Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BqPKQiBUD5YIR3S_9IdhTGfcBjM.roa
File: BqPKQiBUD5YIR3S_9IdhTGfcBjM.roa (raw, json)
Hash identifier: BZQNjPy5rwBTnSs38oML7GY7TnP/udscHHZ6oQoJwcs=
Subject key identifier: 06:A3:CA:42:20:54:0F:96:08:47:74:BF:F4:87:61:4C:67:DC:06:33
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D1C4926130ED29FC046219D1DD40E5873
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BqPKQiBUD5YIR3S_9IdhTGfcBjM.roa
Signing time: Thu 18 Jan 2024 11:16:12 +0000
ROA not before: Thu 18 Jan 2024 11:16:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400377
IP address blocks: 93.123.84.0/24 maxlen: 24
109.206.237.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 07:17:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:49:26:13:0e:d2:9f:c0:46:21:9d:1d:d4:0e:58:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 18 11:16:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06a3ca4220540f96084774bff487614c67dc0633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:68:d7:1d:0a:3b:92:9a:a2:52:b4:f1:b4:f3:
85:86:20:e2:29:9f:a0:8c:09:cf:5e:90:7f:54:32:
35:9f:25:0f:58:6b:bf:34:48:bf:c4:69:be:4b:d1:
be:ff:89:d0:d4:4d:28:cd:05:08:93:7f:a4:0b:40:
cb:34:4a:c3:01:ff:2e:f0:3f:8c:a6:78:64:07:ae:
6c:e2:a8:eb:f8:4f:36:10:5d:e7:08:74:b7:db:c0:
26:2c:ef:3e:e1:86:0e:6b:83:8e:3c:59:20:c0:ec:
2f:d2:0d:68:0a:db:15:0d:0d:82:93:6e:81:3d:43:
91:ad:81:26:99:5a:f4:bf:e5:86:85:69:f9:42:b7:
34:bf:06:f6:08:9a:cf:1b:96:01:02:41:94:84:d9:
58:63:e2:eb:5c:c8:c7:8d:00:c7:83:78:0b:00:65:
7c:5b:3e:b4:da:b7:58:8e:63:12:21:58:4d:02:34:
68:99:73:0a:ed:18:69:45:fd:cb:42:4f:4b:7a:36:
8d:c1:61:fa:4e:79:95:5b:12:7e:0e:42:62:10:a1:
83:f3:79:d7:d4:e2:d8:4b:85:83:0a:1f:86:f8:33:
c0:d2:01:aa:81:a3:db:f7:f7:1d:c3:e2:2c:96:a7:
a2:b0:0a:33:8b:f7:d9:32:86:b1:ba:c3:27:6c:cc:
17:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A3:CA:42:20:54:0F:96:08:47:74:BF:F4:87:61:4C:67:DC:06:33
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BqPKQiBUD5YIR3S_9IdhTGfcBjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.123.84.0/24
109.206.237.0/24
185.216.69.0/24
Signature Algorithm: sha256WithRSAEncryption
83:90:b7:dc:8a:37:8c:55:45:c4:36:a3:86:36:ec:48:a3:9f:
47:af:c9:63:0b:4e:17:9f:18:a6:59:84:57:73:f4:92:0d:84:
0f:f7:47:ed:cf:4e:8a:f0:a3:a7:73:85:6f:12:b2:d0:8d:af:
b2:94:98:e0:20:63:fb:18:16:aa:ab:b2:4b:8f:dd:66:8a:41:
8a:4a:0d:e3:d8:0e:e8:70:8a:59:2a:90:24:3e:6e:24:3c:b7:
01:d8:ec:f6:4e:ea:98:f3:69:ba:19:c3:6a:59:25:9d:92:ad:
64:29:49:d0:b8:2c:6c:e2:38:58:bf:a5:8d:70:ac:2e:b6:15:
d2:1d:e9:3e:e1:b0:7b:a5:36:16:59:ac:ad:f8:ef:b0:af:ed:
57:2c:55:ef:e3:71:cf:1b:cb:08:a4:ba:cc:2e:2d:3c:66:56:
12:33:f8:15:b8:03:f8:db:80:66:1d:df:74:42:e7:c2:64:58:
66:95:06:9d:df:4f:7b:49:7a:a8:f2:0c:c1:17:01:68:47:60:
c4:30:8d:e3:c5:23:1c:a9:3d:97:73:06:30:1d:41:eb:0b:a7:
c3:b3:f7:dd:64:3c:d8:9d:6b:08:25:e0:f6:c4:15:c3:7b:88:
5d:20:bb:e3:dc:2a:fd:5a:e2:c8:ba:4d:df:74:be:a5:61:e3:
0c:d5:7b:d9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0cSSYTDtKfwEYhnR3UDlhzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTE4MTExNjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmEzY2E0MjIwNTQwZjk2MDg0Nzc0YmZmNDg3NjE0YzY3ZGMwNjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGjXHQo7kpqiUrTxtPOFhiDiKZ+g
jAnPXpB/VDI1nyUPWGu/NEi/xGm+S9G+/4nQ1E0ozQUIk3+kC0DLNErDAf8u8D+M
pnhkB65s4qjr+E82EF3nCHS328AmLO8+4YYOa4OOPFkgwOwv0g1oCtsVDQ2Ck26B
PUORrYEmmVr0v+WGhWn5Qrc0vwb2CJrPG5YBAkGUhNlYY+LrXMjHjQDHg3gLAGV8
Wz602rdYjmMSIVhNAjRomXMK7RhpRf3LQk9LejaNwWH6TnmVWxJ+DkJiEKGD83nX
1OLYS4WDCh+G+DPA0gGqgaPb9/cdw+IslqeisAozi/fZMoaxusMnbMwXmwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAajykIgVA+WCEd0v/SHYUxn3AYzMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQnFQS1FpQlVENVlJUjNTXzlJZGhUR2ZjQmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXXtUAwQA
bc7tAwQAudhFMA0GCSqGSIb3DQEBCwUAA4IBAQCDkLfcijeMVUXENqOGNuxIo59H
r8ljC04XnximWYRXc/SSDYQP90ftz06K8KOnc4VvErLQja+ylJjgIGP7GBaqq7JL
j91mikGKSg3j2A7ocIpZKpAkPm4kPLcB2Oz2TuqY82m6GcNqWSWdkq1kKUnQuCxs
4jhYv6WNcKwuthXSHek+4bB7pTYWWayt+O+wr+1XLFXv43HPG8sIpLrMLi08ZlYS
M/gVuAP424BmHd90QufCZFhmlQad3097SXqo8gzBFwFoR2DEMI3jxSMcqT2XcwYw
HUHrC6fDs/fdZDzYnWsIJeD2xBXDe4hdILvj3Cr9WuLIuk3fdL6lYeMM1XvZ
-----END CERTIFICATE-----
Generated at Fri Jan 26 10:21:20 2024 by rpki-client on console-ams.rpki-client.org