Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/BKcKhUyeJy1uJd496orhKDnX9EU.roa
File: BKcKhUyeJy1uJd496orhKDnX9EU.roa (raw, json)
Hash identifier: VEjsxKH3QO4vUnlxu4iUzfPGxGgJ+OKstBEEdJcNGEE=
Subject key identifier: 04:A7:0A:85:4C:9E:27:2D:6E:25:DE:3D:EA:8A:E1:28:39:D7:F4:45
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01862C8BCEF963EE22597E35E99D61F4D875
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/BKcKhUyeJy1uJd496orhKDnX9EU.roa
Signing time: Tue 07 Feb 2023 15:43:25 +0000
ROA not before: Tue 07 Feb 2023 15:43:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 139.28.32.0/22 maxlen: 22
147.78.68.0/22 maxlen: 22
193.187.132.0/22 maxlen: 22
83.171.244.0/22 maxlen: 22
193.187.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 08 Feb 2023 13:31:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2c:8b:ce:f9:63:ee:22:59:7e:35:e9:9d:61:f4:d8:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Feb 7 15:43:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04a70a854c9e272d6e25de3dea8ae12839d7f445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:80:c3:89:0c:01:c9:50:e2:41:0e:40:08:30:
27:dd:e2:7e:41:8d:3c:ec:b3:a2:83:c8:35:3c:14:
8f:d6:0e:f0:a5:87:7c:38:2d:76:4e:29:e2:66:7a:
20:c0:54:30:a9:60:89:f5:2f:08:22:b6:a7:18:ba:
f8:eb:0b:f8:d4:34:e7:ea:1b:c1:1f:3c:f7:c0:93:
c0:59:97:dc:da:37:d9:12:d2:cf:20:77:85:3b:ec:
17:be:17:cf:b3:dd:38:fe:1b:11:7d:a7:72:ce:19:
ac:b0:d3:4f:b6:fa:28:5d:ff:dc:62:44:9d:e2:da:
c5:57:be:01:a4:14:10:ba:ac:87:79:3d:df:94:a6:
26:e5:c1:6e:11:b4:ed:69:b4:c5:79:32:79:45:99:
dc:82:12:2f:ec:26:56:f2:f1:13:e6:a5:14:9b:10:
96:b5:c1:00:51:b8:ab:bb:b3:27:b4:42:b5:d6:01:
de:58:56:0b:7c:05:b2:90:31:a9:6c:db:68:d5:07:
08:3e:e4:11:c6:33:21:5e:6b:5f:2f:f8:9b:c2:29:
46:11:8a:2b:f4:01:45:f6:f4:b6:3f:60:8c:58:d4:
13:ca:f4:a9:35:85:3b:25:06:d1:ae:d7:14:b4:fa:
63:73:4b:a3:fa:df:cc:08:2b:62:ec:24:f7:87:8b:
8c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:A7:0A:85:4C:9E:27:2D:6E:25:DE:3D:EA:8A:E1:28:39:D7:F4:45
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/BKcKhUyeJy1uJd496orhKDnX9EU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.244.0/22
139.28.32.0/22
147.78.68.0/22
193.187.132.0/22
193.187.140.0/22
Signature Algorithm: sha256WithRSAEncryption
d4:27:93:42:ac:aa:7e:0f:6f:29:c8:a2:94:ec:1b:d3:84:9e:
dd:03:cd:b2:a8:4a:86:73:6f:a3:0d:86:6d:3c:50:3c:84:cd:
6e:fc:86:47:b7:0c:b3:7f:39:d3:f2:e4:8b:62:75:e4:d2:a9:
22:fc:d5:07:f8:c5:88:d6:cc:d8:6f:8b:81:f2:a6:c3:6f:9c:
25:dd:a8:1b:4c:f8:11:96:25:ec:55:30:01:f4:e1:da:40:df:
e6:bd:0d:7e:9c:35:72:01:cc:86:b0:29:7c:dd:2f:6f:73:18:
60:0e:5d:5d:65:05:1e:ec:5d:a4:de:9b:22:cc:c2:d7:8c:55:
a3:d9:14:94:ce:dd:5b:00:f7:9a:b0:01:83:46:d8:96:1a:60:
bc:53:4a:cc:e1:0d:14:df:76:d7:a1:9b:95:c1:34:84:4f:15:
5a:4a:f5:16:3b:f8:a7:88:16:75:59:61:61:8d:9f:60:83:00:
bb:1b:bc:03:a3:85:b3:00:e6:ff:27:3d:9f:8b:05:80:55:ca:
12:df:f7:ba:78:53:01:c2:da:7d:a5:f4:06:75:a4:65:ac:83:
17:14:c2:08:56:74:89:39:5c:be:3f:49:c8:ab:27:b0:13:5b:
a8:88:7f:e7:94:bb:7a:19:64:b8:b2:74:22:e5:b9:9c:63:c2:
f2:db:b2:f7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYsi875Y+4iWX416Z1h9Nh1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwMjA3MTU0MzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGE3MGE4NTRjOWUyNzJkNmUyNWRlM2RlYThhZTEyODM5ZDdmNDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIDDiQwByVDiQQ5ACDAn3eJ+QY08
7LOig8g1PBSP1g7wpYd8OC12TiniZnogwFQwqWCJ9S8IIranGLr46wv41DTn6hvB
Hzz3wJPAWZfc2jfZEtLPIHeFO+wXvhfPs904/hsRfadyzhmssNNPtvooXf/cYkSd
4trFV74BpBQQuqyHeT3flKYm5cFuEbTtabTFeTJ5RZncghIv7CZW8vET5qUUmxCW
tcEAUbiru7MntEK11gHeWFYLfAWykDGpbNto1QcIPuQRxjMhXmtfL/ibwilGEYor
9AFF9vS2P2CMWNQTyvSpNYU7JQbRrtcUtPpjc0uj+t/MCCti7CT3h4uM4QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFASnCoVMnictbiXePeqK4Sg51/RFMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvQktjS2hVeWVKeTF1SmQ0OTZvcmhLRG5YOUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCU6v0AwQC
ixwgAwQCk05EAwQCwbuEAwQCwbuMMA0GCSqGSIb3DQEBCwUAA4IBAQDUJ5NCrKp+
D28pyKKU7BvThJ7dA82yqEqGc2+jDYZtPFA8hM1u/IZHtwyzfznT8uSLYnXk0qki
/NUH+MWI1szYb4uB8qbDb5wl3agbTPgRliXsVTAB9OHaQN/mvQ1+nDVyAcyGsCl8
3S9vcxhgDl1dZQUe7F2k3psizMLXjFWj2RSUzt1bAPeasAGDRtiWGmC8U0rM4Q0U
33bXoZuVwTSETxVaSvUWO/iniBZ1WWFhjZ9ggwC7G7wDo4WzAOb/Jz2fiwWAVcoS
3/e6eFMBwtp9pfQGdaRlrIMXFMIIVnSJOVy+P0nIqyewE1uoiH/nlLt6GWS4snQi
5bmcY8Ly27L3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org