Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/bsc00AD7GO92OgXW0I-LlrZbG50.roa
File: bsc00AD7GO92OgXW0I-LlrZbG50.roa (raw, json)
Hash identifier: Sn2gGVb4kebpUAMhQgFI3ZWI7QDrBv792YYH6wG1wIA=
Subject key identifier: 6E:C7:34:D0:00:FB:18:EF:76:3A:05:D6:D0:8F:8B:96:B6:5B:1B:9D
Certificate issuer: /CN=845c58752f3336422ff0ee1726474591e7a41e5f
Certificate serial: 01857228082599401E97D5EB5B1E0AFD2C67
Authority key identifier: 84:5C:58:75:2F:33:36:42:2F:F0:EE:17:26:47:45:91:E7:A4:1E:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFxYdS8zNkIv8O4XJkdFkeekHl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/bsc00AD7GO92OgXW0I-LlrZbG50.roa
Signing time: Mon 02 Jan 2023 11:05:04 +0000
ROA not before: Mon 02 Jan 2023 11:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13335
IP address blocks: 89.35.174.0/23 maxlen: 24
89.35.2.0/23 maxlen: 24
89.191.64.0/19 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:28:08:25:99:40:1e:97:d5:eb:5b:1e:0a:fd:2c:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=845c58752f3336422ff0ee1726474591e7a41e5f
Validity
Not Before: Jan 2 11:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ec734d000fb18ef763a05d6d08f8b96b65b1b9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:2d:7e:28:4f:77:d1:9c:eb:2e:70:83:c7:9b:
2c:e9:97:51:65:28:ee:78:13:77:01:12:59:f1:fb:
12:47:39:5f:46:de:62:73:6d:d5:9c:8b:d2:84:17:
e6:a2:6f:66:12:d6:1d:cf:2a:c1:f1:21:cd:d3:e5:
52:79:c5:98:47:cf:16:ce:20:d5:63:87:6d:99:7f:
27:8b:34:f8:34:5d:f4:cf:1f:f7:a6:f6:76:8a:4a:
cb:7c:7d:41:b7:3c:68:3c:ab:70:22:72:cb:fa:88:
d9:56:f1:20:0f:1e:2e:6c:ef:99:1a:e9:66:65:b6:
c2:94:f4:78:f4:9c:12:1b:75:7c:88:a9:fb:01:5a:
17:0f:33:aa:10:ec:fa:8f:5f:70:4b:00:33:67:1e:
27:d4:bc:0d:bc:1e:26:02:0e:a2:47:82:44:ac:0f:
ac:83:7b:7e:8d:19:f9:33:32:87:82:f0:25:f0:ae:
5a:63:e3:eb:0b:99:8e:4f:07:df:1a:a1:8f:49:7e:
16:3b:5e:fc:a1:03:7e:72:ab:68:7b:08:c4:d8:44:
f1:f4:75:7f:bb:df:e9:a2:78:29:ae:75:8d:0e:00:
4c:0e:a2:2c:34:03:12:43:94:1a:43:91:36:ba:32:
66:cf:fa:0d:31:84:aa:df:df:83:15:ae:db:cd:ae:
61:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C7:34:D0:00:FB:18:EF:76:3A:05:D6:D0:8F:8B:96:B6:5B:1B:9D
X509v3 Authority Key Identifier:
keyid:84:5C:58:75:2F:33:36:42:2F:F0:EE:17:26:47:45:91:E7:A4:1E:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFxYdS8zNkIv8O4XJkdFkeekHl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/bsc00AD7GO92OgXW0I-LlrZbG50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/hFxYdS8zNkIv8O4XJkdFkeekHl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.2.0/23
89.35.174.0/23
89.191.64.0/19
