Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/bt9kerFQai8aroKd3b0FUaxKCNo.roa
File: bt9kerFQai8aroKd3b0FUaxKCNo.roa (raw, json)
Hash identifier: +UYRwc76vdPup4grPsfbZURP/vwJFT0EnvGvoygFAT4=
Subject key identifier: 6E:DF:64:7A:B1:50:6A:2F:1A:AE:82:9D:DD:BD:05:51:AC:4A:08:DA
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 0191C63DC624328385186F02D87E5BDA7388
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/bt9kerFQai8aroKd3b0FUaxKCNo.roa
Signing time: Fri 06 Sep 2024 07:30:22 +0000
ROA not before: Fri 06 Sep 2024 07:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 5.181.200.0/24 maxlen: 24
45.158.83.0/24 maxlen: 24
185.225.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 16:33:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c6:3d:c6:24:32:83:85:18:6f:02:d8:7e:5b:da:73:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Sep 6 07:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6edf647ab1506a2f1aae829dddbd0551ac4a08da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a8:12:79:9f:38:da:cc:bf:0b:32:a1:0b:48:
fa:c0:e0:f4:3b:fa:af:09:c2:c9:2c:99:2e:80:f9:
67:64:02:79:52:5b:46:2a:f4:c5:8e:05:d5:d9:b8:
15:2d:78:0f:6a:af:04:6b:0a:dd:9b:ea:e2:0e:b1:
0e:12:d4:1d:3b:80:71:e3:f0:19:2a:6f:8f:e1:ee:
7d:18:4f:b2:39:74:aa:70:42:5c:ce:fd:2a:03:0d:
18:57:3f:e0:29:2b:e6:d3:43:dd:12:47:12:3e:01:
53:0a:73:5f:bf:73:fb:60:9b:7b:94:95:56:cd:e7:
2d:08:1d:47:d3:37:1c:2d:80:3d:77:18:05:36:8e:
5b:1d:6c:a5:a8:ad:64:1c:07:d1:7d:30:ee:81:7b:
cd:f1:9b:0b:6d:5b:37:91:8b:55:92:44:be:6a:26:
31:e2:8f:ad:9c:3e:0e:af:fd:e9:a1:e2:02:7f:f9:
66:09:dc:8d:bb:be:d3:43:24:2b:a6:6e:d8:f9:e3:
3b:77:c5:19:4f:78:25:7b:a1:ea:d2:c6:bc:e3:73:
64:55:b5:bd:6e:70:68:ba:da:98:77:12:e5:90:30:
d8:32:2b:12:7b:6f:d4:50:9f:4e:02:a6:98:9d:c3:
cb:da:72:77:b9:91:17:1e:fa:88:fc:fe:8e:fe:59:
e7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:DF:64:7A:B1:50:6A:2F:1A:AE:82:9D:DD:BD:05:51:AC:4A:08:DA
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/bt9kerFQai8aroKd3b0FUaxKCNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.200.0/24
45.158.83.0/24
185.225.206.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:e7:af:d1:5f:66:22:3b:0a:5c:9a:70:d1:5b:2a:c6:e4:c5:
2f:d2:72:ba:4f:2b:39:a9:c0:8c:a7:e3:98:49:15:29:54:be:
f1:0e:74:b2:4a:32:5f:a7:a2:3c:63:fa:41:76:fc:4f:0c:ed:
f3:93:0c:24:ce:59:28:c0:13:70:7c:9e:64:56:21:6d:de:e0:
a7:7a:17:35:0a:06:d6:6d:14:b5:f5:e7:26:4f:e8:05:f7:7a:
e6:2e:0d:5d:32:8d:91:69:8d:12:c2:4b:a2:09:ab:c5:6b:17:
75:f3:46:19:7a:85:f4:cc:82:6d:d8:5e:14:d8:60:39:55:45:
e5:d0:27:dc:17:80:b0:b0:ed:d2:04:6a:af:a3:49:50:7c:c5:
c2:6d:ed:03:85:66:a6:84:b8:b0:ba:b0:0e:73:ea:79:e8:09:
cb:b6:c2:b8:9e:8f:7e:bf:68:8c:c7:30:b6:6d:5d:df:b5:e9:
2d:44:00:7d:0e:0a:8c:31:2c:18:ce:05:19:ce:ee:1b:a4:8d:
2b:55:c3:ec:8a:29:0e:27:89:15:60:3e:e2:f7:71:f1:94:5d:
94:99:6a:41:23:0b:38:fc:56:44:2c:88:7e:ac:de:0c:ee:01:
49:56:0b:28:81:43:90:f9:6f:ae:72:dc:78:af:df:dc:45:29:
a0:69:cc:91
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHGPcYkMoOFGG8C2H5b2nOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjQwOTA2MDczMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWRmNjQ3YWIxNTA2YTJmMWFhZTgyOWRkZGJkMDU1MWFjNGEwOGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApagSeZ842sy/CzKhC0j6wOD0O/qv
CcLJLJkugPlnZAJ5UltGKvTFjgXV2bgVLXgPaq8Eawrdm+riDrEOEtQdO4Bx4/AZ
Km+P4e59GE+yOXSqcEJczv0qAw0YVz/gKSvm00PdEkcSPgFTCnNfv3P7YJt7lJVW
zectCB1H0zccLYA9dxgFNo5bHWylqK1kHAfRfTDugXvN8ZsLbVs3kYtVkkS+aiYx
4o+tnD4Or/3poeICf/lmCdyNu77TQyQrpm7Y+eM7d8UZT3gle6Hq0sa843NkVbW9
bnBoutqYdxLlkDDYMisSe2/UUJ9OAqaYncPL2nJ3uZEXHvqI/P6O/lnnawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG7fZHqxUGovGq6Cnd29BVGsSgjaMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvYnQ5a2VyRlFhaThhcm9LZDNiMEZVYXhLQ05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABbXIAwQA
LZ5TAwQAueHOMA0GCSqGSIb3DQEBCwUAA4IBAQAu56/RX2YiOwpcmnDRWyrG5MUv
0nK6Tys5qcCMp+OYSRUpVL7xDnSySjJfp6I8Y/pBdvxPDO3zkwwkzlkowBNwfJ5k
ViFt3uCnehc1CgbWbRS19ecmT+gF93rmLg1dMo2RaY0SwkuiCavFaxd180YZeoX0
zIJt2F4U2GA5VUXl0CfcF4CwsO3SBGqvo0lQfMXCbe0DhWamhLiwurAOc+p56AnL
tsK4no9+v2iMxzC2bV3ftektRAB9DgqMMSwYzgUZzu4bpI0rVcPsiikOJ4kVYD7i
93HxlF2UmWpBIws4/FZELIh+rN4M7gFJVgsogUOQ+W+uctx4r9/cRSmgacyR
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:33:53 2024 by rpki-client on console-ams.rpki-client.org