Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/BnTUnIICRNkMbix_AGopBP1VZ0A.roa
File: BnTUnIICRNkMbix_AGopBP1VZ0A.roa (raw, json)
Hash identifier: 9a40ppVfCKRqZA/wB4SSI47+zzaWmFSqe1eMMEy0l7o=
Subject key identifier: 06:74:D4:9C:82:02:44:D9:0C:6E:2C:7F:00:6A:29:04:FD:55:67:40
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 018803EC79C4F294D53209E5C3C862ACD934
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/BnTUnIICRNkMbix_AGopBP1VZ0A.roa
Signing time: Wed 10 May 2023 04:30:09 +0000
ROA not before: Wed 10 May 2023 04:30:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.191.107.0/24 maxlen: 24
91.225.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 May 2023 06:31:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:03:ec:79:c4:f2:94:d5:32:09:e5:c3:c8:62:ac:d9:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: May 10 04:30:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0674d49c820244d90c6e2c7f006a2904fd556740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6a:5a:b3:74:f2:28:b2:20:c7:18:b6:90:c9:
27:d3:e5:5e:20:93:9e:b0:ef:44:4b:0c:8d:13:7c:
8b:0b:3c:fa:d4:b8:58:3e:f2:84:45:73:0b:ba:5f:
31:1e:a6:b9:f4:a0:df:e2:4e:25:cf:a7:80:9b:35:
b1:72:63:64:56:92:21:64:dd:7a:f0:04:ec:33:88:
59:51:7c:2a:e8:f7:bc:b9:af:2d:a7:de:a6:7a:34:
53:d6:50:78:3c:87:c8:d6:45:d0:32:37:3a:fc:36:
3b:bb:ca:b8:6a:dd:26:dd:71:f6:fb:f2:ba:d2:56:
83:1a:cf:f8:e6:27:75:5d:b2:01:1a:52:77:7b:56:
a5:ef:8d:f3:34:76:9d:7f:e5:05:f4:d0:95:4a:cd:
be:bc:b5:ec:50:f5:b4:5f:4c:34:3c:50:5e:f7:3e:
a6:b4:56:71:00:cc:ae:98:09:95:3a:f0:4a:b9:89:
7f:bc:24:48:5f:8e:10:0e:07:51:7f:e7:6d:74:dc:
28:1a:f5:f1:ee:fb:c5:4e:2c:6c:fd:3b:cb:0d:9f:
19:9e:6e:fc:7c:5e:b0:b0:d3:5e:1a:2f:f9:2a:6b:
3a:bc:40:46:68:e0:52:8c:61:cb:93:16:2f:9c:ee:
9c:7b:15:9c:de:ec:05:48:56:f5:e7:56:1f:c6:85:
64:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:74:D4:9C:82:02:44:D9:0C:6E:2C:7F:00:6A:29:04:FD:55:67:40
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/BnTUnIICRNkMbix_AGopBP1VZ0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.225.0/24
188.191.107.0/24
Signature Algorithm: sha256WithRSAEncryption
37:95:a4:c9:c8:41:57:d0:0f:72:04:1a:be:8c:a9:48:7e:b7:
1d:66:a3:c4:3a:1a:24:5e:11:73:34:38:ad:69:5b:42:e3:1b:
4c:76:1f:70:ab:63:3f:1b:8c:2d:fa:0b:6a:d1:cc:b3:c2:4d:
b7:17:77:58:be:18:94:7a:65:9e:ce:6a:1b:16:7e:f5:85:9d:
c8:b3:08:15:83:0f:c5:87:4f:87:0c:a2:80:29:60:fa:a1:f2:
6f:9f:0b:89:eb:87:a7:92:6c:09:7d:98:8c:9e:f4:a2:07:f6:
ef:70:44:4a:b5:fe:59:d3:66:0a:75:67:fa:e7:2a:56:b7:90:
fd:6a:56:af:a0:2c:ed:73:48:48:7e:1d:0a:ef:9a:07:27:6d:
1e:9c:73:68:6d:71:ed:80:7b:b0:92:fe:05:6f:79:04:b9:af:
f2:d1:17:02:73:19:98:21:e3:f8:5e:67:09:9d:e4:74:15:df:
59:59:ed:51:61:15:84:18:40:a3:42:8a:86:ba:de:22:d5:68:
65:c1:7f:66:9a:04:f4:31:c5:d3:db:cd:b8:78:23:5c:b3:70:
db:a2:37:f9:14:18:fb:84:40:e7:30:f9:d2:cf:0a:db:3d:1f:
1e:bb:e3:b8:04:d3:c1:80:1e:5d:f7:3a:68:f5:d5:e8:ee:5b:
69:16:c2:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgD7HnE8pTVMgnlw8hirNk0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwNTEwMDQzMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjc0ZDQ5YzgyMDI0NGQ5MGM2ZTJjN2YwMDZhMjkwNGZkNTU2NzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2pas3TyKLIgxxi2kMkn0+VeIJOe
sO9ESwyNE3yLCzz61LhYPvKERXMLul8xHqa59KDf4k4lz6eAmzWxcmNkVpIhZN16
8ATsM4hZUXwq6Pe8ua8tp96mejRT1lB4PIfI1kXQMjc6/DY7u8q4at0m3XH2+/K6
0laDGs/45id1XbIBGlJ3e1al743zNHadf+UF9NCVSs2+vLXsUPW0X0w0PFBe9z6m
tFZxAMyumAmVOvBKuYl/vCRIX44QDgdRf+dtdNwoGvXx7vvFTixs/TvLDZ8Znm78
fF6wsNNeGi/5Kms6vEBGaOBSjGHLkxYvnO6cexWc3uwFSFb151YfxoVkbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAZ01JyCAkTZDG4sfwBqKQT9VWdAMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvQm5UVW5JSUNSTmtNYml4X0FHb3BCUDFWWjBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+HhAwQA
vL9rMA0GCSqGSIb3DQEBCwUAA4IBAQA3laTJyEFX0A9yBBq+jKlIfrcdZqPEOhok
XhFzNDitaVtC4xtMdh9wq2M/G4wt+gtq0cyzwk23F3dYvhiUemWezmobFn71hZ3I
swgVgw/Fh0+HDKKAKWD6ofJvnwuJ64enkmwJfZiMnvSiB/bvcERKtf5Z02YKdWf6
5ypWt5D9alavoCztc0hIfh0K75oHJ20enHNobXHtgHuwkv4Fb3kEua/y0RcCcxmY
IeP4XmcJneR0Fd9ZWe1RYRWEGECjQoqGut4i1WhlwX9mmgT0McXT2824eCNcs3Db
ojf5FBj7hEDnMPnSzwrbPR8eu+O4BNPBgB5d9zpo9dXo7ltpFsJB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:48 2024 by rpki-client on console-ams.rpki-client.org