Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0de899-22e1-463c-a4dd-c34e90d7f8ea/1/bpbdEya8IZYa1b34h6K3huUpbQM.roa
File: bpbdEya8IZYa1b34h6K3huUpbQM.roa (raw, json)
Hash identifier: 1cEkhkqYqLQMVtR7mDqqva3rHgP47KJ18jCoWJwJmYk=
Subject key identifier: 6E:96:DD:13:26:BC:21:96:1A:D5:BD:F8:87:A2:B7:86:E5:29:6D:03
Certificate issuer: /CN=24a55bd68397566895b15ecb97fc1d65c0c879ce
Certificate serial: 01856D54024F47D70E497F3E1075B548F0F2
Authority key identifier: 24:A5:5B:D6:83:97:56:68:95:B1:5E:CB:97:FC:1D:65:C0:C8:79:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JKVb1oOXVmiVsV7Ll_wdZcDIec4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/0de899-22e1-463c-a4dd-c34e90d7f8ea/1/bpbdEya8IZYa1b34h6K3huUpbQM.roa
Signing time: Sun 01 Jan 2023 12:35:00 +0000
ROA not before: Sun 01 Jan 2023 12:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210947
IP address blocks: 185.110.136.0/22 maxlen: 24
2a06:5680::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:54:02:4f:47:d7:0e:49:7f:3e:10:75:b5:48:f0:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24a55bd68397566895b15ecb97fc1d65c0c879ce
Validity
Not Before: Jan 1 12:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e96dd1326bc21961ad5bdf887a2b786e5296d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2f:50:63:61:39:33:4c:d7:74:8b:9e:df:a2:
3e:f8:48:a5:84:eb:5a:ea:23:7b:24:88:8d:ff:d6:
cb:07:f4:49:27:f9:70:14:fc:54:e6:74:2e:8f:84:
e6:57:a4:cf:51:39:f5:8a:01:25:ed:cb:4d:91:64:
2f:2d:2a:c6:ab:77:c7:c1:0a:67:84:4f:be:d4:e9:
a8:8b:ad:e6:a9:56:c4:a0:e9:47:e7:b2:86:0c:e2:
36:de:71:f6:c7:f9:82:ab:ad:c4:17:ae:25:6d:9b:
23:b6:d2:03:f0:db:a7:6a:3a:ec:88:ca:93:0e:f7:
4a:a8:00:07:9c:a2:7e:b2:2d:5c:43:10:9d:eb:ac:
28:7b:d5:3c:00:93:b2:c0:ff:8e:f6:c4:54:8a:7e:
91:52:63:84:0c:b1:2a:19:16:e1:61:8f:a7:e1:92:
74:07:7f:ae:c5:ad:11:41:5e:75:bf:d9:4c:42:66:
a4:c4:34:69:30:0c:3b:71:f1:66:f5:eb:12:51:1a:
88:63:b8:a8:37:21:61:5b:15:3b:63:3b:df:62:9c:
73:c8:02:1f:a0:c1:71:0a:2f:a1:58:2b:cb:ee:74:
85:44:06:86:ee:d1:60:7f:34:48:b7:07:44:08:c2:
7b:88:94:e2:df:90:2d:dd:b6:3f:c1:ef:10:ef:3c:
b6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:96:DD:13:26:BC:21:96:1A:D5:BD:F8:87:A2:B7:86:E5:29:6D:03
X509v3 Authority Key Identifier:
keyid:24:A5:5B:D6:83:97:56:68:95:B1:5E:CB:97:FC:1D:65:C0:C8:79:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JKVb1oOXVmiVsV7Ll_wdZcDIec4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0de899-22e1-463c-a4dd-c34e90d7f8ea/1/bpbdEya8IZYa1b34h6K3huUpbQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0de899-22e1-463c-a4dd-c34e90d7f8ea/1/JKVb1oOXVmiVsV7Ll_wdZcDIec4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.136.0/22
