Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/439efe-f130-4931-931c-c8d5c04e3d43/1/bHq6eHL0QEtS8ffnpXVUgKx0S-s.roa
File: bHq6eHL0QEtS8ffnpXVUgKx0S-s.roa (raw, json)
Hash identifier: prW/lVL61x4PUeatWAxPV8dZiPGfSR7Tw2i9RPTP42U=
Subject key identifier: 6C:7A:BA:78:72:F4:40:4B:52:F1:F7:E7:A5:75:54:80:AC:74:4B:EB
Certificate issuer: /CN=cc4491558cd24875db524273410502fdae3a6782
Certificate serial: 01856FCBBAF635A4EFE3FD5508164FD843A2
Authority key identifier: CC:44:91:55:8C:D2:48:75:DB:52:42:73:41:05:02:FD:AE:3A:67:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zESRVYzSSHXbUkJzQQUC_a46Z4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/439efe-f130-4931-931c-c8d5c04e3d43/1/bHq6eHL0QEtS8ffnpXVUgKx0S-s.roa
Signing time: Mon 02 Jan 2023 00:05:00 +0000
ROA not before: Mon 02 Jan 2023 00:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47949
IP address blocks: 185.7.45.0/24 maxlen: 24
92.43.24.0/21 maxlen: 21
2a02:29c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:ba:f6:35:a4:ef:e3:fd:55:08:16:4f:d8:43:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc4491558cd24875db524273410502fdae3a6782
Validity
Not Before: Jan 2 00:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c7aba7872f4404b52f1f7e7a5755480ac744beb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:94:e4:f6:dd:ac:92:80:11:24:ba:15:7d:3a:
eb:be:7f:1d:4b:1c:76:8a:c2:cd:84:33:aa:70:8b:
8c:4b:99:f5:b8:c5:08:47:c7:b4:d2:d8:1d:6b:4f:
6e:85:94:c3:8c:63:a1:f5:6d:af:0e:bc:5c:46:9b:
7f:58:51:77:3c:8f:a8:22:18:af:fb:2a:bd:6e:4a:
0f:33:d5:7e:cb:53:fe:c0:a8:d4:d1:1b:cb:9c:bd:
a0:b8:91:a8:ae:cc:56:61:71:3e:70:6a:a4:25:18:
04:48:61:27:1a:30:1a:fd:b2:fa:21:f6:3e:cd:c5:
ac:57:fe:a2:a0:73:e2:f4:4c:08:16:48:44:d9:c9:
05:92:f0:4c:4d:96:8b:85:b2:09:de:40:19:b8:14:
e1:0e:06:39:90:36:26:a4:9e:ba:e0:33:18:2b:51:
77:15:e0:c9:db:39:b7:9b:61:43:78:41:95:34:f2:
52:c2:07:a2:89:f4:ee:4b:5a:19:d9:85:fe:b1:49:
7a:2b:8e:96:f5:f5:d1:b9:1d:95:cc:29:39:50:8a:
a5:78:31:6a:45:6e:d5:a8:d8:22:26:a8:67:27:39:
d2:65:af:3a:7e:59:da:29:b2:b6:27:6c:e7:48:cf:
d7:7e:8b:7d:f4:e0:52:b6:97:d9:e6:22:b6:44:3e:
ff:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:7A:BA:78:72:F4:40:4B:52:F1:F7:E7:A5:75:54:80:AC:74:4B:EB
X509v3 Authority Key Identifier:
keyid:CC:44:91:55:8C:D2:48:75:DB:52:42:73:41:05:02:FD:AE:3A:67:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zESRVYzSSHXbUkJzQQUC_a46Z4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/439efe-f130-4931-931c-c8d5c04e3d43/1/bHq6eHL0QEtS8ffnpXVUgKx0S-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/439efe-f130-4931-931c-c8d5c04e3d43/1/zESRVYzSSHXbUkJzQQUC_a46Z4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.43.24.0/21
