Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/5BTXly_t4v192MvrYVkp_Nefho8.roa
File: 5BTXly_t4v192MvrYVkp_Nefho8.roa (raw, json)
Hash identifier: VyS8rLRGe6zrWlCOq00e0MR4gwLguJcwXINsVC34VJs=
Subject key identifier: E4:14:D7:97:2F:ED:E2:FD:7D:D8:CB:EB:61:59:29:FC:D7:9F:86:8F
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018A3C95B873D202B271E85901A247870CA5
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/5BTXly_t4v192MvrYVkp_Nefho8.roa
Signing time: Mon 28 Aug 2023 14:39:19 +0000
ROA not before: Mon 28 Aug 2023 14:39:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51474
IP address blocks: 31.131.160.0/22 maxlen: 22
195.54.54.0/24 maxlen: 24
195.54.55.0/24 maxlen: 24
194.213.6.0/24 maxlen: 24
91.239.164.0/23 maxlen: 23
91.233.193.0/24 maxlen: 24
91.233.194.0/23 maxlen: 23
91.242.48.0/23 maxlen: 23
91.242.50.0/23 maxlen: 23
91.239.166.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 28 Aug 2023 14:40:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:95:b8:73:d2:02:b2:71:e8:59:01:a2:47:87:0c:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Aug 28 14:39:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e414d7972fede2fd7dd8cbeb615929fcd79f868f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:79:8b:e0:de:0d:2b:df:ea:b6:bf:55:c6:77:
72:bc:f0:67:ab:65:bc:b7:34:db:be:78:54:de:b8:
0f:90:d4:90:65:37:80:49:67:43:0a:cc:48:ae:64:
2d:4a:9f:7d:61:cc:63:3a:90:fb:7b:cf:6f:ad:f4:
10:9f:69:00:44:b8:f5:af:56:a6:66:c0:3a:db:57:
80:fd:13:59:18:38:49:21:dd:df:5c:2d:d4:22:52:
10:b8:50:ff:44:42:4c:61:0d:c0:a3:5b:4e:c4:18:
54:14:9d:0a:60:98:28:55:43:38:71:60:09:b7:89:
de:4f:fe:fc:e9:33:bf:33:7d:df:8c:8b:11:e1:14:
80:30:f9:75:1b:b7:44:7d:d2:1c:27:f7:55:72:0a:
59:e9:ac:47:90:ad:95:1d:6b:33:69:8f:96:80:28:
0b:68:24:7d:ae:85:bf:dd:bb:4c:6e:49:9c:b0:49:
03:bd:4d:88:6e:11:b7:b6:fe:30:9e:95:ee:dc:f0:
94:c0:11:5f:54:3d:53:63:24:89:d7:24:da:17:fc:
5d:ff:05:49:d3:78:cf:e0:1c:3f:01:9a:c4:6c:11:
ea:ae:ef:bf:13:1b:39:0c:de:47:57:fd:05:d0:be:
ee:7e:f2:2b:22:92:08:ca:76:a6:2a:96:42:b1:c9:
02:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:14:D7:97:2F:ED:E2:FD:7D:D8:CB:EB:61:59:29:FC:D7:9F:86:8F
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/5BTXly_t4v192MvrYVkp_Nefho8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.160.0/22
91.233.193.0-91.233.195.255
91.239.164.0/22
91.242.48.0/22
194.213.6.0/24
195.54.54.0/23
Signature Algorithm: sha256WithRSAEncryption
14:de:14:58:08:62:a3:7b:88:e5:63:b0:7b:bc:08:64:92:17:
d3:34:8c:84:1d:a5:cc:bd:dd:06:99:a4:d0:8d:b5:a3:35:ed:
6b:d7:4d:67:51:a7:43:87:79:ff:29:70:5b:f6:eb:4e:eb:b2:
ec:bc:5b:4c:65:b0:9f:1e:6d:e7:de:f1:ee:47:24:21:5c:dd:
4c:d1:60:3c:6c:b9:d0:1e:cb:84:8d:93:2c:b5:1f:45:57:0e:
e7:59:f4:7c:2c:eb:6e:e6:30:56:cb:44:41:4a:fb:bf:e3:9d:
fc:43:c9:79:68:7e:a6:2e:b8:b1:b5:a7:23:76:eb:fc:65:19:
f4:fb:4c:b0:d2:46:58:af:da:de:c3:93:e0:24:85:12:a8:57:
0a:32:db:da:53:4a:ec:d1:b1:ad:6e:f6:c5:01:e1:99:13:da:
7a:05:60:91:67:b8:bc:2c:3d:dd:a8:c5:40:58:4b:81:87:4a:
0d:40:0d:ba:98:af:dc:67:b0:1c:d4:fb:4c:e5:c2:ab:0b:b9:
4e:ea:8c:b4:1c:76:d6:4b:d8:0f:6f:fa:5c:2a:aa:0c:8d:0a:
10:17:ce:a1:69:be:56:b5:91:00:cf:36:f2:c3:bf:64:cf:e5:
a7:b3:a6:40:20:cc:93:81:e4:37:ee:23:68:9f:c4:08:b5:0a:
4d:64:6f:f1
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYo8lbhz0gKycehZAaJHhwylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMwODI4MTQzOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDE0ZDc5NzJmZWRlMmZkN2RkOGNiZWI2MTU5MjlmY2Q3OWY4NjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXmL4N4NK9/qtr9VxndyvPBnq2W8
tzTbvnhU3rgPkNSQZTeASWdDCsxIrmQtSp99YcxjOpD7e89vrfQQn2kARLj1r1am
ZsA621eA/RNZGDhJId3fXC3UIlIQuFD/REJMYQ3Ao1tOxBhUFJ0KYJgoVUM4cWAJ
t4neT/786TO/M33fjIsR4RSAMPl1G7dEfdIcJ/dVcgpZ6axHkK2VHWszaY+WgCgL
aCR9roW/3btMbkmcsEkDvU2IbhG3tv4wnpXu3PCUwBFfVD1TYySJ1yTaF/xd/wVJ
03jP4Bw/AZrEbBHqru+/Exs5DN5HV/0F0L7ufvIrIpIIynamKpZCsckC2wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFOQU15cv7eL9fdjL62FZKfzXn4aPMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvNUJUWGx5X3Q0djE5Mk12cllWa3BfTmVmaG84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCH4OgMAwD
BABb6cEDBAJb6cADBAJb76QDBAJb8jADBADC1QYDBAHDNjYwDQYJKoZIhvcNAQEL
BQADggEBABTeFFgIYqN7iOVjsHu8CGSSF9M0jIQdpcy93QaZpNCNtaM17WvXTWdR
p0OHef8pcFv2607rsuy8W0xlsJ8ebefe8e5HJCFc3UzRYDxsudAey4SNkyy1H0VX
DudZ9Hws627mMFbLREFK+7/jnfxDyXlofqYuuLG1pyN26/xlGfT7TLDSRliv2t7D
k+AkhRKoVwoy29pTSuzRsa1u9sUB4ZkT2noFYJFnuLwsPd2oxUBYS4GHSg1ADbqY
r9xnsBzU+0zlwqsLuU7qjLQcdtZL2A9v+lwqqgyNChAXzqFpvla1kQDPNvLDv2TP
5aezpkAgzJOB5DfuI2ifxAi1Ck1kb/E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:07 2024 by rpki-client on console-fra.rpki-client.org