Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/BNA9eD4Jd8rZ51VZ6So65timw7I.roa
File: BNA9eD4Jd8rZ51VZ6So65timw7I.roa (raw, json)
Hash identifier: yg3AQxB36if//+37ZXzuuGraTk7SYYcq6LjQFx1K42U=
Subject key identifier: 04:D0:3D:78:3E:09:77:CA:D9:E7:55:59:E9:2A:3A:E6:D8:A6:C3:B2
Certificate issuer: /CN=a748fbe1d7d3a6aa474de43fa885ce2d091c529b
Certificate serial: 018AE2CD4CF8DC9E7E311102999262412D5B
Authority key identifier: A7:48:FB:E1:D7:D3:A6:AA:47:4D:E4:3F:A8:85:CE:2D:09:1C:52:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0j74dfTpqpHTeQ_qIXOLQkcUps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/BNA9eD4Jd8rZ51VZ6So65timw7I.roa
Signing time: Fri 29 Sep 2023 21:16:59 +0000
ROA not before: Fri 29 Sep 2023 21:16:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203206
IP address blocks: 185.204.101.0/24 maxlen: 24
2a10:8407::/32 maxlen: 32
2a10:8405::/32 maxlen: 32
2a10:8406::/32 maxlen: 32
2a10:8400::/29 maxlen: 32
2a10:8404::/32 maxlen: 32
2a10:8403::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e2:cd:4c:f8:dc:9e:7e:31:11:02:99:92:62:41:2d:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a748fbe1d7d3a6aa474de43fa885ce2d091c529b
Validity
Not Before: Sep 29 21:16:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04d03d783e0977cad9e75559e92a3ae6d8a6c3b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:37:e7:ff:6a:98:87:ce:e0:e0:69:da:45:d8:
60:a0:d7:4c:41:b9:fb:f1:57:6c:84:f8:31:00:e8:
c6:49:17:1c:e2:14:0a:a1:c7:1d:d7:95:6a:65:1e:
61:44:58:f2:98:29:8c:65:d4:bf:24:75:19:59:26:
75:94:17:33:b0:47:5e:45:0c:0d:a9:f4:7d:7b:65:
c9:86:d8:67:12:ee:d1:ba:42:6d:c8:a1:f3:74:a6:
11:6d:8b:b3:0a:ba:94:f0:8c:9a:11:2a:61:bd:1b:
66:12:0b:05:9b:f8:19:29:75:cc:44:4d:e3:48:3d:
8d:26:9a:78:c8:bc:a4:b2:bd:3e:81:a0:04:11:05:
f8:fb:bf:cb:da:ce:26:54:4b:b2:5a:1a:9d:a7:c0:
c5:bd:59:ac:81:37:be:ac:26:9d:b2:c8:96:cf:2e:
0c:ac:4a:c7:bd:87:c5:2d:05:3f:cb:ed:8e:86:4e:
75:d2:97:26:31:d5:99:87:22:f7:c7:17:af:19:38:
9e:5e:20:8a:e1:5b:3b:57:56:f6:7f:10:02:b2:e6:
a7:01:52:07:5c:07:04:5f:4d:69:ce:e3:12:41:d6:
ef:b3:4b:0b:35:c1:9e:97:74:ce:90:9d:02:22:66:
b1:5a:f4:b5:c1:7e:86:a5:98:47:d0:c0:aa:1c:ef:
e9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:D0:3D:78:3E:09:77:CA:D9:E7:55:59:E9:2A:3A:E6:D8:A6:C3:B2
X509v3 Authority Key Identifier:
keyid:A7:48:FB:E1:D7:D3:A6:AA:47:4D:E4:3F:A8:85:CE:2D:09:1C:52:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0j74dfTpqpHTeQ_qIXOLQkcUps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/BNA9eD4Jd8rZ51VZ6So65timw7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/p0j74dfTpqpHTeQ_qIXOLQkcUps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.101.0/24