185.7.45.0/24
IPv6:
2a02:29c0::/32
Signature Algorithm: sha256WithRSAEncryption
69:67:3b:94:b3:da:22:2d:6d:3d:a9:72:2c:45:42:ce:f3:ec:
97:b1:ff:66:30:53:5e:24:f6:b4:a0:10:06:ac:39:d1:58:ed:
f1:08:b5:69:b5:3b:ea:5f:bc:bc:af:97:8d:ad:6f:2d:66:d7:
03:3e:8b:c4:52:a9:ad:ba:2a:c7:ec:82:0a:9b:c9:f9:61:81:
00:1b:a0:c1:bc:a3:6b:3a:8b:48:be:5c:c3:49:ce:e1:b7:0d:
51:4e:d0:47:fb:5e:5b:cf:f7:85:30:86:8f:e7:0d:16:5d:7c:
75:54:bb:64:85:97:25:14:f6:96:b6:ef:34:72:2d:51:a7:76:
80:11:ff:dd:f7:2b:29:bb:df:58:a7:19:2b:0e:81:0b:0b:f6:
50:87:ea:ea:5e:a7:f1:9c:94:74:cb:6e:15:fa:1d:f0:3d:9b:
a5:7a:73:3c:57:6a:e0:f1:46:db:9e:bf:d2:2c:9d:86:ab:2c:
db:77:5d:b8:fa:d1:5e:d1:4d:dc:c1:15:06:c2:94:8f:46:de:
9c:c1:3d:a2:c5:37:a4:20:ae:17:00:69:e7:be:05:fd:dd:79:
61:0b:96:39:02:27:90:b5:51:a8:f7:0f:17:71:65:f2:34:da:
3e:29:57:c2:bb:55:b4:db:42:53:1c:ed:d1:13:ae:b8:4b:09:
7c:bd:fa:b4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvy7r2NaTv4/1VCBZP2EOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNDQ5MTU1OGNkMjQ4NzVkYjUyNDI3MzQxMDUwMmZkYWUz
YTY3ODIwHhcNMjMwMTAyMDAwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzdhYmE3ODcyZjQ0MDRiNTJmMWY3ZTdhNTc1NTQ4MGFjNzQ0YmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZTk9t2skoARJLoVfTrrvn8dSxx2
isLNhDOqcIuMS5n1uMUIR8e00tgda09uhZTDjGOh9W2vDrxcRpt/WFF3PI+oIhiv
+yq9bkoPM9V+y1P+wKjU0RvLnL2guJGorsxWYXE+cGqkJRgESGEnGjAa/bL6IfY+
zcWsV/6ioHPi9EwIFkhE2ckFkvBMTZaLhbIJ3kAZuBThDgY5kDYmpJ664DMYK1F3
FeDJ2zm3m2FDeEGVNPJSwgeiifTuS1oZ2YX+sUl6K46W9fXRuR2VzCk5UIqleDFq
RW7VqNgiJqhnJznSZa86flnaKbK2J2znSM/Xfot99OBStpfZ5iK2RD7/qQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGx6unhy9EBLUvH356V1VICsdEvrMB8GA1UdIwQY
MBaAFMxEkVWM0kh121JCc0EFAv2uOmeCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekVTUlZZelNTSFhiVWtKelFRVUNfYTQ2WjRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC80MzllZmUtZjEzMC00OTMxLTkzMWMt
YzhkNWMwNGUzZDQzLzEvYkhxNmVITDBRRXRTOGZmbnBYVlVnS3gwUy1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC80MzllZmUtZjEzMC00OTMxLTkzMWMtYzhkNWMwNGUzZDQz
LzEvekVTUlZZelNTSFhiVWtKelFRVUNfYTQ2WjRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXCsYAwQA
uQctMA0EAgACMAcDBQAqAinAMA0GCSqGSIb3DQEBCwUAA4IBAQBpZzuUs9oiLW09
qXIsRULO8+yXsf9mMFNeJPa0oBAGrDnRWO3xCLVptTvqX7y8r5eNrW8tZtcDPovE
UqmtuirH7IIKm8n5YYEAG6DBvKNrOotIvlzDSc7htw1RTtBH+15bz/eFMIaP5w0W
XXx1VLtkhZclFPaWtu80ci1Rp3aAEf/d9yspu99YpxkrDoELC/ZQh+rqXqfxnJR0
y24V+h3wPZulenM8V2rg8Ubbnr/SLJ2Gqyzbd124+tFe0U3cwRUGwpSPRt6cwT2i
xTekIK4XAGnnvgX93XlhC5Y5AieQtVGo9w8XcWXyNNo+KVfCu1W020JTHO3RE664
Swl8vfq0
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:53:38 2024 by rpki-client on console-ams.rpki-client.org