Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/bfGq1S6YrWQtx7oUo4qBDzaHGFc.roa
File: bfGq1S6YrWQtx7oUo4qBDzaHGFc.roa (raw, json)
Hash identifier: u/oArm2TYkY+WQdvgIe3Gp3UPyozz8C1kkU/UOxnaAk=
Subject key identifier: 6D:F1:AA:D5:2E:98:AD:64:2D:C7:BA:14:A3:8A:81:0F:36:87:18:57
Certificate issuer: /CN=1d2cdcb9c76f5e0ce0c385d7e0ef15572d15a54c
Certificate serial: 01875186FFD7FDB3759EE89162148F03458D
Authority key identifier: 1D:2C:DC:B9:C7:6F:5E:0C:E0:C3:85:D7:E0:EF:15:57:2D:15:A5:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HSzcucdvXgzgw4XX4O8VVy0VpUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/bfGq1S6YrWQtx7oUo4qBDzaHGFc.roa
Signing time: Wed 05 Apr 2023 13:06:54 +0000
ROA not before: Wed 05 Apr 2023 13:06:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 132.66.0.0/16 maxlen: 16
132.66.18.0/24 maxlen: 24
132.66.251.0/24 maxlen: 24
132.67.0.0/16 maxlen: 16
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:51:86:ff:d7:fd:b3:75:9e:e8:91:62:14:8f:03:45:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d2cdcb9c76f5e0ce0c385d7e0ef15572d15a54c
Validity
Not Before: Apr 5 13:06:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6df1aad52e98ad642dc7ba14a38a810f36871857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e7:80:27:e1:8c:ad:28:f2:ef:3a:2b:8b:c6:
5a:8d:02:94:49:24:cb:d9:1c:17:71:72:f8:f6:87:
58:f8:cc:38:04:2c:09:69:5a:a9:5d:a8:ad:26:3b:
e1:31:8a:d1:bb:51:c4:ea:f1:91:39:90:fd:d4:01:
c6:7e:9a:6b:30:59:66:ed:9a:18:dc:e3:05:23:9c:
0d:d4:ee:b0:6f:3f:45:ae:9d:f8:66:70:be:c8:8e:
4c:dd:ad:c8:f2:b6:00:32:49:e3:0b:32:2d:72:26:
4b:af:bd:22:89:6d:f8:cf:fc:30:63:17:0a:48:f2:
7f:44:bc:79:96:da:be:80:c2:06:ea:64:52:b5:9f:
d7:a0:12:a8:1f:9f:74:64:c9:33:9d:7b:e0:16:cf:
1a:89:c9:d1:3b:57:74:b4:41:76:0d:f4:b4:87:8f:
50:a4:ac:c1:7d:48:b7:99:ed:d0:87:f3:14:6f:f9:
27:95:35:e3:5a:8a:55:39:01:26:ff:dc:38:f9:f5:
a0:47:bc:44:a3:23:78:ab:0b:38:d0:c8:2e:44:c5:
11:f7:9e:b4:7a:cc:a2:d3:fe:41:c2:9a:97:49:0b:
21:1a:b7:de:ba:cc:e6:b7:51:9e:04:d0:7f:5f:57:
00:21:42:f9:cc:cf:bf:c0:a6:c8:bf:3a:72:13:ee:
9f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F1:AA:D5:2E:98:AD:64:2D:C7:BA:14:A3:8A:81:0F:36:87:18:57
X509v3 Authority Key Identifier:
keyid:1D:2C:DC:B9:C7:6F:5E:0C:E0:C3:85:D7:E0:EF:15:57:2D:15:A5:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSzcucdvXgzgw4XX4O8VVy0VpUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/bfGq1S6YrWQtx7oUo4qBDzaHGFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b66666-b3b7-4248-ae65-760e4ee4c6b2/1/HSzcucdvXgzgw4XX4O8VVy0VpUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.66.0.0/15
