Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bHpjrHP8GpFzQHepQ3A45APij-k.roa
File: bHpjrHP8GpFzQHepQ3A45APij-k.roa (raw, json)
Hash identifier: fr1y21EsDLYKmEnhnGqipS3rB3ooc9yLcg5iqHJZYn0=
Subject key identifier: 6C:7A:63:AC:73:FC:1A:91:73:40:77:A9:43:70:38:E4:03:E2:8F:E9
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 018B70165DD8E0FA2BDA12F4418A303A36A7
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bHpjrHP8GpFzQHepQ3A45APij-k.roa
Signing time: Fri 27 Oct 2023 07:43:15 +0000
ROA not before: Fri 27 Oct 2023 07:43:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 91.132.114.0/23 maxlen: 32
103.53.82.0/23 maxlen: 32
193.28.237.0/24 maxlen: 32
45.114.12.0/22 maxlen: 32
193.28.182.0/24 maxlen: 32
193.28.191.0/24 maxlen: 32
193.28.202.0/24 maxlen: 32
103.240.180.0/22 maxlen: 32
103.53.216.0/22 maxlen: 32
193.19.204.0/24 maxlen: 32
193.19.205.0/24 maxlen: 32
193.19.206.0/24 maxlen: 32
193.19.207.0/24 maxlen: 32
45.145.104.0/22 maxlen: 32
Validation: Failed, certificate revoked on Thu 23 Nov 2023 23:38:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:70:16:5d:d8:e0:fa:2b:da:12:f4:41:8a:30:3a:36:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: Oct 27 07:43:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c7a63ac73fc1a91734077a9437038e403e28fe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9b:e5:86:0d:fd:6b:92:af:b0:ac:d2:1a:16:
0a:78:88:35:6e:45:dd:c6:60:12:ce:8a:6c:ed:31:
41:d4:7a:d4:fa:61:c7:fd:45:a2:4d:76:bf:b9:88:
0e:f2:a6:08:d9:63:23:2c:a6:44:37:04:ff:13:fa:
d8:70:09:e1:54:c1:0f:ec:fe:76:ae:29:05:c4:6b:
95:2c:c9:d3:1a:28:73:54:80:cc:06:ee:8d:25:a6:
a6:b3:03:2c:b6:61:15:33:f9:1e:6b:b9:6a:b4:96:
9f:58:8c:0b:2d:d2:0a:f3:63:b8:cc:68:62:b8:5d:
88:cd:88:ba:8d:4f:1b:38:75:68:17:0c:67:23:6b:
a3:32:ba:3f:48:ba:2a:b4:fc:6c:9b:bc:59:a1:c1:
1e:c7:3b:a0:ec:7b:30:dc:16:ac:d4:3a:29:cb:c8:
28:fe:14:33:63:5b:08:da:db:ed:ab:c8:e2:b7:80:
48:19:c6:46:0c:76:b4:43:fd:08:af:e7:7f:c8:54:
04:57:d7:ef:24:20:b7:ee:e9:66:b8:e1:7d:c9:11:
66:d5:c2:05:21:f9:f4:36:8e:63:1c:3a:51:c0:cf:
68:ff:4a:93:ce:84:9e:55:be:4c:8a:96:aa:1a:1c:
5f:bb:c9:fd:0f:03:26:a2:c6:50:60:ed:8d:87:37:
ee:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:7A:63:AC:73:FC:1A:91:73:40:77:A9:43:70:38:E4:03:E2:8F:E9
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bHpjrHP8GpFzQHepQ3A45APij-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.114.12.0/22
45.145.104.0/22
