Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/bMxvL0fQZOwchd5WHDuu3Ko7orU.roa
File: bMxvL0fQZOwchd5WHDuu3Ko7orU.roa (raw, json)
Hash identifier: Ez+RZzDioTnBGqp07JYXHVhjmBT7xPh3ehkmAFxjQPQ=
Subject key identifier: 6C:CC:6F:2F:47:D0:64:EC:1C:85:DE:56:1C:3B:AE:DC:AA:3B:A2:B5
Certificate issuer: /CN=dc44e19e2bb4e7023cc1ba10d49b74ede4bf865c
Certificate serial: 018AB1EDB4F2319E9139E55403FAD3A17A44
Authority key identifier: DC:44:E1:9E:2B:B4:E7:02:3C:C1:BA:10:D4:9B:74:ED:E4:BF:86:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/bMxvL0fQZOwchd5WHDuu3Ko7orU.roa
Signing time: Wed 20 Sep 2023 09:31:00 +0000
ROA not before: Wed 20 Sep 2023 09:31:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206747
IP address blocks: 195.130.28.0/24 maxlen: 24
195.130.29.0/24 maxlen: 24
25.129.198.0/23 maxlen: 23
25.129.196.0/23 maxlen: 23
2a08:600:ee::/47 maxlen: 47
2a08:600:99::/48 maxlen: 48
2a08:600:1::/48 maxlen: 48
2a08:600:2::/48 maxlen: 48
2a08:600:e0::/47 maxlen: 47
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b1:ed:b4:f2:31:9e:91:39:e5:54:03:fa:d3:a1:7a:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc44e19e2bb4e7023cc1ba10d49b74ede4bf865c
Validity
Not Before: Sep 20 09:31:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ccc6f2f47d064ec1c85de561c3baedcaa3ba2b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c9:80:5c:66:a6:04:ab:c0:2d:f4:98:a3:72:
c7:11:0a:29:8d:f1:97:ab:85:93:84:11:50:79:11:
ec:2a:33:4e:81:2a:e3:a0:f1:04:1d:5f:07:8c:25:
f8:de:32:ff:85:ed:ae:b2:40:0e:9e:be:bb:5c:d8:
c0:c7:e9:c0:12:67:2d:d2:7b:5c:f2:de:b3:4f:4e:
a1:e1:b9:99:a1:e8:b7:2a:4d:77:00:09:4d:16:2b:
9e:22:37:15:02:a9:d2:3d:ae:47:6b:3f:58:7a:bb:
e3:f0:ca:eb:33:d2:14:a9:24:9d:ad:ce:3c:60:f1:
22:81:d0:2a:ca:c7:04:77:fe:fd:cb:bb:55:58:5e:
86:0d:65:56:6e:d4:54:c5:6a:ba:e3:3e:d3:1d:40:
b0:d0:fe:76:cf:12:bc:ec:ce:ab:ca:54:e7:53:d7:
15:f1:b3:e0:b5:63:0e:3e:11:5a:9f:ac:13:2c:39:
85:5a:ef:d4:0a:20:f4:9c:10:ad:5b:ac:e4:c3:ad:
7f:10:e2:ea:57:64:af:0c:cc:59:9b:a6:80:38:4e:
a4:fd:70:48:f2:49:26:04:c6:b0:12:68:88:62:c5:
a0:80:dd:a6:d1:44:63:ac:8d:c7:85:44:ba:65:ea:
d0:4a:a5:fe:8c:18:b6:25:ec:09:e2:94:69:06:33:
98:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:CC:6F:2F:47:D0:64:EC:1C:85:DE:56:1C:3B:AE:DC:AA:3B:A2:B5
X509v3 Authority Key Identifier:
keyid:DC:44:E1:9E:2B:B4:E7:02:3C:C1:BA:10:D4:9B:74:ED:E4:BF:86:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/bMxvL0fQZOwchd5WHDuu3Ko7orU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/3EThniu05wI8wboQ1Jt07eS_hlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
25.129.196.0/22
195.130.28.0/23
IPv6:
2a08:600:1::-2a08:600:2:ffff:ffff:ffff:ffff:ffff
2a08:600:99::/48
2a08:600:e0::/47