Signature Algorithm: sha256WithRSAEncryption
a1:0c:0f:6c:d8:08:db:3f:ff:fc:af:aa:30:93:8f:53:b0:b0:
0f:36:06:f1:ec:78:51:dc:3e:ea:ac:6a:7a:f2:9e:87:93:89:
0e:e6:25:8b:ac:8f:1b:5c:28:fb:11:b2:af:25:d6:2f:e2:d7:
6d:9d:2a:2c:51:e3:68:9b:bd:71:e9:78:f9:1e:06:5a:6c:02:
89:cf:85:79:15:2e:74:70:18:e6:72:39:96:ef:1d:a9:de:7a:
11:76:b0:7a:15:f5:12:dd:d1:e3:c4:92:7e:1f:b3:72:99:b6:
a9:96:1f:a3:02:1c:60:b2:9e:65:4b:20:a1:e1:89:5f:d5:70:
ec:c1:8d:1c:1a:81:de:ea:af:dc:81:b1:7c:cd:59:aa:1d:fa:
2b:a3:9d:49:b3:46:04:fc:33:d8:a7:8f:f8:8c:53:61:e0:e5:
ba:b7:bc:e4:87:05:f9:f6:48:5f:61:a9:68:1d:b6:ba:50:a9:
fd:35:15:e3:74:04:ad:5b:74:2d:98:ab:a9:74:99:c3:de:01:
66:83:3f:8d:28:aa:82:86:9c:31:17:52:ff:a9:91:06:dd:02:
d8:08:93:c2:6d:12:81:5f:15:7d:d0:b0:6c:04:f0:1a:7e:d9:
5b:e6:57:e2:b8:11:1b:7f:4b:2c:07:67:5a:01:fb:ef:55:fa:
1d:09:de:d2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyKAglmUAel9XrWx4K/SxnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NWM1ODc1MmYzMzM2NDIyZmYwZWUxNzI2NDc0NTkxZTdh
NDFlNWYwHhcNMjMwMTAyMTEwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWM3MzRkMDAwZmIxOGVmNzYzYTA1ZDZkMDhmOGI5NmI2NWIxYjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgC1+KE930ZzrLnCDx5ss6ZdRZSju
eBN3ARJZ8fsSRzlfRt5ic23VnIvShBfmom9mEtYdzyrB8SHN0+VSecWYR88WziDV
Y4dtmX8nizT4NF30zx/3pvZ2ikrLfH1BtzxoPKtwInLL+ojZVvEgDx4ubO+ZGulm
ZbbClPR49JwSG3V8iKn7AVoXDzOqEOz6j19wSwAzZx4n1LwNvB4mAg6iR4JErA+s
g3t+jRn5MzKHgvAl8K5aY+PrC5mOTwffGqGPSX4WO178oQN+cqtoewjE2ETx9HV/
u9/pongprnWNDgBMDqIsNAMSQ5QaQ5E2ujJmz/oNMYSq39+DFa7bza5hIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG7HNNAA+xjvdjoF1tCPi5a2WxudMB8GA1UdIwQY
MBaAFIRcWHUvMzZCL/DuFyZHRZHnpB5fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZ4WWRTOHpOa0l2OE80WEprZEZrZWVrSGw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS82NGUzYWItMjI4Yy00YTIzLTkyMTYt
ZjEzNGU1MWNjMDViLzEvYnNjMDBBRDdHTzkyT2dYVzBJLUxsclpiRzUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS82NGUzYWItMjI4Yy00YTIzLTkyMTYtZjEzNGU1MWNjMDVi
LzEvaEZ4WWRTOHpOa0l2OE80WEprZEZrZWVrSGw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWSMCAwQB
WSOuAwQFWb9AMA0GCSqGSIb3DQEBCwUAA4IBAQChDA9s2AjbP//8r6owk49TsLAP
Ngbx7HhR3D7qrGp68p6Hk4kO5iWLrI8bXCj7EbKvJdYv4tdtnSosUeNom71x6Xj5
HgZabAKJz4V5FS50cBjmcjmW7x2p3noRdrB6FfUS3dHjxJJ+H7Nymbaplh+jAhxg
sp5lSyCh4Ylf1XDswY0cGoHe6q/cgbF8zVmqHforo51Js0YE/DPYp4/4jFNh4OW6
t7zkhwX59khfYaloHba6UKn9NRXjdAStW3QtmKupdJnD3gFmgz+NKKqChpwxF1L/
qZEG3QLYCJPCbRKBXxV90LBsBPAaftlb5lfiuBEbf0ssB2daAfvvVfodCd7S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:07 2024 by rpki-client on console-fra.rpki-client.org