Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/ece5c7-2143-4db4-9857-052cf01d2048/1/biD68GzpmRQvSDB6URmS3KDjIKs.roa
File: biD68GzpmRQvSDB6URmS3KDjIKs.roa (raw, json)
Hash identifier: zwP0ssoIo+JoOP6v78VKowdNr2iTxzZUiT9+/32t2X4=
Subject key identifier: 6E:20:FA:F0:6C:E9:99:14:2F:48:30:7A:51:19:92:DC:A0:E3:20:AB
Certificate issuer: /CN=bfce55d15eb119e52d6fafcd3973e2f6d4f223f2
Certificate serial: 018CC801215923E1A471AD882FAF9FF3E963
Authority key identifier: BF:CE:55:D1:5E:B1:19:E5:2D:6F:AF:CD:39:73:E2:F6:D4:F2:23:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v85V0V6xGeUtb6_NOXPi9tTyI_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/ece5c7-2143-4db4-9857-052cf01d2048/1/biD68GzpmRQvSDB6URmS3KDjIKs.roa
Signing time: Tue 02 Jan 2024 02:29:26 +0000
ROA not before: Tue 02 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200031
IP address blocks: 91.195.57.0/24 maxlen: 24
91.195.56.0/23 maxlen: 23
91.195.56.0/24 maxlen: 24
45.159.165.0/24 maxlen: 24
45.159.164.0/23 maxlen: 23
45.159.164.0/22 maxlen: 22
45.159.164.0/24 maxlen: 24
45.159.166.0/24 maxlen: 24
45.159.167.0/24 maxlen: 24
45.159.166.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:21:59:23:e1:a4:71:ad:88:2f:af:9f:f3:e9:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfce55d15eb119e52d6fafcd3973e2f6d4f223f2
Validity
Not Before: Jan 2 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e20faf06ce999142f48307a511992dca0e320ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:36:a2:60:fc:e5:4f:d6:66:bb:30:3a:bf:85:
c8:99:f0:a5:05:e0:73:ce:6c:08:5d:c2:cb:b1:2c:
84:66:88:e6:60:aa:60:69:48:ca:2a:f7:57:cb:17:
16:5c:1a:30:bb:ae:58:ff:4a:4c:fb:f5:0d:38:d6:
f3:e7:8f:87:60:d3:41:7f:24:96:dc:55:a8:2d:b8:
bf:31:e4:b7:b8:77:90:26:e5:76:db:9c:f5:70:28:
32:86:5f:8d:54:4e:09:f5:de:fa:fc:7f:bf:9f:5b:
8d:19:93:12:83:12:67:71:d8:8f:f3:17:7a:85:e6:
e2:a7:e7:69:f7:2f:b4:d3:ea:8e:5c:9c:a9:1e:90:
17:cb:a5:0e:5e:4a:8c:4e:f6:96:c3:4c:3a:c9:15:
87:23:6d:61:8a:94:c0:8e:5d:83:55:be:f7:4b:9d:
6f:1a:9a:3d:a8:af:7a:f5:31:06:2d:4d:89:74:d7:
8b:61:5c:f3:ce:08:f9:20:46:43:69:25:91:f0:cc:
53:90:a7:ec:28:1b:5d:f2:69:2c:8d:c7:ad:c8:9e:
1d:86:df:ff:84:d6:33:d1:69:cc:b5:4a:13:e1:12:
c9:b0:7a:b5:05:82:9d:5a:23:82:13:7f:1e:87:06:
4a:ea:ac:e7:cf:77:2d:f5:73:48:64:f4:7c:3e:84:
a2:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:20:FA:F0:6C:E9:99:14:2F:48:30:7A:51:19:92:DC:A0:E3:20:AB
X509v3 Authority Key Identifier:
keyid:BF:CE:55:D1:5E:B1:19:E5:2D:6F:AF:CD:39:73:E2:F6:D4:F2:23:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v85V0V6xGeUtb6_NOXPi9tTyI_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/ece5c7-2143-4db4-9857-052cf01d2048/1/biD68GzpmRQvSDB6URmS3KDjIKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/ece5c7-2143-4db4-9857-052cf01d2048/1/v85V0V6xGeUtb6_NOXPi9tTyI_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.164.0/22
