Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5f3187-3beb-4c4b-9a44-d6bd55a9e36d/1/BD5IE0lj3Ff7ExUbVMOQRgdv85g.roa
File: BD5IE0lj3Ff7ExUbVMOQRgdv85g.roa (raw, json)
Hash identifier: Vb4FW8t5cervkqPOhD4rMN2NoPCQRZviCXFcctYkjwU=
Subject key identifier: 04:3E:48:13:49:63:DC:57:FB:13:15:1B:54:C3:90:46:07:6F:F3:98
Certificate issuer: /CN=0f89c8697f7792caaf599664e89ace65244f8ae8
Certificate serial: 018635D6FFEB1605EF708DC00AB00DC05C3F
Authority key identifier: 0F:89:C8:69:7F:77:92:CA:AF:59:96:64:E8:9A:CE:65:24:4F:8A:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D4nIaX93ksqvWZZk6JrOZSRPiug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5f3187-3beb-4c4b-9a44-d6bd55a9e36d/1/BD5IE0lj3Ff7ExUbVMOQRgdv85g.roa
Signing time: Thu 09 Feb 2023 11:02:08 +0000
ROA not before: Thu 09 Feb 2023 11:02:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51690
IP address blocks: 91.220.33.0/24 maxlen: 24
185.9.202.0/24 maxlen: 24
185.9.203.0/24 maxlen: 24
185.9.200.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:35:d6:ff:eb:16:05:ef:70:8d:c0:0a:b0:0d:c0:5c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f89c8697f7792caaf599664e89ace65244f8ae8
Validity
Not Before: Feb 9 11:02:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=043e48134963dc57fb13151b54c39046076ff398
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6e:2b:34:bc:52:99:f1:46:b0:86:c8:23:c4:
07:08:c5:65:c6:96:c8:48:14:ef:09:44:ed:60:08:
d6:1b:43:f3:04:72:86:ab:57:12:8c:6c:c8:29:2e:
a8:ef:5d:b9:1b:c8:af:81:62:3c:46:6d:d5:c5:39:
3c:2c:bc:0c:8f:25:61:48:72:ab:7e:df:ea:2e:eb:
ea:f6:dd:55:8c:63:da:91:59:96:60:83:0c:3a:53:
2c:d3:a2:52:a2:15:cb:13:ff:af:03:5a:33:41:ed:
4a:a1:16:02:62:16:6d:51:bd:82:95:8d:bd:d3:48:
16:36:92:c1:7b:3e:ca:f0:94:42:05:4f:04:06:fd:
73:40:a3:d6:b2:d6:00:03:a6:9e:d1:41:53:98:07:
d1:01:de:dd:e8:08:d7:de:27:61:84:b7:fe:43:51:
04:71:49:53:ea:bd:b6:aa:dd:af:95:94:99:8c:77:
e3:72:e9:77:86:d9:72:a0:7e:12:1f:9a:20:5f:16:
65:22:42:8d:cc:d0:b4:d0:d0:ae:68:3d:4d:62:7a:
e6:30:c3:e8:da:d0:57:fc:ce:9e:1e:28:44:a5:ee:
97:3d:83:a6:5e:ba:74:77:90:5d:ea:0b:b8:fa:9e:
f5:c1:d5:34:37:9b:f8:45:08:15:19:ee:8d:d8:0f:
5e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:3E:48:13:49:63:DC:57:FB:13:15:1B:54:C3:90:46:07:6F:F3:98
X509v3 Authority Key Identifier:
keyid:0F:89:C8:69:7F:77:92:CA:AF:59:96:64:E8:9A:CE:65:24:4F:8A:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D4nIaX93ksqvWZZk6JrOZSRPiug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5f3187-3beb-4c4b-9a44-d6bd55a9e36d/1/BD5IE0lj3Ff7ExUbVMOQRgdv85g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5f3187-3beb-4c4b-9a44-d6bd55a9e36d/1/D4nIaX93ksqvWZZk6JrOZSRPiug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.33.0/24
