Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/BGXdze1ayE6vjROY84K1wtbP0Js.roa
File: BGXdze1ayE6vjROY84K1wtbP0Js.roa (raw, json)
Hash identifier: 43yEXydf40cuOYzk3ILOWVmEXUDJeIcSeJoTLRe1SrA=
Subject key identifier: 04:65:DD:CD:ED:5A:C8:4E:AF:8D:13:98:F3:82:B5:C2:D6:CF:D0:9B
Certificate issuer: /CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Certificate serial: 018CC5DC628294B617DE0FAB5256BEF66472
Authority key identifier: 15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/BGXdze1ayE6vjROY84K1wtbP0Js.roa
Signing time: Mon 01 Jan 2024 16:30:03 +0000
ROA not before: Mon 01 Jan 2024 16:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15943
IP address blocks: 147.78.88.0/22 maxlen: 22
147.78.91.0/24 maxlen: 24
2a09:2040:ffff::/48 maxlen: 48
2a09:2040::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:62:82:94:b6:17:de:0f:ab:52:56:be:f6:64:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Validity
Not Before: Jan 1 16:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0465ddcded5ac84eaf8d1398f382b5c2d6cfd09b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c2:66:32:4b:33:56:24:16:ee:ff:53:10:2d:
c7:62:3f:41:ef:73:6e:46:fd:bf:71:9f:5c:99:93:
d6:17:a3:cb:89:73:ab:e6:c6:da:07:cd:a0:98:12:
35:ab:fd:d7:7d:00:2f:99:72:3c:bb:de:3a:d3:5e:
a8:3b:c0:87:b7:e1:4f:64:74:9a:9a:e1:4f:b5:fe:
9f:cd:09:74:11:83:99:e7:2f:6a:7f:eb:8f:e7:00:
8b:e6:e2:ed:e5:b9:a9:86:62:18:f9:9c:12:75:48:
4f:d0:d6:f1:a2:3e:4b:e4:a1:4a:86:c6:de:66:75:
0b:d3:23:f3:9d:07:a0:1e:4b:e2:07:69:39:71:cd:
8a:59:5d:08:0d:b5:b1:af:37:75:43:cb:46:3f:5f:
49:ad:a0:4b:b4:a0:e8:49:ca:0b:48:68:e1:35:20:
c6:42:cf:8d:85:b4:73:b7:d6:05:1b:0a:8c:18:c2:
e2:19:97:3a:50:4a:1f:cb:67:b2:44:fd:b9:f6:50:
f6:e3:f0:89:f2:36:1a:cc:47:e1:0e:7e:db:65:0f:
0a:64:4e:dd:ce:81:4f:db:c1:bb:2b:ae:7c:92:78:
c7:fd:6d:71:26:c7:81:f2:7e:6e:af:67:aa:e2:19:
b5:f3:63:68:a6:72:6b:98:bd:e4:bc:02:13:2d:c5:
b8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:65:DD:CD:ED:5A:C8:4E:AF:8D:13:98:F3:82:B5:C2:D6:CF:D0:9B
X509v3 Authority Key Identifier:
keyid:15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/BGXdze1ayE6vjROY84K1wtbP0Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/FRRT9ILNp468mWJdgLD_w2YPlfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.88.0/22
IPv6:
2a09:2040::/29
Signature Algorithm: sha256WithRSAEncryption