91.195.56.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:ab:bf:a5:25:d6:59:36:e0:0e:32:ef:90:ab:09:cf:8d:f9:
f5:0b:5e:6e:1b:2d:32:6e:8e:e0:d6:29:24:7a:72:a9:a6:b5:
45:c8:cd:16:88:cf:d5:41:96:73:a6:8f:58:8c:30:9d:ac:5a:
fc:d1:7a:2a:a1:53:f3:c2:99:b9:2f:fd:d5:ce:0d:6e:42:f2:
90:d7:ff:30:77:7a:dd:b7:08:5e:47:30:28:57:db:e6:13:8b:
95:3f:65:a3:89:94:d8:88:ff:6d:39:3f:7e:53:88:df:37:d0:
38:bb:6a:21:17:a0:e2:30:85:5c:49:16:3f:ae:bd:bc:b5:c1:
8d:d7:4c:c3:47:a9:97:0c:f9:41:cf:43:e6:f3:e4:85:df:7a:
11:d4:bf:b4:ae:aa:e3:6e:cd:0d:5a:11:de:b8:bc:c3:a0:f5:
79:81:ed:ce:2d:a4:bc:a6:54:9d:21:1d:7a:ce:77:37:b6:ed:
99:ca:52:38:4c:8e:36:0d:a9:58:6c:cb:4d:6c:bf:59:b0:39:
31:bd:7a:87:59:f6:5e:1c:e9:b4:d0:f5:aa:8d:8b:ac:43:95:
c6:8b:45:7b:66:cb:77:18:f0:d3:5f:89:49:fd:f8:67:1d:83:
2a:50:59:51:34:04:88:0b:f7:1e:88:42:29:70:6a:b5:68:6e:
51:20:a1:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIASFZI+Gkca2IL6+f8+ljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmY2U1NWQxNWViMTE5ZTUyZDZmYWZjZDM5NzNlMmY2ZDRm
MjIzZjIwHhcNMjQwMTAyMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTIwZmFmMDZjZTk5OTE0MmY0ODMwN2E1MTE5OTJkY2EwZTMyMGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTaiYPzlT9ZmuzA6v4XImfClBeBz
zmwIXcLLsSyEZojmYKpgaUjKKvdXyxcWXBowu65Y/0pM+/UNONbz54+HYNNBfySW
3FWoLbi/MeS3uHeQJuV225z1cCgyhl+NVE4J9d76/H+/n1uNGZMSgxJncdiP8xd6
hebip+dp9y+00+qOXJypHpAXy6UOXkqMTvaWw0w6yRWHI21hipTAjl2DVb73S51v
Gpo9qK969TEGLU2JdNeLYVzzzgj5IEZDaSWR8MxTkKfsKBtd8mksjcetyJ4dht//
hNYz0WnMtUoT4RLJsHq1BYKdWiOCE38ehwZK6qznz3ct9XNIZPR8PoSiAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG4g+vBs6ZkUL0gwelEZktyg4yCrMB8GA1UdIwQY
MBaAFL/OVdFesRnlLW+vzTlz4vbU8iPyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjg1VjBWNnhHZVV0YjZfTk9YUGk5dFR5SV9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9lY2U1YzctMjE0My00ZGI0LTk4NTct
MDUyY2YwMWQyMDQ4LzEvYmlENjhHenBtUlF2U0RCNlVSbVMzS0RqSUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9lY2U1YzctMjE0My00ZGI0LTk4NTctMDUyY2YwMWQyMDQ4
LzEvdjg1VjBWNnhHZVV0YjZfTk9YUGk5dFR5SV9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZ+kAwQB
W8M4MA0GCSqGSIb3DQEBCwUAA4IBAQAcq7+lJdZZNuAOMu+QqwnPjfn1C15uGy0y
bo7g1ikkenKpprVFyM0WiM/VQZZzpo9YjDCdrFr80XoqoVPzwpm5L/3Vzg1uQvKQ
1/8wd3rdtwheRzAoV9vmE4uVP2WjiZTYiP9tOT9+U4jfN9A4u2ohF6DiMIVcSRY/
rr28tcGN10zDR6mXDPlBz0Pm8+SF33oR1L+0rqrjbs0NWhHeuLzDoPV5ge3OLaS8
plSdIR16znc3tu2ZylI4TI42DalYbMtNbL9ZsDkxvXqHWfZeHOm00PWqjYusQ5XG
i0V7Zst3GPDTX4lJ/fhnHYMqUFlRNASIC/ceiEIpcGq1aG5RIKHT
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:12:40 2025 by rpki-client