Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/48d092-a76c-4c28-b84b-39ad80f542a0/1/B4hb3BL-b3sbc1LTFl-o6Vx7NXo.roa
File: B4hb3BL-b3sbc1LTFl-o6Vx7NXo.roa (raw, json)
Hash identifier: ULgmS+5cFvw6ZurOESxqh3exa+pbY6+d0X5t/Xnvq6U=
Subject key identifier: 07:88:5B:DC:12:FE:6F:7B:1B:73:52:D3:16:5F:A8:E9:5C:7B:35:7A
Certificate issuer: /CN=855be74d09d9b05251dad2c9696793c04b40f241
Certificate serial: 018D48A04579647279D3CD2353E7A07BF1F8
Authority key identifier: 85:5B:E7:4D:09:D9:B0:52:51:DA:D2:C9:69:67:93:C0:4B:40:F2:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hVvnTQnZsFJR2tLJaWeTwEtA8kE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/48d092-a76c-4c28-b84b-39ad80f542a0/1/B4hb3BL-b3sbc1LTFl-o6Vx7NXo.roa
Signing time: Sat 27 Jan 2024 01:54:39 +0000
ROA not before: Sat 27 Jan 2024 01:54:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210570
IP address blocks: 176.126.127.0/24 maxlen: 24
2a12:7c0:affe::/48 maxlen: 48
2a12:7c1:affe::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 06 Feb 2024 21:33:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:48:a0:45:79:64:72:79:d3:cd:23:53:e7:a0:7b:f1:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=855be74d09d9b05251dad2c9696793c04b40f241
Validity
Not Before: Jan 27 01:54:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07885bdc12fe6f7b1b7352d3165fa8e95c7b357a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2d:c5:a2:ac:b0:68:03:46:35:3c:6b:4d:1b:
79:d7:db:f0:96:83:20:be:e5:8b:45:86:00:c9:63:
28:6f:d1:53:32:45:49:69:5f:59:b9:28:76:f2:1e:
11:ab:36:f0:20:91:c1:e8:22:5c:b4:de:bf:b3:18:
33:ef:cf:6f:f3:a2:ed:6b:34:46:cf:7e:24:46:71:
dc:ba:b4:cc:d7:71:c6:12:a7:7a:51:19:f8:4a:40:
b8:35:60:d3:7d:0d:80:e3:42:08:92:eb:08:0e:0a:
48:d2:8a:eb:80:76:11:96:e4:88:64:c9:3b:d9:53:
30:1e:ca:45:78:20:52:eb:5b:c5:8f:06:b4:19:ca:
86:49:59:e6:9e:b2:33:2e:64:8f:20:9a:c6:a8:a7:
9c:19:01:ad:91:72:5f:bf:58:10:17:93:49:a4:f8:
a6:a6:99:75:44:96:85:a1:be:6a:42:ea:cc:80:b3:
9f:30:b4:0c:af:a9:ac:0c:8a:44:bf:34:3b:ae:08:
25:3a:ee:49:f9:70:9c:14:e9:1d:4b:85:ad:0c:20:
3f:14:03:1f:57:cc:13:29:63:dd:c1:01:d9:c8:99:
2d:f5:c9:ae:2f:0b:af:4b:a7:60:90:e7:8c:54:7c:
36:09:5f:5c:31:0d:1c:46:b2:75:91:f4:69:5b:f8:
4a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:88:5B:DC:12:FE:6F:7B:1B:73:52:D3:16:5F:A8:E9:5C:7B:35:7A
X509v3 Authority Key Identifier:
keyid:85:5B:E7:4D:09:D9:B0:52:51:DA:D2:C9:69:67:93:C0:4B:40:F2:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVvnTQnZsFJR2tLJaWeTwEtA8kE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/48d092-a76c-4c28-b84b-39ad80f542a0/1/B4hb3BL-b3sbc1LTFl-o6Vx7NXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/48d092-a76c-4c28-b84b-39ad80f542a0/1/hVvnTQnZsFJR2tLJaWeTwEtA8kE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.127.0/24
