Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/bNZ7UFLSyoh8eigbjuPJC9lJO0Q.roa
File: bNZ7UFLSyoh8eigbjuPJC9lJO0Q.roa (raw, json)
Hash identifier: 8qtEnIcfM51X25XLivTeo7hyC7cJh3uKRLgR5hVcndU=
Subject key identifier: 6C:D6:7B:50:52:D2:CA:88:7C:7A:28:1B:8E:E3:C9:0B:D9:49:3B:44
Certificate issuer: /CN=69a4d6916b93159aa80984a9b3774683bb550ebd
Certificate serial: 01856FF040EA743063FF612C496FA5875751
Authority key identifier: 69:A4:D6:91:6B:93:15:9A:A8:09:84:A9:B3:77:46:83:BB:55:0E:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaTWkWuTFZqoCYSps3dGg7tVDr0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/bNZ7UFLSyoh8eigbjuPJC9lJO0Q.roa
Signing time: Mon 02 Jan 2023 00:44:54 +0000
ROA not before: Mon 02 Jan 2023 00:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41535
IP address blocks: 89.253.192.0/21 maxlen: 21
89.253.200.0/21 maxlen: 21
89.253.203.0/24 maxlen: 24
89.253.202.0/24 maxlen: 24
193.32.198.0/23 maxlen: 23
89.253.208.0/21 maxlen: 21
89.253.216.0/21 maxlen: 21
89.253.224.0/21 maxlen: 21
89.253.232.0/21 maxlen: 21
89.253.240.0/21 maxlen: 21
89.253.248.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:40:ea:74:30:63:ff:61:2c:49:6f:a5:87:57:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a4d6916b93159aa80984a9b3774683bb550ebd
Validity
Not Before: Jan 2 00:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cd67b5052d2ca887c7a281b8ee3c90bd9493b44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:da:66:1f:f9:aa:c9:7f:1d:e6:de:61:25:c5:
20:31:4e:0a:f7:f3:e3:be:e6:d7:62:16:b4:aa:2d:
b7:cc:d1:33:70:14:c2:df:6c:16:06:b4:43:63:db:
2f:1e:89:c3:38:eb:9f:5a:80:c5:0c:5e:c9:58:b1:
21:b7:1d:0e:9a:fc:67:a9:5b:b0:44:43:b3:f8:59:
af:5e:b5:48:68:0c:7a:02:cf:39:68:1e:0e:19:78:
f8:25:e4:0f:d0:10:d2:fc:1c:c5:75:30:6d:4e:63:
5d:ab:00:ed:9c:92:6e:5a:62:1b:9a:48:bc:e0:e1:
5d:27:d3:5d:78:22:0f:7d:a8:69:be:f5:5c:81:2d:
24:92:90:1d:3e:48:0f:df:1e:e5:31:2d:cf:e5:c6:
be:c4:42:f6:d6:f5:bf:a1:a6:d8:cf:fa:84:51:6e:
14:6e:c5:05:ea:11:c8:15:7d:7d:c3:94:40:16:54:
42:8e:06:76:ca:eb:4e:59:e4:3f:6d:af:c2:da:f8:
1f:e1:44:7b:23:1b:a3:24:73:8d:89:56:1e:98:61:
09:0e:11:d8:ea:45:2e:65:60:73:e7:33:77:5e:b1:
eb:a0:b2:0a:ad:f0:4e:8a:90:37:3d:c4:c8:7e:73:
d1:f9:03:5f:40:dc:9a:cf:e5:ee:a4:a2:1d:68:d4:
d7:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:D6:7B:50:52:D2:CA:88:7C:7A:28:1B:8E:E3:C9:0B:D9:49:3B:44
X509v3 Authority Key Identifier:
keyid:69:A4:D6:91:6B:93:15:9A:A8:09:84:A9:B3:77:46:83:BB:55:0E:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaTWkWuTFZqoCYSps3dGg7tVDr0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/bNZ7UFLSyoh8eigbjuPJC9lJO0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/aaTWkWuTFZqoCYSps3dGg7tVDr0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.253.192.0/18
