Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BtpbfBQqcp-eiL7gpPiPuvvsdK0.roa
File: BtpbfBQqcp-eiL7gpPiPuvvsdK0.roa (raw, json)
Hash identifier: CWjkco4x+MBPK/zG4fNUrLIiKVVMd312+dOzihrV18Q=
Subject key identifier: 06:DA:5B:7C:14:2A:72:9F:9E:88:BE:E0:A4:F8:8F:BA:FB:EC:74:AD
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AD29ABF245B7D101CC21DF902715E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BtpbfBQqcp-eiL7gpPiPuvvsdK0.roa
Signing time: Tue 24 Jan 2023 16:09:41 +0000
ROA not before: Tue 24 Jan 2023 16:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203790
IP address blocks: 45.148.118.0/24 maxlen: 24
45.148.116.0/24 maxlen: 24
45.148.119.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
2a0e:97c0:460::/44 maxlen: 48
2a0e:b107:12a0::/44 maxlen: 48
2a10:cc40:1d0::/44 maxlen: 48
2a0e:b101::/32 maxlen: 48
2a10:cc41:110::/44 maxlen: 48
Validation: Failed, certificate revoked on Sun 26 Feb 2023 19:47:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:d2:9a:bf:24:5b:7d:10:1c:c2:1d:f9:02:71:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06da5b7c142a729f9e88bee0a4f88fbafbec74ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:69:98:67:b9:8c:6e:7d:b2:c1:88:51:cd:a4:
f2:57:7a:91:d5:ac:1e:89:bb:f5:60:39:71:fd:ef:
b6:f6:0f:de:50:8e:9f:26:2a:5d:68:91:9b:48:ef:
41:4f:75:74:c9:89:0e:0b:bc:8d:9b:5d:5b:45:8e:
ea:95:2f:77:de:a9:5e:ef:09:56:b9:07:16:dc:fc:
a9:46:f2:c2:ea:fb:b8:8a:5f:85:a1:db:44:31:00:
d4:60:a4:87:46:1f:1f:d8:23:e9:5b:e6:85:37:8b:
3e:68:5e:7f:f4:b8:d4:d9:63:f7:66:f4:8b:83:f9:
c9:5a:35:65:3a:8b:15:12:97:0c:a4:93:5f:70:f9:
bd:df:ff:52:f7:89:9e:b8:5d:f4:7b:f5:05:19:aa:
bb:00:5e:f5:c6:b4:b8:63:7b:48:4a:bd:1d:5b:b9:
a1:02:33:e1:1c:03:50:50:38:86:ac:4a:8d:77:a4:
24:d7:d0:c4:97:f6:d6:8d:ea:8d:7f:34:ed:96:77:
19:9f:83:8b:0a:12:fe:b7:19:cd:aa:7f:65:fa:c4:
b5:ad:95:47:30:71:fe:d7:f9:81:4c:25:e8:3a:8e:
11:10:e0:f1:69:71:1c:b0:c0:24:d2:5b:40:b0:e8:
83:e7:d2:1d:14:c6:c7:a1:c2:5f:8a:df:9d:79:54:
58:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:DA:5B:7C:14:2A:72:9F:9E:88:BE:E0:A4:F8:8F:BA:FB:EC:74:AD
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BtpbfBQqcp-eiL7gpPiPuvvsdK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.116.0/24
45.148.118.0/23
194.50.111.0/24
IPv6:
2a0e:97c0:460::/44
2a0e:b101::/32
2a0e:b107:12a0::/44
2a10:cc40:1d0::/44
2a10:cc41:110::/44
Signature Algorithm: sha256WithRSAEncryption
7e:ed:c1:5e:ce:56:74:04:34:d4:11:d1:a7:f0:ef:d2:7d:aa:
87:13:f6:51:72:45:85:3a:be:37:4d:a5:5e:7b:88:35:bd:1a:
0c:3e:4a:e2:09:59:b5:1b:1c:43:ad:0b:6f:3c:14:70:18:c6:
f6:a2:af:aa:ea:eb:36:b8:6b:d5:28:41:69:b4:fe:22:e2:f5:
38:02:5a:19:b9:7a:cc:d1:46:d0:23:4e:61:3a:2d:59:78:6f:
f8:9c:e1:fa:f7:a0:a8:2c:1b:f9:f3:3e:73:b5:a6:09:a7:ab:
a7:0d:89:f4:36:da:20:a2:8b:fc:05:18:5c:12:7b:dd:a1:2d:
0f:91:53:a8:70:64:56:ee:16:6f:c4:79:4a:d8:75:8c:36:5b:
a0:86:c7:28:d1:63:16:30:16:59:23:7e:a8:87:43:92:8e:b9:
db:be:a1:1b:05:ca:d1:ab:a7:a9:7d:e6:9b:be:fd:83:f8:30:
56:df:b7:c7:5b:81:4b:08:bc:27:cf:e5:d8:42:d4:e8:b5:6a:
5d:12:5e:5c:41:75:ce:e3:53:08:0a:5b:0a:cf:92:90:7e:04:
7a:5a:8a:b3:c6:aa:83:0e:b2:a9:81:d7:11:a3:bb:b3:07:0d:
a4:dd:c6:52:2e:89:d9:07:03:52:4e:a7:82:1b:a2:d6:13:6c:
63:05:18:ac
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYXkitKavyRbfRAcwh35AnFeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmRhNWI3YzE0MmE3MjlmOWU4OGJlZTBhNGY4OGZiYWZiZWM3NGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2mYZ7mMbn2ywYhRzaTyV3qR1awe
ibv1YDlx/e+29g/eUI6fJipdaJGbSO9BT3V0yYkOC7yNm11bRY7qlS933qle7wlW
uQcW3PypRvLC6vu4il+FodtEMQDUYKSHRh8f2CPpW+aFN4s+aF5/9LjU2WP3ZvSL
g/nJWjVlOosVEpcMpJNfcPm93/9S94meuF30e/UFGaq7AF71xrS4Y3tISr0dW7mh
AjPhHANQUDiGrEqNd6Qk19DEl/bWjeqNfzTtlncZn4OLChL+txnNqn9l+sS1rZVH
MHH+1/mBTCXoOo4REODxaXEcsMAk0ltAsOiD59IdFMbHocJfit+deVRYhwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFAbaW3wUKnKfnoi+4KT4j7r77HStMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQnRwYmZCUXFjcC1laUw3Z3BQaVB1dnZzZEswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAYBAIAATASAwQALZR0AwQB
LZR2AwQAwjJvMDEEAgACMCsDBwQqDpfABGADBQAqDrEBAwcEKg6xBxKgAwcEKhDM
QAHQAwcEKhDMQQEQMA0GCSqGSIb3DQEBCwUAA4IBAQB+7cFezlZ0BDTUEdGn8O/S
faqHE/ZRckWFOr43TaVee4g1vRoMPkriCVm1GxxDrQtvPBRwGMb2oq+q6us2uGvV
KEFptP4i4vU4AloZuXrM0UbQI05hOi1ZeG/4nOH696CoLBv58z5ztaYJp6unDYn0
Ntogoov8BRhcEnvdoS0PkVOocGRW7hZvxHlK2HWMNlughsco0WMWMBZZI36oh0OS
jrnbvqEbBcrRq6epfeabvv2D+DBW37fHW4FLCLwnz+XYQtTotWpdEl5cQXXO41MI
ClsKz5KQfgR6WoqzxqqDDrKpgdcRo7uzBw2k3cZSLonZBwNSTqeCG6LWE2xjBRis
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:56 2024 by rpki-client on console-ams.rpki-client.org