Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/BdgfnLgV0hNkPTu1Rjee2Xy86So.roa
File: BdgfnLgV0hNkPTu1Rjee2Xy86So.roa (raw, json)
Hash identifier: BPjfkcAnsJQTjcuoTH5MuWlV2GV082k6SrqvpOulqfU=
Subject key identifier: 05:D8:1F:9C:B8:15:D2:13:64:3D:3B:B5:46:37:9E:D9:7C:BC:E9:2A
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 01856F26DA625613F9CF0462932DB9B40B37
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/BdgfnLgV0hNkPTu1Rjee2Xy86So.roa
Signing time: Sun 01 Jan 2023 21:04:55 +0000
ROA not before: Sun 01 Jan 2023 21:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50673
IP address blocks: 37.252.3.0/24 maxlen: 24
5.45.76.0/22 maxlen: 22
5.45.72.0/22 maxlen: 22
5.45.88.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:da:62:56:13:f9:cf:04:62:93:2d:b9:b4:0b:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Jan 1 21:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05d81f9cb815d213643d3bb546379ed97cbce92a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a1:d2:ca:ce:38:d9:a6:8b:49:df:d7:8b:31:
b0:c6:65:af:7d:8b:06:23:39:50:4f:fc:14:4a:33:
a0:05:5d:dc:01:c6:88:b6:d5:23:e0:fa:1c:6a:04:
18:e2:08:a7:41:7b:f5:b9:d5:2b:a1:18:84:b4:23:
be:1a:b3:a2:1a:15:3c:a5:ff:b4:66:a3:ee:77:9d:
c9:6b:c9:bb:bf:47:05:50:47:70:1f:32:d6:83:59:
be:d4:ea:f0:00:39:ba:7b:3d:41:b8:d7:0e:0c:d8:
c6:d3:dd:4f:41:ad:62:59:56:9f:64:88:bf:1b:ae:
41:4f:29:35:9e:ce:a7:a7:c6:03:a0:f8:bf:27:a3:
ec:61:13:c2:37:1c:1d:61:c3:74:1f:5e:cf:77:a4:
ab:04:ae:28:30:c7:f3:b6:05:c2:94:ed:b9:2e:f5:
e6:47:7b:95:38:bb:a3:e2:66:55:8c:51:8f:4d:a0:
54:7a:e9:e0:23:57:3e:be:a9:8d:6b:f9:0a:30:7c:
27:3c:7b:28:5a:d7:ae:b2:cb:66:58:3e:05:31:45:
3d:46:4d:20:70:2e:1d:da:e3:33:cb:02:e4:a9:0c:
1b:40:85:97:a7:60:1d:8f:47:2f:2f:e8:3e:b1:b8:
62:5a:7a:be:23:f5:1d:74:64:e7:f0:2b:05:d9:d7:
a1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D8:1F:9C:B8:15:D2:13:64:3D:3B:B5:46:37:9E:D9:7C:BC:E9:2A
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/BdgfnLgV0hNkPTu1Rjee2Xy86So.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.72.0/21
5.45.88.0/22
37.252.3.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:3c:45:4f:85:84:dd:b1:c5:0c:16:14:98:52:d0:4f:7e:30:
87:49:8b:0e:b4:4e:66:f7:0f:07:f5:0d:27:a1:7b:21:d4:6a:
90:51:8e:00:46:8a:f9:92:a5:22:bf:8a:54:08:f7:d1:14:5a:
90:52:e3:c2:f0:86:bc:af:e8:bf:54:a9:33:ff:91:c1:31:1f:
99:48:d5:b5:69:e6:25:6f:7f:33:cf:9e:55:1d:1c:8f:b4:dc:
04:65:75:c7:d6:6f:f5:b7:02:b5:39:28:95:ba:00:ba:da:73:
ae:82:e3:8e:cd:aa:e9:22:95:f7:21:07:b4:fd:e0:3e:21:db:
41:8c:f6:f4:78:23:d8:59:7d:6a:c7:38:46:71:a9:53:d4:69:
e4:cc:7b:7a:9a:64:24:2a:63:3d:47:3c:34:b3:96:3b:97:96:
07:36:ab:64:85:de:39:5c:44:b3:84:dd:4c:4c:4a:d9:7d:5e:
dc:27:ce:d9:15:00:a4:99:5c:a9:52:69:e0:f7:0f:45:ea:55:
13:5d:94:2f:e8:de:4d:ac:b6:53:72:4e:fd:1e:5d:7b:46:59:
70:a6:96:f6:47:64:c2:00:b0:ee:b4:16:1c:22:b1:23:36:42:
e8:2a:be:4f:38:24:9f:d3:35:1f:08:60:42:ab:04:68:91:93:
69:70:a7:a6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvJtpiVhP5zwRiky25tAs3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjMwMTAxMjEwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWQ4MWY5Y2I4MTVkMjEzNjQzZDNiYjU0NjM3OWVkOTdjYmNlOTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6HSys442aaLSd/XizGwxmWvfYsG
IzlQT/wUSjOgBV3cAcaIttUj4PocagQY4ginQXv1udUroRiEtCO+GrOiGhU8pf+0
ZqPud53Ja8m7v0cFUEdwHzLWg1m+1OrwADm6ez1BuNcODNjG091PQa1iWVafZIi/
G65BTyk1ns6np8YDoPi/J6PsYRPCNxwdYcN0H17Pd6SrBK4oMMfztgXClO25LvXm
R3uVOLuj4mZVjFGPTaBUeungI1c+vqmNa/kKMHwnPHsoWteusstmWD4FMUU9Rk0g
cC4d2uMzywLkqQwbQIWXp2Adj0cvL+g+sbhiWnq+I/UddGTn8CsF2dehZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAXYH5y4FdITZD07tUY3ntl8vOkqMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvQmRnZm5MZ1YwaE5rUFR1MVJqZWUyWHk4NlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBS1IAwQC
BS1YAwQAJfwDMA0GCSqGSIb3DQEBCwUAA4IBAQANPEVPhYTdscUMFhSYUtBPfjCH
SYsOtE5m9w8H9Q0noXsh1GqQUY4ARor5kqUiv4pUCPfRFFqQUuPC8Ia8r+i/VKkz
/5HBMR+ZSNW1aeYlb38zz55VHRyPtNwEZXXH1m/1twK1OSiVugC62nOuguOOzarp
IpX3IQe0/eA+IdtBjPb0eCPYWX1qxzhGcalT1GnkzHt6mmQkKmM9Rzw0s5Y7l5YH
Nqtkhd45XESzhN1MTErZfV7cJ87ZFQCkmVypUmng9w9F6lUTXZQv6N5NrLZTck79
Hl17Rllwppb2R2TCALDutBYcIrEjNkLoKr5POCSf0zUfCGBCqwRokZNpcKem
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:42 2024 by rpki-client on console-ams.rpki-client.org