Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2d0dae-d2bc-49d1-8115-34cb9d5c9432/1/bxBG2JESgGNCHLafZFMMND16bIY.roa
File: bxBG2JESgGNCHLafZFMMND16bIY.roa (raw, json)
Hash identifier: dL6DbQEzrRT/0752lpnG6qbr8GVNGr1zWl479MCWPXQ=
Subject key identifier: 6F:10:46:D8:91:12:80:63:42:1C:B6:9F:64:53:0C:34:3D:7A:6C:86
Certificate issuer: /CN=1151a4811148f7d0598f5ff021dadd3a10e5f29c
Certificate serial: 01856EAFE0F22EFC897EA23BB86DCEC02AFA
Authority key identifier: 11:51:A4:81:11:48:F7:D0:59:8F:5F:F0:21:DA:DD:3A:10:E5:F2:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EVGkgRFI99BZj1_wIdrdOhDl8pw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/2d0dae-d2bc-49d1-8115-34cb9d5c9432/1/bxBG2JESgGNCHLafZFMMND16bIY.roa
Signing time: Sun 01 Jan 2023 18:54:58 +0000
ROA not before: Sun 01 Jan 2023 18:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207593
IP address blocks: 194.36.120.0/24 maxlen: 24
194.36.19.0/24 maxlen: 24
194.35.187.0/24 maxlen: 24
194.36.83.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:e0:f2:2e:fc:89:7e:a2:3b:b8:6d:ce:c0:2a:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1151a4811148f7d0598f5ff021dadd3a10e5f29c
Validity
Not Before: Jan 1 18:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f1046d891128063421cb69f64530c343d7a6c86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:54:d1:ea:91:44:5b:b9:22:46:a4:bd:a9:ea:
1d:76:50:04:a9:60:40:d3:a4:65:31:43:c3:f4:e0:
9c:96:d8:80:ad:87:20:a0:c1:c6:f4:7b:29:43:0d:
2e:72:2c:23:e4:af:c2:5e:56:3d:b1:19:37:30:29:
bf:05:0a:79:3f:8c:36:cf:af:76:b1:2b:b3:da:07:
06:21:d0:f7:10:c7:34:04:41:ef:d0:75:93:8f:6a:
37:ab:98:9b:07:4a:0a:1c:91:a9:c2:64:87:77:dd:
37:31:a0:b6:6c:fa:74:72:03:84:65:9a:3a:79:43:
b2:92:59:cf:6e:58:fd:73:8d:ea:d1:c8:e7:ab:21:
bb:7b:40:a6:e1:a6:8e:04:33:2b:52:68:31:c0:7d:
f6:6c:5c:c2:69:28:b0:bc:31:ca:dc:79:a3:87:59:
58:ea:2e:57:65:01:2f:91:ae:82:fe:fa:77:62:63:
4f:86:84:d3:1b:9a:80:99:f9:8e:13:2a:90:58:95:
63:c4:06:80:2f:9b:ed:83:84:ee:41:2d:a4:39:e6:
df:6a:bb:c2:69:65:67:e7:5a:dc:3d:e0:55:fe:d5:
b2:be:ee:94:c9:1c:95:a3:59:11:15:4e:31:7f:92:
c8:29:a2:0a:7d:fd:4d:5f:48:3d:c5:6b:f3:e0:7e:
f3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:10:46:D8:91:12:80:63:42:1C:B6:9F:64:53:0C:34:3D:7A:6C:86
X509v3 Authority Key Identifier:
keyid:11:51:A4:81:11:48:F7:D0:59:8F:5F:F0:21:DA:DD:3A:10:E5:F2:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EVGkgRFI99BZj1_wIdrdOhDl8pw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2d0dae-d2bc-49d1-8115-34cb9d5c9432/1/bxBG2JESgGNCHLafZFMMND16bIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2d0dae-d2bc-49d1-8115-34cb9d5c9432/1/EVGkgRFI99BZj1_wIdrdOhDl8pw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.187.0/24
