Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/bkFKQ6Oj1tMBNR7WeaH-5EFVpkw.roa
File: bkFKQ6Oj1tMBNR7WeaH-5EFVpkw.roa (raw, json)
Hash identifier: GCm7Dp4quS68s8yef9hwkq7xASmqCCwKWU3w7caTafQ=
Subject key identifier: 6E:41:4A:43:A3:A3:D6:D3:01:35:1E:D6:79:A1:FE:E4:41:55:A6:4C
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018EC97FEA675AC9C3814CD33136776101FE
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/bkFKQ6Oj1tMBNR7WeaH-5EFVpkw.roa
Signing time: Wed 10 Apr 2024 19:33:07 +0000
ROA not before: Wed 10 Apr 2024 19:33:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 31.41.251.0/24 maxlen: 24
31.41.254.0/24 maxlen: 24
45.87.126.0/24 maxlen: 24
45.95.29.0/24 maxlen: 24
45.128.125.0/24 maxlen: 24
45.128.126.0/24 maxlen: 24
45.128.127.0/24 maxlen: 24
45.128.128.0/24 maxlen: 24
94.154.190.0/24 maxlen: 24
176.116.15.0/24 maxlen: 24
176.126.96.0/24 maxlen: 24
193.28.178.0/24 maxlen: 24
193.187.105.0/24 maxlen: 24
194.59.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Apr 2024 08:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c9:7f:ea:67:5a:c9:c3:81:4c:d3:31:36:77:61:01:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 10 19:33:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e414a43a3a3d6d301351ed679a1fee44155a64c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:88:a5:e9:9e:83:8c:91:8b:6f:3c:ec:b4:f1:
d2:a9:91:08:94:40:b3:89:5e:de:01:f4:22:65:f2:
f0:bb:65:9e:d1:df:61:4b:37:ae:b4:55:05:7d:d9:
a9:af:72:e5:78:93:95:26:9b:8e:2d:2c:7f:15:04:
a5:15:5b:0b:17:a2:be:3f:03:1b:7b:63:f7:11:6c:
3f:a1:79:73:6d:c8:67:bd:9b:88:ec:33:60:d4:af:
ef:bc:2f:f4:eb:17:cd:46:6f:38:d8:71:d3:00:1b:
41:50:91:a0:69:01:37:22:e8:ed:68:01:e6:4e:d0:
f6:38:c1:fe:e0:88:22:6d:72:98:3e:70:26:d4:5f:
fc:f0:0f:05:ad:6c:bf:a6:ea:25:d9:f1:e2:37:18:
6c:5f:17:59:d3:a4:23:e6:c5:a1:a0:fd:ce:40:d8:
19:cc:86:ef:83:43:21:9b:5b:7e:11:8b:44:5d:fd:
34:be:35:8e:bd:e9:cc:00:f4:15:d5:ab:70:30:ae:
0c:c9:ad:c1:e2:e7:af:3f:82:ee:e3:01:70:5e:e8:
f7:89:f6:1b:4a:fb:bb:2f:82:fa:4c:7e:3e:56:1f:
c1:69:d7:19:62:ab:43:ac:0f:31:f9:7f:62:a5:75:
9f:4f:98:81:40:14:1a:60:76:98:20:84:3e:09:41:
f3:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:41:4A:43:A3:A3:D6:D3:01:35:1E:D6:79:A1:FE:E4:41:55:A6:4C
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/bkFKQ6Oj1tMBNR7WeaH-5EFVpkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.251.0/24
31.41.254.0/24
45.87.126.0/24
45.95.29.0/24
