Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/31a6a4-8a9d-47a2-8fbb-b9dff3e7a32e/1/bFLyuo_kPlPvbE63sqii3o2Us90.roa
File: bFLyuo_kPlPvbE63sqii3o2Us90.roa (raw, json)
Hash identifier: 02yKookMJhWwT4N9Be+4nJz++B7qnf+pknI/7i7h9Jo=
Subject key identifier: 6C:52:F2:BA:8F:E4:3E:53:EF:6C:4E:B7:B2:A8:A2:DE:8D:94:B3:DD
Certificate issuer: /CN=9213f2c2d06c64b895457ab50fc4920283a49cc7
Certificate serial: 01856CE61E68069E1965A189F273346C032C
Authority key identifier: 92:13:F2:C2:D0:6C:64:B8:95:45:7A:B5:0F:C4:92:02:83:A4:9C:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khPywtBsZLiVRXq1D8SSAoOknMc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/31a6a4-8a9d-47a2-8fbb-b9dff3e7a32e/1/bFLyuo_kPlPvbE63sqii3o2Us90.roa
Signing time: Sun 01 Jan 2023 10:34:58 +0000
ROA not before: Sun 01 Jan 2023 10:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210107
IP address blocks: 194.1.184.0/24 maxlen: 24
194.1.192.0/24 maxlen: 24
2a0f:c943::/32 maxlen: 32
2a0f:c941::/32 maxlen: 32
2a0f:c945::/32 maxlen: 32
2a0f:c947::/32 maxlen: 32
2a0f:c944::/32 maxlen: 32
2a0f:c942::/32 maxlen: 32
2a0f:c940::/32 maxlen: 32
2a0f:c946::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 09:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:1e:68:06:9e:19:65:a1:89:f2:73:34:6c:03:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9213f2c2d06c64b895457ab50fc4920283a49cc7
Validity
Not Before: Jan 1 10:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c52f2ba8fe43e53ef6c4eb7b2a8a2de8d94b3dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ba:a1:5e:8e:81:78:94:fd:a3:52:bd:4d:c9:
82:ba:c7:03:b0:ca:05:b0:cd:d8:4c:bf:ae:1a:e2:
44:83:ae:f7:06:36:db:60:28:63:e2:50:c5:55:75:
57:c7:ae:23:36:e8:fa:e9:c9:4e:07:04:1a:36:3d:
d8:17:5b:39:d3:13:d8:d7:4b:8d:87:cf:45:d1:ef:
89:eb:76:ab:1e:76:ed:0d:4a:f9:a9:59:8f:fb:0a:
c8:b1:f7:fa:c6:cc:e8:e3:9d:45:73:fe:49:06:5b:
3a:eb:87:d2:db:de:c2:a9:d7:b9:b9:70:95:8d:35:
29:de:76:ba:9c:ac:41:33:b9:77:61:13:55:97:69:
d2:b3:e4:73:53:73:91:c2:cd:22:f8:59:d7:6a:36:
2a:fe:a7:83:04:0a:ac:f7:e7:35:d0:18:5f:f3:88:
2f:4f:aa:d3:80:f0:2d:5a:df:72:1c:0e:35:21:84:
74:8b:37:a9:45:70:77:79:48:f4:07:54:6d:3a:fc:
2f:84:2a:9c:1f:12:9a:8e:a3:d7:b9:c3:11:08:f1:
e3:9e:1c:1a:46:f4:ce:b9:c2:17:32:c5:80:95:0e:
2d:36:99:94:b6:52:02:5e:86:bf:32:c3:d8:8f:c8:
c4:af:ab:bb:3d:26:ca:e2:31:d6:9d:98:f6:8b:11:
92:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:52:F2:BA:8F:E4:3E:53:EF:6C:4E:B7:B2:A8:A2:DE:8D:94:B3:DD
X509v3 Authority Key Identifier:
keyid:92:13:F2:C2:D0:6C:64:B8:95:45:7A:B5:0F:C4:92:02:83:A4:9C:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khPywtBsZLiVRXq1D8SSAoOknMc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/31a6a4-8a9d-47a2-8fbb-b9dff3e7a32e/1/bFLyuo_kPlPvbE63sqii3o2Us90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/31a6a4-8a9d-47a2-8fbb-b9dff3e7a32e/1/khPywtBsZLiVRXq1D8SSAoOknMc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.1.184.0/24