91.132.114.0/23
103.53.82.0/23
103.53.216.0/22
103.240.180.0/22
193.19.204.0/22
193.28.182.0/24
193.28.191.0/24
193.28.202.0/24
193.28.237.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:46:2a:aa:dc:f4:a9:bd:53:58:70:34:0d:5e:97:14:69:fd:
e0:3a:e0:1c:1c:fb:4d:81:ec:0d:e0:cd:91:37:c2:11:7a:7f:
8d:50:71:f2:ba:71:c7:3f:dd:1f:33:8f:62:67:67:c6:7e:cc:
45:d9:fa:4e:f6:61:4b:b4:e5:b6:b8:8e:79:27:19:22:78:d6:
b7:b8:1c:a4:bc:86:54:78:0f:03:4d:34:72:40:f0:ff:e2:0b:
d6:6f:c5:d6:d4:95:c5:04:11:94:96:67:62:80:94:28:59:9f:
7e:eb:23:3e:58:0d:1a:49:a7:39:38:f5:5e:02:19:f5:b8:60:
ec:13:58:7f:63:00:a7:b5:71:ed:89:a7:88:7a:47:e7:41:12:
d9:0e:4d:c3:a3:56:5d:aa:98:2a:f0:ce:dd:96:23:80:16:77:
3d:ad:b3:64:f3:ce:24:7c:ef:62:9a:b9:91:9b:c2:57:74:aa:
48:98:08:08:f7:dd:eb:d9:4b:b6:4e:40:2f:53:24:ea:a2:c3:
48:50:a6:0e:14:80:30:0c:2a:cd:86:4e:18:c5:db:0d:e2:3b:
4c:f8:38:c6:eb:28:ca:f8:98:14:2c:13:81:a3:28:83:cf:aa:
52:49:9a:43:9e:1c:cc:75:37:5f:4d:e9:ce:4b:4c:f5:a6:56:
01:59:4c:c4
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYtwFl3Y4Por2hL0QYowOjanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjMxMDI3MDc0MzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzdhNjNhYzczZmMxYTkxNzM0MDc3YTk0MzcwMzhlNDAzZTI4ZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5vlhg39a5KvsKzSGhYKeIg1bkXd
xmASzops7TFB1HrU+mHH/UWiTXa/uYgO8qYI2WMjLKZENwT/E/rYcAnhVMEP7P52
rikFxGuVLMnTGihzVIDMBu6NJaamswMstmEVM/kea7lqtJafWIwLLdIK82O4zGhi
uF2IzYi6jU8bOHVoFwxnI2ujMro/SLoqtPxsm7xZocEexzug7Hsw3Bas1Dopy8go
/hQzY1sI2tvtq8jit4BIGcZGDHa0Q/0Ir+d/yFQEV9fvJCC37ulmuOF9yRFm1cIF
Ifn0No5jHDpRwM9o/0qTzoSeVb5MipaqGhxfu8n9DwMmosZQYO2NhzfuFwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFGx6Y6xz/BqRc0B3qUNwOOQD4o/pMB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvYkhwanJIUDhHcEZ6UUhlcFEzQTQ1QVBpai1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCLXIMAwQC
LZFoAwQBW4RyAwQBZzVSAwQCZzXYAwQCZ/C0AwQCwRPMAwQAwRy2AwQAwRy/AwQA
wRzKAwQAwRztMA0GCSqGSIb3DQEBCwUAA4IBAQCnRiqq3PSpvVNYcDQNXpcUaf3g
OuAcHPtNgewN4M2RN8IRen+NUHHyunHHP90fM49iZ2fGfsxF2fpO9mFLtOW2uI55
JxkieNa3uBykvIZUeA8DTTRyQPD/4gvWb8XW1JXFBBGUlmdigJQoWZ9+6yM+WA0a
Sac5OPVeAhn1uGDsE1h/YwCntXHtiaeIekfnQRLZDk3Do1Zdqpgq8M7dliOAFnc9
rbNk884kfO9imrmRm8JXdKpImAgI993r2Uu2TkAvUyTqosNIUKYOFIAwDCrNhk4Y
xdsN4jtM+DjG6yjK+JgULBOBoyiDz6pSSZpDnhzMdTdfTenOS0z1plYBWUzE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:58 2024 by rpki-client on console-fra.rpki-client.org