Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/BKx2WLQ-378z4hGsN1B2-JdI85I.roa
File: BKx2WLQ-378z4hGsN1B2-JdI85I.roa (raw, json)
Hash identifier: WKeZXitGZR5OoRW409AC20NS+EQTUsLBtjt6HONvQuY=
Subject key identifier: 04:AC:76:58:B4:3E:DF:BF:33:E2:11:AC:37:50:76:F8:97:48:F3:92
Certificate issuer: /CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Certificate serial: 018CC3B70795017B315687F526AEC30DD4B8
Authority key identifier: 7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/BKx2WLQ-378z4hGsN1B2-JdI85I.roa
Signing time: Mon 01 Jan 2024 06:30:01 +0000
ROA not before: Mon 01 Jan 2024 06:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34827
IP address blocks: 45.158.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Feb 2024 14:13:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:07:95:01:7b:31:56:87:f5:26:ae:c3:0d:d4:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Validity
Not Before: Jan 1 06:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04ac7658b43edfbf33e211ac375076f89748f392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e6:74:93:e7:04:eb:d2:ac:7e:50:e7:2d:0a:
03:50:ff:31:34:cc:a1:25:e7:0c:f9:02:63:a9:19:
23:83:85:31:01:5c:87:03:b3:72:b2:bd:d0:12:a1:
2b:d5:1a:41:65:1f:63:06:e0:7e:48:45:ca:3f:9b:
af:9c:d8:ce:75:8c:c7:e8:61:49:c8:78:61:d6:38:
a0:93:34:7f:f2:c9:f9:eb:0c:41:00:ab:0b:1e:f1:
54:08:40:b4:9f:a6:99:d4:1d:97:35:3a:76:6a:22:
6b:b3:42:5e:31:9d:a2:3a:96:48:ec:8e:1f:cc:c7:
07:df:4f:ef:fb:c9:d4:9f:7a:23:29:fd:50:c1:ae:
0e:a0:d6:bd:a4:66:38:77:2f:78:96:e1:82:3b:1d:
31:7b:d7:88:6e:30:c0:ed:e4:9f:0b:5e:87:1e:9e:
16:60:7d:3e:e6:fd:65:4c:9c:2e:35:20:c4:d3:17:
e5:b1:30:9e:ad:b4:2e:8f:96:19:98:b7:c9:78:ef:
40:d6:c1:49:d0:92:09:c2:ac:72:aa:58:ab:39:f3:
87:43:5a:97:d2:51:1f:c5:82:35:e2:bb:dc:d5:3c:
60:b4:bf:15:8f:10:bc:78:9a:f6:ca:fb:74:3e:16:
31:5c:7e:37:c8:e7:99:65:16:9b:0b:05:f6:11:6f:
fb:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:AC:76:58:B4:3E:DF:BF:33:E2:11:AC:37:50:76:F8:97:48:F3:92
X509v3 Authority Key Identifier:
keyid:7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/BKx2WLQ-378z4hGsN1B2-JdI85I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/f1FerQle7ZrEyrxatK0LWGfZ8Bs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.124.0/24
Signature Algorithm: sha256WithRSAEncryption
01:98:8c:71:92:c1:8e:12:96:c1:d4:82:f3:f0:49:30:b2:f4:
31:50:86:d3:d3:f3:21:65:1f:77:ed:10:15:21:b8:28:cc:5d:
1f:d4:f5:4e:04:f1:ef:1e:76:67:a7:e7:e7:f3:07:fd:8a:30:
cb:d3:3b:95:63:e2:c6:c8:66:43:c5:66:81:7b:69:79:69:09:
87:be:5b:dc:c5:e1:f8:5e:ab:b9:1c:21:d3:9a:ae:1d:e6:27:
57:14:27:10:0c:51:b4:d3:3d:71:87:54:81:05:6a:26:c5:63:
96:bb:fe:2e:51:e6:08:ab:fa:b7:7f:05:3e:4f:ee:2c:73:c8:
cc:cc:93:43:08:c9:5c:1b:0f:dd:7d:8a:fb:61:cb:ed:aa:b2:
d9:5a:c2:55:a6:e2:ae:62:5a:d2:52:67:56:40:ee:eb:f9:c2:
45:63:f4:3f:c1:50:86:dc:f6:d4:ba:d6:95:f1:a9:97:70:d3:
45:8b:e6:96:9e:c9:e6:9c:8c:70:a2:90:dc:0e:03:e4:76:52:
31:87:74:40:cf:78:aa:ab:54:c1:c0:49:27:e9:1e:22:dc:1c:
99:83:33:f6:58:05:0f:c3:aa:df:6a:f9:85:91:22:5d:3c:a7:
75:58:c2:79:4c:f3:c4:a5:13:f9:d6:df:a2:c2:bc:7c:4d:02:
d3:cd:5a:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtweVAXsxVof1Jq7DDdS4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTE1ZWFkMDk1ZWVkOWFjNGNhYmM1YWI0YWQwYjU4Njdk
OWYwMWIwHhcNMjQwMTAxMDYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGFjNzY1OGI0M2VkZmJmMzNlMjExYWMzNzUwNzZmODk3NDhmMzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeZ0k+cE69KsflDnLQoDUP8xNMyh
JecM+QJjqRkjg4UxAVyHA7Nysr3QEqEr1RpBZR9jBuB+SEXKP5uvnNjOdYzH6GFJ
yHhh1jigkzR/8sn56wxBAKsLHvFUCEC0n6aZ1B2XNTp2aiJrs0JeMZ2iOpZI7I4f
zMcH30/v+8nUn3ojKf1Qwa4OoNa9pGY4dy94luGCOx0xe9eIbjDA7eSfC16HHp4W
YH0+5v1lTJwuNSDE0xflsTCerbQuj5YZmLfJeO9A1sFJ0JIJwqxyqlirOfOHQ1qX
0lEfxYI14rvc1TxgtL8VjxC8eJr2yvt0PhYxXH43yOeZZRabCwX2EW/7UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFASsdli0Pt+/M+IRrDdQdviXSPOSMB8GA1UdIwQY
MBaAFH9RXq0JXu2axMq8WrStC1hn2fAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgt
ZjBhNjI0ZDQwOTEyLzEvQkt4MldMUS0zNzh6NGhHc04xQjItSmRJODVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgtZjBhNjI0ZDQwOTEy
LzEvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ58MA0G
CSqGSIb3DQEBCwUAA4IBAQABmIxxksGOEpbB1ILz8EkwsvQxUIbT0/MhZR937RAV
IbgozF0f1PVOBPHvHnZnp+fn8wf9ijDL0zuVY+LGyGZDxWaBe2l5aQmHvlvcxeH4
Xqu5HCHTmq4d5idXFCcQDFG00z1xh1SBBWomxWOWu/4uUeYIq/q3fwU+T+4sc8jM
zJNDCMlcGw/dfYr7YcvtqrLZWsJVpuKuYlrSUmdWQO7r+cJFY/Q/wVCG3PbUutaV
8amXcNNFi+aWnsnmnIxwopDcDgPkdlIxh3RAz3iqq1TBwEkn6R4i3ByZgzP2WAUP
w6rfavmFkSJdPKd1WMJ5TPPEpRP51t+iwrx8TQLTzVrc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:45 2024 by rpki-client on console-fra.rpki-client.org