Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/BxE7sceHJg1DDRu2VDAysrd_2t0.roa
File: BxE7sceHJg1DDRu2VDAysrd_2t0.roa (raw, json)
Hash identifier: WStobhVQ4BYUt/aSPBvQl88hnjJ6ykskMD0xnEyHrdY=
Subject key identifier: 07:11:3B:B1:C7:87:26:0D:43:0D:1B:B6:54:30:32:B2:B7:7F:DA:DD
Certificate issuer: /CN=d038c338b128f83adec2f69d93c32c5353ca0398
Certificate serial: 0189D8DBA038F81C5365C6D96B47CA87989F
Authority key identifier: D0:38:C3:38:B1:28:F8:3A:DE:C2:F6:9D:93:C3:2C:53:53:CA:03:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0DjDOLEo-Drewvadk8MsU1PKA5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/BxE7sceHJg1DDRu2VDAysrd_2t0.roa
Signing time: Wed 09 Aug 2023 05:53:39 +0000
ROA not before: Wed 09 Aug 2023 05:53:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 559
IP address blocks: 192.41.132.0/22 maxlen: 22
130.60.0.0/16 maxlen: 16
192.41.136.0/24 maxlen: 24
185.207.118.0/23 maxlen: 24
185.207.117.0/24 maxlen: 24
192.12.247.0/24 maxlen: 24
89.206.64.0/18 maxlen: 18
2001:67c:16dc::/48 maxlen: 48
2a0b:2040::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 07 Dec 2023 13:22:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d8:db:a0:38:f8:1c:53:65:c6:d9:6b:47:ca:87:98:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d038c338b128f83adec2f69d93c32c5353ca0398
Validity
Not Before: Aug 9 05:53:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07113bb1c787260d430d1bb6543032b2b77fdadd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:dd:e4:c7:e5:5d:76:5e:f8:b7:27:5e:b5:62:
cc:87:f8:20:ee:bc:d5:51:1a:71:f0:eb:15:10:39:
87:6b:43:af:31:33:9c:00:1f:65:59:ca:a3:bb:9a:
50:53:46:47:89:02:50:63:59:2d:fa:88:36:11:4b:
a3:aa:2d:1c:4f:62:0a:ed:1b:62:a9:33:7f:64:5d:
5c:fc:e0:9a:38:86:14:a2:42:0c:5c:5b:6f:f2:a6:
13:f5:e5:6c:ad:96:58:aa:fb:d3:48:a2:b5:0e:6c:
d0:b9:b9:3a:91:2c:fa:00:ea:a2:49:2b:5b:83:09:
18:81:25:50:1b:96:91:f6:6e:53:1e:5a:69:a5:48:
18:f1:e8:aa:66:ab:71:bf:af:3d:17:09:2b:a8:2d:
36:61:5f:37:a1:7b:a9:f2:9a:97:16:d7:61:a5:03:
cf:00:4d:45:4a:e7:83:3c:04:b3:78:d5:cb:79:bc:
a9:97:60:a1:f0:e5:67:d0:d9:89:8e:5d:f7:18:7d:
14:44:f3:ef:59:b3:2a:30:cb:60:08:98:f7:76:1b:
f0:7b:2a:3c:ec:27:41:a9:03:32:f1:b4:cd:be:f4:
27:4f:ab:51:53:5e:65:5a:b7:18:41:b7:63:b4:dc:
c8:36:46:92:5f:f0:db:bd:ac:bc:34:9a:bf:99:ea:
f6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:11:3B:B1:C7:87:26:0D:43:0D:1B:B6:54:30:32:B2:B7:7F:DA:DD
X509v3 Authority Key Identifier:
keyid:D0:38:C3:38:B1:28:F8:3A:DE:C2:F6:9D:93:C3:2C:53:53:CA:03:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DjDOLEo-Drewvadk8MsU1PKA5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/BxE7sceHJg1DDRu2VDAysrd_2t0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.206.64.0/18
130.60.0.0/16
185.207.117.0-185.207.119.255