194.1.192.0/24
IPv6:
2a0f:c940::/29
Signature Algorithm: sha256WithRSAEncryption
5e:64:ee:67:3a:fd:c9:a8:15:b4:05:6d:30:00:e1:82:af:6a:
4c:8f:c5:d7:13:6b:b5:e4:47:d0:30:9a:3c:3d:36:3b:0c:eb:
59:f3:34:2f:44:d1:fc:8b:54:c5:45:1c:07:7c:62:2d:de:2d:
34:6b:4b:87:12:ae:f6:09:ce:f3:07:2a:40:ff:46:6f:c0:e8:
26:5c:e1:cb:ef:87:0b:13:dc:3e:a7:7d:1a:97:5d:54:dc:91:
2c:0c:2f:ee:6a:d1:15:2e:66:1f:7b:27:a9:3f:e1:90:17:a6:
f6:6f:54:33:1a:56:f8:62:0d:f9:a3:da:9c:91:7c:4e:d4:2e:
2a:09:49:2d:f0:44:e6:b6:a9:30:c9:1d:8c:cd:02:31:3c:43:
07:86:6f:ac:31:dd:8a:5e:ee:8b:ec:26:06:bb:08:66:e3:bd:
5b:c8:8d:1a:1c:88:d3:af:e8:04:d2:c9:68:3f:d5:33:1b:a6:
4c:83:10:be:ae:a4:e0:21:83:ce:61:be:8b:ea:02:85:a2:bf:
3f:59:cd:da:5c:4f:90:f0:8d:4c:53:25:70:0c:e4:d9:b0:84:
d1:60:b7:d5:ca:fe:60:28:3f:f0:05:7c:94:f7:a4:09:fd:f5:
4e:21:9b:3a:a5:f2:fa:f1:69:36:46:f7:d1:14:82:25:bc:26:
db:c1:75:9e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVs5h5oBp4ZZaGJ8nM0bAMsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMTNmMmMyZDA2YzY0Yjg5NTQ1N2FiNTBmYzQ5MjAyODNh
NDljYzcwHhcNMjMwMTAxMTAzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzUyZjJiYThmZTQzZTUzZWY2YzRlYjdiMmE4YTJkZThkOTRiM2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirqhXo6BeJT9o1K9TcmCuscDsMoF
sM3YTL+uGuJEg673BjbbYChj4lDFVXVXx64jNuj66clOBwQaNj3YF1s50xPY10uN
h89F0e+J63arHnbtDUr5qVmP+wrIsff6xszo451Fc/5JBls664fS297Cqde5uXCV
jTUp3na6nKxBM7l3YRNVl2nSs+RzU3ORws0i+FnXajYq/qeDBAqs9+c10Bhf84gv
T6rTgPAtWt9yHA41IYR0izepRXB3eUj0B1RtOvwvhCqcHxKajqPXucMRCPHjnhwa
RvTOucIXMsWAlQ4tNpmUtlICXoa/MsPYj8jEr6u7PSbK4jHWnZj2ixGSKwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGxS8rqP5D5T72xOt7Koot6NlLPdMB8GA1UdIwQY
MBaAFJIT8sLQbGS4lUV6tQ/EkgKDpJzHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hQeXd0QnNaTGlWUlhxMUQ4U1NBb09rbk1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zMWE2YTQtOGE5ZC00N2EyLThmYmIt
YjlkZmYzZTdhMzJlLzEvYkZMeXVvX2tQbFB2YkU2M3NxaWkzbzJVczkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zMWE2YTQtOGE5ZC00N2EyLThmYmItYjlkZmYzZTdhMzJl
LzEva2hQeXd0QnNaTGlWUlhxMUQ4U1NBb09rbk1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwgG4AwQA
wgHAMA0EAgACMAcDBQMqD8lAMA0GCSqGSIb3DQEBCwUAA4IBAQBeZO5nOv3JqBW0
BW0wAOGCr2pMj8XXE2u15EfQMJo8PTY7DOtZ8zQvRNH8i1TFRRwHfGIt3i00a0uH
Eq72Cc7zBypA/0ZvwOgmXOHL74cLE9w+p30al11U3JEsDC/uatEVLmYfeyepP+GQ
F6b2b1QzGlb4Yg35o9qckXxO1C4qCUkt8ETmtqkwyR2MzQIxPEMHhm+sMd2KXu6L
7CYGuwhm471byI0aHIjTr+gE0sloP9UzG6ZMgxC+rqTgIYPOYb6L6gKFor8/Wc3a
XE+Q8I1MUyVwDOTZsITRYLfVyv5gKD/wBXyU96QJ/fVOIZs6pfL68Wk2RvfRFIIl
vCbbwXWe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:01 2024 by rpki-client on console-ams.rpki-client.org