Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Bf3S4YtGHSKSZioLUhH9IF3UlYk.roa
File: Bf3S4YtGHSKSZioLUhH9IF3UlYk.roa (raw, json)
Hash identifier: V95Fvb10YRuUlAPagLTykClI3VWg/BDUXWLNnewm2GE=
Subject key identifier: 05:FD:D2:E1:8B:46:1D:22:92:66:2A:0B:52:11:FD:20:5D:D4:95:89
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CC7952D87287F4E12648C45C1E42EA5E0
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Bf3S4YtGHSKSZioLUhH9IF3UlYk.roa
Signing time: Tue 02 Jan 2024 00:31:31 +0000
ROA not before: Tue 02 Jan 2024 00:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62904
IP address blocks: 147.45.120.0/22 maxlen: 22
147.45.124.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Jan 2024 10:56:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:2d:87:28:7f:4e:12:64:8c:45:c1:e4:2e:a5:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 2 00:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05fdd2e18b461d2292662a0b5211fd205dd49589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d4:f5:ef:02:0f:8c:a3:a6:7e:04:9c:e6:15:
9d:71:73:9a:28:cb:7c:61:c4:05:dd:fd:d7:2d:3a:
1c:d1:f7:03:ac:0d:5e:1a:ca:0f:e6:25:b2:21:3e:
82:cd:3c:a4:a0:a7:1d:ba:de:1a:de:a7:5d:d7:d4:
9c:c1:74:a0:7a:f1:b3:46:24:4d:b0:fc:83:66:3e:
fa:a0:30:47:a7:82:72:fb:6a:5d:22:62:60:07:47:
3b:82:f6:0b:f9:e7:49:27:23:66:9b:6d:d4:b2:4c:
6b:05:2e:5e:b4:8f:b7:60:e0:bb:8e:06:a9:3a:9d:
7f:6c:f3:ab:c0:f6:7b:64:62:71:dc:66:d8:38:93:
36:b4:f3:5c:41:8b:da:97:ab:62:36:2b:30:1b:ee:
99:cb:7f:d8:a5:36:57:64:21:e3:c2:4b:1b:50:ee:
9d:39:2e:9d:d3:fc:0d:55:bb:c8:dd:13:e8:db:61:
fa:f4:3f:4a:21:71:ab:6d:57:10:56:93:eb:c1:36:
61:25:49:66:3c:db:57:93:ea:5b:90:29:61:41:dc:
cc:27:b6:98:bd:cf:aa:33:d0:3b:6a:6c:bd:89:16:
70:b0:bd:8b:ce:1f:a7:06:4a:55:4e:34:a0:62:f1:
56:ee:d8:3c:24:1a:9a:5d:09:4f:74:37:16:f1:a3:
9f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:FD:D2:E1:8B:46:1D:22:92:66:2A:0B:52:11:FD:20:5D:D4:95:89
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Bf3S4YtGHSKSZioLUhH9IF3UlYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.120.0/21
Signature Algorithm: sha256WithRSAEncryption
77:de:00:08:e0:39:e2:6d:57:64:4b:ff:eb:a2:0e:8e:8f:9a:
b4:38:c3:f4:db:94:2e:7b:a8:12:a5:8e:2d:17:2f:ca:81:16:
b0:c0:c1:0a:49:b8:2f:aa:9b:82:38:05:cd:ff:e7:25:d3:1c:
90:32:3f:e5:73:de:45:a5:88:01:59:4c:72:0c:9c:1a:1d:4d:
d3:0b:95:a9:4b:08:58:99:29:52:fa:fc:fe:8e:66:e1:58:10:
93:2d:a6:b5:03:8a:d3:70:5a:2c:e8:57:3e:c6:f8:3a:07:a3:
33:e3:83:38:ff:7e:62:b7:c3:5d:0e:f3:b1:0c:21:41:05:61:
f7:42:4a:4d:41:a6:9f:2b:06:98:10:5d:62:06:09:c8:3f:6e:
8e:4e:40:94:54:7c:db:01:82:e8:08:c8:9e:58:5d:56:d6:3d:
de:b7:05:60:b8:5e:11:29:23:a0:5e:79:04:7c:ca:82:93:5e:
e2:cf:23:ed:3f:6b:56:f4:d5:ad:10:8c:a8:73:46:2b:e4:61:
3a:9a:b8:93:46:8f:98:36:b3:c1:a6:73:2d:5a:53:73:6f:6b:
39:01:4e:8a:59:ce:71:7d:18:4f:6f:9b:79:86:18:93:78:4a:
3c:fa:b9:cd:24:98:90:28:5b:93:e7:b9:56:06:65:29:0b:c1:
b5:11:57:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlS2HKH9OEmSMRcHkLqXgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWZkZDJlMThiNDYxZDIyOTI2NjJhMGI1MjExZmQyMDVkZDQ5NTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9T17wIPjKOmfgSc5hWdcXOaKMt8
YcQF3f3XLToc0fcDrA1eGsoP5iWyIT6CzTykoKcdut4a3qdd19ScwXSgevGzRiRN
sPyDZj76oDBHp4Jy+2pdImJgB0c7gvYL+edJJyNmm23UskxrBS5etI+3YOC7jgap
Op1/bPOrwPZ7ZGJx3GbYOJM2tPNcQYval6tiNiswG+6Zy3/YpTZXZCHjwksbUO6d
OS6d0/wNVbvI3RPo22H69D9KIXGrbVcQVpPrwTZhJUlmPNtXk+pbkClhQdzMJ7aY
vc+qM9A7amy9iRZwsL2Lzh+nBkpVTjSgYvFW7tg8JBqaXQlPdDcW8aOf7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAX90uGLRh0ikmYqC1IR/SBd1JWJMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvQmYzUzRZdEdIU0tTWmlvTFVoSDlJRjNVbFlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDky14MA0G
CSqGSIb3DQEBCwUAA4IBAQB33gAI4DnibVdkS//rog6Oj5q0OMP025Que6gSpY4t
Fy/KgRawwMEKSbgvqpuCOAXN/+cl0xyQMj/lc95FpYgBWUxyDJwaHU3TC5WpSwhY
mSlS+vz+jmbhWBCTLaa1A4rTcFos6Fc+xvg6B6Mz44M4/35it8NdDvOxDCFBBWH3
QkpNQaafKwaYEF1iBgnIP26OTkCUVHzbAYLoCMieWF1W1j3etwVguF4RKSOgXnkE
fMqCk17izyPtP2tW9NWtEIyoc0Yr5GE6mriTRo+YNrPBpnMtWlNzb2s5AU6KWc5x
fRhPb5t5hhiTeEo8+rnNJJiQKFuT57lWBmUpC8G1EVcM
-----END CERTIFICATE-----
Generated at Sat Jan 27 11:40:56 2024 by rpki-client on console-fra.rpki-client.org