194.36.19.0/24
194.36.83.0/24
194.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:3d:19:63:5e:38:6b:c0:a2:da:60:bb:8c:a4:b1:a7:27:97:
87:0e:5d:e9:3f:2a:f0:7e:cc:bf:b3:f3:05:d1:2e:3f:9a:0c:
e5:a5:3a:d3:69:01:90:cf:eb:e0:12:68:4b:f5:8b:87:55:94:
55:03:6a:95:81:99:a3:14:3e:8c:da:46:62:33:3d:1b:aa:a7:
d4:0a:53:df:9b:7f:12:41:18:11:02:2c:97:6e:b9:1e:19:36:
91:e9:8b:35:4b:23:0a:46:50:81:7a:da:93:36:2c:94:09:7d:
90:b3:c2:50:79:d3:88:71:f7:66:a3:79:77:05:ed:7e:04:e8:
52:41:8e:6a:3e:22:3f:fe:b1:b5:7f:07:ff:5c:28:29:ef:db:
99:92:5f:af:17:5e:d4:69:fd:7f:a8:3f:65:66:41:91:1d:97:
fc:7b:20:2e:1d:45:70:f1:11:47:b4:fc:6b:75:9e:e5:07:ff:
e6:b5:01:a1:58:70:db:74:d8:1b:3f:7f:41:f5:98:54:c4:91:
13:b0:31:75:03:b8:98:54:76:4c:7b:ba:2b:f4:43:2f:55:66:
be:bf:1b:d0:1a:b5:2b:b7:15:e2:d5:3d:a1:c2:d9:3d:dd:15:
65:f2:74:7c:03:52:12:19:fe:79:5b:1c:2d:40:18:c6:2d:83:
d8:61:66:d2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVur+DyLvyJfqI7uG3OwCr6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNTFhNDgxMTE0OGY3ZDA1OThmNWZmMDIxZGFkZDNhMTBl
NWYyOWMwHhcNMjMwMTAxMTg1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjEwNDZkODkxMTI4MDYzNDIxY2I2OWY2NDUzMGMzNDNkN2E2Yzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlTR6pFEW7kiRqS9qeoddlAEqWBA
06RlMUPD9OCcltiArYcgoMHG9HspQw0uciwj5K/CXlY9sRk3MCm/BQp5P4w2z692
sSuz2gcGIdD3EMc0BEHv0HWTj2o3q5ibB0oKHJGpwmSHd903MaC2bPp0cgOEZZo6
eUOyklnPblj9c43q0cjnqyG7e0Cm4aaOBDMrUmgxwH32bFzCaSiwvDHK3Hmjh1lY
6i5XZQEvka6C/vp3YmNPhoTTG5qAmfmOEyqQWJVjxAaAL5vtg4TuQS2kOebfarvC
aWVn51rcPeBV/tWyvu6UyRyVo1kRFU4xf5LIKaIKff1NX0g9xWvz4H7z2QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG8QRtiREoBjQhy2n2RTDDQ9emyGMB8GA1UdIwQY
MBaAFBFRpIERSPfQWY9f8CHa3ToQ5fKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVZHa2dSRkk5OUJaajFfd0lkcmRPaERsOHB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZDBkYWUtZDJiYy00OWQxLTgxMTUt
MzRjYjlkNWM5NDMyLzEvYnhCRzJKRVNnR05DSExhZlpGTU1ORDE2YklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZDBkYWUtZDJiYy00OWQxLTgxMTUtMzRjYjlkNWM5NDMy
LzEvRVZHa2dSRkk5OUJaajFfd0lkcmRPaERsOHB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwiO7AwQA
wiQTAwQAwiRTAwQAwiR4MA0GCSqGSIb3DQEBCwUAA4IBAQB+PRljXjhrwKLaYLuM
pLGnJ5eHDl3pPyrwfsy/s/MF0S4/mgzlpTrTaQGQz+vgEmhL9YuHVZRVA2qVgZmj
FD6M2kZiMz0bqqfUClPfm38SQRgRAiyXbrkeGTaR6Ys1SyMKRlCBetqTNiyUCX2Q
s8JQedOIcfdmo3l3Be1+BOhSQY5qPiI//rG1fwf/XCgp79uZkl+vF17Uaf1/qD9l
ZkGRHZf8eyAuHUVw8RFHtPxrdZ7lB//mtQGhWHDbdNgbP39B9ZhUxJETsDF1A7iY
VHZMe7or9EMvVWa+vxvQGrUrtxXi1T2hwtk93RVl8nR8A1ISGf55WxwtQBjGLYPY
YWbS
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:25 2024 by rpki-client on console-fra.rpki-client.org