Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/buAXlbsGmseqJhg9PtjT70tssi8.roa
File: buAXlbsGmseqJhg9PtjT70tssi8.roa (raw, json)
Hash identifier: G4CHN55mK1VXilZAvQkFDy0uyyARDHSd3SzppdNe3FM=
Subject key identifier: 6E:E0:17:95:BB:06:9A:C7:AA:26:18:3D:3E:D8:D3:EF:4B:6C:B2:2F
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018AA2FD65EA1A5B8C822EC66801F8FEAB16
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/buAXlbsGmseqJhg9PtjT70tssi8.roa
Signing time: Sun 17 Sep 2023 11:53:50 +0000
ROA not before: Sun 17 Sep 2023 11:53:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207724
IP address blocks: 185.239.2.0/24 maxlen: 24
185.239.3.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
5.159.49.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 08:52:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a2:fd:65:ea:1a:5b:8c:82:2e:c6:68:01:f8:fe:ab:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Sep 17 11:53:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ee01795bb069ac7aa26183d3ed8d3ef4b6cb22f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:96:e8:fc:45:cb:48:73:a4:98:62:41:0c:a9:
f6:d5:92:da:4f:76:d5:bc:73:f7:35:94:f8:f4:2a:
c2:32:bc:2d:47:6f:63:57:b1:2c:cc:7d:0f:85:79:
df:aa:80:dc:67:77:b6:46:d3:f8:a0:e8:35:aa:1d:
0b:a0:c1:72:ca:01:66:8a:ce:fc:89:0d:62:55:12:
4b:cd:5e:65:1d:d0:0b:32:a6:f9:df:f6:57:7b:06:
31:88:67:a4:20:38:4a:b7:fd:3d:06:51:09:2b:64:
d6:93:e2:71:9b:e0:11:d6:7a:3c:c7:1f:21:46:aa:
2a:dd:ab:48:58:2c:f8:9a:2c:6f:92:a3:bd:47:b4:
32:8e:4b:87:80:94:4f:e1:51:25:c0:74:fb:17:51:
6f:1b:c8:07:ad:f3:73:80:19:42:e7:68:0a:85:b4:
77:99:87:3b:87:3c:59:29:31:49:fb:01:5a:99:c1:
9d:e2:06:3d:33:10:4d:26:1c:a1:8d:16:d5:5d:49:
62:ad:b9:bf:f9:92:de:c2:7a:cf:c5:cc:0d:12:f1:
7d:12:7e:eb:72:51:eb:95:f4:06:93:d3:5f:27:c3:
f6:f9:5c:be:80:2f:56:ab:f4:7b:89:9d:81:1a:15:
1d:9c:41:e4:89:e4:de:04:b4:c4:58:55:ac:e1:ef:
ac:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:E0:17:95:BB:06:9A:C7:AA:26:18:3D:3E:D8:D3:EF:4B:6C:B2:2F
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/buAXlbsGmseqJhg9PtjT70tssi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.49.0/24
5.159.54.0/24
45.94.213.0/24
89.46.217.0/24
185.3.200.0/24
185.239.2.0/23
Signature Algorithm: sha256WithRSAEncryption
28:87:0b:24:4b:ed:3b:6b:e9:26:13:c2:80:98:40:4d:42:48:
1d:90:1d:ba:34:1f:9b:7c:6f:dd:33:68:d0:77:d6:82:33:6b:
ca:40:af:19:4b:17:a6:64:97:aa:e6:22:cd:43:e5:80:e6:04:
35:46:85:06:64:cd:a5:56:bd:1f:f0:f2:86:86:7c:c9:56:ff:
99:e5:d5:04:43:58:b6:a9:17:5e:aa:ce:b7:7f:b7:8b:85:b0:
76:2c:e6:ca:3d:8e:97:0c:4c:69:8c:b0:70:d0:86:cc:18:24:
98:aa:3b:05:ba:61:1a:6e:73:62:47:76:5c:34:39:3e:7f:42:
6e:50:5d:b7:15:1d:4d:64:cd:ed:ce:ec:bf:ee:70:8d:7b:42:
1c:72:b8:35:5a:c1:ed:3e:4c:6e:7e:1f:54:c1:ac:25:90:18:
06:05:d3:9c:9a:83:ec:ba:4d:0f:9a:6e:4d:c5:ec:30:6e:56:
4a:8b:a7:6a:0c:92:eb:f1:d5:2f:e2:74:32:37:46:cb:46:3c:
52:b0:0b:29:5f:25:62:65:85:30:b9:c7:39:59:4e:f7:75:b3:
dc:d2:84:94:cb:8b:31:8b:2e:ea:83:da:82:ce:71:1a:9f:3f:
87:5d:64:bc:2c:5c:81:c2:d1:e5:f2:bc:59:21:da:87:ac:18:
f6:0b:9f:9c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYqi/WXqGluMgi7GaAH4/qsWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwOTE3MTE1MzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWUwMTc5NWJiMDY5YWM3YWEyNjE4M2QzZWQ4ZDNlZjRiNmNiMjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5pbo/EXLSHOkmGJBDKn21ZLaT3bV
vHP3NZT49CrCMrwtR29jV7EszH0PhXnfqoDcZ3e2RtP4oOg1qh0LoMFyygFmis78
iQ1iVRJLzV5lHdALMqb53/ZXewYxiGekIDhKt/09BlEJK2TWk+Jxm+AR1no8xx8h
Rqoq3atIWCz4mixvkqO9R7QyjkuHgJRP4VElwHT7F1FvG8gHrfNzgBlC52gKhbR3
mYc7hzxZKTFJ+wFamcGd4gY9MxBNJhyhjRbVXUlirbm/+ZLewnrPxcwNEvF9En7r
clHrlfQGk9NfJ8P2+Vy+gC9Wq/R7iZ2BGhUdnEHkieTeBLTEWFWs4e+s+wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG7gF5W7BprHqiYYPT7Y0+9LbLIvMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvYnVBWGxic0dtc2VxSmhnOVB0alQ3MHRzc2k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABZ8xAwQA
BZ82AwQALV7VAwQAWS7ZAwQAuQPIAwQBue8CMA0GCSqGSIb3DQEBCwUAA4IBAQAo
hwskS+07a+kmE8KAmEBNQkgdkB26NB+bfG/dM2jQd9aCM2vKQK8ZSxemZJeq5iLN
Q+WA5gQ1RoUGZM2lVr0f8PKGhnzJVv+Z5dUEQ1i2qRdeqs63f7eLhbB2LObKPY6X
DExpjLBw0IbMGCSYqjsFumEabnNiR3ZcNDk+f0JuUF23FR1NZM3tzuy/7nCNe0Ic
crg1WsHtPkxufh9UwawlkBgGBdOcmoPsuk0Pmm5NxewwblZKi6dqDJLr8dUv4nQy
N0bLRjxSsAspXyViZYUwucc5WU73dbPc0oSUy4sxiy7qg9qCznEanz+HXWS8LFyB
wtHl8rxZIdqHrBj2C5+c
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org