Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/Bb5wrdQPsBABvZpII-bwmImjMfg.roa
File: Bb5wrdQPsBABvZpII-bwmImjMfg.roa (raw, json)
Hash identifier: W8TuLjzmuNREgiZJ0iF7kVNEqVNpShnpoE1awXSRGus=
Subject key identifier: 05:BE:70:AD:D4:0F:B0:10:01:BD:9A:48:23:E6:F0:98:89:A3:31:F8
Certificate issuer: /CN=54f2b9a759357682ac419b5c0211cc0e420252ba
Certificate serial: 018CC2DB56AAB8D8CDBD5D9CE3932283E45D
Authority key identifier: 54:F2:B9:A7:59:35:76:82:AC:41:9B:5C:02:11:CC:0E:42:02:52:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/Bb5wrdQPsBABvZpII-bwmImjMfg.roa
Signing time: Mon 01 Jan 2024 02:30:03 +0000
ROA not before: Mon 01 Jan 2024 02:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21034
IP address blocks: 212.43.96.0/19 maxlen: 20
185.179.103.0/24 maxlen: 24
185.2.146.0/23 maxlen: 23
212.43.112.0/20 maxlen: 20
2a00:1be0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 09 Feb 2024 09:51:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:56:aa:b8:d8:cd:bd:5d:9c:e3:93:22:83:e4:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54f2b9a759357682ac419b5c0211cc0e420252ba
Validity
Not Before: Jan 1 02:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05be70add40fb01001bd9a4823e6f09889a331f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f6:d0:04:b6:a7:0b:48:95:74:b5:4a:55:8b:
5b:22:2a:b9:22:39:8e:9e:40:79:1d:f7:95:10:20:
d6:11:21:6a:2b:c5:f3:fe:89:23:78:58:cf:ab:0d:
24:7c:25:43:12:e4:c6:08:0b:e1:7b:f6:1f:0b:55:
3c:dc:ec:8c:71:14:c6:80:9a:06:f2:30:b4:c4:11:
25:37:13:ec:c7:1d:78:3a:57:bd:67:e6:dc:34:fa:
f2:2c:e0:5b:4d:a2:78:3c:62:a2:db:00:fc:e0:9c:
14:f7:a6:04:5c:c2:98:ed:f7:9f:44:fb:e1:3c:fc:
1f:90:e9:08:95:32:10:15:02:4c:10:e8:cc:61:3a:
6e:65:8c:3b:75:cf:29:86:60:ca:43:8a:99:9f:06:
f2:e0:31:66:12:c7:61:d2:39:4a:4a:d0:94:42:5d:
a2:b4:73:09:42:dd:33:93:41:7d:6e:38:4e:38:b7:
8d:e8:92:9a:09:ec:a1:3e:07:bf:0c:3c:56:ec:f8:
64:33:8f:5f:0a:ca:d3:5a:0f:05:f3:e0:4a:8c:d4:
5b:4d:8d:54:8a:98:40:5e:e3:88:6e:16:4d:a8:18:
15:3f:4d:65:79:c5:77:94:b0:13:28:8b:33:59:7e:
8d:72:f3:58:a6:9b:b4:4d:88:7a:70:25:db:d1:2a:
3f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:BE:70:AD:D4:0F:B0:10:01:BD:9A:48:23:E6:F0:98:89:A3:31:F8
X509v3 Authority Key Identifier:
keyid:54:F2:B9:A7:59:35:76:82:AC:41:9B:5C:02:11:CC:0E:42:02:52:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/Bb5wrdQPsBABvZpII-bwmImjMfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/VPK5p1k1doKsQZtcAhHMDkICUro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.146.0/23
185.179.103.0/24
212.43.96.0/19
IPv6:
2a00:1be0::/32