185.9.200.0/22
Signature Algorithm: sha256WithRSAEncryption
54:e7:1e:f8:25:58:9e:83:54:bb:b9:c8:f3:f1:3a:78:27:cd:
bb:9e:ac:48:69:4f:f0:f9:95:7c:d1:f1:cf:6a:f5:dd:ce:6f:
d7:4f:6e:83:10:ff:24:f9:8f:52:5b:26:84:9d:8e:16:20:6b:
da:a4:70:78:ed:f9:64:02:50:22:61:e0:74:91:6f:d0:24:d4:
03:ac:4b:b2:52:96:56:01:32:6b:73:dd:76:ff:3e:dd:80:96:
de:64:33:2d:09:67:aa:79:5b:f2:ed:fd:26:01:4c:a9:e3:4a:
14:b7:13:81:1f:3c:fd:a3:be:94:7f:07:7e:71:6c:08:2d:03:
1e:a5:c1:fc:a6:c7:95:6a:bd:06:b8:b3:22:02:5b:d1:d4:37:
76:1b:fe:56:e5:9b:f7:0f:cb:48:df:4e:a5:b6:ef:2c:06:b3:
f1:0b:bd:77:04:ea:a2:f3:b2:d5:8d:9b:7f:82:e3:d5:e0:cd:
d8:d8:c8:b8:bd:a3:da:4a:00:20:18:4a:08:5e:91:cc:d8:62:
12:7e:12:3b:73:c1:3c:d2:f0:9e:e7:cf:b9:e1:bd:6a:eb:07:
40:8a:33:90:c3:9c:89:fb:4f:5d:fe:06:6c:85:68:2a:22:bf:
b8:7c:71:e9:0d:55:70:9d:63:39:23:50:24:c4:8e:98:68:ea:
9d:03:85:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYY11v/rFgXvcI3ACrANwFw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmODljODY5N2Y3NzkyY2FhZjU5OTY2NGU4OWFjZTY1MjQ0
ZjhhZTgwHhcNMjMwMjA5MTEwMjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDNlNDgxMzQ5NjNkYzU3ZmIxMzE1MWI1NGMzOTA0NjA3NmZmMzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhm4rNLxSmfFGsIbII8QHCMVlxpbI
SBTvCUTtYAjWG0PzBHKGq1cSjGzIKS6o7125G8ivgWI8Rm3VxTk8LLwMjyVhSHKr
ft/qLuvq9t1VjGPakVmWYIMMOlMs06JSohXLE/+vA1ozQe1KoRYCYhZtUb2ClY29
00gWNpLBez7K8JRCBU8EBv1zQKPWstYAA6ae0UFTmAfRAd7d6AjX3idhhLf+Q1EE
cUlT6r22qt2vlZSZjHfjcul3htlyoH4SH5ogXxZlIkKNzNC00NCuaD1NYnrmMMPo
2tBX/M6eHihEpe6XPYOmXrp0d5Bd6gu4+p71wdU0N5v4RQgVGe6N2A9ePwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAQ+SBNJY9xX+xMVG1TDkEYHb/OYMB8GA1UdIwQY
MBaAFA+JyGl/d5LKr1mWZOiazmUkT4roMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDRuSWFYOTNrc3F2V1paazZKck9aU1JQaXVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZjMxODctM2JlYi00YzRiLTlhNDQt
ZDZiZDU1YTllMzZkLzEvQkQ1SUUwbGozRmY3RXhVYlZNT1FSZ2R2ODVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZjMxODctM2JlYi00YzRiLTlhNDQtZDZiZDU1YTllMzZk
LzEvRDRuSWFYOTNrc3F2V1paazZKck9aU1JQaXVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9whAwQC
uQnIMA0GCSqGSIb3DQEBCwUAA4IBAQBU5x74JVieg1S7ucjz8Tp4J827nqxIaU/w
+ZV80fHPavXdzm/XT26DEP8k+Y9SWyaEnY4WIGvapHB47flkAlAiYeB0kW/QJNQD
rEuyUpZWATJrc912/z7dgJbeZDMtCWeqeVvy7f0mAUyp40oUtxOBHzz9o76Ufwd+
cWwILQMepcH8pseVar0GuLMiAlvR1Dd2G/5W5Zv3D8tI306ltu8sBrPxC713BOqi
87LVjZt/guPV4M3Y2Mi4vaPaSgAgGEoIXpHM2GISfhI7c8E80vCe58+54b1q6wdA
ijOQw5yJ+09d/gZshWgqIr+4fHHpDVVwnWM5I1AkxI6YaOqdA4Xu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org