Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/bwxIeq7o4k6eeMn06fWlK2dFoSE.roa
File: bwxIeq7o4k6eeMn06fWlK2dFoSE.roa (raw, json)
Hash identifier: GgvEjbVJ70w1Ap6EUygiPLu7mmfcceBc5akcATyq2EE=
Subject key identifier: 6F:0C:48:7A:AE:E8:E2:4E:9E:78:C9:F4:E9:F5:A5:2B:67:45:A1:21
Certificate issuer: /CN=7dc8911682bc5ca71cece1efe3ac135bfdb59dd6
Certificate serial: 01856E666BD1753D63359A4E1011C474E36C
Authority key identifier: 7D:C8:91:16:82:BC:5C:A7:1C:EC:E1:EF:E3:AC:13:5B:FD:B5:9D:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fciRFoK8XKcc7OHv46wTW_21ndY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/bwxIeq7o4k6eeMn06fWlK2dFoSE.roa
Signing time: Sun 01 Jan 2023 17:34:43 +0000
ROA not before: Sun 01 Jan 2023 17:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8549
IP address blocks: 87.237.88.0/21 maxlen: 22
80.77.208.0/20 maxlen: 24
193.24.32.0/22 maxlen: 22
185.199.192.0/22 maxlen: 22
2a03:f00::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:66:6b:d1:75:3d:63:35:9a:4e:10:11:c4:74:e3:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dc8911682bc5ca71cece1efe3ac135bfdb59dd6
Validity
Not Before: Jan 1 17:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f0c487aaee8e24e9e78c9f4e9f5a52b6745a121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ae:ec:3f:ec:09:77:0d:d4:6e:b5:1a:33:33:
38:e0:75:4f:71:53:dd:56:54:cb:b3:d2:bf:b8:c2:
fa:f4:dd:ac:cd:15:a1:72:b9:9c:c4:13:0d:ee:d5:
f0:a2:94:7c:3f:9e:5c:bb:06:c9:1b:00:ae:84:05:
8e:c9:4f:ac:85:21:ad:ec:f9:f5:e8:37:bd:a0:bd:
5e:b7:3d:5e:6a:2a:c8:f4:93:2c:5b:77:7d:3b:ef:
96:34:a0:2e:29:7c:cc:0a:3d:e9:f4:45:fb:e3:ac:
c4:5a:fd:9e:0f:5d:66:2d:5d:70:c7:fb:05:50:3d:
18:48:2e:2c:4b:69:46:66:8d:9a:9f:c7:dc:66:23:
28:1c:76:63:46:5e:dc:ea:b3:93:dd:96:0a:6a:c7:
42:41:de:3f:88:c9:62:2b:c8:a6:f3:d8:f5:10:a3:
0c:68:41:ff:95:1d:5a:f6:92:62:40:2c:cf:84:12:
fa:33:d6:92:fa:58:f1:5f:b6:c6:4b:23:a8:73:eb:
5a:f5:77:e0:1f:6d:d6:75:50:06:60:7a:ad:7c:e2:
c4:1a:ba:61:c8:e2:41:39:0e:a7:6e:7f:91:b2:c1:
79:95:08:7b:41:85:94:31:c8:a1:83:fe:b5:e0:9b:
0a:c4:df:3f:63:fd:b0:4a:d0:8f:67:c3:74:5f:3f:
5e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:0C:48:7A:AE:E8:E2:4E:9E:78:C9:F4:E9:F5:A5:2B:67:45:A1:21
X509v3 Authority Key Identifier:
keyid:7D:C8:91:16:82:BC:5C:A7:1C:EC:E1:EF:E3:AC:13:5B:FD:B5:9D:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fciRFoK8XKcc7OHv46wTW_21ndY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/bwxIeq7o4k6eeMn06fWlK2dFoSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0831bf-118c-4ece-934d-75295251b1e8/1/fciRFoK8XKcc7OHv46wTW_21ndY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.77.208.0/20
87.237.88.0/21
185.199.192.0/22
