Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BkYOM_5wIjCi4cgQ9eD4dlZnSc0.roa
File: BkYOM_5wIjCi4cgQ9eD4dlZnSc0.roa (raw, json)
Hash identifier: aFQyJO8SwPK5PZMPPiWxwVYeJlxszqPh+MbfKgk+9So=
Subject key identifier: 06:46:0E:33:FE:70:22:30:A2:E1:C8:10:F5:E0:F8:76:56:67:49:CD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018E0D23EB6FE675EAB3923300EC8D36757F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BkYOM_5wIjCi4cgQ9eD4dlZnSc0.roa
Signing time: Tue 05 Mar 2024 05:44:01 +0000
ROA not before: Tue 05 Mar 2024 05:44:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 192.124.191.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.185.0/24 maxlen: 24
195.133.43.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Mar 2024 18:11:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0d:23:eb:6f:e6:75:ea:b3:92:33:00:ec:8d:36:75:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 5 05:44:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06460e33fe702230a2e1c810f5e0f876566749cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:69:5e:8b:16:d3:99:a8:a1:01:d4:41:ad:6b:
85:bf:4a:09:48:db:ab:af:f5:27:e1:95:bd:f9:40:
1f:c4:f1:57:0c:7a:c0:3d:1b:36:70:99:e9:32:84:
5d:a8:29:b1:0c:9e:ac:c6:ca:f2:38:ec:38:66:fe:
71:fc:a3:83:c5:3c:a6:4f:87:99:7a:2a:f3:90:a2:
d2:aa:f5:df:f6:84:c5:74:f2:59:51:b7:3c:2e:44:
70:ce:ac:43:9e:4e:70:8e:c1:6b:35:6b:46:66:69:
82:29:e8:d2:08:98:da:6f:ed:66:38:f4:73:ff:85:
bb:a1:da:e9:5f:8b:2b:25:7b:23:1c:c3:24:3b:69:
b9:a2:86:b9:6c:54:84:db:25:1d:2f:86:d8:5e:d6:
a6:27:9d:fa:ed:66:35:b6:3d:89:75:31:87:2c:b4:
65:1d:3b:64:98:6d:45:ab:27:7e:56:9a:d9:d9:36:
56:64:c9:b2:b5:c9:3f:b1:c2:4b:92:80:89:06:75:
8c:6f:f7:2b:be:bb:48:be:49:fb:dd:29:84:c2:4a:
cf:cb:89:b5:8f:e9:c0:8a:25:7b:1a:af:03:a3:4b:
88:f4:e5:c1:48:aa:a6:50:5d:38:aa:fa:4e:68:21:
07:23:91:48:e0:be:91:cf:d8:c5:97:d1:80:0d:ca:
25:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:46:0E:33:FE:70:22:30:A2:E1:C8:10:F5:E0:F8:76:56:67:49:CD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BkYOM_5wIjCi4cgQ9eD4dlZnSc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.191.0/24
193.124.5.0/24
194.87.12.0/24
194.87.124.0/24
194.87.185.0/24
195.133.43.0/24
195.133.72.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:f9:50:47:2b:a9:30:10:ec:3d:fc:36:48:bf:77:18:f8:92:
bf:00:1c:1e:8b:9d:2f:ca:6b:66:ea:23:8d:f9:a6:df:ea:9a:
36:63:c8:41:69:2d:a5:32:35:ee:a6:c9:e5:bf:ab:4a:68:3c:
22:32:b3:25:d6:d9:e4:e0:b5:a9:c0:56:b9:2f:48:74:42:50:
d5:87:71:82:21:ff:31:f3:32:5d:d1:fb:85:c3:69:e0:bb:85:
8f:89:53:b0:1e:cc:9a:e4:e3:9c:86:79:f6:e6:35:78:9d:24:
83:4a:df:db:89:57:0b:df:f6:e4:f5:f9:da:b1:7d:a4:c0:52:
44:3f:de:c7:bd:3b:0e:df:9a:7a:78:b9:ca:07:34:f1:07:b9:
1a:a6:71:83:28:82:3a:6b:d2:9f:9d:02:3d:52:b2:6a:f9:62:
6e:16:de:92:7c:11:3a:05:90:2d:3c:2c:ff:e0:b0:3b:36:f0:
9f:e7:4b:8f:a5:be:32:38:77:61:6d:21:58:f2:b0:f0:22:ae:
2a:b3:16:ec:f6:f9:4e:d6:dd:c0:36:e9:f7:3d:4c:dd:e3:05:
b3:c5:08:29:92:00:08:17:5b:1f:e0:ba:9b:33:38:97:16:f3:
a2:9b:38:67:7c:87:67:e6:94:87:17:75:79:1a:57:f8:bc:be:
d2:ed:4f:f4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY4NI+tv5nXqs5IzAOyNNnV/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzA1MDU0NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjQ2MGUzM2ZlNzAyMjMwYTJlMWM4MTBmNWUwZjg3NjU2Njc0OWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9GleixbTmaihAdRBrWuFv0oJSNur
r/Un4ZW9+UAfxPFXDHrAPRs2cJnpMoRdqCmxDJ6sxsryOOw4Zv5x/KODxTymT4eZ
eirzkKLSqvXf9oTFdPJZUbc8LkRwzqxDnk5wjsFrNWtGZmmCKejSCJjab+1mOPRz
/4W7odrpX4srJXsjHMMkO2m5ooa5bFSE2yUdL4bYXtamJ5367WY1tj2JdTGHLLRl
HTtkmG1Fqyd+VprZ2TZWZMmytck/scJLkoCJBnWMb/crvrtIvkn73SmEwkrPy4m1
j+nAiiV7Gq8Do0uI9OXBSKqmUF04qvpOaCEHI5FI4L6Rz9jFl9GADcol8QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAZGDjP+cCIwouHIEPXg+HZWZ0nNMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQmtZT01fNXdJakNpNGNnUTllRDRkbFpuU2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwHy/AwQA
wXwFAwQAwlcMAwQAwld8AwQAwle5AwQAw4UrAwQAw4VIMA0GCSqGSIb3DQEBCwUA
A4IBAQB6+VBHK6kwEOw9/DZIv3cY+JK/ABwei50vymtm6iON+abf6po2Y8hBaS2l
MjXupsnlv6tKaDwiMrMl1tnk4LWpwFa5L0h0QlDVh3GCIf8x8zJd0fuFw2ngu4WP
iVOwHsya5OOchnn25jV4nSSDSt/biVcL3/bk9fnasX2kwFJEP97HvTsO35p6eLnK
BzTxB7kapnGDKII6a9KfnQI9UrJq+WJuFt6SfBE6BZAtPCz/4LA7NvCf50uPpb4y
OHdhbSFY8rDwIq4qsxbs9vlO1t3ANun3PUzd4wWzxQgpkgAIF1sf4LqbMziXFvOi
mzhnfIdn5pSHF3V5Glf4vL7S7U/0
-----END CERTIFICATE-----
Generated at Thu Mar 7 22:37:29 2024 by rpki-client on console-ams.rpki-client.org