Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/BdVkpbV8jq3GrCmN57duZd_Y9ZU.roa
File: BdVkpbV8jq3GrCmN57duZd_Y9ZU.roa (raw, json)
Hash identifier: XrpCYpDFc6fupEujerz57KNmNnph8M7oB6R8bDdx8Pw=
Subject key identifier: 05:D5:64:A5:B5:7C:8E:AD:C6:AC:29:8D:E7:B7:6E:65:DF:D8:F5:95
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018A3C9EE0BA019554F07414A5179340BF1D
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/BdVkpbV8jq3GrCmN57duZd_Y9ZU.roa
Signing time: Mon 28 Aug 2023 14:49:19 +0000
ROA not before: Mon 28 Aug 2023 14:49:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 109.166.38.0/24 maxlen: 24
109.166.37.0/24 maxlen: 24
109.166.36.0/24 maxlen: 24
151.248.68.0/24 maxlen: 24
151.248.69.0/24 maxlen: 24
91.232.185.0/24 maxlen: 24
91.233.192.0/24 maxlen: 24
91.219.17.0/24 maxlen: 24
91.219.18.0/23 maxlen: 23
178.212.205.0/24 maxlen: 24
178.212.204.0/24 maxlen: 24
178.212.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:9e:e0:ba:01:95:54:f0:74:14:a5:17:93:40:bf:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Aug 28 14:49:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05d564a5b57c8eadc6ac298de7b76e65dfd8f595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9d:15:0f:6d:ed:da:0a:bb:5f:e5:bd:97:cb:
95:38:9b:9f:a5:3d:11:8e:7a:aa:e3:2c:ba:ea:1e:
31:5b:d5:19:41:4f:e3:1c:6a:aa:77:5e:72:f7:3d:
94:6e:97:6c:05:5c:14:82:b2:48:a2:99:10:47:3a:
cc:b9:d8:f4:7c:f8:b5:f2:bd:df:72:bc:9d:26:b9:
8b:11:dd:ca:c8:43:e6:3a:9d:fb:2c:e6:48:33:01:
f0:e1:0e:dd:31:7c:c7:d7:c8:bb:83:ad:70:36:bb:
c2:d8:48:b7:c2:29:da:ef:6b:c1:bc:a1:2e:a1:f2:
0f:cf:77:15:b4:d2:fc:d4:2d:0d:e2:25:d6:cd:b7:
17:b2:4d:22:6e:ba:fa:f0:de:37:0f:42:ff:a3:11:
99:f6:12:ed:cc:c4:b6:12:37:65:c7:e6:48:43:39:
05:b5:74:1a:d2:51:74:40:9a:6a:d5:de:f9:6d:a7:
be:2b:35:91:a6:8e:65:38:ba:da:2f:08:a9:50:2d:
15:92:a2:ad:e7:89:e5:a5:c6:72:88:c7:08:32:22:
55:9f:67:72:10:8a:43:07:6c:2d:d6:d6:ca:8b:b5:
5a:f1:7f:5f:d4:02:67:d4:4d:5e:94:b4:83:0a:92:
b1:4c:5d:d3:02:2c:98:96:a4:dd:7a:85:91:dd:50:
68:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D5:64:A5:B5:7C:8E:AD:C6:AC:29:8D:E7:B7:6E:65:DF:D8:F5:95
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/BdVkpbV8jq3GrCmN57duZd_Y9ZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.17.0-91.219.19.255
91.232.185.0/24
91.233.192.0/24
109.166.36.0-109.166.38.255
151.248.68.0/23
178.212.203.0-178.212.205.255
Signature Algorithm: sha256WithRSAEncryption
1f:89:db:31:98:e9:10:3b:a2:a5:6d:4a:ae:f4:d0:d5:d9:1d:
04:d9:bf:12:68:ff:a6:cd:c3:eb:5e:0d:17:6a:91:f9:e0:03:
ea:67:f9:9d:b2:4f:78:34:3f:23:19:c2:a0:70:a6:28:03:cf:
f9:6b:a9:7c:81:25:ad:a8:48:b3:07:10:f8:79:f2:e7:31:11:
b3:5e:f0:62:00:a1:a9:20:e1:51:d1:a5:4b:d6:06:ac:bb:63:
35:21:5d:e0:95:8d:0e:93:5d:51:73:d9:d7:a1:b9:34:fc:09:
bc:61:ad:82:86:27:1c:96:e8:d5:16:98:ff:7b:48:2f:fd:e6:
40:f9:ff:c7:0b:9f:49:29:45:51:30:e8:6e:a4:81:be:65:0a:
fe:b6:d8:42:63:db:4b:1e:72:22:77:f5:4d:76:f6:32:16:56:
a5:89:64:bf:5e:66:7a:dc:1a:f6:40:bf:bb:a0:b7:1d:27:30:
17:bd:47:c2:f5:2f:70:de:23:82:00:a3:4e:01:69:be:9b:54:
e7:f3:4f:82:0c:18:78:67:9d:aa:7f:6f:0a:7a:eb:89:f1:4e:
8b:9c:5d:63:3a:f7:5c:94:b1:21:61:b2:da:e2:fe:00:04:5e:
ca:5b:4c:70:ad:12:87:1b:1e:e1:83:23:3c:35:b3:29:ca:49:
35:3a:a5:74
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYo8nuC6AZVU8HQUpReTQL8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMwODI4MTQ0OTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWQ1NjRhNWI1N2M4ZWFkYzZhYzI5OGRlN2I3NmU2NWRmZDhmNTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh50VD23t2gq7X+W9l8uVOJufpT0R
jnqq4yy66h4xW9UZQU/jHGqqd15y9z2UbpdsBVwUgrJIopkQRzrMudj0fPi18r3f
crydJrmLEd3KyEPmOp37LOZIMwHw4Q7dMXzH18i7g61wNrvC2Ei3wina72vBvKEu
ofIPz3cVtNL81C0N4iXWzbcXsk0ibrr68N43D0L/oxGZ9hLtzMS2Ejdlx+ZIQzkF
tXQa0lF0QJpq1d75bae+KzWRpo5lOLraLwipUC0VkqKt54nlpcZyiMcIMiJVn2dy
EIpDB2wt1tbKi7Va8X9f1AJn1E1elLSDCpKxTF3TAiyYlqTdeoWR3VBotQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFAXVZKW1fI6txqwpjee3bmXf2PWVMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvQmRWa3BiVjhqcTNHckNtTjU3ZHVaZF9ZOVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBABb2xED
BAJb2xADBABb6LkDBABb6cAwDAMEAm2mJAMEAG2mJgMEAZf4RDAMAwQAstTLAwQB
stTMMA0GCSqGSIb3DQEBCwUAA4IBAQAfidsxmOkQO6KlbUqu9NDV2R0E2b8SaP+m
zcPrXg0XapH54APqZ/mdsk94ND8jGcKgcKYoA8/5a6l8gSWtqEizBxD4efLnMRGz
XvBiAKGpIOFR0aVL1gasu2M1IV3glY0Ok11Rc9nXobk0/Am8Ya2ChicclujVFpj/
e0gv/eZA+f/HC59JKUVRMOhupIG+ZQr+tthCY9tLHnIid/VNdvYyFlaliWS/XmZ6
3Br2QL+7oLcdJzAXvUfC9S9w3iOCAKNOAWm+m1Tn80+CDBh4Z52qf28KeuuJ8U6L
nF1jOvdclLEhYbLa4v4ABF7KW0xwrRKHGx7hgyM8NbMpykk1OqV0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:07 2024 by rpki-client on console-fra.rpki-client.org