Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/BlgvHjrEGPNSq4r__5OpsiRCJtI.roa
File: BlgvHjrEGPNSq4r__5OpsiRCJtI.roa (raw, json)
Hash identifier: aSBR2Erkd5fZJDviU3lCccBoBCu8lKzEnGnOUx0sQ9o=
Subject key identifier: 06:58:2F:1E:3A:C4:18:F3:52:AB:8A:FF:FF:93:A9:B2:24:42:26:D2
Certificate issuer: /CN=577c0cd5a4cfd83d491d627d8b0fccb670e81534
Certificate serial: 01857246C5816C200ACE4D19B7DA2A8967D7
Authority key identifier: 57:7C:0C:D5:A4:CF:D8:3D:49:1D:62:7D:8B:0F:CC:B6:70:E8:15:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/BlgvHjrEGPNSq4r__5OpsiRCJtI.roa
Signing time: Mon 02 Jan 2023 11:38:38 +0000
ROA not before: Mon 02 Jan 2023 11:38:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43775
IP address blocks: 91.147.152.0/24 maxlen: 24
91.147.157.0/24 maxlen: 24
91.147.156.0/24 maxlen: 24
91.147.154.0/24 maxlen: 24
91.147.153.0/24 maxlen: 24
91.147.159.0/24 maxlen: 24
91.147.158.0/24 maxlen: 24
91.147.164.0/24 maxlen: 24
91.147.163.0/24 maxlen: 24
91.147.162.0/24 maxlen: 24
91.147.161.0/24 maxlen: 24
91.147.160.0/24 maxlen: 24
91.147.160.0/20 maxlen: 20
91.147.171.0/24 maxlen: 24
91.147.170.0/24 maxlen: 24
91.147.175.0/24 maxlen: 24
91.147.173.0/24 maxlen: 24
91.147.129.0/24 maxlen: 24
91.147.128.0/19 maxlen: 19
91.147.128.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:c5:81:6c:20:0a:ce:4d:19:b7:da:2a:89:67:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577c0cd5a4cfd83d491d627d8b0fccb670e81534
Validity
Not Before: Jan 2 11:38:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06582f1e3ac418f352ab8affff93a9b2244226d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:18:ae:a2:56:c8:5b:30:c7:30:90:aa:fe:50:
48:9f:9e:38:69:b2:c3:2b:d1:a2:69:71:dd:e0:05:
15:6b:39:a4:29:5d:d4:a6:aa:fe:02:9f:9f:26:db:
5d:f0:2f:2c:57:62:b0:0b:a6:6d:89:1e:f0:a2:b0:
ee:66:37:ff:5f:cc:c2:fe:28:3c:18:11:50:1f:ca:
1e:2b:b6:4a:5e:4a:a3:87:4e:3e:d6:99:92:81:80:
93:fe:be:74:90:3e:07:2c:0e:9b:c0:9c:40:e2:87:
ef:d1:b7:ce:ed:c8:41:95:29:8f:d6:75:79:9c:ac:
3e:9d:ed:2e:b4:41:31:00:a9:39:fc:a5:be:87:b3:
26:fb:80:33:ff:55:a4:a4:06:05:ce:10:0e:69:a4:
b6:77:10:46:81:3a:0c:a9:43:44:6c:60:53:03:ae:
ad:47:05:63:6b:c6:c1:19:4c:70:3a:12:74:87:0b:
4d:56:48:56:8c:3d:96:bd:b8:e3:9d:7c:ff:1b:ac:
a3:b2:f6:f9:23:03:79:41:00:50:1e:e7:c5:12:9f:
b3:45:46:38:24:b6:84:59:d9:b5:ef:47:72:99:18:
5c:af:55:40:4e:e9:0d:e3:8c:25:a2:b0:ce:ad:db:
2f:c4:ca:13:8f:29:4d:91:30:f5:9d:5d:a6:b5:95:
2d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:58:2F:1E:3A:C4:18:F3:52:AB:8A:FF:FF:93:A9:B2:24:42:26:D2
X509v3 Authority Key Identifier:
keyid:57:7C:0C:D5:A4:CF:D8:3D:49:1D:62:7D:8B:0F:CC:B6:70:E8:15:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/BlgvHjrEGPNSq4r__5OpsiRCJtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.128.0-91.147.175.255
