Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/bkSA_5o4xa5sP2t9a5FIlOdfIqw.roa
File: bkSA_5o4xa5sP2t9a5FIlOdfIqw.roa (raw, json)
Hash identifier: dePPad9oYy7+mCSv2UKwMbzVIW7iMlLQz7hxE3ydQfo=
Subject key identifier: 6E:44:80:FF:9A:38:C5:AE:6C:3F:6B:7D:6B:91:48:94:E7:5F:22:AC
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01892A2FE9DC67E01F9275B4D50261B2DA34
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/bkSA_5o4xa5sP2t9a5FIlOdfIqw.roa
Signing time: Thu 06 Jul 2023 07:52:10 +0000
ROA not before: Thu 06 Jul 2023 07:52:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.92.228.0/24 maxlen: 24
193.176.210.0/24 maxlen: 24
45.85.124.0/22 maxlen: 24
45.130.136.0/24 maxlen: 24
194.5.49.0/24 maxlen: 24
45.91.20.0/24 maxlen: 24
45.91.21.0/24 maxlen: 24
45.91.22.0/24 maxlen: 24
45.132.193.0/24 maxlen: 24
2a07:e341::/32 maxlen: 32
2a07:e340::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 23 Jul 2023 06:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2a:2f:e9:dc:67:e0:1f:92:75:b4:d5:02:61:b2:da:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jul 6 07:52:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e4480ff9a38c5ae6c3f6b7d6b914894e75f22ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e2:78:34:bf:c9:76:8d:a5:74:71:aa:b9:dd:
4b:c7:a5:61:71:45:d8:a6:bb:58:bc:b8:cc:48:29:
81:ff:d4:bc:16:4f:48:44:26:1f:9b:a2:5e:da:49:
ac:9c:61:9b:84:a9:45:1f:7a:40:1d:58:52:0b:dc:
bc:fe:bd:1c:87:72:5a:86:63:43:09:96:98:12:d8:
f3:91:5a:83:6d:ed:fe:21:99:e1:c6:cc:a3:5b:ab:
7b:a7:5e:d1:be:d8:9f:6f:80:8e:c6:a1:ed:76:cc:
ae:c6:73:de:89:1e:aa:1e:f5:f6:14:ff:01:75:08:
02:4d:86:2c:2b:94:5c:4d:2e:36:b2:d2:2a:6f:43:
8f:0e:f1:a8:29:70:4e:b5:dc:af:31:a9:0c:0b:a7:
9d:bb:ca:49:87:b6:b2:27:e7:b9:78:e3:5f:9e:95:
52:a7:61:ec:87:15:03:f6:8d:b1:99:9e:6a:a5:e6:
a8:53:94:34:64:41:57:4b:7f:23:c1:4d:97:6f:3c:
e9:99:bf:b3:96:4e:37:33:a1:72:bc:07:5b:4c:e3:
49:17:df:2b:b7:fe:53:80:f2:8d:2e:5c:0d:b1:1e:
59:36:13:91:a0:fa:1c:07:26:a9:5c:7c:26:8b:69:
cb:d3:e1:17:46:88:ed:55:f2:bd:f8:d8:29:f6:d2:
8c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:44:80:FF:9A:38:C5:AE:6C:3F:6B:7D:6B:91:48:94:E7:5F:22:AC
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/bkSA_5o4xa5sP2t9a5FIlOdfIqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.124.0/22
45.91.20.0-45.91.22.255
45.92.228.0/24
45.130.136.0/24
45.132.193.0/24
193.176.210.0/24
194.5.49.0/24
IPv6:
2a07:e340::/31
Signature Algorithm: sha256WithRSAEncryption
64:a4:11:42:f3:b2:85:be:07:41:47:b1:21:81:cb:dc:9e:56:
f1:43:8b:0c:2f:03:77:9c:26:c9:67:3a:ca:05:d7:10:ba:4a:
a8:0a:f3:de:79:d9:2f:08:6e:94:eb:d3:26:ea:56:cd:16:f4:
ac:36:b5:84:45:a7:58:9b:3b:31:3d:10:dd:55:df:83:6d:af:
a5:6a:71:44:79:5d:9e:94:87:6b:8a:b6:ae:5b:ed:1d:72:4a:
aa:79:7b:da:a6:69:a7:42:79:af:25:00:0f:7a:38:de:5c:8d:
6d:c1:3d:2d:95:34:da:72:77:53:9a:f6:98:e6:2a:36:c3:bc:
83:c0:5c:09:01:81:4b:1d:e0:ef:39:b7:8b:72:a7:5d:41:8a:
f6:f5:be:9e:dd:ae:36:82:e4:c2:65:02:b1:af:98:fa:68:e1:
9f:97:af:72:f3:7b:38:52:10:d1:84:0a:04:e4:6b:c3:09:83:
a0:ab:7a:7f:0a:05:ff:39:f9:18:f4:6e:39:d7:71:c3:55:6a:
ac:1d:d0:fb:44:c5:b3:77:38:7b:b8:ac:34:7c:19:da:78:f1:
db:44:6b:08:24:15:04:1b:40:74:81:85:03:0a:b7:de:a1:6c:
44:77:14:79:44:b6:27:d4:d3:5c:ec:64:55:c5:10:65:34:2f:
16:ac:c7:94
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYkqL+ncZ+AfknW01QJhsto0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwNzA2MDc1MjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQ0ODBmZjlhMzhjNWFlNmMzZjZiN2Q2YjkxNDg5NGU3NWYyMmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuJ4NL/Jdo2ldHGqud1Lx6VhcUXY
prtYvLjMSCmB/9S8Fk9IRCYfm6Je2kmsnGGbhKlFH3pAHVhSC9y8/r0ch3JahmND
CZaYEtjzkVqDbe3+IZnhxsyjW6t7p17Rvtifb4COxqHtdsyuxnPeiR6qHvX2FP8B
dQgCTYYsK5RcTS42stIqb0OPDvGoKXBOtdyvMakMC6edu8pJh7ayJ+e5eONfnpVS
p2HshxUD9o2xmZ5qpeaoU5Q0ZEFXS38jwU2Xbzzpmb+zlk43M6FyvAdbTONJF98r
t/5TgPKNLlwNsR5ZNhORoPocByapXHwmi2nL0+EXRojtVfK9+Ngp9tKMSwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFG5EgP+aOMWubD9rfWuRSJTnXyKsMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvYmtTQV81bzR4YTVzUDJ0OWE1RklsT2RmSXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQCLVV8MAwD
BAItWxQDBAAtWxYDBAAtXOQDBAAtgogDBAAthMEDBADBsNIDBADCBTEwDQQCAAIw
BwMFASoH40AwDQYJKoZIhvcNAQELBQADggEBAGSkEULzsoW+B0FHsSGBy9yeVvFD
iwwvA3ecJslnOsoF1xC6SqgK89552S8IbpTr0ybqVs0W9Kw2tYRFp1ibOzE9EN1V
34Ntr6VqcUR5XZ6Uh2uKtq5b7R1ySqp5e9qmaadCea8lAA96ON5cjW3BPS2VNNpy
d1Oa9pjmKjbDvIPAXAkBgUsd4O85t4typ11Bivb1vp7drjaC5MJlArGvmPpo4Z+X
r3LzezhSENGECgTka8MJg6Cren8KBf85+Rj0bjnXccNVaqwd0PtExbN3OHu4rDR8
Gdp48dtEawgkFQQbQHSBhQMKt96hbER3FHlEtifU01zsZFXFEGU0Lxasx5Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org