority Key Identifier:
keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/BWeNyGvEb3otq8wSEdj1WoH8aGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.180.0-45.142.182.255
45.153.34.0/23
92.246.84.0-92.246.86.255
195.62.46.0/24
IPv6:
2a0d:c2c0::/29
2a10:ca80::/29
Signature Algorithm: sha256WithRSAEncryption
8d:38:fd:d7:61:f4:a5:f7:21:a4:e1:34:f9:00:cb:48:02:5b:
09:7c:e7:8d:3d:61:29:45:d1:4e:fb:9f:f8:04:82:0a:c3:b6:
75:5d:7b:ba:53:62:ea:ad:33:d1:a2:94:2d:0b:0e:45:e1:28:
9a:77:f2:12:49:75:17:e2:4d:89:1d:0a:9e:9a:0e:19:e8:11:
9d:ea:5e:03:d6:49:96:64:3e:ab:21:97:8e:31:1f:39:56:c5:
f3:0b:68:ba:4d:b6:17:9c:e8:6a:d7:70:a7:3a:1e:96:22:f8:
53:8e:2a:06:91:65:6f:fc:d9:2f:2f:65:0b:30:9e:a5:f4:3b:
20:6e:02:2b:a1:64:d9:ae:c2:3f:e3:17:f2:a9:a8:ae:c7:4e:
a1:46:c1:83:d3:93:5a:48:fb:eb:15:30:8f:3f:1b:e4:f5:dd:
b0:c5:ad:4f:30:78:fa:67:25:c9:8c:f6:71:bc:b2:ad:a5:81:
43:0c:af:db:4d:f5:09:06:f3:ce:db:bc:49:40:2d:72:02:91:
60:d0:83:44:40:1f:1f:18:f3:ad:d7:82:c6:bc:ca:56:ac:90:
20:06:e9:96:30:e5:9e:e3:2b:77:78:ea:8b:7e:eb:dc:2f:07:
9b:57:69:82:b7:69:89:5c:17:03:a2:05:56:4f:18:49:37:e4:
56:12:74:c0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYglMb83xxv1x+ssHxZWDjadMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5
ZTc1MzAwHhcNMjMwNTE2MTUzMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTY3OGRjODZiYzQ2ZjdhMmRhYmNjMTIxMWQ4ZjU1YTgxZmM2ODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFo6RVq7Um++mwcENyABbgjUMio8
oIEh1KU8eD9ou2pKnLzm9zXC7ztnwPNFwYRE+idRI1VXuelVwNiHwvZc28smE5eg
/t41sKoEBiNjXzcII6Y3/bCXyZmsBUL602j+6//MJHchuLsmz5ntmbwwBeggsZ1M
PxdCrF4HLI304GKIEl8sKcPUiaekxtqIqVeXh+S2c7H+ry3hVZpcynRJEElQwiUi
yKj0fVVu1K6qI969iYs+WawTFbbJiTYqKnWCHr3Yk/gxL30S7VJdKh42PkitI9DN
nyA4tm1fHqHzMBnycIKIJ39CbnrnLM7IH3mxnBpyNVQHt+v2ACa3CdoiEQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFAVnjchrxG96LavMEhHY9VqB/GhjMB8GA1UdIwQY
MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt
NDg1MmM4ZmY4YWYyLzEvQldlTnlHdkViM290cTh3U0VkajFXb0g4YUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy
LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAuBAIAATAoMAwDBAItjrQD
BAAtjrYDBAEtmSIwDAMEAlz2VAMEAFz2VgMEAMM+LjAUBAIAAjAOAwUDKg3CwAMF
AyoQyoAwDQYJKoZIhvcNAQELBQADggEBAI04/ddh9KX3IaThNPkAy0gCWwl85409
YSlF0U77n/gEggrDtnVde7pTYuqtM9GilC0LDkXhKJp38hJJdRfiTYkdCp6aDhno
EZ3qXgPWSZZkPqshl44xHzlWxfMLaLpNthec6GrXcKc6HpYi+FOOKgaRZW/82S8v
ZQswnqX0OyBuAiuhZNmuwj/jF/KpqK7HTqFGwYPTk1pI++sVMI8/G+T13bDFrU8w
ePpnJcmM9nG8sq2lgUMMr9tN9QkG887bvElALXICkWDQg0RAHx8Y863Xgsa8ylas
kCAG6ZYw5Z7jK3d46ot+69wvB5tXaYK3aYlcFwOiBVZPGEk35FYSdMA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:44 2024 by rpki-client on console-fra.rpki-client.org