Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bgLF8avGc8OnyNowDfDo8HNLkqI.roa
File: bgLF8avGc8OnyNowDfDo8HNLkqI.roa (raw, json)
Hash identifier: J8iAJ7bguuQ66PKrMrujiNMM5HKfN6niXpiy/vKiBW0=
Subject key identifier: 6E:02:C5:F1:AB:C6:73:C3:A7:C8:DA:30:0D:F0:E8:F0:73:4B:92:A2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188A3EE20D6981022C8467D24E13C9BCB43
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bgLF8avGc8OnyNowDfDo8HNLkqI.roa
Signing time: Sat 10 Jun 2023 06:11:12 +0000
ROA not before: Sat 10 Jun 2023 06:11:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49870
IP address blocks: 194.87.220.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Jun 2023 05:44:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a3:ee:20:d6:98:10:22:c8:46:7d:24:e1:3c:9b:cb:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 10 06:11:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e02c5f1abc673c3a7c8da300df0e8f0734b92a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1e:14:28:d1:55:ba:8e:fe:6d:3c:3d:2b:76:
59:a1:8a:05:11:12:f3:ea:2d:4d:82:bb:c3:ac:02:
ae:48:67:60:86:2b:20:bd:c4:2c:19:95:5c:9d:1f:
b8:29:57:91:e7:b0:9b:cb:1b:e9:b4:96:7c:60:60:
30:00:5a:88:36:6a:86:da:f1:30:8c:f1:4d:1a:63:
17:fc:f5:21:95:37:54:42:26:78:a3:26:82:13:62:
39:dc:a7:41:05:55:43:ae:e2:2d:2e:91:8e:3c:01:
a3:51:fe:c1:43:f5:1e:28:e7:ac:dc:70:56:a8:bb:
41:f9:f2:68:6f:a7:de:65:1e:79:43:90:1e:03:6b:
7d:89:80:95:b5:5f:dc:61:d3:e3:2d:0b:7c:02:ad:
4a:cf:79:c5:3a:f5:2a:e6:31:dc:0c:3b:53:a5:06:
10:e0:77:38:90:a8:93:36:7e:dc:58:6b:20:1a:af:
a3:ff:6f:a6:8e:dc:45:84:8f:85:e1:de:e8:60:8b:
9c:8c:ee:53:d9:21:3a:12:56:2b:6c:2e:9f:49:e0:
87:85:dc:81:38:63:ce:88:9c:ef:09:89:7f:25:03:
31:30:be:c6:14:3f:cf:96:32:e9:8c:9a:08:27:df:
65:70:43:eb:15:58:99:36:ea:7f:98:b2:64:eb:92:
53:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:02:C5:F1:AB:C6:73:C3:A7:C8:DA:30:0D:F0:E8:F0:73:4B:92:A2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bgLF8avGc8OnyNowDfDo8HNLkqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.45.0/24
194.87.220.0/24
195.58.63.0/24
212.192.1.0/24
Signature Algorithm: sha256WithRSAEncryption
49:e7:d4:e4:8b:8b:1c:8f:80:f3:81:09:3b:4e:00:1e:65:a9:
cb:e6:a9:aa:47:f4:8d:f5:a5:e2:23:6f:b3:0f:eb:3a:dc:62:
a4:7c:7e:a4:16:ce:ac:23:6e:50:66:62:d3:19:86:95:a9:55:
62:d7:b3:cd:7b:25:bc:e5:aa:43:89:44:1a:e3:25:b1:07:a8:
2b:3b:7c:6d:30:76:dd:7a:e3:70:c2:a6:86:2b:83:e6:6a:79:
4c:63:2a:e8:f4:b3:b8:ed:37:07:5b:8c:0d:6f:48:e7:6d:f6:
0e:c4:13:d5:37:96:5b:90:b5:33:b9:10:56:b3:1a:35:d0:e7:
4b:b1:18:77:4e:4a:a0:c1:78:52:2c:c4:d4:28:34:9e:30:77:
bf:42:eb:ac:a9:d0:08:08:93:ac:73:a4:fb:12:0e:0c:fe:4e:
30:86:5d:e3:1e:a4:49:e6:6a:bf:8f:fc:4a:6e:3f:77:e0:5e:
49:64:b2:17:53:77:19:3a:80:ce:35:05:aa:a8:2e:b0:ff:db:
86:bb:a2:27:15:36:99:4c:fc:2c:f3:77:ae:e5:77:f6:f8:45:
6d:27:03:73:28:cc:0b:a6:be:89:e2:83:74:c8:31:7b:19:c7:
c7:db:b6:31:da:1d:37:de:06:41:48:46:0f:d6:84:60:75:10:
d9:b4:d4:57
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYij7iDWmBAiyEZ9JOE8m8tDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjEwMDYxMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTAyYzVmMWFiYzY3M2MzYTdjOGRhMzAwZGYwZThmMDczNGI5MmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoB4UKNFVuo7+bTw9K3ZZoYoFERLz
6i1NgrvDrAKuSGdghisgvcQsGZVcnR+4KVeR57CbyxvptJZ8YGAwAFqINmqG2vEw
jPFNGmMX/PUhlTdUQiZ4oyaCE2I53KdBBVVDruItLpGOPAGjUf7BQ/UeKOes3HBW
qLtB+fJob6feZR55Q5AeA2t9iYCVtV/cYdPjLQt8Aq1Kz3nFOvUq5jHcDDtTpQYQ
4Hc4kKiTNn7cWGsgGq+j/2+mjtxFhI+F4d7oYIucjO5T2SE6ElYrbC6fSeCHhdyB
OGPOiJzvCYl/JQMxML7GFD/PljLpjJoIJ99lcEPrFViZNup/mLJk65JTuQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG4CxfGrxnPDp8jaMA3w6PBzS5KiMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYmdMRjhhdkdjOE9ueU5vd0RmRG84SE5Ma3FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXwtAwQA
wlfcAwQAwzo/AwQA1MABMA0GCSqGSIb3DQEBCwUAA4IBAQBJ59Tki4scj4DzgQk7
TgAeZanL5qmqR/SN9aXiI2+zD+s63GKkfH6kFs6sI25QZmLTGYaVqVVi17PNeyW8
5apDiUQa4yWxB6grO3xtMHbdeuNwwqaGK4PmanlMYyro9LO47TcHW4wNb0jnbfYO
xBPVN5ZbkLUzuRBWsxo10OdLsRh3TkqgwXhSLMTUKDSeMHe/QuusqdAICJOsc6T7
Eg4M/k4whl3jHqRJ5mq/j/xKbj934F5JZLIXU3cZOoDONQWqqC6w/9uGu6InFTaZ
TPws83eu5Xf2+EVtJwNzKMwLpr6J4oN0yDF7GcfH27Yx2h033gZBSEYP1oRgdRDZ
tNRX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:21 2024 by rpki-client on console-fra.rpki-client.org