Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/fad672-e93a-4dd5-8893-efc175029740/1/tghdLYULXmvYbFW3mAlkyowdTsM.roa
File: tghdLYULXmvYbFW3mAlkyowdTsM.roa (raw, json)
Hash identifier: Fbh9ekOj78v5kpHcV0bRX8lqa7IfquBqgUmYGVnlB5Q=
Subject key identifier: B6:08:5D:2D:85:0B:5E:6B:D8:6C:55:B7:98:09:64:CA:8C:1D:4E:C3
Certificate issuer: /CN=053f8469ec62520987896d8926c17228a7bcfb3d
Certificate serial: 018EADDC84C0D68E04F64CD28F220DF3B85B
Authority key identifier: 05:3F:84:69:EC:62:52:09:87:89:6D:89:26:C1:72:28:A7:BC:FB:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BT-EaexiUgmHiW2JJsFyKKe8-z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/fad672-e93a-4dd5-8893-efc175029740/1/tghdLYULXmvYbFW3mAlkyowdTsM.roa
Signing time: Fri 05 Apr 2024 10:44:53 +0000
ROA not before: Fri 05 Apr 2024 10:44:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197015
IP address blocks: 91.207.219.0/24 maxlen: 24
91.219.140.0/22 maxlen: 22
91.221.6.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 May 2024 21:10:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ad:dc:84:c0:d6:8e:04:f6:4c:d2:8f:22:0d:f3:b8:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=053f8469ec62520987896d8926c17228a7bcfb3d
Validity
Not Before: Apr 5 10:44:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6085d2d850b5e6bd86c55b7980964ca8c1d4ec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c2:34:62:03:d3:2f:c7:5a:22:96:a5:b4:ed:
d9:91:c9:6d:3b:f4:bb:ce:41:5e:33:24:25:ab:eb:
d5:48:75:46:45:f4:43:7f:56:d0:66:1c:67:a4:cd:
2c:c1:ad:51:e9:35:6a:81:f5:ce:0a:b6:55:95:42:
61:1c:bd:16:c6:bd:9a:86:c0:96:e5:d4:f4:41:b5:
35:21:61:82:00:11:6f:e4:bf:e6:e3:df:c7:16:9b:
bd:42:1d:05:aa:e4:af:b6:6f:77:08:af:a3:e0:a3:
8f:93:2c:bc:87:3c:35:1a:8a:a2:ad:67:4f:2a:a9:
7e:1c:dd:38:71:4d:db:82:ce:bb:c9:0e:32:76:5d:
9a:e0:7d:f0:a7:17:ae:ca:63:24:67:9b:41:ec:8a:
43:aa:bb:2f:b8:be:ab:31:de:db:5a:5f:f7:c2:d3:
40:f8:a7:e7:71:5b:04:43:cf:4e:6a:e0:45:92:08:
ca:bc:6d:ab:dc:b2:66:e3:10:52:55:6b:70:9a:23:
a2:13:da:d3:03:4c:f9:41:19:71:f5:4c:4b:f8:52:
03:22:0f:73:10:7c:e5:7a:72:a6:c2:37:93:e6:b2:
b2:76:00:6f:df:6e:54:82:f6:40:49:a5:37:a6:22:
2d:60:4d:73:89:de:79:92:25:0c:ed:84:6a:b3:c8:
60:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:08:5D:2D:85:0B:5E:6B:D8:6C:55:B7:98:09:64:CA:8C:1D:4E:C3
X509v3 Authority Key Identifier:
keyid:05:3F:84:69:EC:62:52:09:87:89:6D:89:26:C1:72:28:A7:BC:FB:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BT-EaexiUgmHiW2JJsFyKKe8-z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/fad672-e93a-4dd5-8893-efc175029740/1/tghdLYULXmvYbFW3mAlkyowdTsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/fad672-e93a-4dd5-8893-efc175029740/1/BT-EaexiUgmHiW2JJsFyKKe8-z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.219.0/24
