Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/bwKgrnv-sOZEGifDdZsnFjo4yO0.roa
File: bwKgrnv-sOZEGifDdZsnFjo4yO0.roa (raw, json)
Hash identifier: SJYA7VuCmFUd6KVnmc65asNuPxeHxwz9TSicJ811MHo=
Subject key identifier: 6F:02:A0:AE:7B:FE:B0:E6:44:1A:27:C3:75:9B:27:16:3A:38:C8:ED
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01856CE65B16973C2A468EEBD8E4850F00C4
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/bwKgrnv-sOZEGifDdZsnFjo4yO0.roa
Signing time: Sun 01 Jan 2023 10:35:13 +0000
ROA not before: Sun 01 Jan 2023 10:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44718
IP address blocks: 83.228.87.0/24 maxlen: 24
83.228.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:5b:16:97:3c:2a:46:8e:eb:d8:e4:85:0f:00:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 10:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f02a0ae7bfeb0e6441a27c3759b27163a38c8ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d7:48:d8:33:cc:f4:cf:ad:2f:f0:d6:30:f4:
f4:ee:c6:ee:5a:58:83:e4:53:1e:0b:2a:7b:ad:30:
ca:cc:c7:22:af:a5:8c:7b:c0:a7:c4:01:78:78:aa:
22:be:52:0e:18:b9:1a:b5:85:6c:bd:eb:9c:54:7e:
89:f1:c7:12:56:0c:f1:83:64:1a:22:2b:77:84:78:
9c:25:4e:7d:af:bd:ac:1b:76:f7:0a:7f:70:6c:15:
c0:35:da:d3:6b:f4:d2:66:63:f1:01:16:24:18:ea:
1a:02:35:60:e5:e4:1f:eb:8d:86:14:c6:fa:6a:7a:
04:56:3d:c9:2d:fe:86:50:c2:f7:b7:c5:d7:6d:37:
7a:fb:44:37:e4:2e:7d:15:99:95:f6:03:ea:9b:61:
ba:47:04:d2:1c:38:6d:41:38:aa:a8:b5:96:84:93:
b4:95:02:f0:a0:81:1d:cd:2b:63:fc:39:da:7f:5b:
fe:9d:47:2f:79:d9:73:21:da:f9:36:2e:0b:32:f9:
89:34:c1:95:a8:07:c5:4e:5c:d3:c3:43:da:f0:82:
1b:f4:79:2c:a3:52:87:25:a9:75:08:d1:f9:8a:ca:
c8:35:17:94:2c:92:91:2d:83:4b:3a:96:02:3c:ca:
63:54:d8:9a:dc:c0:d8:88:a7:f1:59:7e:22:9a:82:
ed:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:02:A0:AE:7B:FE:B0:E6:44:1A:27:C3:75:9B:27:16:3A:38:C8:ED
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/bwKgrnv-sOZEGifDdZsnFjo4yO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.228.86.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:dc:3d:74:47:12:b5:b5:8f:46:32:4a:37:36:04:5d:53:e2:
cd:7e:d3:f0:08:98:7d:99:9b:7a:5e:1f:3f:88:0d:e3:84:50:
cb:60:8f:a4:8b:ac:10:5e:bd:b9:b8:b2:14:72:c1:99:60:fb:
85:ce:46:68:a9:3d:f4:a8:e0:54:47:2f:df:00:9c:ec:c8:48:
a4:fb:59:c8:5c:35:98:a8:5b:bf:1b:84:31:6a:26:ae:f7:0b:
4d:17:d3:c2:92:28:b0:2e:e3:70:61:24:73:d4:ce:25:2d:9d:
52:88:f1:b0:ae:c0:e1:e1:5b:ac:c0:a7:72:9a:e4:40:6f:29:
50:6a:93:fb:15:11:d3:da:8b:a7:ae:40:83:79:16:e8:10:d8:
f9:b4:6a:41:e0:fa:16:ec:ba:8f:08:1d:d0:7f:a1:c0:9f:64:
55:f2:34:81:32:59:f3:72:54:93:24:0d:ce:28:f9:3e:39:c5:
6f:2e:c8:ee:fc:1f:26:64:e7:77:94:c5:5f:fb:e1:13:7d:8d:
a1:d8:1a:3f:4c:94:48:93:b9:ca:5b:ec:2d:84:7b:4b:18:14:
66:32:bc:52:4d:26:36:fd:86:1f:bd:a5:06:76:d6:c2:88:28:
c2:e2:11:9d:1d:c2:ae:fa:30:e6:e0:8d:5f:af:b6:39:fe:be:
95:e8:87:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5lsWlzwqRo7r2OSFDwDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjAyYTBhZTdiZmViMGU2NDQxYTI3YzM3NTliMjcxNjNhMzhjOGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9dI2DPM9M+tL/DWMPT07sbuWliD
5FMeCyp7rTDKzMcir6WMe8CnxAF4eKoivlIOGLkatYVsveucVH6J8ccSVgzxg2Qa
Iit3hHicJU59r72sG3b3Cn9wbBXANdrTa/TSZmPxARYkGOoaAjVg5eQf642GFMb6
anoEVj3JLf6GUML3t8XXbTd6+0Q35C59FZmV9gPqm2G6RwTSHDhtQTiqqLWWhJO0
lQLwoIEdzStj/Dnaf1v+nUcvedlzIdr5Ni4LMvmJNMGVqAfFTlzTw0Pa8IIb9Hks
o1KHJal1CNH5isrINReULJKRLYNLOpYCPMpjVNia3MDYiKfxWX4imoLtNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG8CoK57/rDmRBonw3WbJxY6OMjtMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvYndLZ3Judi1zT1pFR2lmRGRac25Gam80eU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBU+RWMA0G
CSqGSIb3DQEBCwUAA4IBAQAt3D10RxK1tY9GMko3NgRdU+LNftPwCJh9mZt6Xh8/
iA3jhFDLYI+ki6wQXr25uLIUcsGZYPuFzkZoqT30qOBURy/fAJzsyEik+1nIXDWY
qFu/G4Qxaiau9wtNF9PCkiiwLuNwYSRz1M4lLZ1SiPGwrsDh4VuswKdymuRAbylQ
apP7FRHT2ounrkCDeRboENj5tGpB4PoW7LqPCB3Qf6HAn2RV8jSBMlnzclSTJA3O
KPk+OcVvLsju/B8mZOd3lMVf++ETfY2h2Bo/TJRIk7nKW+wthHtLGBRmMrxSTSY2
/YYfvaUGdtbCiCjC4hGdHcKu+jDm4I1fr7Y5/r6V6Ic7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:54 2024 by rpki-client on console-ams.rpki-client.org