56:55:39:21:80:53:c9:2e:23:d7:c9:65:6c:dc:79:b2:20:e9:
62:b3:c9:4f:eb:73:cf:f6:06:c5:25:f8:cf:18:5d:73:0c:7c:
dd:70:67:76:fa:91:14:7b:8c:7d:e9:b5:b9:d6:42:8c:e9:39:
0e:f4:d6:82:d5:ed:ef:06:35:47:43:c8:2d:2f:fe:0d:1b:4c:
13:e2:07:8a:6d:30:27:90:0e:7d:56:b3:a6:f7:3c:c2:59:76:
17:30:bc:7a:48:19:49:2c:87:00:c1:2d:14:a1:74:07:5c:94:
01:8f:e0:6f:63:c1:c4:c7:26:dc:eb:92:c7:f3:ef:9e:ad:6c:
84:0c:88:d6:54:fb:97:c2:89:56:f3:35:6f:1e:dd:b6:19:81:
f8:94:72:e9:08:ff:82:05:fb:9c:f1:ee:b5:23:3f:32:b3:f7:
64:84:cd:09:f3:73:2e:c1:28:10:d1:ac:a9:f8:e8:9e:6f:f8:
d1:0b:c2:f6:d9:2a:b3:5b:03:49:cf:22:88:c3:b6:c2:cf:6b:
4a:3c:53:7e:b7:38:06:33:f3:e1:23:18:22:1b:56:3d:07:0c:
7a:a0:36:c8:a2:e5:06:d5:54:62:1f:14:eb:4a:6c:f7:88:6e:
6b:e1:3b:41:1e:a8:7f:75:80:a9:f7:59:8a:9b:ed:2f:04:4f:
7d:27:0f:57
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3GKClLYX3g+rUla+9mRyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MTQ1M2Y0ODJjZGE3OGViYzk5NjI1ZDgwYjBmZmMzNjYw
Zjk1ZjIwHhcNMjQwMTAxMTYzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDY1ZGRjZGVkNWFjODRlYWY4ZDEzOThmMzgyYjVjMmQ2Y2ZkMDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8JmMkszViQW7v9TEC3HYj9B73Nu
Rv2/cZ9cmZPWF6PLiXOr5sbaB82gmBI1q/3XfQAvmXI8u946016oO8CHt+FPZHSa
muFPtf6fzQl0EYOZ5y9qf+uP5wCL5uLt5bmphmIY+ZwSdUhP0Nbxoj5L5KFKhsbe
ZnUL0yPznQegHkviB2k5cc2KWV0IDbWxrzd1Q8tGP19JraBLtKDoScoLSGjhNSDG
Qs+NhbRzt9YFGwqMGMLiGZc6UEofy2eyRP259lD24/CJ8jYazEfhDn7bZQ8KZE7d
zoFP28G7K658knjH/W1xJseB8n5ur2eq4hm182NopnJrmL3kvAITLcW4owIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFARl3c3tWshOr40TmPOCtcLWz9CbMB8GA1UdIwQY
MBaAFBUUU/SCzaeOvJliXYCw/8NmD5XyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODct
M2JjYjhiZjhiYmZlLzEvQkdYZHplMWF5RTZ2alJPWTg0SzF3dGJQMEpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODctM2JjYjhiZjhiYmZl
LzEvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCk05YMA0E
AgACMAcDBQMqCSBAMA0GCSqGSIb3DQEBCwUAA4IBAQBWVTkhgFPJLiPXyWVs3Hmy
IOlis8lP63PP9gbFJfjPGF1zDHzdcGd2+pEUe4x96bW51kKM6TkO9NaC1e3vBjVH
Q8gtL/4NG0wT4geKbTAnkA59VrOm9zzCWXYXMLx6SBlJLIcAwS0UoXQHXJQBj+Bv
Y8HExybc65LH8++erWyEDIjWVPuXwolW8zVvHt22GYH4lHLpCP+CBfuc8e61Iz8y
s/dkhM0J83MuwSgQ0ayp+Oieb/jRC8L22SqzWwNJzyKIw7bCz2tKPFN+tzgGM/Ph
IxgiG1Y9Bwx6oDbIouUG1VRiHxTrSmz3iG5r4TtBHqh/dYCp91mKm+0vBE99Jw9X
-----END CERTIFICATE-----
Generated at Wed Jan 3 10:27:23 2024 by rpki-client on console-fra.rpki-client.org