Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bh8BWzjVurqreH9GGs6M0RcuabA.roa
File: bh8BWzjVurqreH9GGs6M0RcuabA.roa (raw, json)
Hash identifier: 6Gol971xZJ03gFXNk5KF11qF4dUAoqGvLxOb+/Pca/E=
Subject key identifier: 6E:1F:01:5B:38:D5:BA:BA:AB:78:7F:46:1A:CE:8C:D1:17:2E:69:B0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DCB98CC863CD3CC3EAD74AE3CDBE97EF3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bh8BWzjVurqreH9GGs6M0RcuabA.roa
Signing time: Wed 21 Feb 2024 12:16:45 +0000
ROA not before: Wed 21 Feb 2024 12:16:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216078
IP address blocks: 194.48.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Mar 2024 14:02:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cb:98:cc:86:3c:d3:cc:3e:ad:74:ae:3c:db:e9:7e:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 21 12:16:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e1f015b38d5babaab787f461ace8cd1172e69b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:43:89:2d:d1:ea:f2:f0:8c:23:e8:1e:8a:03:
16:96:2e:be:cf:9d:49:86:a1:03:84:23:5b:78:e4:
01:a0:de:ff:59:ea:f3:18:8c:97:9d:c1:bd:5d:16:
bc:d6:84:16:b1:00:17:8f:61:be:b0:3c:52:69:3e:
7a:95:fd:ea:74:6d:f6:32:88:21:6d:4d:83:df:5c:
54:0d:d6:f5:47:cc:f4:9d:f5:b4:c2:c3:fb:f9:f5:
77:ba:d9:d1:b3:33:b4:9d:65:e3:74:5a:d6:de:14:
c4:9c:7e:94:03:ae:8c:72:e2:38:4b:d0:30:54:63:
dd:5e:be:41:47:41:3c:ab:56:38:2b:89:a2:2c:3c:
c4:ba:9b:0a:29:5d:4e:7c:6c:c3:55:fc:1a:da:38:
56:44:19:4c:9d:71:01:88:46:aa:95:18:d0:8e:6f:
45:25:3b:96:f7:e4:4f:b3:ea:50:58:43:41:eb:1a:
c9:2e:ce:1a:7e:2d:aa:8e:12:e2:84:19:51:22:66:
28:ec:12:6d:50:6a:c3:ec:ae:0b:a0:a2:0b:32:8d:
b2:76:6a:cf:a9:43:68:ce:2b:b3:50:03:0a:8a:80:
e1:10:50:e1:75:46:09:74:29:bc:2b:eb:97:fb:e9:
ca:ff:a3:32:3b:84:c6:b9:41:1a:bd:d4:39:e7:81:
ac:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:1F:01:5B:38:D5:BA:BA:AB:78:7F:46:1A:CE:8C:D1:17:2E:69:B0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bh8BWzjVurqreH9GGs6M0RcuabA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.48.250.0/24
Signature Algorithm: sha256WithRSAEncryption
18:cc:16:1b:9c:a3:d8:80:19:ba:56:cc:1f:2b:bb:a0:c0:1d:
5c:14:81:3d:0c:da:50:42:0c:ab:da:8f:df:04:71:49:7b:1d:
9f:cb:aa:4c:ac:a6:09:23:c4:db:6c:5f:77:95:04:1b:9d:05:
56:54:cc:79:19:b4:52:2c:df:c6:21:f7:33:b4:3a:eb:95:4c:
1f:3f:af:04:b0:49:d7:40:3e:3f:9e:2f:a7:bd:d5:07:4c:0c:
9c:2f:23:80:24:6d:07:4d:5b:27:2a:91:32:d2:73:e9:19:5f:
e3:12:cc:0f:1c:55:cb:03:a0:63:1c:c0:d4:76:20:55:85:62:
77:1d:b9:45:c3:04:fa:31:ec:d8:85:fc:8b:a4:51:4e:51:89:
65:85:22:94:cc:1c:e2:3c:f6:ec:86:fc:89:d6:59:7c:37:12:
3d:fe:77:ca:22:0a:13:95:e4:77:23:8e:47:2b:26:dd:c8:ca:
b1:de:b0:e9:8c:53:85:3f:26:5a:c3:bc:63:23:93:9e:4c:52:
58:ff:ea:07:7f:10:06:f4:be:cc:71:87:4a:70:ae:80:12:b5:
c5:6b:fe:66:1e:70:19:ac:73:85:6a:ec:38:8f:5e:21:03:2e:
b9:44:cf:0f:e5:ca:95:df:93:38:a4:2a:02:f4:2f:44:9c:4c:
ba:ac:58:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3LmMyGPNPMPq10rjzb6X7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjIxMTIxNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTFmMDE1YjM4ZDViYWJhYWI3ODdmNDYxYWNlOGNkMTE3MmU2OWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkOJLdHq8vCMI+geigMWli6+z51J
hqEDhCNbeOQBoN7/WerzGIyXncG9XRa81oQWsQAXj2G+sDxSaT56lf3qdG32Mogh
bU2D31xUDdb1R8z0nfW0wsP7+fV3utnRszO0nWXjdFrW3hTEnH6UA66McuI4S9Aw
VGPdXr5BR0E8q1Y4K4miLDzEupsKKV1OfGzDVfwa2jhWRBlMnXEBiEaqlRjQjm9F
JTuW9+RPs+pQWENB6xrJLs4afi2qjhLihBlRImYo7BJtUGrD7K4LoKILMo2ydmrP
qUNoziuzUAMKioDhEFDhdUYJdCm8K+uX++nK/6MyO4TGuUEavdQ554GscwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4fAVs41bq6q3h/RhrOjNEXLmmwMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYmg4Qld6alZ1cnFyZUg5R0dzNk0wUmN1YWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjD6MA0G
CSqGSIb3DQEBCwUAA4IBAQAYzBYbnKPYgBm6VswfK7ugwB1cFIE9DNpQQgyr2o/f
BHFJex2fy6pMrKYJI8TbbF93lQQbnQVWVMx5GbRSLN/GIfcztDrrlUwfP68EsEnX
QD4/ni+nvdUHTAycLyOAJG0HTVsnKpEy0nPpGV/jEswPHFXLA6BjHMDUdiBVhWJ3
HblFwwT6MezYhfyLpFFOUYllhSKUzBziPPbshvyJ1ll8NxI9/nfKIgoTleR3I45H
KybdyMqx3rDpjFOFPyZaw7xjI5OeTFJY/+oHfxAG9L7McYdKcK6AErXFa/5mHnAZ
rHOFauw4j14hAy65RM8P5cqV35M4pCoC9C9EnEy6rFgD
-----END CERTIFICATE-----
Generated at Wed Mar 20 17:15:31 2024 by rpki-client on console-ams.rpki-client.org