Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/BV5AEyK8-NlnqeRRU6u98fR_sgQ.roa
File: BV5AEyK8-NlnqeRRU6u98fR_sgQ.roa (raw, json)
Hash identifier: B7ZIrTAbPqPQsAW4kjtqVmh+0VaxYlCzPHuZIC6RtM8=
Subject key identifier: 05:5E:40:13:22:BC:F8:D9:67:A9:E4:51:53:AB:BD:F1:F4:7F:B2:04
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 01856E0B0DDCABD48AA888937DA8AAEF8A41
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/BV5AEyK8-NlnqeRRU6u98fR_sgQ.roa
Signing time: Sun 01 Jan 2023 15:54:56 +0000
ROA not before: Sun 01 Jan 2023 15:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3561
IP address blocks: 109.166.40.0/21 maxlen: 21
151.248.72.0/21 maxlen: 21
109.166.48.0/21 maxlen: 21
151.248.80.0/21 maxlen: 21
151.248.88.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0b:0d:dc:ab:d4:8a:a8:88:93:7d:a8:aa:ef:8a:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Jan 1 15:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=055e401322bcf8d967a9e45153abbdf1f47fb204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:52:56:d3:d3:7a:31:a1:e7:ab:11:d0:5a:82:
57:06:ea:b9:d5:1b:6a:83:47:43:41:76:78:a4:bc:
10:ca:a4:35:fd:0c:72:c7:4d:fd:7d:0b:12:cb:bc:
41:92:82:59:9b:33:d2:1c:db:16:bf:82:cc:7d:79:
06:f9:bf:12:94:12:4f:04:53:91:6a:f2:c6:a5:f3:
10:b1:8e:35:f0:cd:f9:5e:d3:bd:8e:d1:20:d7:f7:
d3:a3:8b:e3:c5:80:db:bb:95:0a:35:7a:90:ea:d5:
bb:fc:55:73:5a:3c:7d:1b:b7:06:76:c7:75:ca:5f:
44:08:e6:16:08:0a:87:9f:15:4b:b0:99:ff:92:bf:
60:b6:ba:9d:73:52:5c:21:37:a1:b8:6a:64:ac:72:
01:2c:77:2b:c1:b5:a2:92:7d:47:b6:7d:7d:0f:11:
cc:b0:9a:d3:de:3a:f7:72:cc:bd:4a:06:53:a5:0a:
04:f1:e2:70:78:73:bf:5e:8b:4d:18:e2:ce:bb:52:
ad:d0:5e:5d:91:fe:15:9e:06:35:dd:7a:9c:ac:2b:
a2:ff:25:94:a5:2f:a3:40:82:d3:4e:2d:31:75:af:
ec:79:86:dd:70:ef:3d:3b:10:c6:c3:4b:7c:0e:90:
04:ba:a3:13:8b:5b:13:ea:eb:cb:61:4e:6d:0b:05:
86:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:5E:40:13:22:BC:F8:D9:67:A9:E4:51:53:AB:BD:F1:F4:7F:B2:04
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/BV5AEyK8-NlnqeRRU6u98fR_sgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.166.40.0-109.166.55.255
151.248.72.0-151.248.91.255
Signature Algorithm: sha256WithRSAEncryption
1b:d3:a7:ab:ff:2b:bb:5b:9b:ae:e8:5b:42:53:c4:57:59:24:
e3:44:56:50:19:05:8f:b9:f2:9d:9f:aa:e4:c8:ec:e1:85:20:
04:24:63:46:73:df:65:82:f7:3e:9e:a4:7b:28:d9:af:29:e5:
54:93:5f:8f:8a:2a:e7:20:8c:f8:a7:06:c6:b9:dd:85:72:3b:
12:8a:e0:48:a9:d8:8c:dc:c8:f5:dc:ca:1a:ab:40:be:ad:9e:
8a:49:11:ed:b8:50:5a:bb:5a:ff:98:37:ed:8b:3d:87:27:90:
b2:87:35:2d:5f:d2:0d:58:95:77:18:b8:59:83:68:ff:e4:1e:
0e:8b:96:f0:1a:08:63:50:de:8c:db:08:b5:e3:d0:f1:5b:d0:
f7:77:e2:16:f8:35:39:1a:b4:4f:a1:70:fa:10:14:18:78:0a:
a5:ad:fe:da:f3:74:12:d2:18:61:97:64:6e:52:b0:15:69:57:
35:f8:a3:ad:39:47:a6:4e:5b:5a:ce:73:2a:0a:be:a0:67:5a:
42:90:3f:3a:5d:3c:14:eb:ed:96:39:d5:83:fd:a1:82:5e:f8:
33:1a:a6:18:a6:db:d8:c8:aa:5b:f9:b1:9d:30:f7:1c:b4:9d:
a6:50:08:97:91:31:88:b0:ae:81:18:8f:70:e6:af:fa:04:47:
e5:bf:4a:b0
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVuCw3cq9SKqIiTfaiq74pBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMwMTAxMTU1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTVlNDAxMzIyYmNmOGQ5NjdhOWU0NTE1M2FiYmRmMWY0N2ZiMjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFJW09N6MaHnqxHQWoJXBuq51Rtq
g0dDQXZ4pLwQyqQ1/Qxyx039fQsSy7xBkoJZmzPSHNsWv4LMfXkG+b8SlBJPBFOR
avLGpfMQsY418M35XtO9jtEg1/fTo4vjxYDbu5UKNXqQ6tW7/FVzWjx9G7cGdsd1
yl9ECOYWCAqHnxVLsJn/kr9gtrqdc1JcITehuGpkrHIBLHcrwbWikn1Htn19DxHM
sJrT3jr3csy9SgZTpQoE8eJweHO/XotNGOLOu1Kt0F5dkf4VngY13XqcrCui/yWU
pS+jQILTTi0xda/seYbdcO89OxDGw0t8DpAEuqMTi1sT6uvLYU5tCwWGRwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAVeQBMivPjZZ6nkUVOrvfH0f7IEMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvQlY1QUV5SzgtTmxucWVSUlU2dTk4ZlJfc2dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBANtpigD
BANtpjAwDAMEA5f4SAMEApf4WDANBgkqhkiG9w0BAQsFAAOCAQEAG9Onq/8ru1ub
ruhbQlPEV1kk40RWUBkFj7nynZ+q5Mjs4YUgBCRjRnPfZYL3Pp6keyjZrynlVJNf
j4oq5yCM+KcGxrndhXI7EorgSKnYjNzI9dzKGqtAvq2eikkR7bhQWrta/5g37Ys9
hyeQsoc1LV/SDViVdxi4WYNo/+QeDouW8BoIY1DejNsItePQ8VvQ93fiFvg1ORq0
T6Fw+hAUGHgKpa3+2vN0EtIYYZdkblKwFWlXNfijrTlHpk5bWs5zKgq+oGdaQpA/
Ol08FOvtljnVg/2hgl74MxqmGKbb2MiqW/mxnTD3HLSdplAIl5ExiLCugRiPcOav
+gRH5b9KsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:07 2024 by rpki-client on console-fra.rpki-client.org