Signature Algorithm: sha256WithRSAEncryption
21:71:c5:95:46:e3:5e:65:4d:08:19:06:2d:d4:df:cc:48:23:
6e:e5:3e:94:c7:07:f8:f2:f2:08:15:97:e4:7b:65:ce:a8:ae:
7a:39:7b:b3:83:96:2d:1c:8b:99:8c:34:6b:6c:2b:7d:81:c7:
95:02:ff:2a:ee:69:24:35:72:5b:cd:4f:d0:39:be:ab:5c:8d:
f1:96:88:d5:31:44:56:18:16:7e:ad:9b:f6:d9:1e:38:72:b9:
52:cb:71:9e:e9:3c:70:0c:bb:8e:e0:99:d2:53:0a:bc:d7:ce:
4a:be:ef:22:59:dc:b7:d8:22:3e:01:a8:af:00:51:d1:51:d7:
1d:16:24:78:3d:41:85:ad:82:13:17:c3:e0:2c:5c:31:b8:6a:
2f:27:b3:17:56:ec:ae:bf:8f:ce:08:de:51:27:97:ad:44:53:
4e:a2:c7:ce:eb:e6:c6:f4:51:df:bf:16:13:58:8a:c7:82:6b:
fa:b5:26:8c:c8:4a:b5:54:7e:88:73:20:ac:0d:29:6e:f4:7f:
ec:b3:99:b8:32:3c:a6:b2:52:a4:62:35:a2:6a:63:63:77:fa:
49:c1:d9:e1:24:0f:24:84:0f:bb:89:21:89:18:6e:b6:81:92:
0d:94:3c:a8:da:da:89:cb:43:20:a0:05:5e:60:2a:93:b4:5b:
c5:53:df:f4
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYdRhv/X/bN1nuiRYhSPA0WNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMmNkY2I5Yzc2ZjVlMGNlMGMzODVkN2UwZWYxNTU3MmQx
NWE1NGMwHhcNMjMwNDA1MTMwNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGYxYWFkNTJlOThhZDY0MmRjN2JhMTRhMzhhODEwZjM2ODcxODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeeAJ+GMrSjy7zori8ZajQKUSSTL
2RwXcXL49odY+Mw4BCwJaVqpXaitJjvhMYrRu1HE6vGROZD91AHGfpprMFlm7ZoY
3OMFI5wN1O6wbz9Frp34ZnC+yI5M3a3I8rYAMknjCzItciZLr70iiW34z/wwYxcK
SPJ/RLx5ltq+gMIG6mRStZ/XoBKoH590ZMkznXvgFs8aicnRO1d0tEF2DfS0h49Q
pKzBfUi3me3Qh/MUb/knlTXjWopVOQEm/9w4+fWgR7xEoyN4qws40MguRMUR9560
esyi0/5BwpqXSQshGrfeuszmt1GeBNB/X1cAIUL5zM+/wKbIvzpyE+6fzQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFG3xqtUumK1kLce6FKOKgQ82hxhXMB8GA1UdIwQY
MBaAFB0s3LnHb14M4MOF1+DvFVctFaVMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFN6Y3VjZHZYZ3pndzRYWDRPOFZWeTBWcFV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iNjY2NjYtYjNiNy00MjQ4LWFlNjUt
NzYwZTRlZTRjNmIyLzEvYmZHcTFTNllyV1F0eDdvVW80cUJEemFIR0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iNjY2NjYtYjNiNy00MjQ4LWFlNjUtNzYwZTRlZTRjNmIy
LzEvSFN6Y3VjZHZYZ3pndzRYWDRPOFZWeTBWcFV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEIwDQYJ
KoZIhvcNAQELBQADggEBACFxxZVG415lTQgZBi3U38xII27lPpTHB/jy8ggVl+R7
Zc6orno5e7ODli0ci5mMNGtsK32Bx5UC/yruaSQ1clvNT9A5vqtcjfGWiNUxRFYY
Fn6tm/bZHjhyuVLLcZ7pPHAMu47gmdJTCrzXzkq+7yJZ3LfYIj4BqK8AUdFR1x0W
JHg9QYWtghMXw+AsXDG4ai8nsxdW7K6/j84I3lEnl61EU06ix87r5sb0Ud+/FhNY
iseCa/q1JozISrVUfohzIKwNKW70f+yzmbgyPKayUqRiNaJqY2N3+knB2eEkDySE
D7uJIYkYbraBkg2UPKja2onLQyCgBV5gKpO0W8VT3/Q=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:48 2023 by rpki-client on console-ams.rpki-client.org