Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BHLn9C2wCi-ZpG8_6rHdc5syqNA.roa
File: BHLn9C2wCi-ZpG8_6rHdc5syqNA.roa (raw, json)
Hash identifier: +Km8kruVCZDpJQo7eK3HX6Rp9Hy2qMLNuu1C6cmNxmc=
Subject key identifier: 04:72:E7:F4:2D:B0:0A:2F:99:A4:6F:3F:EA:B1:DD:73:9B:32:A8:D0
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01928AE74265ADC71405833ED6E00A75486C
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BHLn9C2wCi-ZpG8_6rHdc5syqNA.roa
Signing time: Mon 14 Oct 2024 12:01:04 +0000
ROA not before: Mon 14 Oct 2024 12:01:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.90.19.0/24 maxlen: 24
185.36.204.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.246.115.0/24 maxlen: 24
193.8.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Oct 2024 09:46:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:e7:42:65:ad:c7:14:05:83:3e:d6:e0:0a:75:48:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 14 12:01:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0472e7f42db00a2f99a46f3feab1dd739b32a8d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:67:84:31:8b:dd:53:29:ad:3b:c5:6d:0e:64:
ca:dd:88:af:24:fc:af:49:b3:89:7e:48:07:57:64:
23:aa:d8:ab:47:29:fd:e7:b6:08:7c:7b:41:89:ec:
e9:22:b2:6c:14:ad:c2:5d:02:f1:f1:e1:73:c8:ff:
59:64:dd:50:cb:11:22:5a:40:31:36:cc:0d:39:2c:
6d:dc:0e:05:e3:74:b0:4e:d8:3b:85:ac:47:cd:32:
ed:bc:bd:e0:f1:81:aa:48:53:9a:84:da:ab:58:a0:
5c:72:c3:a8:79:4e:0c:03:60:18:78:b4:ba:e2:50:
2f:87:d9:67:ab:93:b2:f5:90:f5:27:28:bf:27:1f:
9b:3c:37:83:d9:8d:fa:63:17:ce:20:4a:f5:6e:ab:
9a:4b:39:65:7f:fd:6b:7d:2f:cb:2d:49:e8:7b:fc:
a8:5f:5c:0e:77:b4:e0:a9:0c:25:6d:dc:d2:a8:af:
3e:a2:c1:d8:a9:79:57:71:74:6f:29:b8:f4:6c:3b:
cf:df:2c:94:54:53:24:2e:2d:bd:c6:63:e5:74:ba:
d4:16:8e:8d:10:1f:4d:8e:ab:f6:6c:87:ce:26:71:
69:b7:bd:50:de:07:c8:00:8d:2e:38:6b:59:03:8b:
68:d9:fa:b1:3b:a4:fe:6e:a1:56:bd:d8:f9:d2:a6:
2d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:72:E7:F4:2D:B0:0A:2F:99:A4:6F:3F:EA:B1:DD:73:9B:32:A8:D0
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BHLn9C2wCi-ZpG8_6rHdc5syqNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.19.0/24
185.36.204.0/24
185.206.248.0/24
185.240.120.0/23
185.246.115.0/24
193.8.112.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:d2:72:b4:41:ad:9b:52:10:d1:1b:31:19:01:a3:36:a4:c3:
95:8f:84:35:eb:d3:e6:3f:fd:94:c2:dc:b0:e9:31:60:7b:98:
db:cf:9a:b6:2b:36:d1:e1:29:27:04:b5:0d:d8:54:fd:96:e7:
ed:84:4f:2a:73:ff:8f:d1:b6:0c:7d:8e:c6:86:e7:88:48:b7:
12:7c:79:09:49:52:01:d0:c8:b7:4a:0a:b7:14:cf:4f:72:d0:
39:f9:a8:80:fe:52:04:d6:14:ce:eb:f8:f8:e5:ba:d9:43:5b:
7a:36:39:62:94:66:f7:e8:58:63:da:ca:79:65:0a:c3:00:6f:
c4:8e:9c:9d:35:c3:b8:9f:57:0e:fa:40:22:2e:9b:e5:13:1a:
fe:29:91:61:36:15:61:67:2f:0c:e7:8b:54:d8:bd:c3:e2:07:
0b:3b:a7:af:c8:12:bf:e1:ab:be:bd:76:9b:f4:fe:fb:2b:75:
3f:db:da:14:66:d6:07:a2:cc:8a:95:b0:de:2d:c5:3d:ce:b1:
81:04:f8:c1:a0:5a:59:6e:c7:fb:c9:80:f8:56:ec:f4:63:0e:
fd:5c:3f:e2:0c:68:2f:ea:e6:fd:08:ff:85:da:70:fd:0e:4d:
a0:1c:c2:af:d9:2d:ac:f7:ad:ab:32:27:bc:f3:80:a9:ca:17:
71:88:1d:bc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZKK50JlrccUBYM+1uAKdUhsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMDE0MTIwMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDcyZTdmNDJkYjAwYTJmOTlhNDZmM2ZlYWIxZGQ3MzliMzJhOGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGeEMYvdUymtO8VtDmTK3YivJPyv
SbOJfkgHV2QjqtirRyn957YIfHtBiezpIrJsFK3CXQLx8eFzyP9ZZN1QyxEiWkAx
NswNOSxt3A4F43SwTtg7haxHzTLtvL3g8YGqSFOahNqrWKBccsOoeU4MA2AYeLS6
4lAvh9lnq5Oy9ZD1Jyi/Jx+bPDeD2Y36YxfOIEr1bquaSzllf/1rfS/LLUnoe/yo
X1wOd7TgqQwlbdzSqK8+osHYqXlXcXRvKbj0bDvP3yyUVFMkLi29xmPldLrUFo6N
EB9Njqv2bIfOJnFpt71Q3gfIAI0uOGtZA4to2fqxO6T+bqFWvdj50qYtJQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFARy5/QtsAovmaRvP+qx3XObMqjQMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQkhMbjlDMndDaS1acEc4XzZySGRjNXN5cU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVoTAwQA
uSTMAwQAuc74AwQBufB4AwQAufZzAwQAwQhwMA0GCSqGSIb3DQEBCwUAA4IBAQCM
0nK0Qa2bUhDRGzEZAaM2pMOVj4Q169PmP/2Uwtyw6TFge5jbz5q2KzbR4SknBLUN
2FT9lufthE8qc/+P0bYMfY7GhueISLcSfHkJSVIB0Mi3Sgq3FM9PctA5+aiA/lIE
1hTO6/j45brZQ1t6NjlilGb36Fhj2sp5ZQrDAG/EjpydNcO4n1cO+kAiLpvlExr+
KZFhNhVhZy8M54tU2L3D4gcLO6evyBK/4au+vXab9P77K3U/29oUZtYHosyKlbDe
LcU9zrGBBPjBoFpZbsf7yYD4Vuz0Yw79XD/iDGgv6ub9CP+F2nD9Dk2gHMKv2S2s
962rMie884CpyhdxiB28
-----END CERTIFICATE-----
Generated at Thu Oct 17 13:39:02 2024 by rpki-client on console-ams.rpki-client.org