Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/bHKdwQEgVU1Va9dw-VQTHHTltlw.roa
File: bHKdwQEgVU1Va9dw-VQTHHTltlw.roa (raw, json)
Hash identifier: 110sHelIKsw1h1JUVReXykfboQ+EvutbRo24wGA43V4=
Subject key identifier: 6C:72:9D:C1:01:20:55:4D:55:6B:D7:70:F9:54:13:1C:74:E5:B6:5C
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 019108EA65B1329B8668A842753CF8CC06C8
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/bHKdwQEgVU1Va9dw-VQTHHTltlw.roa
Signing time: Wed 31 Jul 2024 13:11:04 +0000
ROA not before: Wed 31 Jul 2024 13:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34918
IP address blocks: 109.94.164.0/24 maxlen: 24
185.29.222.0/24 maxlen: 24
212.80.9.0/24 maxlen: 24
212.80.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Aug 2024 12:24:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:08:ea:65:b1:32:9b:86:68:a8:42:75:3c:f8:cc:06:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jul 31 13:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c729dc10120554d556bd770f954131c74e5b65c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:be:92:45:34:96:c4:c0:cc:61:7f:00:6b:ac:
8b:95:62:1b:6e:07:00:ed:37:68:73:1a:0e:aa:e7:
73:a5:b0:e3:2c:19:1e:8c:c1:4d:d7:b4:95:8f:cb:
8c:9d:85:5e:de:90:52:5c:bd:ea:e2:17:ef:e7:b2:
4d:dd:32:51:f9:db:70:9b:31:d1:16:3b:ed:b3:1a:
c2:d5:d0:a8:1a:ea:bb:6b:5d:f2:aa:0f:9d:35:b9:
13:33:7c:7b:77:01:56:24:30:1b:fd:b5:17:99:d3:
d9:4d:ce:ce:1d:e5:3c:b5:bb:cd:a6:8d:99:ea:8d:
9c:bb:4d:51:52:bd:5c:c2:2f:6c:c6:89:6f:f7:44:
09:85:b5:6c:b4:f9:96:49:0b:37:9a:d8:87:6a:c1:
f4:35:44:08:47:5f:15:2e:88:76:e6:c4:2b:92:85:
f8:10:3e:0c:0d:a4:82:6e:9f:a3:61:b7:53:ce:c4:
02:24:67:6b:e4:2d:41:c8:46:25:75:f8:eb:7d:b3:
71:0a:64:63:49:5e:bc:01:d4:b3:69:fb:45:27:44:
9b:91:6f:6a:8e:e6:36:b8:82:a0:26:b8:c2:b2:b9:
d1:04:bc:21:61:57:f1:92:d2:2a:59:b1:f3:8a:58:
8e:93:6c:71:a1:48:30:98:54:dc:d8:b9:89:f9:ae:
fb:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:72:9D:C1:01:20:55:4D:55:6B:D7:70:F9:54:13:1C:74:E5:B6:5C
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/bHKdwQEgVU1Va9dw-VQTHHTltlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.94.164.0/24
185.29.222.0/24
212.80.9.0/24
212.80.11.0/24
Signature Algorithm: sha256WithRSAEncryption
87:f2:aa:4c:ba:6c:7a:a9:6a:90:ad:53:5b:c5:56:ec:66:fb:
ee:ed:9b:bb:e0:3b:02:3c:37:c6:56:9c:7e:30:02:ca:61:e2:
dc:cc:38:ba:df:84:69:b1:75:87:d4:eb:3c:ee:7e:30:5a:9b:
0d:0c:0d:6a:79:8e:d4:8f:90:58:4c:49:23:ab:20:72:a2:fc:
83:83:21:86:a6:92:f1:85:ec:31:60:d9:6b:31:c4:94:70:d1:
7f:75:a3:d4:77:de:9f:12:52:d0:a2:17:be:f2:8d:27:bc:dc:
19:ef:36:97:cf:6f:71:46:52:0d:bf:d6:f7:ef:6a:0a:68:d4:
f2:e8:3c:39:6b:82:9f:25:d8:81:3f:0a:de:f2:0b:58:b0:44:
06:63:08:3b:c6:9b:b5:c8:fa:85:ac:22:62:58:6b:0f:b5:bc:
35:68:98:cc:cb:a5:e0:29:a8:ba:e0:af:a0:3e:d2:f3:dd:33:
07:06:93:ed:ab:cf:cd:72:7d:d5:e4:b6:95:64:ad:b1:80:a4:
d5:2a:a3:a6:be:24:3a:d0:52:1c:2f:2b:f6:44:44:b8:54:c3:
fd:08:8b:d8:8d:4b:b1:3e:74:7b:af:08:e3:eb:51:ad:26:54:
3d:dc:bb:ee:8d:46:57:95:7e:43:94:96:ea:24:37:12:c8:a3:
90:7b:15:13
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZEI6mWxMpuGaKhCdTz4zAbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwNzMxMTMxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzcyOWRjMTAxMjA1NTRkNTU2YmQ3NzBmOTU0MTMxYzc0ZTViNjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4L6SRTSWxMDMYX8Aa6yLlWIbbgcA
7TdocxoOqudzpbDjLBkejMFN17SVj8uMnYVe3pBSXL3q4hfv57JN3TJR+dtwmzHR
FjvtsxrC1dCoGuq7a13yqg+dNbkTM3x7dwFWJDAb/bUXmdPZTc7OHeU8tbvNpo2Z
6o2cu01RUr1cwi9sxolv90QJhbVstPmWSQs3mtiHasH0NUQIR18VLoh25sQrkoX4
ED4MDaSCbp+jYbdTzsQCJGdr5C1ByEYldfjrfbNxCmRjSV68AdSzaftFJ0SbkW9q
juY2uIKgJrjCsrnRBLwhYVfxktIqWbHziliOk2xxoUgwmFTc2LmJ+a77vQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGxyncEBIFVNVWvXcPlUExx05bZcMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvYkhLZHdRRWdWVTFWYTlkdy1WUVRISFRsdGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbV6kAwQA
uR3eAwQA1FAJAwQA1FALMA0GCSqGSIb3DQEBCwUAA4IBAQCH8qpMumx6qWqQrVNb
xVbsZvvu7Zu74DsCPDfGVpx+MALKYeLczDi634RpsXWH1Os87n4wWpsNDA1qeY7U
j5BYTEkjqyByovyDgyGGppLxhewxYNlrMcSUcNF/daPUd96fElLQohe+8o0nvNwZ
7zaXz29xRlINv9b372oKaNTy6Dw5a4KfJdiBPwre8gtYsEQGYwg7xpu1yPqFrCJi
WGsPtbw1aJjMy6XgKai64K+gPtLz3TMHBpPtq8/Ncn3V5LaVZK2xgKTVKqOmviQ6
0FIcLyv2RES4VMP9CIvYjUuxPnR7rwjj61GtJlQ93LvujUZXlX5DlJbqJDcSyKOQ
exUT
-----END CERTIFICATE-----
Generated at Wed Aug 28 16:05:30 2024 by rpki-client on console-fra.rpki-client.org