192.12.247.0/24
192.41.132.0-192.41.136.255
IPv6:
2001:67c:16dc::/48
2a0b:2040::/29
Signature Algorithm: sha256WithRSAEncryption
94:00:8f:8f:66:05:2a:91:37:9b:f3:5d:0b:71:3f:66:55:22:
9f:a3:da:01:bd:1e:22:43:d1:63:4b:8c:45:5c:41:32:d0:14:
9a:6c:69:11:e1:56:03:15:ae:f5:7c:58:bf:3a:aa:b4:ed:c9:
a3:71:b0:c8:58:81:15:d6:23:88:32:98:3f:bb:fb:10:fe:ec:
e6:c4:69:de:23:93:6b:8b:48:b9:e9:3a:39:8f:dd:bf:2a:74:
ca:c5:43:b0:c4:7b:2a:cf:08:f9:4b:0f:e6:2c:44:44:9e:ae:
fc:b9:14:c6:27:16:50:c7:80:58:13:38:84:10:08:0d:97:e3:
6a:1f:ea:ac:c4:69:27:d6:b6:32:f1:20:2f:fa:e2:d5:5e:31:
1a:25:7a:c6:26:cc:04:9f:69:fd:3e:fd:eb:fd:92:56:f2:f9:
b3:d7:b4:8c:96:04:09:a7:06:a1:d7:32:13:df:90:08:aa:46:
b4:7e:d3:ce:ee:90:cf:91:c2:96:5d:a0:09:34:ee:11:9c:f7:
7d:a7:07:06:2a:16:76:e5:77:06:7f:a0:c4:87:be:d4:4f:70:
d1:74:65:f3:bd:16:38:b7:d9:c0:55:72:8a:bf:06:4f:ec:15:
d2:5e:ac:a3:36:3f:bc:85:00:6b:d8:c7:81:5c:b4:80:52:2e:
58:48:a5:d5
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYnY26A4+BxTZcbZa0fKh5ifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMzhjMzM4YjEyOGY4M2FkZWMyZjY5ZDkzYzMyYzUzNTNj
YTAzOTgwHhcNMjMwODA5MDU1MzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzExM2JiMWM3ODcyNjBkNDMwZDFiYjY1NDMwMzJiMmI3N2ZkYWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod3kx+Vddl74tydetWLMh/gg7rzV
URpx8OsVEDmHa0OvMTOcAB9lWcqju5pQU0ZHiQJQY1kt+og2EUujqi0cT2IK7Rti
qTN/ZF1c/OCaOIYUokIMXFtv8qYT9eVsrZZYqvvTSKK1DmzQubk6kSz6AOqiSStb
gwkYgSVQG5aR9m5THlpppUgY8eiqZqtxv689FwkrqC02YV83oXup8pqXFtdhpQPP
AE1FSueDPASzeNXLebypl2Ch8OVn0NmJjl33GH0URPPvWbMqMMtgCJj3dhvweyo8
7CdBqQMy8bTNvvQnT6tRU15lWrcYQbdjtNzINkaSX/Dbvay8NJq/mer2jQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFAcRO7HHhyYNQw0btlQwMrK3f9rdMB8GA1UdIwQY
MBaAFNA4wzixKPg63sL2nZPDLFNTygOYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERqRE9MRW8tRHJld3ZhZGs4TXNVMVBLQTVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85MjVmOTEtMzBjNS00YTZiLWExNDkt
OWJmOGIxZWYyZTk2LzEvQnhFN3NjZUhKZzFERFJ1MlZEQXlzcmRfMnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS85MjVmOTEtMzBjNS00YTZiLWExNDktOWJmOGIxZWYyZTk2
LzEvMERqRE9MRW8tRHJld3ZhZGs4TXNVMVBLQTVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAzBAIAATAtAwQGWc5AAwMA
gjwwDAMEALnPdQMEA7nPcAMEAMAM9zAMAwQCwCmEAwQAwCmIMBYEAgACMBADBwAg
AQZ8FtwDBQMqCyBAMA0GCSqGSIb3DQEBCwUAA4IBAQCUAI+PZgUqkTeb810LcT9m
VSKfo9oBvR4iQ9FjS4xFXEEy0BSabGkR4VYDFa71fFi/Oqq07cmjcbDIWIEV1iOI
Mpg/u/sQ/uzmxGneI5Nri0i56To5j92/KnTKxUOwxHsqzwj5Sw/mLEREnq78uRTG
JxZQx4BYEziEEAgNl+NqH+qsxGkn1rYy8SAv+uLVXjEaJXrGJswEn2n9Pv3r/ZJW
8vmz17SMlgQJpwah1zIT35AIqka0ftPO7pDPkcKWXaAJNO4RnPd9pwcGKhZ25XcG
f6DEh77UT3DRdGXzvRY4t9nAVXKKvwZP7BXSXqyjNj+8hQBr2MeBXLSAUi5YSKXV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:37 2024 by rpki-client on console-fra.rpki-client.org