Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/BGsgFD5d1ENAlzNUMrzh_AJJkCQ.roa
File: BGsgFD5d1ENAlzNUMrzh_AJJkCQ.roa (raw, json)
Hash identifier: amqplYWFIZOKI3Gu7WG2tqD1Z0DWoGOR3I/WQ89TDRE=
Subject key identifier: 04:6B:20:14:3E:5D:D4:43:40:97:33:54:32:BC:E1:FC:02:49:90:24
Certificate issuer: /CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Certificate serial: 018FED1501B11E176343D62409C238D926B2
Authority key identifier: 74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/BGsgFD5d1ENAlzNUMrzh_AJJkCQ.roa
Signing time: Thu 06 Jun 2024 10:25:27 +0000
ROA not before: Thu 06 Jun 2024 10:25:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41152
IP address blocks: 91.227.246.0/24 maxlen: 24
193.148.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 08 Jun 2024 05:56:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ed:15:01:b1:1e:17:63:43:d6:24:09:c2:38:d9:26:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Validity
Not Before: Jun 6 10:25:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=046b20143e5dd4434097335432bce1fc02499024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:6c:8c:ff:b8:c3:f6:09:c8:86:34:7c:38:59:
1b:f3:a4:20:1b:14:22:3c:62:09:6d:e0:dd:f5:37:
b2:de:83:de:2d:dc:30:df:af:67:ec:ce:8b:0a:52:
95:a1:d8:52:74:f7:d5:14:1f:1b:34:56:6a:c1:3f:
57:06:ba:d7:a2:82:b9:36:0e:a7:af:56:52:da:43:
10:88:a4:83:c3:06:62:e1:cf:18:72:c5:ea:10:7c:
c9:6d:43:cc:07:c2:2a:8f:c2:8c:0c:47:2b:ba:92:
3b:96:e7:a2:80:be:86:94:8d:11:34:a7:5d:ad:08:
eb:dc:f5:6f:5c:1b:78:42:03:84:8e:e9:22:0c:de:
65:d1:73:f4:92:4b:47:96:22:e9:b4:bd:94:60:65:
3b:51:e2:f0:39:23:e6:13:e8:5e:7f:a8:f7:1e:b9:
62:47:c1:8d:bb:41:88:c1:a4:ce:20:94:4f:b3:b1:
06:ea:5b:eb:49:a4:c4:6a:68:88:ab:c6:53:7a:00:
53:bf:12:0f:97:4a:7d:fc:14:28:5e:6c:9a:a7:7d:
e8:ab:48:f6:e8:c3:0b:87:e6:94:e7:fe:fb:c5:2f:
fa:56:a1:7b:b8:c4:75:74:72:43:15:7c:dc:8e:a6:
57:54:30:31:c9:e6:85:66:66:78:15:f2:25:77:72:
0d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:6B:20:14:3E:5D:D4:43:40:97:33:54:32:BC:E1:FC:02:49:90:24
X509v3 Authority Key Identifier:
keyid:74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/BGsgFD5d1ENAlzNUMrzh_AJJkCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/dLTNPt9SHfjsChURESctP7kbmcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.246.0/24
193.148.64.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:d1:eb:d1:6b:c3:e1:5e:17:01:db:77:38:75:e2:b7:01:df:
40:e1:35:30:be:2a:56:eb:01:b2:9f:c6:52:23:50:86:11:d7:
a6:ec:6a:9f:8a:72:f2:53:cb:65:d2:9c:06:bf:c1:d6:f7:91:
7c:81:72:3d:16:07:5d:d0:85:2f:7a:1b:c7:7f:a9:58:ce:58:
0b:d1:ed:c2:bf:64:77:63:43:d1:2e:94:35:be:ea:74:f7:fe:
2f:bf:b9:a6:f7:df:7d:1f:25:96:01:3b:88:6a:d4:99:58:65:
03:0e:19:a4:eb:77:e7:7b:e4:d6:7c:9c:1e:1b:17:ec:61:79:
84:56:93:1f:1e:e5:d7:fe:39:02:4b:15:e1:4c:5b:02:46:97:
ac:a1:a3:6a:64:14:b0:8d:c0:cc:32:a3:99:8d:54:12:fd:15:
fc:66:e9:4f:55:50:13:aa:03:1d:b2:ad:ee:22:73:e7:13:58:
79:a0:43:82:d2:59:07:5f:8f:10:9f:79:5b:af:84:2c:de:56:
31:87:c3:6b:bd:b3:46:50:63:2c:05:d0:ed:bd:a3:4f:fa:90:
73:f2:08:42:73:f6:ea:75:a8:d2:e0:eb:dc:05:e0:9e:0b:27:
6e:c2:5e:25:dd:60:73:04:ed:55:0c:04:4c:83:a6:03:4c:b0:
c4:41:aa:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/tFQGxHhdjQ9YkCcI42SayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjRjZDNlZGY1MjFkZjhlYzBhMTUxMTExMjcyZDNmYjkx
Yjk5YzMwHhcNMjQwNjA2MTAyNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDZiMjAxNDNlNWRkNDQzNDA5NzMzNTQzMmJjZTFmYzAyNDk5MDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4myM/7jD9gnIhjR8OFkb86QgGxQi
PGIJbeDd9Tey3oPeLdww369n7M6LClKVodhSdPfVFB8bNFZqwT9XBrrXooK5Ng6n
r1ZS2kMQiKSDwwZi4c8YcsXqEHzJbUPMB8Iqj8KMDEcrupI7lueigL6GlI0RNKdd
rQjr3PVvXBt4QgOEjukiDN5l0XP0kktHliLptL2UYGU7UeLwOSPmE+hef6j3Hrli
R8GNu0GIwaTOIJRPs7EG6lvrSaTEamiIq8ZTegBTvxIPl0p9/BQoXmyap33oq0j2
6MMLh+aU5/77xS/6VqF7uMR1dHJDFXzcjqZXVDAxyeaFZmZ4FfIld3INZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFARrIBQ+XdRDQJczVDK84fwCSZAkMB8GA1UdIwQY
MBaAFHS0zT7fUh347AoVEREnLT+5G5nDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExUTlB0OVNIZmpzQ2hVUkVTY3RQN2tibWNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85ZTQ3ZTktMzI4MS00ZDE3LWE2YmMt
ZTJhN2ZiODQ4MzE4LzEvQkdzZ0ZENWQxRU5BbHpOVU1yemhfQUpKa0NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85ZTQ3ZTktMzI4MS00ZDE3LWE2YmMtZTJhN2ZiODQ4MzE4
LzEvZExUTlB0OVNIZmpzQ2hVUkVTY3RQN2tibWNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+P2AwQC
wZRAMA0GCSqGSIb3DQEBCwUAA4IBAQBK0evRa8PhXhcB23c4deK3Ad9A4TUwvipW
6wGyn8ZSI1CGEdem7GqfinLyU8tl0pwGv8HW95F8gXI9Fgdd0IUvehvHf6lYzlgL
0e3Cv2R3Y0PRLpQ1vup09/4vv7mm9999HyWWATuIatSZWGUDDhmk63fne+TWfJwe
GxfsYXmEVpMfHuXX/jkCSxXhTFsCRpesoaNqZBSwjcDMMqOZjVQS/RX8ZulPVVAT
qgMdsq3uInPnE1h5oEOC0lkHX48Qn3lbr4Qs3lYxh8NrvbNGUGMsBdDtvaNP+pBz
8ghCc/bqdajS4OvcBeCeCyduwl4l3WBzBO1VDARMg6YDTLDEQaqf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:08 2025 by rpki-client