Signature Algorithm: sha256WithRSAEncryption
29:32:0b:2f:82:2c:40:65:f3:be:b6:65:d4:4b:5f:68:de:ff:
13:ad:5f:3f:bd:2b:87:1e:a2:10:29:20:f4:36:a8:df:1b:90:
60:e4:0b:b6:57:93:92:58:00:71:e2:a7:fc:25:f2:e8:fa:13:
c4:7c:4e:1a:92:b3:4c:76:e2:73:17:af:dd:f9:35:52:76:dd:
89:b2:9f:28:7b:68:29:a6:61:b2:18:c8:f0:b9:8b:7b:e1:85:
78:97:3a:6a:aa:ab:32:51:f7:7d:ed:a2:df:a8:24:4d:df:40:
87:7c:c5:1d:22:53:ba:cd:58:c2:2c:13:b9:9e:2c:dd:33:e3:
de:e6:8c:fc:d3:ee:c2:e8:9a:07:31:7b:13:fb:ba:65:26:74:
50:21:10:c2:55:aa:83:d4:4b:4b:35:c5:da:0a:00:3b:60:66:
ac:40:58:57:3a:0b:5f:49:23:60:38:e9:ac:20:b9:70:95:50:
4b:e9:ef:0f:9d:a7:29:4f:09:a0:c7:6c:cf:b6:51:e2:a8:9d:
fa:2a:b7:d3:6d:4e:05:60:e7:96:76:92:4e:35:ee:e5:89:59:
b4:c8:28:20:ae:ad:b1:f3:ff:af:62:3d:f5:d7:b6:f2:0c:ec:
e3:52:8b:c9:f5:60:23:5b:aa:27:fb:fc:9c:f3:e1:30:3d:03:
af:71:d7:e0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzC21aquNjNvV2c45Mig+RdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ZjJiOWE3NTkzNTc2ODJhYzQxOWI1YzAyMTFjYzBlNDIw
MjUyYmEwHhcNMjQwMTAxMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWJlNzBhZGQ0MGZiMDEwMDFiZDlhNDgyM2U2ZjA5ODg5YTMzMWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfbQBLanC0iVdLVKVYtbIiq5IjmO
nkB5HfeVECDWESFqK8Xz/okjeFjPqw0kfCVDEuTGCAvhe/YfC1U83OyMcRTGgJoG
8jC0xBElNxPsxx14Ole9Z+bcNPryLOBbTaJ4PGKi2wD84JwU96YEXMKY7fefRPvh
PPwfkOkIlTIQFQJMEOjMYTpuZYw7dc8phmDKQ4qZnwby4DFmEsdh0jlKStCUQl2i
tHMJQt0zk0F9bjhOOLeN6JKaCeyhPge/DDxW7PhkM49fCsrTWg8F8+BKjNRbTY1U
iphAXuOIbhZNqBgVP01lecV3lLATKIszWX6NcvNYppu0TYh6cCXb0So/dQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAW+cK3UD7AQAb2aSCPm8JiJozH4MB8GA1UdIwQY
MBaAFFTyuadZNXaCrEGbXAIRzA5CAlK6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlBLNXAxazFkb0tzUVp0Y0FoSE1Ea0lDVXJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wNzQ4OWEtODA1ZS00MzM5LWI0M2Et
NTM5ZGE2OTc3NGM4LzEvQmI1d3JkUVBzQkFCdlpwSUktYndtSW1qTWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wNzQ4OWEtODA1ZS00MzM5LWI0M2EtNTM5ZGE2OTc3NGM4
LzEvVlBLNXAxazFkb0tzUVp0Y0FoSE1Ea0lDVXJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBuQKSAwQA
ubNnAwQF1CtgMA0EAgACMAcDBQAqABvgMA0GCSqGSIb3DQEBCwUAA4IBAQApMgsv
gixAZfO+tmXUS19o3v8TrV8/vSuHHqIQKSD0NqjfG5Bg5Au2V5OSWABx4qf8JfLo
+hPEfE4akrNMduJzF6/d+TVSdt2Jsp8oe2gppmGyGMjwuYt74YV4lzpqqqsyUfd9
7aLfqCRN30CHfMUdIlO6zVjCLBO5nizdM+Pe5oz80+7C6JoHMXsT+7plJnRQIRDC
VaqD1EtLNcXaCgA7YGasQFhXOgtfSSNgOOmsILlwlVBL6e8PnacpTwmgx2zPtlHi
qJ36KrfTbU4FYOeWdpJONe7liVm0yCggrq2x8/+vYj3117byDOzjUovJ9WAjW6on
+/yc8+EwPQOvcdfg
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:58:58 2024 by rpki-client on console.sobornost.net