45.128.125.0-45.128.128.255
94.154.190.0/24
176.116.15.0/24
176.126.96.0/24
193.28.178.0/24
193.187.105.0/24
194.59.187.0/24
Signature Algorithm: sha256WithRSAEncryption
98:b2:7b:89:b2:c2:14:86:00:0d:44:9b:aa:5d:d6:b9:89:f4:
65:4e:68:63:a0:1c:82:16:50:d0:8c:90:4d:79:5d:23:dc:8e:
a3:fe:84:ad:5a:04:d3:54:73:8f:50:92:55:0c:c9:0a:48:0f:
10:c3:7b:f1:18:d0:17:61:f2:4a:f9:fb:0a:82:e8:ee:5f:65:
51:32:d9:05:52:32:47:45:aa:60:ed:08:15:39:24:7e:03:15:
47:8c:cc:82:5a:c1:d4:d9:9f:eb:19:d8:c4:20:75:7e:db:a9:
f2:ee:5d:d7:26:21:eb:f5:6f:6d:91:81:39:ed:d6:3f:92:bf:
6c:13:dd:a9:8f:0b:9f:2c:cf:52:6d:0f:11:35:f4:31:92:45:
14:6b:f0:f5:ed:70:07:75:d4:2c:94:cd:9c:43:ff:94:ec:5f:
a2:af:7f:99:73:71:9a:69:29:06:ea:1a:80:b8:5d:52:94:fc:
03:9e:31:01:b7:2e:c7:c6:4f:b1:e0:9b:17:c5:e5:cd:10:5e:
5f:32:ba:b2:5a:f0:a0:90:c4:5b:94:c2:02:da:53:7e:14:49:
e7:2c:69:d8:0e:89:0e:23:b5:fd:03:79:cd:4a:92:ad:ff:29:
59:dc:ac:d5:cd:6c:84:bc:7e:c1:8f:43:3e:5c:7d:c8:85:6f:
14:63:29:73
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAY7Jf+pnWsnDgUzTMTZ3YQH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDEwMTkzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQxNGE0M2EzYTNkNmQzMDEzNTFlZDY3OWExZmVlNDQxNTVhNjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoil6Z6DjJGLbzzstPHSqZEIlECz
iV7eAfQiZfLwu2We0d9hSzeutFUFfdmpr3LleJOVJpuOLSx/FQSlFVsLF6K+PwMb
e2P3EWw/oXlzbchnvZuI7DNg1K/vvC/06xfNRm842HHTABtBUJGgaQE3IujtaAHm
TtD2OMH+4IgibXKYPnAm1F/88A8FrWy/puol2fHiNxhsXxdZ06Qj5sWhoP3OQNgZ
zIbvg0Mhm1t+EYtEXf00vjWOvenMAPQV1atwMK4Mya3B4uevP4Lu4wFwXuj3ifYb
Svu7L4L6TH4+Vh/BadcZYqtDrA8x+X9ipXWfT5iBQBQaYHaYIIQ+CUHzyQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFG5BSkOjo9bTATUe1nmh/uRBVaZMMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvYmtGS1E2T2oxdE1CTlI3V2VhSC01RUZWcGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAHyn7AwQA
Hyn+AwQALVd+AwQALV8dMAwDBAAtgH0DBAAtgIADBABemr4DBACwdA8DBACwfmAD
BADBHLIDBADBu2kDBADCO7swDQYJKoZIhvcNAQELBQADggEBAJiye4mywhSGAA1E
m6pd1rmJ9GVOaGOgHIIWUNCMkE15XSPcjqP+hK1aBNNUc49QklUMyQpIDxDDe/EY
0Bdh8kr5+wqC6O5fZVEy2QVSMkdFqmDtCBU5JH4DFUeMzIJawdTZn+sZ2MQgdX7b
qfLuXdcmIev1b22RgTnt1j+Sv2wT3amPC58sz1JtDxE19DGSRRRr8PXtcAd11CyU
zZxD/5TsX6Kvf5lzcZppKQbqGoC4XVKU/AOeMQG3LsfGT7HgmxfF5c0QXl8yurJa
8KCQxFuUwgLaU34USecsadgOiQ4jtf0Dec1Kkq3/KVncrNXNbIS8fsGPQz5cfciF
bxRjKXM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:08 2024 by rpki-client on console-fra.rpki-client.org