Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BEMpFhTMbLa10J94KKnwIX2ALcc.roa
File: BEMpFhTMbLa10J94KKnwIX2ALcc.roa (raw, json)
Hash identifier: K1SsWGoknqOq0NjJE58yVf64ZqDNw8dkE6We1xGvRaE=
Subject key identifier: 04:43:29:16:14:CC:6C:B6:B5:D0:9F:78:28:A9:F0:21:7D:80:2D:C7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCE35D49B16DA8DD45640A491212E9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BEMpFhTMbLa10J94KKnwIX2ALcc.roa
Signing time: Tue 02 Jan 2024 06:29:28 +0000
ROA not before: Tue 02 Jan 2024 06:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44796
IP address blocks: 91.92.232.0/24 maxlen: 24
2a00:1728:1d::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 Aug 2024 07:58:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:e3:5d:49:b1:6d:a8:dd:45:64:0a:49:12:12:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0443291614cc6cb6b5d09f7828a9f0217d802dc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:be:43:d9:07:10:73:4c:8b:62:00:54:29:52:
db:51:59:db:ed:f3:b4:bf:2b:74:84:e6:c1:60:8c:
51:6f:2b:2d:58:12:0f:4b:71:6a:d0:26:41:24:15:
9b:d8:f8:ff:1a:fc:df:7e:36:0a:c0:4e:1d:1b:62:
9c:54:dc:a5:51:f1:fb:24:5f:47:ef:7f:60:d1:5e:
96:ab:ac:31:d7:0a:62:9e:92:3b:e0:a5:1e:f1:63:
60:1b:00:c1:64:c4:c9:e5:52:f5:b5:1d:5b:96:65:
76:dd:ec:30:ea:0c:a1:34:d3:bf:9d:b0:a8:ca:39:
9c:4b:7c:e9:45:b9:38:a4:d3:93:85:cf:fc:e4:e1:
f9:95:a9:f0:fb:b1:04:33:40:8c:24:55:ae:ae:dd:
90:d6:e4:12:7d:52:79:59:7a:47:50:61:f3:cf:36:
e5:1a:92:cd:23:6f:15:83:c9:94:e3:f7:c3:76:38:
03:18:73:12:24:31:51:57:11:0a:fb:f2:51:10:0d:
0d:82:53:4a:f0:aa:c4:5e:90:48:4d:97:f4:cf:4d:
89:1d:bd:18:69:1e:34:9a:a0:31:ce:68:dc:6e:54:
56:54:fc:53:c9:59:15:c2:8d:49:1c:a0:26:20:13:
58:24:51:0b:9c:c1:a8:d2:4e:14:de:c0:79:d6:f7:
6a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:43:29:16:14:CC:6C:B6:B5:D0:9F:78:28:A9:F0:21:7D:80:2D:C7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BEMpFhTMbLa10J94KKnwIX2ALcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.232.0/24
IPv6:
2a00:1728:1d::/48
Signature Algorithm: sha256WithRSAEncryption
7a:46:fb:31:08:72:0a:94:e0:15:e5:b6:00:04:f9:31:aa:53:
3d:1d:37:81:58:92:d9:e2:5b:a5:12:09:cf:ed:fc:b4:d0:4e:
91:df:ad:29:28:2b:2f:4f:70:77:8a:ae:fd:8e:e1:2b:df:13:
fc:00:d1:1e:19:16:07:2a:4e:87:08:d3:fb:18:f2:78:dd:94:
a4:63:10:19:88:5f:77:60:71:a6:0e:32:b3:b8:8d:44:25:eb:
51:08:58:c9:01:0e:26:88:0d:16:3f:cd:1c:15:29:c6:7f:98:
fd:5c:e4:88:a5:0f:0a:3d:38:9a:5f:c0:dd:5f:af:59:50:87:
43:e0:e4:5e:5b:1c:9b:30:31:70:5b:5f:39:89:20:a1:38:6b:
5c:7d:02:20:c8:08:c6:d6:b4:0a:d6:70:12:47:9b:c2:1e:0c:
f6:61:52:69:c2:d1:04:c8:18:71:3a:ed:ee:42:38:8e:28:0b:
bb:f3:ce:c4:7d:cb:48:6a:cc:9b:22:53:7c:f2:56:ca:71:a8:
15:20:26:32:b8:9d:ef:52:32:f8:8a:be:a9:b5:71:47:da:54:
a7:b8:3e:1d:23:9d:77:28:e8:df:64:d1:6b:ac:43:03:46:07:
31:23:67:04:dd:23:75:bb:c9:d8:24:34:f7:74:f6:aa:44:ab:
62:42:c5:1c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI3ONdSbFtqN1FZApJEhLpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDQzMjkxNjE0Y2M2Y2I2YjVkMDlmNzgyOGE5ZjAyMTdkODAyZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApb5D2QcQc0yLYgBUKVLbUVnb7fO0
vyt0hObBYIxRbystWBIPS3Fq0CZBJBWb2Pj/GvzffjYKwE4dG2KcVNylUfH7JF9H
739g0V6Wq6wx1wpinpI74KUe8WNgGwDBZMTJ5VL1tR1blmV23eww6gyhNNO/nbCo
yjmcS3zpRbk4pNOThc/85OH5lanw+7EEM0CMJFWurt2Q1uQSfVJ5WXpHUGHzzzbl
GpLNI28Vg8mU4/fDdjgDGHMSJDFRVxEK+/JREA0NglNK8KrEXpBITZf0z02JHb0Y
aR40mqAxzmjcblRWVPxTyVkVwo1JHKAmIBNYJFELnMGo0k4U3sB51vdq/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFARDKRYUzGy2tdCfeCip8CF9gC3HMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQkVNcEZoVE1iTGExMEo5NEtLbndJWDJBTGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW1zoMA8E
AgACMAkDBwAqABcoAB0wDQYJKoZIhvcNAQELBQADggEBAHpG+zEIcgqU4BXltgAE
+TGqUz0dN4FYktniW6USCc/t/LTQTpHfrSkoKy9PcHeKrv2O4SvfE/wA0R4ZFgcq
TocI0/sY8njdlKRjEBmIX3dgcaYOMrO4jUQl61EIWMkBDiaIDRY/zRwVKcZ/mP1c
5IilDwo9OJpfwN1fr1lQh0Pg5F5bHJswMXBbXzmJIKE4a1x9AiDICMbWtArWcBJH
m8IeDPZhUmnC0QTIGHE67e5COI4oC7vzzsR9y0hqzJsiU3zyVspxqBUgJjK4ne9S
MviKvqm1cUfaVKe4Ph0jnXco6N9k0WusQwNGBzEjZwTdI3W7ydgkNPd09qpEq2JC
xRw=
-----END CERTIFICATE-----
Generated at Thu Aug 22 09:45:30 2024 by rpki-client on console-ams.rpki-client.org