Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/bf-Dvas93EkZ9IbpVdah869tsrk.roa
File: bf-Dvas93EkZ9IbpVdah869tsrk.roa (raw, json)
Hash identifier: fcIUdiZ13FTJMkInwyoiualb6lho2CIH//uXpTJzNSU=
Subject key identifier: 6D:FF:83:BD:AB:3D:DC:49:19:F4:86:E9:55:D6:A1:F3:AF:6D:B2:B9
Certificate issuer: /CN=389b2fa3651383a7fc6a86adba56c7c6207d7568
Certificate serial: 018DAEA21B66CC358F6212C6383BC296051D
Authority key identifier: 38:9B:2F:A3:65:13:83:A7:FC:6A:86:AD:BA:56:C7:C6:20:7D:75:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJsvo2UTg6f8aoatulbHxiB9dWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/bf-Dvas93EkZ9IbpVdah869tsrk.roa
Signing time: Thu 15 Feb 2024 21:17:55 +0000
ROA not before: Thu 15 Feb 2024 21:17:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58173
IP address blocks: 5.61.72.0/21 maxlen: 21
5.61.72.0/22 maxlen: 22
5.61.76.0/22 maxlen: 22
185.18.48.0/22 maxlen: 22
185.18.48.0/23 maxlen: 23
185.18.48.0/24 maxlen: 24
185.18.50.0/23 maxlen: 23
185.18.50.0/24 maxlen: 24
185.96.192.0/22 maxlen: 24
185.96.192.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 04 Apr 2024 12:51:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ae:a2:1b:66:cc:35:8f:62:12:c6:38:3b:c2:96:05:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=389b2fa3651383a7fc6a86adba56c7c6207d7568
Validity
Not Before: Feb 15 21:17:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dff83bdab3ddc4919f486e955d6a1f3af6db2b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b8:6b:f6:08:2f:6f:60:44:34:18:f7:c0:47:
a5:db:1d:f2:31:f0:ad:f8:fc:9c:77:bb:c1:59:f9:
4b:d5:28:45:0c:4d:f7:db:9e:8d:f6:31:6c:5e:b8:
b0:0a:7d:a1:cd:2a:dd:54:e3:f1:75:10:e6:af:3a:
82:4e:af:ef:f9:63:43:03:f7:f4:05:bf:b2:a1:9b:
3c:0b:bf:02:84:05:6c:e1:03:1e:d2:e4:cb:ed:24:
e8:ab:bd:7c:64:e6:24:94:5e:4e:1f:1e:22:fd:01:
a2:b9:cc:f1:fc:52:ee:2c:85:a4:fa:8d:84:99:43:
50:83:6a:05:a0:44:c0:3b:68:77:68:4f:6e:e7:53:
99:1e:63:9b:fa:82:3f:89:e3:9f:3a:fc:a7:37:cf:
e3:9b:ae:b7:16:71:26:f1:23:47:92:6a:3e:c2:12:
65:2d:71:23:c4:b6:40:bc:27:7b:5b:23:a1:62:b1:
44:22:f3:9c:48:c9:2f:b3:59:89:6a:ac:30:3d:7f:
3d:eb:89:9e:94:38:2a:56:38:9d:3b:fa:ee:8e:85:
ab:80:8b:07:d4:c4:86:63:1b:23:92:d2:2b:f1:21:
17:20:13:4b:80:59:55:59:e0:31:fa:b7:28:33:46:
dc:3c:11:f1:08:71:49:bd:44:6d:e9:b1:15:ae:10:
9d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:FF:83:BD:AB:3D:DC:49:19:F4:86:E9:55:D6:A1:F3:AF:6D:B2:B9
X509v3 Authority Key Identifier:
keyid:38:9B:2F:A3:65:13:83:A7:FC:6A:86:AD:BA:56:C7:C6:20:7D:75:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJsvo2UTg6f8aoatulbHxiB9dWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/bf-Dvas93EkZ9IbpVdah869tsrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/OJsvo2UTg6f8aoatulbHxiB9dWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.72.0/21