IPv6:
2a10:8400::/29
Signature Algorithm: sha256WithRSAEncryption
4a:8e:a0:34:f5:f5:95:88:c5:27:88:12:e6:e9:5b:20:79:bc:
c8:b6:b0:cc:d8:ac:79:97:54:45:70:97:2f:99:a9:70:9c:d8:
4f:32:d7:5d:0b:4e:c6:11:a3:ea:29:d0:89:7c:76:14:1c:3e:
3c:c6:0f:a2:0a:e3:9e:8d:f6:83:62:60:1e:ec:05:93:d0:8a:
e7:d4:81:89:d0:fa:c4:d2:07:e6:f6:b1:2a:40:1d:a3:7c:1f:
0f:5d:7d:2b:38:fd:ab:1e:54:61:cd:18:f9:1e:be:c7:79:fb:
c7:9d:19:e4:36:36:c8:91:0a:dd:9b:c9:d9:1e:74:72:fb:61:
2c:23:dd:42:17:97:a1:aa:2c:b2:27:0a:ae:e6:4a:35:17:8f:
df:8c:2a:00:9f:cf:35:8f:af:c4:f7:69:1c:cd:48:a6:f6:cf:
4a:df:08:e5:a5:4e:9a:c1:d6:61:87:c0:dc:1b:53:58:d9:5f:
8b:8b:35:87:26:7f:f3:8c:ae:bf:a6:00:71:99:af:4b:0b:3d:
da:be:4e:85:c4:fe:71:fa:69:d6:19:63:95:a9:8a:93:39:e6:
39:fa:d6:07:1c:33:b6:44:e0:a7:73:e0:d6:85:26:00:77:52:
33:6e:2f:16:e4:6d:55:2d:0d:48:b7:5c:3b:49:83:9e:77:8e:
8b:e6:47:70
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYrizUz43J5+MRECmZJiQS1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NDhmYmUxZDdkM2E2YWE0NzRkZTQzZmE4ODVjZTJkMDkx
YzUyOWIwHhcNMjMwOTI5MjExNjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGQwM2Q3ODNlMDk3N2NhZDllNzU1NTllOTJhM2FlNmQ4YTZjM2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDfn/2qYh87g4GnaRdhgoNdMQbn7
8VdshPgxAOjGSRcc4hQKoccd15VqZR5hRFjymCmMZdS/JHUZWSZ1lBczsEdeRQwN
qfR9e2XJhthnEu7RukJtyKHzdKYRbYuzCrqU8IyaESphvRtmEgsFm/gZKXXMRE3j
SD2NJpp4yLyksr0+gaAEEQX4+7/L2s4mVEuyWhqdp8DFvVmsgTe+rCadssiWzy4M
rErHvYfFLQU/y+2Ohk510pcmMdWZhyL3xxevGTieXiCK4Vs7V1b2fxACsuanAVIH
XAcEX01pzuMSQdbvs0sLNcGel3TOkJ0CImaxWvS1wX6GpZhH0MCqHO/pOwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFATQPXg+CXfK2edVWekqOubYpsOyMB8GA1UdIwQY
MBaAFKdI++HX06aqR03kP6iFzi0JHFKbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDBqNzRkZlRwcXBIVGVRX3FJWE9MUWtjVXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hNzIzZDgtZDhjYy00ZTYwLTg1YWIt
NmM5YjVjOWJmYTc1LzEvQk5BOWVENEpkOHJaNTFWWjZTbzY1dGltdzdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hNzIzZDgtZDhjYy00ZTYwLTg1YWItNmM5YjVjOWJmYTc1
LzEvcDBqNzRkZlRwcXBIVGVRX3FJWE9MUWtjVXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAucxlMA0E
AgACMAcDBQMqEIQAMA0GCSqGSIb3DQEBCwUAA4IBAQBKjqA09fWViMUniBLm6Vsg
ebzItrDM2Kx5l1RFcJcvmalwnNhPMtddC07GEaPqKdCJfHYUHD48xg+iCuOejfaD
YmAe7AWT0Irn1IGJ0PrE0gfm9rEqQB2jfB8PXX0rOP2rHlRhzRj5Hr7HefvHnRnk
NjbIkQrdm8nZHnRy+2EsI91CF5ehqiyyJwqu5ko1F4/fjCoAn881j6/E92kczUim
9s9K3wjlpU6awdZhh8DcG1NY2V+LizWHJn/zjK6/pgBxma9LCz3avk6FxP5x+mnW
GWOVqYqTOeY5+tYHHDO2ROCnc+DWhSYAd1Izbi8W5G1VLQ1It1w7SYOed46L5kdw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:03 2024 by rpki-client on console-fra.rpki-client.org