Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/BU5wLyTrMIaOe__ZnI7rq_81BeM.roa
File: BU5wLyTrMIaOe__ZnI7rq_81BeM.roa (raw, json)
Hash identifier: 19V3Li6fNazdRK/gfEXMzAx/AQrTOunuTnhvMtElX54=
Subject key identifier: 05:4E:70:2F:24:EB:30:86:8E:7B:FF:D9:9C:8E:EB:AB:FF:35:05:E3
Certificate issuer: /CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Certificate serial: 0187C792862ED6D3BFD94FB02AB4A5BF8F5F
Authority key identifier: AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/BU5wLyTrMIaOe__ZnI7rq_81BeM.roa
Signing time: Fri 28 Apr 2023 11:14:41 +0000
ROA not before: Fri 28 Apr 2023 11:14:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34700
IP address blocks: 31.202.192.0/18 maxlen: 19
31.202.0.0/17 maxlen: 17
46.160.88.0/21 maxlen: 21
85.90.222.0/24 maxlen: 24
178.165.0.0/17 maxlen: 18
31.202.128.0/18 maxlen: 18
185.147.96.0/22 maxlen: 22
5.255.160.0/20 maxlen: 20
82.117.247.0/24 maxlen: 24
82.117.248.0/22 maxlen: 23
79.171.120.0/21 maxlen: 21
2a00:1210::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c7:92:86:2e:d6:d3:bf:d9:4f:b0:2a:b4:a5:bf:8f:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Validity
Not Before: Apr 28 11:14:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=054e702f24eb30868e7bffd99c8eebabff3505e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9c:88:21:09:dc:50:6f:6d:e8:f0:c4:52:b9:
ca:9d:c6:20:37:6f:34:fe:95:43:5e:2a:2d:40:6e:
34:50:4c:be:97:76:5f:a4:cb:8b:9f:19:4c:c5:19:
a4:16:02:d3:8f:10:82:86:7a:57:f2:16:01:d0:fc:
81:2f:8a:a1:0e:61:dc:78:9f:c5:9c:c9:fc:0c:a8:
aa:b7:70:75:52:39:ec:f7:95:52:3d:78:e3:c3:8a:
50:d3:de:cb:8f:34:b6:cf:71:2c:bd:b8:47:c1:ef:
86:87:c9:07:ca:ef:7d:a4:0c:2e:b3:47:27:4d:4e:
4f:3f:96:1a:a3:48:3f:49:7a:d5:cd:bd:ea:23:f4:
bc:b1:46:b1:b2:b4:b9:9b:a0:04:f4:0d:db:69:14:
dc:aa:9b:0a:3c:d7:8e:a2:13:a3:a3:fc:27:5f:01:
b3:79:20:09:04:dc:c6:06:80:fb:75:f9:cc:e4:b7:
f3:d1:1d:29:9f:8f:1d:f9:3f:6c:95:82:61:56:c9:
6d:7c:bb:58:93:94:d1:f8:bb:16:b8:82:28:72:9e:
13:ea:bc:c8:a6:dc:10:8d:ed:bd:67:5f:1c:b2:54:
f8:f2:15:a6:7f:a2:aa:e9:dc:c9:55:31:f2:97:51:
6b:84:fa:55:a1:17:14:dd:b4:ee:5b:bd:87:e8:2c:
de:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:4E:70:2F:24:EB:30:86:8E:7B:FF:D9:9C:8E:EB:AB:FF:35:05:E3
X509v3 Authority Key Identifier:
keyid:AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/BU5wLyTrMIaOe__ZnI7rq_81BeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.160.0/20
31.202.0.0/16
46.160.88.0/21
79.171.120.0/21
82.117.247.0-82.117.251.255
85.90.222.0/24
178.165.0.0/17
185.147.96.0/22
