Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/bDX-Hst90btLO_pM3U2pfY57Ilo.roa
File: bDX-Hst90btLO_pM3U2pfY57Ilo.roa (raw, json)
Hash identifier: Vac+rq6hkDMEhpmahKm0ZrNBEy6OEa+tgatx9Tp4w4M=
Subject key identifier: 6C:35:FE:1E:CB:7D:D1:BB:4B:3B:FA:4C:DD:4D:A9:7D:8E:7B:22:5A
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01867BC646D923B3A49278688C9ABE1B5EB3
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/bDX-Hst90btLO_pM3U2pfY57Ilo.roa
Signing time: Thu 23 Feb 2023 00:57:17 +0000
ROA not before: Thu 23 Feb 2023 00:57:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.253.8.0/21 maxlen: 24
188.253.12.0/24 maxlen: 24
212.87.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Feb 2023 13:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7b:c6:46:d9:23:b3:a4:92:78:68:8c:9a:be:1b:5e:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Feb 23 00:57:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c35fe1ecb7dd1bb4b3bfa4cdd4da97d8e7b225a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0a:83:57:72:6e:c6:fd:5b:cd:70:76:65:4c:
c0:bf:67:10:cb:3f:da:38:f6:1c:0d:74:84:c7:7b:
45:d7:33:6f:9a:2e:01:69:95:29:70:dd:13:ae:60:
14:f4:fd:cd:a9:71:8e:50:31:30:a0:92:16:61:26:
a5:6b:34:5b:a3:4b:8f:a4:34:7e:f4:57:ad:9a:14:
08:f6:1a:f4:99:5d:8c:eb:e9:57:59:c0:11:a2:54:
d2:09:f4:55:b6:b1:f5:34:48:32:f9:82:d3:dd:7d:
0e:12:96:ab:e6:58:95:0f:b5:25:ca:15:36:f5:a7:
c4:98:e6:d1:d6:e8:5b:0e:10:93:db:89:86:97:60:
27:6a:ff:05:a2:5a:b4:08:f7:93:45:c9:a3:a9:d4:
7a:a2:7d:0f:c8:6e:c6:08:a3:c2:b3:ef:26:66:14:
e3:f8:37:39:9c:05:15:83:de:d1:b2:f6:f1:34:31:
5a:5a:39:43:8b:66:38:f0:68:ac:d8:00:30:eb:1e:
f3:9a:26:e5:9f:72:b5:b4:e0:19:ee:5a:02:c9:b5:
ba:ff:96:6e:a6:d7:d7:e1:aa:65:b5:6f:22:7a:e4:
f0:70:7a:8b:65:27:32:e0:ab:13:6c:4b:18:8e:29:
d8:56:a5:71:21:56:71:8c:01:13:3e:bd:0b:ea:ff:
f6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:35:FE:1E:CB:7D:D1:BB:4B:3B:FA:4C:DD:4D:A9:7D:8E:7B:22:5A
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/bDX-Hst90btLO_pM3U2pfY57Ilo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.253.8.0/21
212.87.192.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:08:fa:f7:52:0b:b7:42:37:a9:d8:61:de:7e:b2:1d:08:9b:
64:52:23:1a:57:2e:3f:44:19:29:39:4e:af:98:21:f6:2d:c4:
60:bd:d1:85:5c:96:2f:94:e7:1b:5c:3e:f6:86:e8:a8:42:57:
af:e2:4e:88:26:65:d1:19:0f:c9:93:bc:c8:3d:e9:5a:15:27:
48:e3:07:b6:f7:04:41:7e:a6:47:1e:7c:b3:28:9d:67:69:00:
e2:15:9c:3d:51:f5:bb:9d:0f:d0:28:08:b2:35:b7:f9:1e:61:
5d:51:30:ee:45:5d:f9:1c:98:de:46:26:1e:56:f2:03:b1:ac:
e8:5c:59:2e:e4:e7:b8:5f:45:d2:51:ac:55:fc:9b:64:8f:f3:
18:4d:70:a0:93:7e:2c:7b:c5:db:74:7c:37:18:14:c2:1e:d9:
fb:83:f7:7c:76:4b:83:cf:67:60:e9:af:6f:b7:30:6f:4b:65:
ae:b0:ea:7a:1e:77:52:5e:8d:f9:69:bc:1a:b4:75:45:b6:74:
f2:d8:aa:6d:2b:c5:cd:7d:fe:f5:33:49:54:a9:5c:88:96:6b:
3e:37:72:bf:55:85:f6:9a:9f:8c:e6:86:33:8f:7f:b0:5a:3a:
75:d9:f5:f7:a7:de:f9:60:b0:2c:15:22:6e:fb:f6:7f:71:37:
78:7d:2e:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZ7xkbZI7OkknhojJq+G16zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMjIzMDA1NzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzM1ZmUxZWNiN2RkMWJiNGIzYmZhNGNkZDRkYTk3ZDhlN2IyMjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQqDV3Juxv1bzXB2ZUzAv2cQyz/a
OPYcDXSEx3tF1zNvmi4BaZUpcN0TrmAU9P3NqXGOUDEwoJIWYSalazRbo0uPpDR+
9FetmhQI9hr0mV2M6+lXWcARolTSCfRVtrH1NEgy+YLT3X0OEpar5liVD7UlyhU2
9afEmObR1uhbDhCT24mGl2Anav8Folq0CPeTRcmjqdR6on0PyG7GCKPCs+8mZhTj
+Dc5nAUVg97RsvbxNDFaWjlDi2Y48Gis2AAw6x7zmibln3K1tOAZ7loCybW6/5Zu
ptfX4apltW8ieuTwcHqLZScy4KsTbEsYjinYVqVxIVZxjAETPr0L6v/2AwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGw1/h7LfdG7Szv6TN1NqX2OeyJaMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvYkRYLUhzdDkwYnRMT19wTTNVMnBmWTU3SWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDvP0IAwQC
1FfAMA0GCSqGSIb3DQEBCwUAA4IBAQCOCPr3Ugu3Qjep2GHefrIdCJtkUiMaVy4/
RBkpOU6vmCH2LcRgvdGFXJYvlOcbXD72huioQlev4k6IJmXRGQ/Jk7zIPelaFSdI
4we29wRBfqZHHnyzKJ1naQDiFZw9UfW7nQ/QKAiyNbf5HmFdUTDuRV35HJjeRiYe
VvIDsazoXFku5Oe4X0XSUaxV/Jtkj/MYTXCgk34se8XbdHw3GBTCHtn7g/d8dkuD
z2dg6a9vtzBvS2WusOp6HndSXo35abwatHVFtnTy2KptK8XNff71M0lUqVyIlms+
N3K/VYX2mp+M5oYzj3+wWjp12fX3p975YLAsFSJu+/Z/cTd4fS7X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org