193.32.198.0/23
Signature Algorithm: sha256WithRSAEncryption
75:02:91:64:99:e1:85:d9:e7:9b:81:78:43:1c:87:f6:8c:f3:
96:4e:f7:b1:31:a2:fc:15:5a:db:74:4a:40:fb:e9:0d:bd:67:
a0:bd:ff:fa:fd:c4:d5:49:e1:4d:cf:39:d7:ab:0b:56:52:15:
1b:6b:80:cb:76:ca:8f:52:54:83:27:21:0c:3b:74:80:32:81:
0f:04:09:6d:d4:48:0f:06:f6:7d:44:3f:1a:80:af:7c:56:09:
9e:74:9f:db:b7:a3:dd:9a:ed:14:95:87:53:b5:43:67:83:7d:
eb:37:db:39:7e:03:18:46:7a:b1:bc:ef:bc:9c:f8:97:e8:90:
17:0b:e6:88:7b:ae:51:7c:7d:c1:b4:29:e9:61:09:42:02:b2:
58:d8:ab:a4:78:c0:c8:a4:4a:52:b1:c8:77:ac:0c:fb:bb:bd:
42:93:ef:0b:9f:8e:3f:6a:3c:70:4d:5d:21:b3:7e:36:90:32:
ef:f0:7a:d0:ab:f0:18:96:59:61:e1:de:b9:d7:4e:29:51:1d:
40:bd:d3:57:c6:a7:4a:f9:55:56:62:71:05:75:91:a7:2a:d6:
2c:0f:0f:43:83:6c:b7:c9:ce:56:fb:13:83:e4:1e:d9:25:65:
a4:6d:41:ac:98:e7:e5:27:37:b7:6a:2a:71:2e:86:38:0b:29:
d7:dd:97:12
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVv8EDqdDBj/2EsSW+lh1dRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTRkNjkxNmI5MzE1OWFhODA5ODRhOWIzNzc0NjgzYmI1
NTBlYmQwHhcNMjMwMTAyMDA0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Q2N2I1MDUyZDJjYTg4N2M3YTI4MWI4ZWUzYzkwYmQ5NDkzYjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9pmH/mqyX8d5t5hJcUgMU4K9/Pj
vubXYha0qi23zNEzcBTC32wWBrRDY9svHonDOOufWoDFDF7JWLEhtx0OmvxnqVuw
REOz+FmvXrVIaAx6As85aB4OGXj4JeQP0BDS/BzFdTBtTmNdqwDtnJJuWmIbmki8
4OFdJ9NdeCIPfahpvvVcgS0kkpAdPkgP3x7lMS3P5ca+xEL21vW/oabYz/qEUW4U
bsUF6hHIFX19w5RAFlRCjgZ2yutOWeQ/ba/C2vgf4UR7IxujJHONiVYemGEJDhHY
6kUuZWBz5zN3XrHroLIKrfBOipA3PcTIfnPR+QNfQNyaz+XupKIdaNTXPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGzWe1BS0sqIfHooG47jyQvZSTtEMB8GA1UdIwQY
MBaAFGmk1pFrkxWaqAmEqbN3RoO7VQ69MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFUV2tXdVRGWnFvQ1lTcHMzZEdnN3RWRHIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jMDMxZTUtZmM2Ny00MWY1LThlYmUt
MzE5NzExMDA5N2M5LzEvYk5aN1VGTFN5b2g4ZWlnYmp1UEpDOWxKTzBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jMDMxZTUtZmM2Ny00MWY1LThlYmUtMzE5NzExMDA5N2M5
LzEvYWFUV2tXdVRGWnFvQ1lTcHMzZEdnN3RWRHIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGWf3AAwQB
wSDGMA0GCSqGSIb3DQEBCwUAA4IBAQB1ApFkmeGF2eebgXhDHIf2jPOWTvexMaL8
FVrbdEpA++kNvWegvf/6/cTVSeFNzznXqwtWUhUba4DLdsqPUlSDJyEMO3SAMoEP
BAlt1EgPBvZ9RD8agK98VgmedJ/bt6Pdmu0UlYdTtUNng33rN9s5fgMYRnqxvO+8
nPiX6JAXC+aIe65RfH3BtCnpYQlCArJY2KukeMDIpEpSsch3rAz7u71Ck+8Ln44/
ajxwTV0hs342kDLv8HrQq/AYlllh4d65104pUR1AvdNXxqdK+VVWYnEFdZGnKtYs
Dw9Dg2y3yc5W+xOD5B7ZJWWkbUGsmOflJze3aipxLoY4CynX3ZcS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:09 2024 by rpki-client on console-ams.rpki-client.org