Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/By5_CGwzbWrN3qaKdUgPCcOZD1o.roa
File: By5_CGwzbWrN3qaKdUgPCcOZD1o.roa (raw, json)
Hash identifier: vSKfjvqglYWb8a3IS0BAvQnj2oNCAgGhSFJ8Np/i7wQ=
Subject key identifier: 07:2E:7F:08:6C:33:6D:6A:CD:DE:A6:8A:75:48:0F:09:C3:99:0F:5A
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01856D0AD1846D6F507008B223C6FBAD54FA
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/By5_CGwzbWrN3qaKdUgPCcOZD1o.roa
Signing time: Sun 01 Jan 2023 11:15:03 +0000
ROA not before: Sun 01 Jan 2023 11:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35238
IP address blocks: 86.63.224.0/19 maxlen: 19
91.91.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:d1:84:6d:6f:50:70:08:b2:23:c6:fb:ad:54:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 1 11:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=072e7f086c336d6acddea68a75480f09c3990f5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:52:ed:c1:97:46:c5:a1:c2:58:df:c6:dc:72:
3a:f7:38:7f:2c:8a:4a:40:40:ce:54:c3:e8:d8:ff:
51:95:0a:e7:57:d9:21:f9:8a:5c:e0:24:da:0f:1f:
e5:57:27:fb:32:e3:0f:cc:91:dc:00:89:91:d3:33:
8b:07:b3:00:fe:7a:da:50:73:ab:b8:21:3d:a2:86:
2b:24:59:81:8b:2e:92:6f:3e:39:91:17:7d:1e:c5:
80:df:24:89:b4:b6:23:cd:5e:f5:a5:e5:26:cf:6d:
89:ad:66:da:81:ba:a9:16:02:d5:01:4c:46:b8:c8:
54:9e:20:1b:f6:8e:2d:c3:2c:9e:4f:25:c3:2c:f8:
b6:38:6f:c5:16:c6:27:2f:7a:6b:e1:e2:24:dc:6f:
c5:86:96:d8:1d:68:91:b0:b6:7f:72:b2:09:93:43:
23:de:1c:f3:6f:40:60:a4:2b:b7:6a:b6:c4:9f:cb:
f3:90:3b:bb:2c:99:a2:4f:c1:b0:e9:fa:d0:4d:a9:
62:16:9c:bd:a0:2b:0b:a7:e5:7e:e6:12:00:70:c1:
f8:92:6c:80:df:14:89:a5:d3:c1:a0:2e:a2:ba:7d:
47:e7:e1:28:f9:f1:49:b0:28:cc:d3:1a:4b:4a:9c:
af:f0:9e:14:de:11:64:12:d6:e8:40:ff:dc:cb:bb:
ac:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:2E:7F:08:6C:33:6D:6A:CD:DE:A6:8A:75:48:0F:09:C3:99:0F:5A
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/By5_CGwzbWrN3qaKdUgPCcOZD1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.63.224.0/19
91.91.0.0/16
Signature Algorithm: sha256WithRSAEncryption
43:24:a4:5f:8d:dd:84:72:0c:67:8f:a2:17:a9:b1:c9:ef:29:
a6:68:4d:5d:7a:d8:fe:7a:a1:3e:3e:e5:c6:25:ac:5f:57:f6:
d9:ec:4d:9a:b1:04:64:4d:dc:cc:5a:cc:fc:d4:b3:1c:a2:fd:
ec:d5:f3:77:ed:2f:c1:c9:d1:41:43:d1:53:6e:85:9e:3c:ba:
da:ab:0d:68:fe:9c:26:86:c5:83:a2:1c:b1:21:c0:85:76:1d:
0c:f6:92:1b:04:a9:33:b8:96:45:e5:c5:50:8a:5b:0f:d2:e0:
2b:95:b3:4a:1a:2d:35:d0:ac:6a:2b:1a:9a:68:3e:c5:aa:b8:
a9:1f:8f:0f:70:03:df:6c:c6:2e:98:13:6d:81:b9:d6:78:21:
98:bb:ea:15:3a:d3:fe:0c:ed:d9:80:b9:f2:4f:77:d5:d1:8e:
16:36:4f:d5:ce:6a:e0:1f:07:1b:c0:dc:e6:99:16:2f:af:b4:
5f:ca:b1:36:e3:6d:19:04:37:67:33:66:6d:c3:c6:e6:11:74:
94:45:2d:1d:fc:14:4b:06:30:c6:73:26:b5:73:51:27:27:a1:
7d:8e:ca:bb:13:e4:5b:6c:a3:a0:34:a1:a1:ab:aa:43:61:37:
66:a4:91:a7:90:53:16:a9:e4:2d:db:cd:9f:a7:d9:ef:19:6b:
00:e4:b5:65
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYVtCtGEbW9QcAiyI8b7rVT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjMwMTAxMTExNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzJlN2YwODZjMzM2ZDZhY2RkZWE2OGE3NTQ4MGYwOWMzOTkwZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1LtwZdGxaHCWN/G3HI69zh/LIpK
QEDOVMPo2P9RlQrnV9kh+Ypc4CTaDx/lVyf7MuMPzJHcAImR0zOLB7MA/nraUHOr
uCE9ooYrJFmBiy6Sbz45kRd9HsWA3ySJtLYjzV71peUmz22JrWbagbqpFgLVAUxG
uMhUniAb9o4twyyeTyXDLPi2OG/FFsYnL3pr4eIk3G/FhpbYHWiRsLZ/crIJk0Mj
3hzzb0BgpCu3arbEn8vzkDu7LJmiT8Gw6frQTaliFpy9oCsLp+V+5hIAcMH4kmyA
3xSJpdPBoC6iun1H5+Eo+fFJsCjM0xpLSpyv8J4U3hFkEtboQP/cy7usfQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFAcufwhsM21qzd6minVIDwnDmQ9aMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvQnk1X0NHd3piV3JOM3FhS2RVZ1BDY09aRDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwQFVj/gAwMA
W1swDQYJKoZIhvcNAQELBQADggEBAEMkpF+N3YRyDGePohepscnvKaZoTV162P56
oT4+5cYlrF9X9tnsTZqxBGRN3MxazPzUsxyi/ezV83ftL8HJ0UFD0VNuhZ48utqr
DWj+nCaGxYOiHLEhwIV2HQz2khsEqTO4lkXlxVCKWw/S4CuVs0oaLTXQrGorGppo
PsWquKkfjw9wA99sxi6YE22BudZ4IZi76hU60/4M7dmAufJPd9XRjhY2T9XOauAf
BxvA3OaZFi+vtF/KsTbjbRkEN2czZm3DxuYRdJRFLR38FEsGMMZzJrVzUScnoX2O
yrsT5Ftso6A0oaGrqkNhN2akkaeQUxap5C3bzZ+n2e8ZawDktWU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:55 2024 by rpki-client on console-fra.rpki-client.org