Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/bpR8VoiC8pnJdNjlhLKiir3KflM.roa
File: bpR8VoiC8pnJdNjlhLKiir3KflM.roa (raw, json)
Hash identifier: jDRlHHIbE3gLG3AWoK1vJfYguIvhxhKcjbMKG3UdXEQ=
Subject key identifier: 6E:94:7C:56:88:82:F2:99:C9:74:D8:E5:84:B2:A2:8A:BD:CA:7E:53
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 0187325A58B518A3693CE789FA411E15C96F
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/bpR8VoiC8pnJdNjlhLKiir3KflM.roa
Signing time: Thu 30 Mar 2023 11:49:54 +0000
ROA not before: Thu 30 Mar 2023 11:49:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3163
IP address blocks: 81.88.21.0/24 maxlen: 24
178.250.169.0/24 maxlen: 24
93.90.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:32:5a:58:b5:18:a3:69:3c:e7:89:fa:41:1e:15:c9:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Mar 30 11:49:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e947c568882f299c974d8e584b2a28abdca7e53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:17:99:79:34:aa:90:b7:67:8b:7f:fe:bd:df:
eb:fa:ae:6c:15:55:9b:bf:5b:2f:e0:49:72:e7:73:
a6:c7:a3:56:62:88:4d:31:bb:83:8a:f4:48:c9:d5:
1d:be:97:e4:c4:dd:20:20:ab:8b:9c:62:fd:12:cd:
38:b1:24:fb:5f:5f:e8:be:71:dc:49:65:44:2a:32:
79:d6:52:f1:36:91:42:37:04:29:52:17:de:4c:a8:
6c:52:0a:43:b3:29:2e:2d:7b:69:64:c7:3e:c0:16:
d3:da:97:48:6d:30:92:11:50:30:9e:9d:b9:ef:9c:
09:ef:cd:2e:a6:bb:0b:f1:5f:50:81:b2:c3:df:3c:
e7:73:42:95:e9:b7:34:53:d0:81:ad:59:e9:c7:2f:
ae:43:24:fe:f6:3e:62:92:d6:54:94:03:27:f6:83:
be:3a:e4:75:26:7f:9a:c9:5a:59:71:a0:cf:e2:41:
fc:00:9d:0d:4d:8b:02:63:45:26:20:92:18:05:a3:
eb:cd:ec:7f:4b:34:40:81:99:1d:85:e0:bb:53:3e:
bc:59:89:dc:df:12:9c:8f:9d:5a:50:f3:fc:75:0b:
70:d5:8e:bb:98:72:8f:31:85:c7:36:e4:c2:59:f1:
dc:f7:5d:34:59:6a:e7:e4:39:8f:39:ee:ac:c9:dd:
8b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:94:7C:56:88:82:F2:99:C9:74:D8:E5:84:B2:A2:8A:BD:CA:7E:53
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/bpR8VoiC8pnJdNjlhLKiir3KflM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.21.0/24
93.90.183.0/24
178.250.169.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:79:e2:88:38:45:7d:00:36:da:ef:c6:17:03:e9:49:8e:65:
34:6d:0a:59:e6:49:2a:15:0a:33:14:35:02:a0:79:54:53:0f:
c0:48:2f:cb:ec:6b:49:43:9c:07:bd:9d:00:ad:a9:54:41:dd:
0a:1e:18:c4:f3:a1:a7:4c:d1:3a:91:b1:62:03:3f:fe:c8:c4:
76:4f:a3:aa:2f:73:c6:c5:66:1e:46:0c:64:de:98:1c:21:92:
3c:8b:57:1f:f5:9c:8c:30:fe:19:a9:90:10:43:a1:66:58:c0:
3f:51:17:88:b6:96:79:04:b8:3a:49:92:5f:e1:c6:c7:3c:8a:
39:51:a0:13:df:53:25:ef:e5:0f:a6:40:2e:a4:30:b7:24:e2:
e4:7c:b0:d8:ba:5f:5e:e0:e6:ed:d1:ed:cc:37:ec:c9:dd:84:
63:fa:cb:3e:0f:e9:9d:26:a9:dc:87:60:ad:af:00:a3:28:4a:
64:2b:6f:d6:cd:d4:37:ff:1a:28:79:1a:57:f8:ba:11:27:25:
6a:22:e0:68:ac:61:82:0b:5b:db:99:3f:4b:c1:09:aa:1f:50:
c6:08:5b:c3:7b:18:b8:e2:31:42:ed:e9:c3:a3:92:18:e7:f9:
5c:11:90:2c:81:1d:df:0c:5c:e9:dc:dc:c1:e1:b2:ff:14:1d:
69:c3:8e:76
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYcyWli1GKNpPOeJ+kEeFclvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjMwMzMwMTE0OTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTk0N2M1Njg4ODJmMjk5Yzk3NGQ4ZTU4NGIyYTI4YWJkY2E3ZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBeZeTSqkLdni3/+vd/r+q5sFVWb
v1sv4Ely53Omx6NWYohNMbuDivRIydUdvpfkxN0gIKuLnGL9Es04sST7X1/ovnHc
SWVEKjJ51lLxNpFCNwQpUhfeTKhsUgpDsykuLXtpZMc+wBbT2pdIbTCSEVAwnp25
75wJ780uprsL8V9QgbLD3zznc0KV6bc0U9CBrVnpxy+uQyT+9j5iktZUlAMn9oO+
OuR1Jn+ayVpZcaDP4kH8AJ0NTYsCY0UmIJIYBaPrzex/SzRAgZkdheC7Uz68WYnc
3xKcj51aUPP8dQtw1Y67mHKPMYXHNuTCWfHc9100WWrn5DmPOe6syd2LsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG6UfFaIgvKZyXTY5YSyooq9yn5TMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvYnBSOFZvaUM4cG5KZE5qbGhMS2lpcjNLZmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUVgVAwQA
XVq3AwQAsvqpMA0GCSqGSIb3DQEBCwUAA4IBAQAMeeKIOEV9ADba78YXA+lJjmU0
bQpZ5kkqFQozFDUCoHlUUw/ASC/L7GtJQ5wHvZ0AralUQd0KHhjE86GnTNE6kbFi
Az/+yMR2T6OqL3PGxWYeRgxk3pgcIZI8i1cf9ZyMMP4ZqZAQQ6FmWMA/UReItpZ5
BLg6SZJf4cbHPIo5UaAT31Ml7+UPpkAupDC3JOLkfLDYul9e4Obt0e3MN+zJ3YRj
+ss+D+mdJqnch2CtrwCjKEpkK2/WzdQ3/xooeRpX+LoRJyVqIuBorGGCC1vbmT9L
wQmqH1DGCFvDexi44jFC7enDo5IY5/lcEZAsgR3fDFzp3NzB4bL/FB1pw452
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:44 2024 by rpki-client on console-ams.rpki-client.org