Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/bfKzRRv366XKyMfTogmSkIrLHdo.roa
File: bfKzRRv366XKyMfTogmSkIrLHdo.roa (raw, json)
Hash identifier: 0EZZIXktI3hVbj1N4e0nvLMBCtsuY6pyh5f0l7ZtJrk=
Subject key identifier: 6D:F2:B3:45:1B:F7:EB:A5:CA:C8:C7:D3:A2:09:92:90:8A:CB:1D:DA
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 018CC3B6E04EC721CE74BF91E504D55935A4
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/bfKzRRv366XKyMfTogmSkIrLHdo.roa
Signing time: Mon 01 Jan 2024 06:29:51 +0000
ROA not before: Mon 01 Jan 2024 06:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197927
IP address blocks: 146.19.85.0/24 maxlen: 24
130.255.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 17:07:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e0:4e:c7:21:ce:74:bf:91:e5:04:d5:59:35:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Jan 1 06:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6df2b3451bf7eba5cac8c7d3a20992908acb1dda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a5:76:88:57:20:63:d0:a0:f6:62:e8:6a:2f:
87:5a:f6:34:bf:cd:24:c5:50:f1:5b:97:34:1f:e8:
38:a7:02:0d:9c:f7:ca:de:cc:de:1b:c3:40:d5:06:
04:ce:d1:0a:d9:66:40:be:5e:f4:3c:e5:ce:47:4e:
ae:06:5b:3f:e1:63:38:2d:bc:f2:11:4b:52:88:b6:
eb:96:15:1b:d6:92:1e:52:75:8c:5f:63:c7:49:19:
1a:59:58:f2:40:ed:0b:29:b7:b4:a8:38:d5:35:7d:
d1:64:4e:49:b8:93:2b:04:5d:aa:e4:20:d6:e0:4b:
ec:c6:dd:4c:bf:b5:37:92:be:9d:84:28:fb:cb:eb:
d0:a3:3d:cc:4c:65:9b:9b:4a:e9:13:50:3c:e1:27:
73:ea:31:5d:96:c2:af:bf:c2:44:94:65:b9:0c:43:
84:88:d2:10:14:a0:25:a8:e8:9f:79:fc:1f:62:2f:
5f:e1:eb:a0:1d:70:fc:ab:6f:d0:ce:52:b9:29:d9:
64:c9:56:67:ca:14:fb:de:b2:00:2a:ae:a7:95:3f:
cf:1b:af:bc:c7:62:64:37:fd:2a:06:ce:e2:7e:24:
da:b6:0e:63:db:d2:da:83:a7:8d:28:42:ba:66:7d:
6d:fb:34:a4:97:5d:01:62:72:09:a2:24:47:50:f5:
b4:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F2:B3:45:1B:F7:EB:A5:CA:C8:C7:D3:A2:09:92:90:8A:CB:1D:DA
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/bfKzRRv366XKyMfTogmSkIrLHdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.174.0/24
146.19.85.0/24
Signature Algorithm: sha256WithRSAEncryption
23:d5:45:ff:f2:01:a1:bc:50:4a:06:c3:19:a2:92:86:f3:f0:
27:9d:8a:86:e3:99:7f:ee:8c:e8:36:fa:41:72:23:a4:b6:48:
5e:ae:77:b3:8a:c8:f3:4a:ed:8d:d1:1d:27:1a:90:77:59:21:
a4:8e:ef:f8:59:16:9a:42:57:10:01:16:e7:8a:dd:a2:55:71:
85:98:cb:d8:94:b9:30:37:6c:6f:39:23:52:d3:f2:a3:4d:54:
39:2b:02:be:39:f9:8f:ef:95:52:1a:ba:95:83:e3:4c:7b:8f:
46:bc:86:24:6d:2f:f5:12:ea:9a:69:4b:d9:67:97:c5:c4:78:
d4:55:06:1f:57:f4:10:87:ec:04:ec:0e:51:95:b7:7e:bc:c2:
51:e1:e6:8f:c5:4e:30:70:65:1b:43:10:ac:48:02:80:4d:dd:
3b:5f:6b:ad:dd:a6:39:6a:07:31:1e:f2:39:10:04:41:fd:91:
01:84:d7:fa:66:82:f3:3c:bf:19:e2:20:04:26:67:8d:66:66:
54:35:b3:99:12:52:d5:00:7a:67:3c:c2:3d:62:8b:ff:a1:6c:
b3:95:21:d9:58:4c:24:ee:0d:d2:6f:b7:be:5f:04:82:de:ec:
61:90:b8:47:c8:d3:75:67:64:bd:0e:d9:18:2b:5b:f9:92:c5:
42:a0:c4:55
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtuBOxyHOdL+R5QTVWTWkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjQwMTAxMDYyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGYyYjM0NTFiZjdlYmE1Y2FjOGM3ZDNhMjA5OTI5MDhhY2IxZGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6V2iFcgY9Cg9mLoai+HWvY0v80k
xVDxW5c0H+g4pwINnPfK3szeG8NA1QYEztEK2WZAvl70POXOR06uBls/4WM4Lbzy
EUtSiLbrlhUb1pIeUnWMX2PHSRkaWVjyQO0LKbe0qDjVNX3RZE5JuJMrBF2q5CDW
4Evsxt1Mv7U3kr6dhCj7y+vQoz3MTGWbm0rpE1A84Sdz6jFdlsKvv8JElGW5DEOE
iNIQFKAlqOifefwfYi9f4eugHXD8q2/QzlK5KdlkyVZnyhT73rIAKq6nlT/PG6+8
x2JkN/0qBs7ifiTatg5j29Lag6eNKEK6Zn1t+zSkl10BYnIJoiRHUPW0uQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG3ys0Ub9+ulysjH06IJkpCKyx3aMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvYmZLelJSdjM2NlhLeU1mVG9nbVNrSXJMSGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAgv+uAwQA
khNVMA0GCSqGSIb3DQEBCwUAA4IBAQAj1UX/8gGhvFBKBsMZopKG8/AnnYqG45l/
7ozoNvpBciOktkhernezisjzSu2N0R0nGpB3WSGkju/4WRaaQlcQARbnit2iVXGF
mMvYlLkwN2xvOSNS0/KjTVQ5KwK+OfmP75VSGrqVg+NMe49GvIYkbS/1EuqaaUvZ
Z5fFxHjUVQYfV/QQh+wE7A5Rlbd+vMJR4eaPxU4wcGUbQxCsSAKATd07X2ut3aY5
agcxHvI5EARB/ZEBhNf6ZoLzPL8Z4iAEJmeNZmZUNbOZElLVAHpnPMI9Yov/oWyz
lSHZWEwk7g3Sb7e+XwSC3uxhkLhHyNN1Z2S9DtkYK1v5ksVCoMRV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:03 2024 by rpki-client on console-ams.rpki-client.org