193.24.32.0/22
IPv6:
2a03:f00::/29
Signature Algorithm: sha256WithRSAEncryption
a2:32:2b:30:cc:12:8c:89:81:43:f1:9d:fe:77:a7:09:b6:8c:
cf:5f:00:84:4a:fd:87:28:e8:91:05:30:10:fc:d1:c4:ca:17:
db:15:18:6f:65:f9:fa:b8:e2:7e:03:71:ad:62:e3:6a:a8:6e:
3a:21:9d:c0:5c:79:75:a3:cf:5c:f8:2d:2e:d2:3f:cb:31:ee:
87:7a:21:67:ea:78:f7:46:60:a2:7f:8b:6d:59:e5:04:49:9a:
2f:e6:0d:44:41:34:95:8a:4f:ed:2e:d4:8a:c0:b2:7d:39:17:
9b:ea:60:60:0a:cc:91:34:c7:26:b2:5d:ff:cf:68:99:28:8d:
0f:5a:f2:a6:8f:a3:89:b3:a7:29:cf:aa:f0:81:31:16:f6:54:
e2:93:5e:cc:73:3a:5c:ea:7a:c4:2f:93:00:c7:3f:bb:e5:f4:
70:72:0e:a6:0b:4a:f5:9b:1f:14:d2:4c:38:cb:f3:9e:dc:5d:
8b:d2:34:ff:f4:ad:3f:7b:e4:1a:fa:de:eb:6f:25:c2:57:5d:
c7:ad:33:19:15:27:d5:bb:11:44:51:00:70:69:97:4a:03:97:
3d:fc:86:c4:fb:8b:8f:f7:d5:34:ed:e3:9b:f0:0d:98:c3:1a:
52:f1:13:15:75:c4:78:94:c1:1c:08:8c:b9:b3:7f:0e:49:aa:
a3:9a:d7:91
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVuZmvRdT1jNZpOEBHEdONsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYzg5MTE2ODJiYzVjYTcxY2VjZTFlZmUzYWMxMzViZmRi
NTlkZDYwHhcNMjMwMTAxMTczNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjBjNDg3YWFlZThlMjRlOWU3OGM5ZjRlOWY1YTUyYjY3NDVhMTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAla7sP+wJdw3UbrUaMzM44HVPcVPd
VlTLs9K/uML69N2szRWhcrmcxBMN7tXwopR8P55cuwbJGwCuhAWOyU+shSGt7Pn1
6De9oL1etz1eairI9JMsW3d9O++WNKAuKXzMCj3p9EX746zEWv2eD11mLV1wx/sF
UD0YSC4sS2lGZo2an8fcZiMoHHZjRl7c6rOT3ZYKasdCQd4/iMliK8im89j1EKMM
aEH/lR1a9pJiQCzPhBL6M9aS+ljxX7bGSyOoc+ta9XfgH23WdVAGYHqtfOLEGrph
yOJBOQ6nbn+RssF5lQh7QYWUMcihg/614JsKxN8/Y/2wStCPZ8N0Xz9eiwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFG8MSHqu6OJOnnjJ9On1pStnRaEhMB8GA1UdIwQY
MBaAFH3IkRaCvFynHOzh7+OsE1v9tZ3WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmNpUkZvSzhYS2NjN09IdjQ2d1RXXzIxbmRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wODMxYmYtMTE4Yy00ZWNlLTkzNGQt
NzUyOTUyNTFiMWU4LzEvYnd4SWVxN280azZlZU1uMDZmV2xLMmRGb1NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wODMxYmYtMTE4Yy00ZWNlLTkzNGQtNzUyOTUyNTFiMWU4
LzEvZmNpUkZvSzhYS2NjN09IdjQ2d1RXXzIxbmRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUE3QAwQD
V+1YAwQCucfAAwQCwRggMA0EAgACMAcDBQMqAw8AMA0GCSqGSIb3DQEBCwUAA4IB
AQCiMiswzBKMiYFD8Z3+d6cJtozPXwCESv2HKOiRBTAQ/NHEyhfbFRhvZfn6uOJ+
A3GtYuNqqG46IZ3AXHl1o89c+C0u0j/LMe6HeiFn6nj3RmCif4ttWeUESZov5g1E
QTSVik/tLtSKwLJ9OReb6mBgCsyRNMcmsl3/z2iZKI0PWvKmj6OJs6cpz6rwgTEW
9lTik17Mczpc6nrEL5MAxz+75fRwcg6mC0r1mx8U0kw4y/Oe3F2L0jT/9K0/e+Qa
+t7rbyXCV13HrTMZFSfVuxFEUQBwaZdKA5c9/IbE+4uP99U07eOb8A2YwxpS8RMV
dcR4lMEcCIy5s38OSaqjmteR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:10 2024 by rpki-client on console-ams.rpki-client.org