IPv6:
2a06:5680::/29
Signature Algorithm: sha256WithRSAEncryption
88:f7:f6:d5:ee:0a:ba:6c:2b:39:a3:5e:27:56:21:1b:c5:04:
7f:ed:49:58:e8:81:00:a9:7e:f7:de:04:f7:b7:7c:bd:c9:1e:
ad:b7:bb:a3:03:72:0d:51:be:fc:6b:5a:0e:84:df:75:26:c9:
47:e1:77:5f:89:05:e9:e4:9b:8b:f9:b5:f0:a8:92:e1:71:40:
6e:21:46:1e:c0:bd:f5:09:b6:44:22:cd:4c:5c:db:9f:eb:7c:
fc:35:f2:b3:3d:79:7d:8c:f8:bb:6c:c3:0b:ec:2e:7a:50:40:
54:ae:a9:fe:01:7f:35:7f:14:02:33:c8:54:26:17:97:7c:44:
f1:18:22:06:09:9e:f5:95:77:a4:a7:ca:fb:72:40:49:57:fc:
d2:19:3b:b5:31:d4:ba:14:07:0e:c4:24:f5:8d:50:fc:b8:64:
9d:ba:89:7a:4d:29:3a:94:95:f2:39:2b:f0:6e:07:a9:68:2d:
c8:28:f9:0b:b5:9d:2e:1c:f0:0d:d1:60:92:ac:cd:62:76:1b:
7d:ab:91:93:35:bf:9e:c5:9f:d6:4b:ca:e8:ac:4a:83:65:be:
50:03:08:bc:77:5d:e6:64:3d:e8:cd:73:fd:e1:eb:13:cb:59:
2a:82:2e:ec:02:58:d2:c4:cb:a9:a0:07:e8:ba:0b:ac:36:92:
cb:ca:c0:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtVAJPR9cOSX8+EHW1SPDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YTU1YmQ2ODM5NzU2Njg5NWIxNWVjYjk3ZmMxZDY1YzBj
ODc5Y2UwHhcNMjMwMTAxMTIzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTk2ZGQxMzI2YmMyMTk2MWFkNWJkZjg4N2EyYjc4NmU1Mjk2ZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvi9QY2E5M0zXdIue36I++EilhOta
6iN7JIiN/9bLB/RJJ/lwFPxU5nQuj4TmV6TPUTn1igEl7ctNkWQvLSrGq3fHwQpn
hE++1Omoi63mqVbEoOlH57KGDOI23nH2x/mCq63EF64lbZsjttID8NunajrsiMqT
DvdKqAAHnKJ+si1cQxCd66woe9U8AJOywP+O9sRUin6RUmOEDLEqGRbhYY+n4ZJ0
B3+uxa0RQV51v9lMQmakxDRpMAw7cfFm9esSURqIY7ioNyFhWxU7YzvfYpxzyAIf
oMFxCi+hWCvL7nSFRAaG7tFgfzRItwdECMJ7iJTi35At3bY/we8Q7zy2WQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG6W3RMmvCGWGtW9+Ieit4blKW0DMB8GA1UdIwQY
MBaAFCSlW9aDl1ZolbFey5f8HWXAyHnOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSktWYjFvT1hWbWlWc1Y3TGxfd2RaY0RJZWM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wZGU4OTktMjJlMS00NjNjLWE0ZGQt
YzM0ZTkwZDdmOGVhLzEvYnBiZEV5YThJWllhMWIzNGg2SzNodVVwYlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wZGU4OTktMjJlMS00NjNjLWE0ZGQtYzM0ZTkwZDdmOGVh
LzEvSktWYjFvT1hWbWlWc1Y3TGxfd2RaY0RJZWM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuW6IMA0E
AgACMAcDBQMqBlaAMA0GCSqGSIb3DQEBCwUAA4IBAQCI9/bV7gq6bCs5o14nViEb
xQR/7UlY6IEAqX733gT3t3y9yR6tt7ujA3INUb78a1oOhN91JslH4XdfiQXp5JuL
+bXwqJLhcUBuIUYewL31CbZEIs1MXNuf63z8NfKzPXl9jPi7bMML7C56UEBUrqn+
AX81fxQCM8hUJheXfETxGCIGCZ71lXekp8r7ckBJV/zSGTu1MdS6FAcOxCT1jVD8
uGSduol6TSk6lJXyOSvwbgepaC3IKPkLtZ0uHPAN0WCSrM1idht9q5GTNb+exZ/W
S8rorEqDZb5QAwi8d13mZD3ozXP94esTy1kqgi7sAljSxMupoAfougusNpLLysCM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:38 2024 by rpki-client on console-fra.rpki-client.org