Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/BhAKyv-oyUBy0zHkQcW4g3AegzQ.roa
File: BhAKyv-oyUBy0zHkQcW4g3AegzQ.roa (raw, json)
Hash identifier: 19LBptBmX4/l7CSqXGlnOhqBZe/ZePDjWyVbyp/e0ZM=
Subject key identifier: 06:10:0A:CA:FF:A8:C9:40:72:D3:31:E4:41:C5:B8:83:70:1E:83:34
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 0191247C31C8A7EC6152B9148C462374C851
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/BhAKyv-oyUBy0zHkQcW4g3AegzQ.roa
Signing time: Mon 05 Aug 2024 21:40:04 +0000
ROA not before: Mon 05 Aug 2024 21:40:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.95.226.0/24 maxlen: 24
45.149.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Aug 2024 14:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:24:7c:31:c8:a7:ec:61:52:b9:14:8c:46:23:74:c8:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Aug 5 21:40:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06100acaffa8c94072d331e441c5b883701e8334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:04:6a:87:83:5e:ce:50:95:af:64:76:07:44:
d5:76:88:f2:16:79:46:db:ba:75:7a:d2:f7:24:c9:
62:c9:8f:44:05:bf:82:80:0f:5c:80:ff:02:96:80:
1f:1c:80:53:38:54:b3:e9:ea:5d:0c:be:68:06:0c:
5d:de:8e:8d:59:28:6b:00:89:ea:00:73:c5:a1:9d:
85:7a:f3:74:40:e2:1d:96:29:21:5d:1f:f7:63:00:
34:be:ef:e9:c0:7b:d7:b5:e1:21:e3:ab:f1:e7:1c:
82:ca:88:89:5d:da:f6:4c:0d:ae:5a:7f:af:b4:9c:
45:2d:27:89:ee:de:13:30:39:3e:f9:80:d7:e4:d9:
7f:f4:fe:0a:78:eb:a8:20:36:6c:e1:cf:f1:80:d1:
ec:3c:9d:6c:81:58:02:64:76:9b:d7:ba:77:6b:b3:
f2:49:85:ad:65:48:54:06:b0:d2:7c:59:ae:27:c8:
d7:5f:4e:3b:13:f1:8c:c9:1a:00:e4:d5:ed:5d:17:
91:1c:3f:21:97:b5:2b:63:bb:cb:03:ac:0d:38:ec:
30:ce:ba:72:b1:e6:a6:ac:90:e1:b6:91:a5:dc:86:
e6:0b:ea:0e:37:09:e1:23:a2:96:ea:22:85:94:86:
52:3e:8a:e7:22:3f:55:84:bd:55:25:73:2d:13:f7:
96:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:10:0A:CA:FF:A8:C9:40:72:D3:31:E4:41:C5:B8:83:70:1E:83:34
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/BhAKyv-oyUBy0zHkQcW4g3AegzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.226.0/24
45.149.5.0/24
Signature Algorithm: sha256WithRSAEncryption
16:1e:17:19:be:80:ad:be:af:63:2c:fb:02:b5:2b:d7:3b:7a:
91:b8:23:e9:47:af:b9:7d:f4:e1:9d:08:02:75:8e:00:f1:93:
7f:44:ce:b4:75:d5:45:53:a7:6b:8c:aa:f9:7f:e3:8e:e5:e0:
f0:4c:4f:cc:ee:17:86:8c:fb:18:5f:20:32:84:20:21:ad:37:
76:df:38:8c:f8:a9:66:b1:e9:9f:52:18:5c:d0:6a:e2:c0:5c:
4d:d2:4e:3e:cc:e8:7a:30:a6:08:b8:0f:95:19:2f:02:1e:bf:
66:19:25:6f:bb:10:69:b2:d3:6c:7f:5b:12:a7:94:c1:c4:a5:
1a:a9:2c:64:12:46:5d:51:fc:cb:e8:cc:a0:16:f6:89:0f:d9:
e0:4f:27:54:b9:1f:c8:84:23:6c:6d:ba:dd:3f:da:dd:e9:09:
ec:67:3b:a6:ae:7b:43:18:40:45:89:bd:91:17:16:d2:11:73:
bd:e6:29:da:2e:22:5a:1c:28:e5:2d:fa:31:11:a6:59:06:ee:
d6:7d:0a:8f:0e:2d:74:c8:65:e2:8b:a5:06:71:a6:ed:86:68:
92:ed:d5:7a:a2:92:b2:6c:ac:79:3b:a7:cd:62:c5:5b:39:b1:
68:9c:25:ce:ea:fa:42:42:01:e8:66:13:0b:6c:4b:75:72:7b:
1f:6d:3d:e1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZEkfDHIp+xhUrkUjEYjdMhRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjQwODA1MjE0MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjEwMGFjYWZmYThjOTQwNzJkMzMxZTQ0MWM1Yjg4MzcwMWU4MzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwRqh4NezlCVr2R2B0TVdojyFnlG
27p1etL3JMliyY9EBb+CgA9cgP8CloAfHIBTOFSz6epdDL5oBgxd3o6NWShrAInq
AHPFoZ2FevN0QOIdlikhXR/3YwA0vu/pwHvXteEh46vx5xyCyoiJXdr2TA2uWn+v
tJxFLSeJ7t4TMDk++YDX5Nl/9P4KeOuoIDZs4c/xgNHsPJ1sgVgCZHab17p3a7Py
SYWtZUhUBrDSfFmuJ8jXX047E/GMyRoA5NXtXReRHD8hl7UrY7vLA6wNOOwwzrpy
seamrJDhtpGl3IbmC+oONwnhI6KW6iKFlIZSPornIj9VhL1VJXMtE/eWmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAYQCsr/qMlActMx5EHFuINwHoM0MB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvQmhBS3l2LW95VUJ5MHpIa1FjVzRnM0FlZ3pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALV/iAwQA
LZUFMA0GCSqGSIb3DQEBCwUAA4IBAQAWHhcZvoCtvq9jLPsCtSvXO3qRuCPpR6+5
ffThnQgCdY4A8ZN/RM60ddVFU6drjKr5f+OO5eDwTE/M7heGjPsYXyAyhCAhrTd2
3ziM+KlmsemfUhhc0GriwFxN0k4+zOh6MKYIuA+VGS8CHr9mGSVvuxBpstNsf1sS
p5TBxKUaqSxkEkZdUfzL6MygFvaJD9ngTydUuR/IhCNsbbrdP9rd6QnsZzumrntD
GEBFib2RFxbSEXO95inaLiJaHCjlLfoxEaZZBu7WfQqPDi10yGXii6UGcabthmiS
7dV6opKybKx5O6fNYsVbObFonCXO6vpCQgHoZhMLbEt1cnsfbT3h
-----END CERTIFICATE-----
Generated at Thu Aug 8 17:11:15 2024 by rpki-client on console-fra.rpki-client.org