Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BXTIRTFI3bxbncJ-RQ5O22stLBg.roa
File: BXTIRTFI3bxbncJ-RQ5O22stLBg.roa (raw, json)
Hash identifier: lwrsgkTmmFhkqU5WYKmbtJFyy30ZejmNbp6BqHuJufY=
Subject key identifier: 05:74:C8:45:31:48:DD:BC:5B:9D:C2:7E:45:0E:4E:DB:6B:2D:2C:18
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01856ED4C1E3E93218A7389101806BF486C7
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BXTIRTFI3bxbncJ-RQ5O22stLBg.roa
Signing time: Sun 01 Jan 2023 19:35:14 +0000
ROA not before: Sun 01 Jan 2023 19:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39640
IP address blocks: 201.49.188.0/22 maxlen: 22
167.160.31.0/24 maxlen: 24
178.19.32.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:c1:e3:e9:32:18:a7:38:91:01:80:6b:f4:86:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 19:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0574c8453148ddbc5b9dc27e450e4edb6b2d2c18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:33:52:38:f2:3f:76:51:6d:3f:26:f3:41:d0:
90:9f:7b:50:55:e6:14:8e:5e:7e:96:82:c2:1f:9b:
d6:3a:ce:21:7a:23:5c:20:98:8c:33:9f:a0:25:76:
28:80:ef:3d:c7:30:7d:60:c9:22:19:ce:5b:b5:61:
78:9b:75:ba:b8:8b:a6:22:f6:55:0f:c7:ba:fb:c9:
a8:06:5b:cd:d1:f9:6b:77:fd:66:48:88:f1:2a:f4:
2f:31:25:ca:0c:39:c5:e9:cd:9a:09:e8:76:41:6d:
1b:94:33:9a:c1:43:5b:5b:fc:10:4d:9a:19:66:6f:
a5:c1:5c:e8:eb:ca:85:73:e9:3b:3e:1f:e2:5a:9e:
6c:0d:ba:fc:91:f2:cf:ab:97:47:5c:b8:25:c7:8b:
09:d2:fb:26:1a:3d:c4:ea:eb:ed:ee:6b:7f:6b:f9:
7e:df:44:e6:54:52:d9:69:ed:0b:f6:cd:8d:b5:f0:
96:42:a1:c2:4b:11:72:57:d4:3e:88:e3:98:be:96:
a8:70:f6:80:93:9b:83:0e:4f:86:2d:ad:c4:22:5e:
a7:55:b6:64:ea:a7:c0:17:d6:a7:89:8f:e8:fe:da:
bc:94:19:7c:30:ef:d2:3d:b7:aa:28:ed:68:a8:71:
de:33:9d:db:8e:25:49:c2:07:1b:03:ff:c5:f5:d1:
67:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:74:C8:45:31:48:DD:BC:5B:9D:C2:7E:45:0E:4E:DB:6B:2D:2C:18
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BXTIRTFI3bxbncJ-RQ5O22stLBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.160.31.0/24
178.19.32.0/23
201.49.188.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:62:92:db:c1:28:a2:81:86:63:48:89:fa:df:69:98:10:8c:
88:92:70:a2:37:d1:ea:97:4a:a3:80:48:a8:9c:cb:0c:fa:74:
14:f3:58:c9:8a:1d:6c:6d:b6:f8:42:0d:c8:65:dd:0b:b3:97:
a1:4b:04:36:07:a8:71:40:7e:3a:64:3f:17:03:1c:2c:04:4a:
61:d5:cf:70:0d:34:83:3b:c4:c7:ff:ae:c1:0b:b4:f4:25:71:
cf:06:50:65:03:2c:bd:c2:fe:a5:e4:f9:fa:47:fa:be:f1:39:
d2:63:d0:41:70:c5:b0:7c:c9:6a:48:5e:7b:f7:5b:0b:b2:0f:
b7:8d:38:12:17:ad:64:b7:b4:3f:6d:c8:63:a1:f4:4f:1e:38:
ff:7d:70:42:fb:0f:b2:14:77:ac:0c:b3:26:47:f5:8e:89:c9:
7e:da:05:ea:67:3e:f9:ec:eb:1e:78:bc:57:b7:6f:f6:b7:39:
24:ca:a9:cd:62:1a:34:64:7d:e3:ec:e6:0c:50:25:c5:73:41:
05:d2:a6:cb:87:4a:43:48:fe:51:31:46:13:10:c0:45:cb:7f:
69:88:02:77:99:c7:c6:21:fa:c8:c1:8a:60:72:5b:f0:4c:d2:
49:80:8f:3b:c6:c8:1a:10:c4:3d:ee:02:fb:10:db:e2:ca:69:
99:97:6c:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVu1MHj6TIYpziRAYBr9IbHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTc0Yzg0NTMxNDhkZGJjNWI5ZGMyN2U0NTBlNGVkYjZiMmQyYzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTNSOPI/dlFtPybzQdCQn3tQVeYU
jl5+loLCH5vWOs4heiNcIJiMM5+gJXYogO89xzB9YMkiGc5btWF4m3W6uIumIvZV
D8e6+8moBlvN0flrd/1mSIjxKvQvMSXKDDnF6c2aCeh2QW0blDOawUNbW/wQTZoZ
Zm+lwVzo68qFc+k7Ph/iWp5sDbr8kfLPq5dHXLglx4sJ0vsmGj3E6uvt7mt/a/l+
30TmVFLZae0L9s2NtfCWQqHCSxFyV9Q+iOOYvpaocPaAk5uDDk+GLa3EIl6nVbZk
6qfAF9aniY/o/tq8lBl8MO/SPbeqKO1oqHHeM53bjiVJwgcbA//F9dFnkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAV0yEUxSN28W53CfkUOTttrLSwYMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvQlhUSVJURkkzYnhibmNKLVJRNU8yMnN0TEJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAp6AfAwQB
shMgAwQCyTG8MA0GCSqGSIb3DQEBCwUAA4IBAQCyYpLbwSiigYZjSIn632mYEIyI
knCiN9Hql0qjgEionMsM+nQU81jJih1sbbb4Qg3IZd0Ls5ehSwQ2B6hxQH46ZD8X
AxwsBEph1c9wDTSDO8TH/67BC7T0JXHPBlBlAyy9wv6l5Pn6R/q+8TnSY9BBcMWw
fMlqSF5791sLsg+3jTgSF61kt7Q/bchjofRPHjj/fXBC+w+yFHesDLMmR/WOicl+
2gXqZz757OseeLxXt2/2tzkkyqnNYho0ZH3j7OYMUCXFc0EF0qbLh0pDSP5RMUYT
EMBFy39piAJ3mcfGIfrIwYpgclvwTNJJgI87xsgaEMQ97gL7ENviymmZl2yP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:35 2024 by rpki-client on console-ams.rpki-client.org