IPv6:
2a12:7c0:affe::/48
2a12:7c1:affe::/48
Signature Algorithm: sha256WithRSAEncryption
4b:34:9d:b3:e0:cb:b8:25:db:90:2c:4e:d3:87:2b:93:c5:eb:
4c:0a:7f:f2:a8:7e:64:0f:ca:fe:3f:9c:07:d2:bb:6f:b5:d7:
c1:0e:5e:27:a2:73:60:55:2f:db:61:2d:31:7b:c3:f9:52:9a:
7d:c3:2d:cb:0f:d9:ce:7d:fb:1f:ec:5c:cc:c8:59:11:89:a1:
4f:0c:e9:3b:2c:d9:74:7c:0b:cc:94:01:5b:36:b0:17:1f:d2:
75:13:c0:e8:4d:67:f2:53:6a:1f:89:c3:bf:f3:8a:a0:83:43:
88:c7:3e:fc:2b:43:54:dc:06:5c:4c:64:37:5e:a2:69:97:7d:
93:f1:b0:fd:94:f0:98:2c:41:3e:09:3d:59:34:47:30:32:17:
9f:45:3e:27:d0:6b:eb:f4:d5:c2:c0:ca:b8:76:46:b8:1d:a7:
a2:0b:e3:eb:a8:60:2f:34:2c:cf:c0:79:e1:93:bf:94:2d:4c:
b3:45:84:02:b6:f7:cf:42:71:49:7f:de:7b:5f:1f:62:22:8c:
ee:37:5b:44:48:5e:9d:60:8f:10:14:5b:66:23:3c:9c:f5:66:
fe:b7:cf:76:63:a0:1f:67:50:45:1e:2f:4e:e0:0f:93:44:90:
cd:49:55:4f:39:c9:cb:e9:e7:ab:42:5d:93:bc:2a:1c:19:2c:
ca:c6:c1:c6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY1IoEV5ZHJ5080jU+ege/H4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NWJlNzRkMDlkOWIwNTI1MWRhZDJjOTY5Njc5M2MwNGI0
MGYyNDEwHhcNMjQwMTI3MDE1NDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzg4NWJkYzEyZmU2ZjdiMWI3MzUyZDMxNjVmYThlOTVjN2IzNTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnS3FoqywaANGNTxrTRt519vwloMg
vuWLRYYAyWMob9FTMkVJaV9ZuSh28h4RqzbwIJHB6CJctN6/sxgz789v86LtazRG
z34kRnHcurTM13HGEqd6URn4SkC4NWDTfQ2A40IIkusIDgpI0orrgHYRluSIZMk7
2VMwHspFeCBS61vFjwa0GcqGSVnmnrIzLmSPIJrGqKecGQGtkXJfv1gQF5NJpPim
ppl1RJaFob5qQurMgLOfMLQMr6msDIpEvzQ7rgglOu5J+XCcFOkdS4WtDCA/FAMf
V8wTKWPdwQHZyJkt9cmuLwuvS6dgkOeMVHw2CV9cMQ0cRrJ1kfRpW/hKlQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAeIW9wS/m97G3NS0xZfqOlcezV6MB8GA1UdIwQY
MBaAFIVb500J2bBSUdrSyWlnk8BLQPJBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZ2blRRblpzRkpSMnRMSmFXZVR3RXRBOGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC80OGQwOTItYTc2Yy00YzI4LWI4NGIt
MzlhZDgwZjU0MmEwLzEvQjRoYjNCTC1iM3NiYzFMVEZsLW82Vng3TlhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC80OGQwOTItYTc2Yy00YzI4LWI4NGItMzlhZDgwZjU0MmEw
LzEvaFZ2blRRblpzRkpSMnRMSmFXZVR3RXRBOGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAsH5/MBgE
AgACMBIDBwAqEgfAr/4DBwAqEgfBr/4wDQYJKoZIhvcNAQELBQADggEBAEs0nbPg
y7gl25AsTtOHK5PF60wKf/KofmQPyv4/nAfSu2+118EOXieic2BVL9thLTF7w/lS
mn3DLcsP2c59+x/sXMzIWRGJoU8M6Tss2XR8C8yUAVs2sBcf0nUTwOhNZ/JTah+J
w7/ziqCDQ4jHPvwrQ1TcBlxMZDdeommXfZPxsP2U8JgsQT4JPVk0RzAyF59FPifQ
a+v01cLAyrh2Rrgdp6IL4+uoYC80LM/AeeGTv5QtTLNFhAK2989CcUl/3ntfH2Ii
jO43W0RIXp1gjxAUW2YjPJz1Zv63z3ZjoB9nUEUeL07gD5NEkM1JVU85ycvp56tC
XZO8KhwZLMrGwcY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:39 2024 by rpki-client on console-ams.rpki-client.org