IPv6:
2a00:1210::/32
Signature Algorithm: sha256WithRSAEncryption
d2:37:ba:c0:66:62:65:a5:51:a8:7a:20:76:7f:78:21:4a:3f:
b1:7d:6d:f9:fe:78:65:7a:c5:04:28:a4:80:ec:45:8f:40:e1:
c8:f8:75:9e:eb:a2:7d:96:e0:09:d9:2c:b8:a6:f1:ad:1c:4d:
6c:8f:da:2a:31:42:d5:e0:ca:65:6c:a5:bf:ef:35:49:9d:56:
2c:44:01:7d:ca:d9:42:18:ee:8c:45:a6:85:11:84:45:09:ff:
ae:28:3f:5a:f5:87:b9:17:cd:4d:59:03:e8:e4:c7:a4:5b:b5:
f5:9a:a5:88:f8:16:40:28:7d:5a:c3:1d:29:a1:0c:20:a4:5a:
95:d2:cd:44:25:c1:2a:25:45:65:6c:b8:d4:55:25:74:10:25:
b2:3f:37:89:d1:ab:32:bd:69:0f:30:7e:d3:d4:1d:62:f5:1c:
0b:0e:d6:75:03:fb:77:3f:80:a2:88:ab:51:5b:9a:59:bb:1d:
2a:b9:81:9c:e3:b1:08:06:79:db:fa:ec:67:2d:a4:c5:e2:a1:
c5:5f:5d:24:a5:fc:16:66:ed:21:56:9e:ee:d0:05:e5:d6:04:
a4:e2:49:77:6c:f4:32:a0:dc:18:79:42:4f:01:e6:4e:9e:19:
ff:8f:03:8f:5f:15:4f:ff:dc:be:f5:98:ee:89:58:3b:5c:4b:
25:f8:f0:9b
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYfHkoYu1tO/2U+wKrSlv49fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2E5YjE3NDVhNWE3MGMzYmY3YmNjMmMyZWUxNjY0NjBh
ZmY3YTgwHhcNMjMwNDI4MTExNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTRlNzAyZjI0ZWIzMDg2OGU3YmZmZDk5YzhlZWJhYmZmMzUwNWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspyIIQncUG9t6PDEUrnKncYgN280
/pVDXiotQG40UEy+l3ZfpMuLnxlMxRmkFgLTjxCChnpX8hYB0PyBL4qhDmHceJ/F
nMn8DKiqt3B1Ujns95VSPXjjw4pQ097LjzS2z3EsvbhHwe+Gh8kHyu99pAwus0cn
TU5PP5Yao0g/SXrVzb3qI/S8sUaxsrS5m6AE9A3baRTcqpsKPNeOohOjo/wnXwGz
eSAJBNzGBoD7dfnM5Lfz0R0pn48d+T9slYJhVsltfLtYk5TR+LsWuIIocp4T6rzI
ptwQje29Z18cslT48hWmf6Kq6dzJVTHyl1FrhPpVoRcU3bTuW72H6CzerwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFAVOcC8k6zCGjnv/2ZyO66v/NQXjMB8GA1UdIwQY
MBaAFK56mxdFpacMO/e8wsLuFmRgr/eoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMt
Y2M5YTc1OGM5OTE2LzEvQlU1d0x5VHJNSWFPZV9fWm5JN3JxXzgxQmVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMtY2M5YTc1OGM5OTE2
LzEvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA9BAIAATA3AwQEBf+gAwMA
H8oDBAMuoFgDBANPq3gwDAMEAFJ19wMEAlJ1+AMEAFVa3gMEB7KlAAMEArmTYDAN
BAIAAjAHAwUAKgASEDANBgkqhkiG9w0BAQsFAAOCAQEA0je6wGZiZaVRqHogdn94
IUo/sX1t+f54ZXrFBCikgOxFj0DhyPh1nuuifZbgCdksuKbxrRxNbI/aKjFC1eDK
ZWylv+81SZ1WLEQBfcrZQhjujEWmhRGERQn/rig/WvWHuRfNTVkD6OTHpFu19Zql
iPgWQCh9WsMdKaEMIKRaldLNRCXBKiVFZWy41FUldBAlsj83idGrMr1pDzB+09Qd
YvUcCw7WdQP7dz+AooirUVuaWbsdKrmBnOOxCAZ52/rsZy2kxeKhxV9dJKX8Fmbt
IVae7tAF5dYEpOJJd2z0MqDcGHlCTwHmTp4Z/48Dj18VT//cvvWY7olYO1xLJfjw
mw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:10 2024 by rpki-client on console-ams.rpki-client.org