2a08:600:ee::/47
Signature Algorithm: sha256WithRSAEncryption
11:f9:51:6f:c6:4a:df:c2:04:e6:74:68:f3:08:b8:6f:18:22:
b8:26:97:63:3f:ce:7b:35:f1:19:b8:e2:fe:79:8d:33:51:69:
30:7a:d1:df:93:06:5e:d5:3f:63:17:26:ed:d5:9d:48:05:2c:
70:a2:96:f3:06:b8:f7:64:0c:c8:c9:59:63:33:12:c9:17:fe:
87:43:05:b6:53:bb:8c:32:f6:e8:dc:d0:3c:f8:3e:8c:11:0d:
21:d3:ae:88:22:27:7f:25:2a:92:24:5f:cf:a7:8e:77:d6:05:
c5:b2:d5:5b:7f:db:25:c3:6f:5e:13:42:33:d8:66:32:84:ff:
60:41:f1:48:f7:d2:53:6c:5f:fb:c5:aa:b9:36:f0:e4:6b:6f:
94:72:99:d9:00:d6:b1:00:cf:2e:d3:75:f8:dd:8a:86:ce:70:
b0:40:a3:23:4f:8c:3e:bf:4b:73:94:b1:dc:23:8b:96:5e:dd:
7a:f9:9d:e4:03:0f:57:0b:c1:5b:ca:b0:9a:5a:ff:f5:0f:ab:
a5:a2:4b:59:80:52:98:6f:e1:77:84:48:ee:5d:d5:26:41:ac:
f8:85:74:e4:87:c3:4c:1a:3c:c8:2d:be:2d:33:df:00:0e:80:
df:cf:e7:d0:a0:01:a2:3c:60:0e:cc:89:26:cd:36:c5:53:68:
12:0f:a3:f4
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYqx7bTyMZ6ROeVUA/rToXpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNDRlMTllMmJiNGU3MDIzY2MxYmExMGQ0OWI3NGVkZTRi
Zjg2NWMwHhcNMjMwOTIwMDkzMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2NjNmYyZjQ3ZDA2NGVjMWM4NWRlNTYxYzNiYWVkY2FhM2JhMmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcmAXGamBKvALfSYo3LHEQopjfGX
q4WThBFQeRHsKjNOgSrjoPEEHV8HjCX43jL/he2uskAOnr67XNjAx+nAEmct0ntc
8t6zT06h4bmZoei3Kk13AAlNFiueIjcVAqnSPa5Haz9Yervj8MrrM9IUqSSdrc48
YPEigdAqyscEd/79y7tVWF6GDWVWbtRUxWq64z7THUCw0P52zxK87M6rylTnU9cV
8bPgtWMOPhFan6wTLDmFWu/UCiD0nBCtW6zkw61/EOLqV2SvDMxZm6aAOE6k/XBI
8kkmBMawEmiIYsWggN2m0URjrI3HhUS6ZerQSqX+jBi2JewJ4pRpBjOYEQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFGzMby9H0GTsHIXeVhw7rtyqO6K1MB8GA1UdIwQY
MBaAFNxE4Z4rtOcCPMG6ENSbdO3kv4ZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0VUaG5pdTA1d0k4d2JvUTFKdDA3ZVNfaGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80NmY1YjktNjAwMC00MDcyLTg5ZjIt
NGM4MmFjZTcyYzg1LzEvYk14dkwwZlFaT3djaGQ1V0hEdXUzS283b3JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80NmY1YjktNjAwMC00MDcyLTg5ZjItNGM4MmFjZTcyYzg1
LzEvM0VUaG5pdTA1d0k4d2JvUTFKdDA3ZVNfaGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzASBAIAATAMAwQCGYHEAwQB
w4IcMDUEAgACMC8wEgMHACoIBgAAAQMHACoIBgAAAgMHACoIBgAAmQMHASoIBgAA
4AMHASoIBgAA7jANBgkqhkiG9w0BAQsFAAOCAQEAEflRb8ZK38IE5nRo8wi4bxgi
uCaXYz/OezXxGbji/nmNM1FpMHrR35MGXtU/Yxcm7dWdSAUscKKW8wa492QMyMlZ
YzMSyRf+h0MFtlO7jDL26NzQPPg+jBENIdOuiCInfyUqkiRfz6eOd9YFxbLVW3/b
JcNvXhNCM9hmMoT/YEHxSPfSU2xf+8WquTbw5GtvlHKZ2QDWsQDPLtN1+N2Khs5w
sECjI0+MPr9Lc5Sx3COLll7devmd5AMPVwvBW8qwmlr/9Q+rpaJLWYBSmG/hd4RI
7l3VJkGs+IV05IfDTBo8yC2+LTPfAA6A38/n0KABojxgDsyJJs02xVNoEg+j9A==
-----END CERTIFICATE-----
Generated at Wed Sep 20 13:29:14 2023 by rpki-client on console-fra.rpki-client.org