Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Bc0xost0laW20z5IKjim9c3NbNs.roa
File: Bc0xost0laW20z5IKjim9c3NbNs.roa (raw, json)
Hash identifier: Wc4KSMD5meAaEltSlHOOe13IGAIO8qOz50H8pSKB8ok=
Subject key identifier: 05:CD:31:A2:CB:74:95:A5:B6:D3:3E:48:2A:38:A6:F5:CD:CD:6C:DB
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F0240B085352B32B4BA11DC6E1967B9
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Bc0xost0laW20z5IKjim9c3NbNs.roa
Signing time: Sun 01 Jan 2023 20:24:56 +0000
ROA not before: Sun 01 Jan 2023 20:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42979
IP address blocks: 85.254.1.0/24 maxlen: 24
85.254.3.0/24 maxlen: 24
2a02:610:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:40:b0:85:35:2b:32:b4:ba:11:dc:6e:19:67:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05cd31a2cb7495a5b6d33e482a38a6f5cdcd6cdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cd:25:2c:9c:0a:ca:47:22:8d:2a:78:0b:27:
db:f9:f7:21:50:d0:83:07:be:d8:40:8f:3d:37:e7:
69:9a:30:2b:c3:39:92:9a:fa:64:2e:db:51:18:16:
f9:7e:b9:66:fd:e2:cc:0a:44:27:ba:c4:79:92:e8:
04:a8:9a:d4:6b:50:e9:f3:4f:f7:e0:2c:b2:14:25:
1d:ed:4b:5c:77:b3:7d:8f:a9:b8:c1:df:81:40:23:
2d:45:c4:77:85:b7:de:b1:3e:35:b1:05:23:aa:8a:
d3:cf:7b:e3:52:bf:0e:ba:3e:81:79:56:83:d2:30:
a7:c8:fb:de:c7:a9:aa:f9:6b:09:30:c7:63:d8:46:
74:fc:73:16:eb:76:b5:48:d0:c5:be:a3:2b:55:93:
c1:3d:28:7c:75:b8:e9:85:d3:bc:4b:f3:50:c6:bc:
2a:8d:f5:6c:49:61:65:a5:3b:be:26:9b:b2:dd:95:
dd:b1:b0:ca:d1:1e:c6:c2:f3:cd:07:b9:31:b7:ea:
1c:4c:eb:09:61:a4:3b:2e:b6:87:c8:af:e0:29:ff:
16:79:9b:34:cd:63:33:92:5c:a2:d6:62:f0:bf:e9:
1d:f5:34:07:58:ae:10:49:8f:49:45:d4:85:0c:34:
96:4a:0a:4a:ea:72:a3:8d:05:9f:d2:0a:66:ec:66:
7c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:CD:31:A2:CB:74:95:A5:B6:D3:3E:48:2A:38:A6:F5:CD:CD:6C:DB
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Bc0xost0laW20z5IKjim9c3NbNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.1.0/24
85.254.3.0/24
IPv6:
2a02:610:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
32:9b:c6:de:57:00:60:91:44:51:54:57:8e:d1:5f:b3:f9:f9:
9f:ad:53:1d:ef:e3:74:0d:37:b0:d6:d1:73:3d:ce:21:86:0c:
7c:a3:56:ff:90:88:ec:53:c7:6b:19:96:99:44:a5:8b:01:dd:
83:f5:e5:ba:5f:36:bd:20:5b:95:19:81:d2:a3:f9:51:06:5d:
c0:5b:c6:34:fb:b3:4e:7f:10:75:1d:ca:1a:38:05:b9:55:9e:
a2:a8:5e:24:06:93:3e:ff:e1:eb:98:dc:57:29:2a:0e:dc:32:
c1:3f:6f:1b:6c:03:a7:06:a8:14:3b:76:00:62:35:27:7a:34:
b6:0e:3a:40:78:84:19:9c:6c:b9:b4:b7:a0:db:ce:4f:3b:e9:
10:51:2b:6d:24:a0:19:05:23:0b:97:53:7f:5e:f8:29:b5:48:
4b:da:34:6e:04:86:2c:de:9a:4b:d7:cb:4a:f9:e6:69:95:26:
fb:a4:82:c6:1f:76:12:3b:96:fb:d9:87:97:a6:9c:4a:6a:f1:
bb:17:6e:4e:54:8b:ed:d7:a7:1b:2d:b8:1e:79:be:6b:7e:b7:
4c:94:6f:f9:20:bf:14:a2:9d:c0:d7:a6:72:b6:3f:1c:fe:53:
8f:20:7a:7a:46:d8:4f:57:88:79:a5:c3:7d:84:77:e7:61:7b:
fc:a9:5a:6b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVvAkCwhTUrMrS6EdxuGWe5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWNkMzFhMmNiNzQ5NWE1YjZkMzNlNDgyYTM4YTZmNWNkY2Q2Y2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsc0lLJwKykcijSp4Cyfb+fchUNCD
B77YQI89N+dpmjArwzmSmvpkLttRGBb5frlm/eLMCkQnusR5kugEqJrUa1Dp80/3
4CyyFCUd7Utcd7N9j6m4wd+BQCMtRcR3hbfesT41sQUjqorTz3vjUr8Ouj6BeVaD
0jCnyPvex6mq+WsJMMdj2EZ0/HMW63a1SNDFvqMrVZPBPSh8dbjphdO8S/NQxrwq
jfVsSWFlpTu+Jpuy3ZXdsbDK0R7GwvPNB7kxt+ocTOsJYaQ7LraHyK/gKf8WeZs0
zWMzklyi1mLwv+kd9TQHWK4QSY9JRdSFDDSWSgpK6nKjjQWf0gpm7GZ8pQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAXNMaLLdJWlttM+SCo4pvXNzWzbMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvQmMweG9zdDBsYVcyMHo1SUtqaW05YzNOYk5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAVf4BAwQA
Vf4DMA8EAgACMAkDBwAqAgYQ//8wDQYJKoZIhvcNAQELBQADggEBADKbxt5XAGCR
RFFUV47RX7P5+Z+tUx3v43QNN7DW0XM9ziGGDHyjVv+QiOxTx2sZlplEpYsB3YP1
5bpfNr0gW5UZgdKj+VEGXcBbxjT7s05/EHUdyho4BblVnqKoXiQGkz7/4euY3Fcp
Kg7cMsE/bxtsA6cGqBQ7dgBiNSd6NLYOOkB4hBmcbLm0t6Dbzk876RBRK20koBkF
IwuXU39e+Cm1SEvaNG4EhizemkvXy0r55mmVJvukgsYfdhI7lvvZh5emnEpq8bsX
bk5Ui+3XpxstuB55vmt+t0yUb/kgvxSincDXpnK2Pxz+U48genpG2E9XiHmlw32E
d+dhe/ypWms=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:38 2024 by rpki-client on console-fra.rpki-client.org