185.18.48.0/22
185.96.192.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:e4:ab:b1:68:b4:f9:92:1f:58:73:f5:0f:75:72:e1:43:7a:
a7:6b:77:77:de:1d:55:96:a4:7f:f2:21:ea:34:e8:8b:6e:b4:
23:29:bb:9f:8f:8c:e1:d9:57:59:ef:c4:a4:57:ab:10:db:cf:
ac:97:1d:8a:ee:42:d6:d7:26:c9:22:cf:5f:2e:c6:7e:87:ff:
38:ea:b0:15:89:44:b1:34:13:c3:0a:48:62:bb:66:cb:18:d2:
d2:57:cf:bc:b8:e4:f7:0d:d8:ed:7a:7e:0e:80:02:72:51:6f:
08:27:e8:e7:2e:f8:04:05:ee:d6:b5:41:4f:b0:48:40:e5:2e:
d7:db:fa:21:d0:3c:af:f4:c1:81:ce:3a:65:1e:b0:e5:d1:10:
d4:d7:6f:e6:79:94:58:8d:34:92:10:ea:c6:c5:86:da:2d:30:
b2:fa:52:95:91:d7:bf:ea:0b:26:c0:21:ca:13:07:db:ec:03:
5f:36:85:07:ac:a3:9e:18:49:74:09:8f:98:08:68:a3:a2:ad:
39:c3:9e:e6:be:a3:70:41:ed:7c:ce:02:d0:21:8d:e6:f6:77:
be:e8:7c:37:fe:88:26:ec:fc:80:f6:7e:17:ee:f9:4c:2c:02:
ed:4b:e3:0e:7a:dd:47:0d:ce:11:c0:f4:38:e2:c4:6a:b2:68:
b1:71:e4:cf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2uohtmzDWPYhLGODvClgUdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWIyZmEzNjUxMzgzYTdmYzZhODZhZGJhNTZjN2M2MjA3
ZDc1NjgwHhcNMjQwMjE1MjExNzU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGZmODNiZGFiM2RkYzQ5MTlmNDg2ZTk1NWQ2YTFmM2FmNmRiMmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bhr9ggvb2BENBj3wEel2x3yMfCt
+Pycd7vBWflL1ShFDE33256N9jFsXriwCn2hzSrdVOPxdRDmrzqCTq/v+WNDA/f0
Bb+yoZs8C78ChAVs4QMe0uTL7SToq718ZOYklF5OHx4i/QGiuczx/FLuLIWk+o2E
mUNQg2oFoETAO2h3aE9u51OZHmOb+oI/ieOfOvynN8/jm663FnEm8SNHkmo+whJl
LXEjxLZAvCd7WyOhYrFEIvOcSMkvs1mJaqwwPX8964melDgqVjidO/rujoWrgIsH
1MSGYxsjktIr8SEXIBNLgFlVWeAx+rcoM0bcPBHxCHFJvURt6bEVrhCdmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG3/g72rPdxJGfSG6VXWofOvbbK5MB8GA1UdIwQY
MBaAFDibL6NlE4On/GqGrbpWx8YgfXVoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0pzdm8yVVRnNmY4YW9hdHVsYkh4aUI5ZFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xYWQyNmYtYTMzZS00MDY5LWE4MDIt
MzczYjUyMmE4MjFkLzEvYmYtRHZhczkzRWtaOUlicFZkYWg4Njl0c3JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xYWQyNmYtYTMzZS00MDY5LWE4MDItMzczYjUyMmE4MjFk
LzEvT0pzdm8yVVRnNmY4YW9hdHVsYkh4aUI5ZFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBT1IAwQC
uRIwAwQCuWDAMA0GCSqGSIb3DQEBCwUAA4IBAQCk5KuxaLT5kh9Yc/UPdXLhQ3qn
a3d33h1VlqR/8iHqNOiLbrQjKbufj4zh2VdZ78SkV6sQ28+slx2K7kLW1ybJIs9f
LsZ+h/846rAViUSxNBPDCkhiu2bLGNLSV8+8uOT3Ddjten4OgAJyUW8IJ+jnLvgE
Be7WtUFPsEhA5S7X2/oh0Dyv9MGBzjplHrDl0RDU12/meZRYjTSSEOrGxYbaLTCy
+lKVkde/6gsmwCHKEwfb7ANfNoUHrKOeGEl0CY+YCGijoq05w57mvqNwQe18zgLQ
IY3m9ne+6Hw3/ogm7PyA9n4X7vlMLALtS+MOet1HDc4RwPQ44sRqsmixceTP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:20 2024 by rpki-client on console-ams.rpki-client.org