Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/BQbjhMD4D3Y3Y6EuOoDG1rVmUlU.roa
File: BQbjhMD4D3Y3Y6EuOoDG1rVmUlU.roa (raw, json)
Hash identifier: v267fZqy75ceEsHx+Szqk3w7US16LdMB349k9ltBL/I=
Subject key identifier: 05:06:E3:84:C0:F8:0F:76:37:63:A1:2E:3A:80:C6:D6:B5:66:52:55
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018AFB629BA17861DDD2B7AFC57F41363E29
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/BQbjhMD4D3Y3Y6EuOoDG1rVmUlU.roa
Signing time: Wed 04 Oct 2023 15:50:57 +0000
ROA not before: Wed 04 Oct 2023 15:50:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210558
IP address blocks: 45.94.31.0/24 maxlen: 24
91.206.169.0/24 maxlen: 24
45.138.16.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fb:62:9b:a1:78:61:dd:d2:b7:af:c5:7f:41:36:3e:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Oct 4 15:50:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0506e384c0f80f763763a12e3a80c6d6b5665255
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9f:3d:1b:92:3d:76:e1:60:92:35:fa:3f:20:
86:f3:68:df:2c:6c:bd:25:5a:52:39:b8:9d:6b:ad:
75:54:7b:4a:a0:3a:af:19:50:00:f4:83:ca:91:d6:
66:23:49:a3:3e:97:6b:ef:f6:64:1d:7b:0e:e8:95:
80:01:15:7f:b4:ff:c9:c1:a7:09:a9:54:4d:e9:fe:
05:eb:7a:36:de:ee:78:2d:46:88:21:6f:6c:c9:71:
82:9d:d1:6f:2a:7b:32:47:51:71:c7:c4:a7:2a:9a:
87:23:f6:d5:a0:80:ea:b6:34:a4:f1:b5:14:2f:18:
1c:a5:6a:b6:e1:ac:94:1b:48:02:01:45:5e:da:c5:
d8:64:bd:21:61:d2:86:f9:03:1a:35:e2:37:37:71:
7f:2f:be:a6:62:13:e9:54:3b:88:30:b8:c6:2e:23:
79:6f:0d:7e:db:3e:51:f2:77:9f:f8:e8:68:45:eb:
c1:fc:8b:1b:34:a4:2e:bd:38:c0:8c:9a:2e:a7:81:
69:b4:ff:09:3b:65:94:8e:99:14:d7:d2:37:da:1e:
62:ca:57:be:5a:02:d0:49:f8:b9:cf:f2:fb:f9:3c:
de:08:4d:ab:2b:48:4b:26:50:43:aa:5f:fe:b8:a9:
38:cb:ce:2c:9b:1e:c0:cf:3a:8f:af:b2:8a:d5:ec:
27:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:06:E3:84:C0:F8:0F:76:37:63:A1:2E:3A:80:C6:D6:B5:66:52:55
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/BQbjhMD4D3Y3Y6EuOoDG1rVmUlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.31.0/24
45.138.16.0/24
91.206.169.0/24
Signature Algorithm: sha256WithRSAEncryption
49:d9:bc:ac:14:2a:45:69:95:03:cd:38:52:87:0f:96:0b:1a:
5a:4c:3c:fa:5d:e1:21:79:43:41:c6:b6:c9:33:e3:13:2a:c5:
f4:90:da:dc:0b:06:63:fb:7f:ad:2d:62:c9:6d:58:ec:66:3e:
3f:17:34:bd:91:3e:b2:49:48:d6:ab:3b:92:69:06:cb:22:78:
6a:50:20:c6:b9:b5:bb:02:4c:d5:0b:8e:29:0f:dd:ff:6d:7b:
27:5b:b2:1d:b3:a8:4a:25:b5:84:29:64:ed:39:c4:89:8e:c1:
c0:c1:09:c7:82:9d:a7:cf:9d:51:4d:fa:c5:4c:25:ad:9b:25:
d8:c3:35:da:ec:dd:f6:0e:69:ed:4d:60:bc:a5:d0:19:6a:3e:
ec:7b:8e:c7:32:6b:7a:89:29:2d:77:f0:df:b7:18:69:03:8a:
40:a5:30:1c:30:30:2f:cf:44:21:fb:19:04:c0:54:e4:86:a9:
d2:b3:26:9b:31:43:e5:54:64:0e:cd:00:c2:b3:cf:69:c0:b2:
f9:c7:b0:c6:04:8d:8e:70:ae:72:18:76:ab:d0:b8:52:3e:2f:
8e:f9:f5:80:c2:38:56:5d:87:7c:3a:1c:b2:50:31:66:29:c8:
ac:a1:ae:00:1d:29:33:bc:e7:09:1f:25:d0:b7:d1:c4:09:65:
c3:2c:27:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYr7YpuheGHd0revxX9BNj4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMxMDA0MTU1MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTA2ZTM4NGMwZjgwZjc2Mzc2M2ExMmUzYTgwYzZkNmI1NjY1MjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ89G5I9duFgkjX6PyCG82jfLGy9
JVpSObida611VHtKoDqvGVAA9IPKkdZmI0mjPpdr7/ZkHXsO6JWAARV/tP/JwacJ
qVRN6f4F63o23u54LUaIIW9syXGCndFvKnsyR1Fxx8SnKpqHI/bVoIDqtjSk8bUU
LxgcpWq24ayUG0gCAUVe2sXYZL0hYdKG+QMaNeI3N3F/L76mYhPpVDuIMLjGLiN5
bw1+2z5R8nef+OhoRevB/IsbNKQuvTjAjJoup4FptP8JO2WUjpkU19I32h5iyle+
WgLQSfi5z/L7+TzeCE2rK0hLJlBDql/+uKk4y84smx7AzzqPr7KK1ewnswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAUG44TA+A92N2OhLjqAxta1ZlJVMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvQlFiamhNRDREM1kzWTZFdU9vREcxclZtVWxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALV4fAwQA
LYoQAwQAW86pMA0GCSqGSIb3DQEBCwUAA4IBAQBJ2bysFCpFaZUDzThShw+WCxpa
TDz6XeEheUNBxrbJM+MTKsX0kNrcCwZj+3+tLWLJbVjsZj4/FzS9kT6ySUjWqzuS
aQbLInhqUCDGubW7AkzVC44pD93/bXsnW7Ids6hKJbWEKWTtOcSJjsHAwQnHgp2n
z51RTfrFTCWtmyXYwzXa7N32DmntTWC8pdAZaj7se47HMmt6iSktd/DftxhpA4pA
pTAcMDAvz0Qh+xkEwFTkhqnSsyabMUPlVGQOzQDCs89pwLL5x7DGBI2OcK5yGHar
0LhSPi+O+fWAwjhWXYd8OhyyUDFmKcisoa4AHSkzvOcJHyXQt9HECWXDLCdu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:51 2024 by rpki-client on console-fra.rpki-client.org