91.219.140.0/22
91.221.6.0/23
Signature Algorithm: sha256WithRSAEncryption
20:8a:b2:c2:cd:41:45:94:5f:f3:b8:20:dc:a5:68:c4:49:3e:
e2:d5:4b:6b:db:00:af:28:21:7c:33:e8:d5:91:ae:fc:0a:59:
00:50:30:8f:b5:1d:0e:b2:e5:a4:a1:eb:55:f7:d4:21:b3:23:
61:f3:92:a0:9b:5a:4b:df:83:3b:10:7c:a2:df:c2:11:82:13:
37:5f:5b:a4:87:1d:33:67:20:63:f2:08:0b:07:6d:5b:e4:c6:
9a:03:d3:46:9e:66:a4:50:63:cd:ba:40:45:e1:d6:44:18:1e:
23:46:6a:72:46:d0:65:99:4c:d7:12:c4:a7:fc:32:76:25:02:
6f:a3:87:dd:a1:55:5f:e5:c9:36:f3:e2:5e:04:b0:3b:6f:0a:
ab:41:49:a5:49:29:6b:7c:05:b2:3d:7b:03:f5:03:db:07:76:
59:23:54:53:58:fe:f9:00:e8:e3:ee:de:cb:d0:a1:1e:53:0c:
ca:8b:93:1f:d5:49:86:63:0c:0a:86:b4:1f:f0:d7:0a:92:13:
f8:ef:d3:7f:91:4a:fa:05:0b:5b:15:3e:86:86:a1:e3:45:f2:
77:7a:40:98:a0:f2:84:46:ad:b7:43:31:c9:ac:86:c3:0c:80:
00:40:86:8e:9b:91:1e:8f:fd:70:d8:ca:25:ee:94:1c:ea:c8:
6e:12:82:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6t3ITA1o4E9kzSjyIN87hbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1M2Y4NDY5ZWM2MjUyMDk4Nzg5NmQ4OTI2YzE3MjI4YTdi
Y2ZiM2QwHhcNMjQwNDA1MTA0NDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjA4NWQyZDg1MGI1ZTZiZDg2YzU1Yjc5ODA5NjRjYThjMWQ0ZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsI0YgPTL8daIpaltO3ZkcltO/S7
zkFeMyQlq+vVSHVGRfRDf1bQZhxnpM0swa1R6TVqgfXOCrZVlUJhHL0Wxr2ahsCW
5dT0QbU1IWGCABFv5L/m49/HFpu9Qh0FquSvtm93CK+j4KOPkyy8hzw1GoqirWdP
Kql+HN04cU3bgs67yQ4ydl2a4H3wpxeuymMkZ5tB7IpDqrsvuL6rMd7bWl/3wtNA
+KfncVsEQ89OauBFkgjKvG2r3LJm4xBSVWtwmiOiE9rTA0z5QRlx9UxL+FIDIg9z
EHzlenKmwjeT5rKydgBv325UgvZASaU3piItYE1zid55kiUM7YRqs8hgAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLYIXS2FC15r2GxVt5gJZMqMHU7DMB8GA1UdIwQY
MBaAFAU/hGnsYlIJh4ltiSbBciinvPs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlQtRWFleGlVZ21IaVcySkpzRnlLS2U4LXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9mYWQ2NzItZTkzYS00ZGQ1LTg4OTMt
ZWZjMTc1MDI5NzQwLzEvdGdoZExZVUxYbXZZYkZXM21BbGt5b3dkVHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9mYWQ2NzItZTkzYS00ZGQ1LTg4OTMtZWZjMTc1MDI5NzQw
LzEvQlQtRWFleGlVZ21IaVcySkpzRnlLS2U4LXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8/bAwQC
W9uMAwQBW90GMA0GCSqGSIb3DQEBCwUAA4IBAQAgirLCzUFFlF/zuCDcpWjEST7i
1Utr2wCvKCF8M+jVka78ClkAUDCPtR0OsuWkoetV99QhsyNh85Kgm1pL34M7EHyi
38IRghM3X1ukhx0zZyBj8ggLB21b5MaaA9NGnmakUGPNukBF4dZEGB4jRmpyRtBl
mUzXEsSn/DJ2JQJvo4fdoVVf5ck28+JeBLA7bwqrQUmlSSlrfAWyPXsD9QPbB3ZZ
I1RTWP75AOjj7t7L0KEeUwzKi5Mf1UmGYwwKhrQf8NcKkhP479N/kUr6BQtbFT6G
hqHjRfJ3ekCYoPKERq23QzHJrIbDDIAAQIaOm5Eej/1w2Mol7pQc6shuEoIW
-----END CERTIFICATE-----
Generated at Thu May 2 22:23:03 2024 by rpki-client on console-fra.rpki-client.org