Signature Algorithm: sha256WithRSAEncryption
34:e6:88:8c:29:b8:3c:68:be:9a:73:40:30:74:17:69:ce:d1:
e7:09:e4:2b:95:f1:4f:f7:a0:30:33:4b:e5:65:1a:de:a6:fe:
5f:17:d7:f6:7a:a3:6f:aa:53:39:32:25:f8:94:15:3c:8a:62:
06:c8:2b:8d:10:c1:de:5a:37:5c:5c:bd:af:ea:76:82:87:5f:
04:46:17:a5:0e:03:6d:4d:83:82:6b:dc:82:a4:00:49:1f:60:
85:e6:e5:0d:52:c3:15:e0:0b:b2:fb:64:ed:0d:51:1c:b4:44:
ce:45:f1:2a:ac:ae:ea:ed:bc:c6:4a:3b:da:c1:bf:a4:e0:53:
a9:3a:ef:57:03:e7:fe:e7:91:12:1b:71:de:bc:2a:e9:79:98:
6f:1c:22:98:af:da:53:74:03:e3:2b:b7:82:76:b9:6f:e9:8f:
31:21:4c:39:4e:47:ca:b0:26:f9:50:be:ef:f6:36:ec:b8:ab:
a3:75:1d:05:ff:d1:10:a8:e2:a9:f7:01:2d:93:ff:6d:f8:d3:
c3:6e:3b:61:2c:ce:e4:63:1e:61:0f:a2:0f:6a:1e:5c:1d:c6:
eb:1f:d9:49:fc:a3:e4:68:7f:b9:d3:c2:b8:20:bb:98:1d:fa:
30:4a:df:5b:b8:68:f5:4c:94:9d:5e:30:75:30:cd:e3:62:7b:
71:a6:9a:96
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVyRsWBbCAKzk0Zt9oqiWfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3N2MwY2Q1YTRjZmQ4M2Q0OTFkNjI3ZDhiMGZjY2I2NzBl
ODE1MzQwHhcNMjMwMTAyMTEzODM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjU4MmYxZTNhYzQxOGYzNTJhYjhhZmZmZjkzYTliMjI0NDIyNmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhiuolbIWzDHMJCq/lBIn544abLD
K9GiaXHd4AUVazmkKV3Upqr+Ap+fJttd8C8sV2KwC6ZtiR7worDuZjf/X8zC/ig8
GBFQH8oeK7ZKXkqjh04+1pmSgYCT/r50kD4HLA6bwJxA4ofv0bfO7chBlSmP1nV5
nKw+ne0utEExAKk5/KW+h7Mm+4Az/1WkpAYFzhAOaaS2dxBGgToMqUNEbGBTA66t
RwVja8bBGUxwOhJ0hwtNVkhWjD2WvbjjnXz/G6yjsvb5IwN5QQBQHufFEp+zRUY4
JLaEWdm170dymRhcr1VATukN44wlorDOrdsvxMoTjylNkTD1nV2mtZUtGwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAZYLx46xBjzUquK//+TqbIkQibSMB8GA1UdIwQY
MBaAFFd8DNWkz9g9SR1ifYsPzLZw6BU0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjN3TTFhVFAyRDFKSFdKOWl3X010bkRvRlRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8wMTFiNWQtNjUyZS00NTJhLTk2Yzkt
ZDhlYzJjYmNhZDI2LzEvQmxndkhqckVHUE5TcTRyX181T3BzaVJDSnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8wMTFiNWQtNjUyZS00NTJhLTk2YzktZDhlYzJjYmNhZDI2
LzEvVjN3TTFhVFAyRDFKSFdKOWl3X010bkRvRlRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAdbk4AD
BARbk6AwDQYJKoZIhvcNAQELBQADggEBADTmiIwpuDxovppzQDB0F2nO0ecJ5CuV
8U/3oDAzS+VlGt6m/l8X1/Z6o2+qUzkyJfiUFTyKYgbIK40Qwd5aN1xcva/qdoKH
XwRGF6UOA21Ng4Jr3IKkAEkfYIXm5Q1SwxXgC7L7ZO0NURy0RM5F8SqsrurtvMZK
O9rBv6TgU6k671cD5/7nkRIbcd68Kul5mG8cIpiv2lN0A+Mrt4J2uW/pjzEhTDlO
R8qwJvlQvu/2Nuy4q6N1HQX/0RCo4qn3AS2T/23408NuO2EszuRjHmEPog9qHlwd
xusf2Un8o+Rof7nTwrggu5gd+jBK31u4aPVMlJ1eMHUwzeNie3GmmpY=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:16 2024 by rpki-client on console-ams.rpki-client.org