Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/bW-MbCr38qeJE18rOz3jatWa3WE.roa
File: bW-MbCr38qeJE18rOz3jatWa3WE.roa (raw, json)
Hash identifier: QFjl6aA4LMkPvIwSC64KkdEGAqsBAIe9Qzado9ptBpY=
Subject key identifier: 6D:6F:8C:6C:2A:F7:F2:A7:89:13:5F:2B:3B:3D:E3:6A:D5:9A:DD:61
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018B3788FD888229A13C657E4D9410A49C4B
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/bW-MbCr38qeJE18rOz3jatWa3WE.roa
Signing time: Mon 16 Oct 2023 08:10:06 +0000
ROA not before: Mon 16 Oct 2023 08:10:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197050
IP address blocks: 95.43.232.0/22 maxlen: 24
213.16.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:37:88:fd:88:82:29:a1:3c:65:7e:4d:94:10:a4:9c:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Oct 16 08:10:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d6f8c6c2af7f2a789135f2b3b3de36ad59add61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f9:cb:30:01:37:61:88:b7:d2:93:44:96:b7:
db:be:b0:69:21:0a:ce:82:b6:1a:a4:70:2a:c8:73:
f0:b9:83:83:6d:1d:7a:ea:e5:2e:25:f9:2a:45:b6:
3f:8f:a8:46:be:23:08:d5:bb:8a:21:40:5e:c0:d9:
09:ca:9d:ff:b2:b8:1e:96:47:a7:5c:62:2a:a2:c7:
bd:0a:2b:d0:7e:14:bc:01:ea:f9:55:30:f2:aa:37:
87:65:05:b1:d3:16:fd:45:b5:2f:da:d0:cd:57:5f:
a8:a8:56:0a:7b:cf:56:bf:5c:0c:7e:18:37:9d:de:
7a:25:db:a7:ad:0c:9d:ef:50:b1:b8:da:d3:3c:d5:
c6:2d:f9:63:ba:a2:88:1d:37:7b:2b:9a:33:02:11:
59:6b:35:e9:25:b5:5e:58:6b:87:15:13:89:95:ec:
15:77:99:c7:77:99:04:a7:b1:15:d9:04:37:6b:5b:
0c:37:9f:b5:5b:fe:fd:7c:6a:b3:ed:e9:2d:47:45:
01:3e:39:df:5f:22:f2:68:81:80:de:48:e0:f6:16:
1c:11:9f:e7:7a:0b:8e:63:a3:9f:9a:5f:67:01:7f:
c9:5e:1c:e7:be:a7:59:03:91:1b:43:ed:31:e8:1d:
69:ff:da:97:ac:c2:c0:a7:6b:75:09:f3:1c:54:b2:
73:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:6F:8C:6C:2A:F7:F2:A7:89:13:5F:2B:3B:3D:E3:6A:D5:9A:DD:61
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/bW-MbCr38qeJE18rOz3jatWa3WE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.43.232.0/22
213.16.45.0/24
Signature Algorithm: sha256WithRSAEncryption
11:9e:3a:48:40:ac:4f:6a:c8:1d:3c:ab:68:d8:8d:1f:7f:ea:
b1:21:0d:05:c3:41:49:25:cd:ec:46:31:f2:ed:b6:6a:44:42:
be:97:53:27:4f:d1:75:f7:0c:ab:39:39:73:df:e6:71:f1:ba:
5a:d0:fc:76:cc:1b:11:f1:0d:d0:ff:66:d0:29:da:6e:cf:36:
39:84:0d:be:6e:42:71:a1:6d:88:c6:2d:44:6b:fe:d6:88:a1:
44:2e:70:48:ff:59:a5:c2:05:ea:56:18:c7:ca:7c:bd:d0:ec:
2d:55:44:f4:7f:7d:ed:cb:c5:84:66:56:95:59:77:29:77:f8:
a7:41:fe:b2:da:e8:b4:e8:82:d6:2f:77:dc:b3:73:b8:a2:04:
4f:b4:f3:ab:77:1b:e3:fe:75:b6:2b:92:02:15:b4:89:41:b4:
14:78:a6:9d:a0:5e:2d:ba:82:cb:7e:53:10:ec:c7:fa:1b:3e:
19:37:46:36:68:14:f7:1e:84:8c:e5:0b:45:76:02:58:47:4a:
64:77:e5:57:a8:73:cc:77:28:0d:53:5d:7a:fd:6c:c7:c8:6b:
11:4b:f3:f4:89:3f:71:75:22:1b:66:c8:ec:13:87:c3:39:fb:
b1:1f:12:4a:8e:51:57:a8:78:49:03:1c:90:b9:e1:d4:ab:d8:
98:a7:7e:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYs3iP2IgimhPGV+TZQQpJxLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMxMDE2MDgxMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDZmOGM2YzJhZjdmMmE3ODkxMzVmMmIzYjNkZTM2YWQ1OWFkZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPnLMAE3YYi30pNElrfbvrBpIQrO
grYapHAqyHPwuYODbR166uUuJfkqRbY/j6hGviMI1buKIUBewNkJyp3/srgelken
XGIqose9CivQfhS8Aer5VTDyqjeHZQWx0xb9RbUv2tDNV1+oqFYKe89Wv1wMfhg3
nd56JdunrQyd71CxuNrTPNXGLfljuqKIHTd7K5ozAhFZazXpJbVeWGuHFROJlewV
d5nHd5kEp7EV2QQ3a1sMN5+1W/79fGqz7ektR0UBPjnfXyLyaIGA3kjg9hYcEZ/n
eguOY6Ofml9nAX/JXhznvqdZA5EbQ+0x6B1p/9qXrMLAp2t1CfMcVLJzFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG1vjGwq9/KniRNfKzs942rVmt1hMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvYlctTWJDcjM4cWVKRTE4ck96M2phdFdhM1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXyvoAwQA
1RAtMA0GCSqGSIb3DQEBCwUAA4IBAQARnjpIQKxPasgdPKto2I0ff+qxIQ0Fw0FJ
Jc3sRjHy7bZqREK+l1MnT9F19wyrOTlz3+Zx8bpa0Px2zBsR8Q3Q/2bQKdpuzzY5
hA2+bkJxoW2Ixi1Ea/7WiKFELnBI/1mlwgXqVhjHyny90OwtVUT0f33ty8WEZlaV
WXcpd/inQf6y2ui06ILWL3fcs3O4ogRPtPOrdxvj/nW2K5ICFbSJQbQUeKadoF4t
uoLLflMQ7Mf6Gz4ZN0Y2aBT3HoSM5QtFdgJYR0pkd+VXqHPMdygNU116/WzHyGsR
S/P0iT9xdSIbZsjsE4fDOfuxHxJKjlFXqHhJAxyQueHUq9iYp34H
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:53 2024 by rpki-client on console-ams.rpki-client.org