Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/BcJ95JuY6yvlDI04JJeY5IqfCkc.roa
File: BcJ95JuY6yvlDI04JJeY5IqfCkc.roa (raw, json)
Hash identifier: g1nUh995Z1lO2mAxu8Z92NugAdU2hrdzKeEAISsP7x8=
Subject key identifier: 05:C2:7D:E4:9B:98:EB:2B:E5:0C:8D:38:24:97:98:E4:8A:9F:0A:47
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 01921EA3426500CF8BBA735CF9F06BA9F59C
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/BcJ95JuY6yvlDI04JJeY5IqfCkc.roa
Signing time: Mon 23 Sep 2024 11:27:48 +0000
ROA not before: Mon 23 Sep 2024 11:27:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 45.141.234.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 11:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1e:a3:42:65:00:cf:8b:ba:73:5c:f9:f0:6b:a9:f5:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Sep 23 11:27:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05c27de49b98eb2be50c8d38249798e48a9f0a47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:5d:29:01:9f:d5:c6:a8:ce:9e:c2:e7:c6:a8:
ce:0a:44:75:9c:1b:e3:51:6d:34:4d:eb:d8:95:68:
39:45:62:b6:e8:02:2a:c8:c5:cd:61:06:5f:9f:32:
97:8c:7d:c0:45:a2:b6:0b:76:5d:3f:fe:9c:d1:44:
13:d7:20:6c:1e:f9:1e:15:27:c1:9c:72:b8:01:08:
2c:c8:f9:b5:cf:61:2d:a5:50:cd:e4:65:5b:e1:56:
aa:2f:9a:61:43:5c:e9:ec:bf:88:eb:3b:1f:50:d2:
7b:63:f8:c1:60:db:0b:f3:ad:98:1a:03:d2:09:f2:
1d:e7:40:90:61:88:44:32:6c:1d:e4:c1:5c:3a:a6:
27:b0:14:47:c6:a6:8f:2c:d2:8e:ac:2e:45:81:12:
ef:77:97:05:b1:a2:25:e2:4f:6d:bf:14:19:e6:54:
76:51:c7:53:0f:8a:dd:a2:ef:ab:77:2f:a1:0c:fc:
8f:3c:d6:92:a0:b2:c8:03:46:40:bb:5d:20:17:95:
80:b0:0f:bb:b7:f5:a7:8a:ff:e0:9b:52:eb:8e:87:
9c:88:e3:70:be:b4:75:fe:3a:03:59:df:c1:76:13:
90:1d:87:df:2d:0f:ea:a8:cf:3f:85:3b:7a:7c:4d:
b3:50:15:0f:fd:43:3a:24:ea:d1:04:e9:e5:19:cc:
1d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:C2:7D:E4:9B:98:EB:2B:E5:0C:8D:38:24:97:98:E4:8A:9F:0A:47
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/BcJ95JuY6yvlDI04JJeY5IqfCkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.234.0/24
91.92.42.0/24
93.152.207.0/24
Signature Algorithm: sha256WithRSAEncryption
74:ad:0d:49:3b:1f:b8:4c:9e:1f:e8:d1:ef:b3:39:9d:82:d1:
ba:37:a2:23:04:32:cf:63:6d:6e:a6:2d:67:00:2e:b0:ab:e9:
13:35:bb:74:f7:02:0d:95:66:92:89:47:fb:c4:83:7a:1a:fa:
84:8d:3e:05:1e:52:9b:d7:8d:8a:d5:c4:89:a9:66:13:8a:5c:
fb:8c:f9:d8:ba:e0:60:ae:49:e2:09:ac:47:f7:2c:d8:c4:7d:
b3:29:95:19:89:04:49:72:f5:0f:0a:44:38:a1:df:36:86:21:
38:84:a6:4b:1e:6e:de:2e:08:0b:6d:92:0b:1b:11:c5:ec:39:
68:e0:3a:b3:9a:c8:a1:bb:f4:d3:c3:a2:68:ea:78:0b:24:8e:
e9:b5:c0:bf:f6:88:a5:17:9f:bc:98:1a:6b:3c:96:29:df:d9:
fb:d9:8e:e9:d5:89:1e:14:de:c3:fe:a2:47:78:94:c0:b6:b8:
3d:81:38:61:7c:71:ff:79:e2:fa:66:3f:ce:18:c0:76:37:e0:
bd:33:fb:3e:9d:db:84:6b:e7:bb:e7:5f:9b:b0:22:6b:98:3f:
fc:93:f9:23:13:f2:6e:07:48:88:9f:6c:6b:4c:87:0b:48:e4:
24:41:94:ec:4b:a5:6d:13:ff:05:20:6e:38:2a:ed:e4:75:3d:
a9:e7:d2:32
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZIeo0JlAM+LunNc+fBrqfWcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwOTIzMTEyNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWMyN2RlNDliOThlYjJiZTUwYzhkMzgyNDk3OThlNDhhOWYwYTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6F0pAZ/VxqjOnsLnxqjOCkR1nBvj
UW00TevYlWg5RWK26AIqyMXNYQZfnzKXjH3ARaK2C3ZdP/6c0UQT1yBsHvkeFSfB
nHK4AQgsyPm1z2EtpVDN5GVb4VaqL5phQ1zp7L+I6zsfUNJ7Y/jBYNsL862YGgPS
CfId50CQYYhEMmwd5MFcOqYnsBRHxqaPLNKOrC5FgRLvd5cFsaIl4k9tvxQZ5lR2
UcdTD4rdou+rdy+hDPyPPNaSoLLIA0ZAu10gF5WAsA+7t/Wniv/gm1LrjoeciONw
vrR1/joDWd/BdhOQHYffLQ/qqM8/hTt6fE2zUBUP/UM6JOrRBOnlGcwdBQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAXCfeSbmOsr5QyNOCSXmOSKnwpHMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvQmNKOTVKdVk2eXZsREkwNEpKZVk1SXFmQ2tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALY3qAwQA
W1wqAwQAXZjPMA0GCSqGSIb3DQEBCwUAA4IBAQB0rQ1JOx+4TJ4f6NHvszmdgtG6
N6IjBDLPY21upi1nAC6wq+kTNbt09wINlWaSiUf7xIN6GvqEjT4FHlKb142K1cSJ
qWYTilz7jPnYuuBgrkniCaxH9yzYxH2zKZUZiQRJcvUPCkQ4od82hiE4hKZLHm7e
LggLbZILGxHF7Dlo4Dqzmsihu/TTw6Jo6ngLJI7ptcC/9oilF5+8mBprPJYp39n7
2Y7p1YkeFN7D/qJHeJTAtrg9gThhfHH/eeL6Zj/OGMB2N+C9M/s+nduEa+e751+b
sCJrmD/8k/kjE/JuB0iIn2xrTIcLSOQkQZTsS6VtE/8FIG44Ku3kdT2p59Iy
-----END CERTIFICATE-----
Generated at Thu Oct 3 15:30:06 2024 by rpki-client on console-ams.rpki-client.org