Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BSUmbKZjbUq7Ntvth6RQo2w2geA.roa
File: BSUmbKZjbUq7Ntvth6RQo2w2geA.roa (raw, json)
Hash identifier: FRkza9OO4Fttg1l5NOlWqK6b0JZTrZUIcEWYvxYFcu4=
Subject key identifier: 05:25:26:6C:A6:63:6D:4A:BB:36:DB:ED:87:A4:50:A3:6C:36:81:E0
Certificate issuer: /CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Certificate serial: 0185E8DCA9D3FDFB09D491DF22D5FA077BDC
Authority key identifier: 05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BSUmbKZjbUq7Ntvth6RQo2w2geA.roa
Signing time: Wed 25 Jan 2023 12:17:33 +0000
ROA not before: Wed 25 Jan 2023 12:17:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35831
IP address blocks: 83.245.79.0/24 maxlen: 24
89.167.228.0/24 maxlen: 24
89.167.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e8:dc:a9:d3:fd:fb:09:d4:91:df:22:d5:fa:07:7b:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Validity
Not Before: Jan 25 12:17:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0525266ca6636d4abb36dbed87a450a36c3681e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5c:d0:fc:cc:74:14:c7:50:d5:64:45:43:d5:
9f:52:e9:72:f4:1e:39:9b:9f:fc:c6:38:e2:d3:ab:
7f:09:fc:ad:9a:78:b6:ad:2e:f5:3d:c3:ec:b3:90:
98:07:c3:17:53:c8:27:71:a1:34:81:33:e5:dc:d5:
86:39:00:d8:4c:6d:c4:9b:60:88:be:13:c8:82:02:
28:fd:85:e7:66:39:e6:0c:1e:8e:ea:85:1d:a3:cd:
f8:30:a8:68:32:c5:8a:4c:a4:89:ac:9a:12:66:90:
ef:9a:3a:06:02:d1:a2:42:02:91:ae:2f:2d:36:b9:
1a:88:76:2a:59:2f:f2:05:7c:76:5a:2c:9c:b7:24:
1a:5e:6b:a8:dd:f8:a0:a3:df:bb:fa:81:f0:b9:1e:
04:04:7a:96:d4:8e:74:4a:e9:7b:a6:3a:05:41:ab:
af:3c:0b:8a:2d:9c:36:d4:28:8a:eb:bd:a4:48:76:
10:ab:27:b4:75:ab:c4:f5:c6:28:98:35:b1:dd:8e:
9d:40:c1:03:d8:2e:ed:0f:07:dc:95:76:73:23:d0:
93:3f:d7:93:e7:52:e0:92:f3:c3:d8:25:4f:0b:42:
bd:09:1d:82:86:34:89:8e:7f:f9:05:7f:92:14:19:
52:e6:6a:32:bd:26:db:b3:26:6b:7e:c8:7b:a9:a6:
49:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:25:26:6C:A6:63:6D:4A:BB:36:DB:ED:87:A4:50:A3:6C:36:81:E0
X509v3 Authority Key Identifier:
keyid:05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BSUmbKZjbUq7Ntvth6RQo2w2geA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.245.79.0/24
89.167.181.0/24
89.167.228.0/24
Signature Algorithm: sha256WithRSAEncryption
48:e2:90:2a:6c:97:93:28:9e:c3:bd:b4:a2:d2:cc:04:68:0d:
4d:d4:14:7c:fe:47:7b:da:00:f3:0c:d9:67:e6:bf:23:4c:04:
e8:99:c1:9c:65:25:1a:f8:28:63:65:b1:35:12:e2:da:cf:17:
af:e7:19:6c:12:cf:e8:72:c2:4b:51:7b:6a:5d:9b:be:db:da:
50:e6:7f:24:4a:c0:c7:f9:be:b9:1e:26:d3:db:4b:0e:58:e5:
db:60:20:e3:13:8c:8d:8b:55:a3:88:60:9d:b2:4a:6e:19:68:
ad:ac:7a:49:3d:ca:be:cf:5f:a0:9a:83:aa:e7:eb:79:50:e4:
e8:da:d8:f9:aa:b8:f8:23:27:0e:23:b0:87:f5:b2:76:fe:f9:
88:0d:66:04:64:cd:ab:5c:d4:08:8e:38:05:d9:c6:e5:f9:6e:
9d:d5:f4:05:fa:cf:2b:65:c4:f8:16:25:cc:66:85:00:39:ba:
e4:cb:6e:dd:07:6f:35:58:a3:98:07:c6:9c:a6:4c:87:b8:89:
06:e5:36:f7:24:48:c7:6b:6a:7f:32:16:e3:04:02:77:b1:11:
4f:9b:a4:5b:3d:95:42:3a:2d:65:f5:13:a5:b9:b4:72:81:a1:
5d:65:25:1a:fe:df:e6:5c:73:92:5a:60:f7:73:e7:4c:43:6f:
fe:53:2f:c2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXo3KnT/fsJ1JHfItX6B3vcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjNlMTYwMTcyZWNjNzVjOGNhYjFiYWUyNzFiZTNlYmY0
MDdhODAwHhcNMjMwMTI1MTIxNzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTI1MjY2Y2E2NjM2ZDRhYmIzNmRiZWQ4N2E0NTBhMzZjMzY4MWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVzQ/Mx0FMdQ1WRFQ9WfUuly9B45
m5/8xjji06t/Cfytmni2rS71PcPss5CYB8MXU8gncaE0gTPl3NWGOQDYTG3Em2CI
vhPIggIo/YXnZjnmDB6O6oUdo834MKhoMsWKTKSJrJoSZpDvmjoGAtGiQgKRri8t
NrkaiHYqWS/yBXx2WiyctyQaXmuo3figo9+7+oHwuR4EBHqW1I50Sul7pjoFQauv
PAuKLZw21CiK672kSHYQqye0davE9cYomDWx3Y6dQMED2C7tDwfclXZzI9CTP9eT
51LgkvPD2CVPC0K9CR2ChjSJjn/5BX+SFBlS5moyvSbbsyZrfsh7qaZJYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAUlJmymY21Kuzbb7YekUKNsNoHgMB8GA1UdIwQY
MBaAFAXz4WAXLsx1yMqxuuJxvj6/QHqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0Nzkt
NWQ1NjA5ODljZjdiLzEvQlNVbWJLWmpiVXE3TnR2dGg2UlFvMncyZ2VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0NzktNWQ1NjA5ODljZjdi
LzEvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAU/VPAwQA
Wae1AwQAWafkMA0GCSqGSIb3DQEBCwUAA4IBAQBI4pAqbJeTKJ7DvbSi0swEaA1N
1BR8/kd72gDzDNln5r8jTATomcGcZSUa+ChjZbE1EuLazxev5xlsEs/ocsJLUXtq
XZu+29pQ5n8kSsDH+b65HibT20sOWOXbYCDjE4yNi1WjiGCdskpuGWitrHpJPcq+
z1+gmoOq5+t5UOTo2tj5qrj4IycOI7CH9bJ2/vmIDWYEZM2rXNQIjjgF2cbl+W6d
1fQF+s8rZcT4FiXMZoUAObrky27dB281WKOYB8acpkyHuIkG5Tb3JEjHa2p/Mhbj
BAJ3sRFPm6RbPZVCOi1l9ROlubRygaFdZSUa/t/mXHOSWmD3c+dMQ2/+Uy/C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:26 2024 by rpki-client on console-fra.rpki-client.org