Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/744e53-8de6-4671-9f80-5f015730d811/1/BapfZ2GQnzTwU7TpQImWFdHIXvM.roa
File: BapfZ2GQnzTwU7TpQImWFdHIXvM.roa (raw, json)
Hash identifier: bVzdRxtu0ECsTjhdnenhoCmK9vrZCVY39hhZfbNG3aY=
Subject key identifier: 05:AA:5F:67:61:90:9F:34:F0:53:B4:E9:40:89:96:15:D1:C8:5E:F3
Certificate issuer: /CN=3eb470fd4d674212ffc82a9936f3fe254becce66
Certificate serial: 018572035CE2A5738F540422131F610E24B8
Authority key identifier: 3E:B4:70:FD:4D:67:42:12:FF:C8:2A:99:36:F3:FE:25:4B:EC:CE:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PrRw_U1nQhL_yCqZNvP-JUvszmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/744e53-8de6-4671-9f80-5f015730d811/1/BapfZ2GQnzTwU7TpQImWFdHIXvM.roa
Signing time: Mon 02 Jan 2023 10:25:00 +0000
ROA not before: Mon 02 Jan 2023 10:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48360
IP address blocks: 185.77.104.0/22 maxlen: 24
2a05:62c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:5c:e2:a5:73:8f:54:04:22:13:1f:61:0e:24:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eb470fd4d674212ffc82a9936f3fe254becce66
Validity
Not Before: Jan 2 10:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05aa5f6761909f34f053b4e940899615d1c85ef3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:76:6b:d9:67:8a:50:ae:f0:6b:26:63:e0:44:
b3:ee:5b:d6:b1:b2:09:db:1d:71:50:90:7d:2a:82:
ae:00:eb:3a:86:a6:62:26:3f:67:a7:f6:f3:ff:92:
db:52:f3:4c:c7:72:24:ac:9e:d2:8d:dc:35:65:e9:
5c:c0:d1:69:b9:eb:73:2f:c1:b3:8f:9c:48:ff:fb:
7b:b2:c2:5e:2d:a7:de:4e:50:23:24:02:1b:bb:e5:
77:60:fc:ac:eb:f3:ca:bd:b2:f6:e7:82:72:4b:1f:
34:69:28:e2:47:0c:3a:15:97:af:a4:bd:e5:9c:2b:
5f:a3:ce:a6:cc:86:39:aa:63:20:8a:3e:32:b4:5d:
7f:e4:3b:e6:f4:8b:23:f5:f4:bd:11:50:07:11:17:
ef:48:28:49:c2:ac:e4:55:fd:17:c7:e6:cc:30:b2:
eb:93:98:ea:97:04:81:c1:07:c3:f4:c3:fc:9f:bd:
07:85:f5:84:5b:98:0a:2c:12:30:1f:db:9b:e9:93:
34:54:2b:72:91:84:42:d0:14:90:d0:e0:d2:3a:bb:
e4:67:49:1e:6e:a3:12:5b:c3:72:a7:77:75:bf:a2:
15:ff:25:1f:50:b1:2a:3e:79:4a:75:21:ff:8b:f6:
0a:96:88:d2:cb:b1:76:93:94:1b:df:db:91:7b:73:
f2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:AA:5F:67:61:90:9F:34:F0:53:B4:E9:40:89:96:15:D1:C8:5E:F3
X509v3 Authority Key Identifier:
keyid:3E:B4:70:FD:4D:67:42:12:FF:C8:2A:99:36:F3:FE:25:4B:EC:CE:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PrRw_U1nQhL_yCqZNvP-JUvszmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/744e53-8de6-4671-9f80-5f015730d811/1/BapfZ2GQnzTwU7TpQImWFdHIXvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/744e53-8de6-4671-9f80-5f015730d811/1/PrRw_U1nQhL_yCqZNvP-JUvszmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.104.0/22
IPv6:
2a05:62c0::/29
Signature Algorithm: sha256WithRSAEncryption
5e:ec:aa:cc:71:f7:57:c5:7f:79:19:0a:c0:97:c1:a7:d2:fa:
82:4a:9d:73:f2:07:0d:40:ae:3f:10:6f:21:99:64:67:da:fe:
9f:74:4b:4b:06:76:90:7c:cb:3a:ce:32:c3:ac:f6:89:b2:4c:
fa:bd:d6:8b:a6:60:ea:2f:fa:2e:d2:6d:f6:23:3f:1e:cc:30:
9d:e2:b7:82:a6:ee:1e:0b:4c:c1:99:f2:7c:47:e4:63:6a:cb:
14:f5:36:e1:6d:ea:1b:4e:37:a5:a7:05:70:4c:7e:c3:a1:4f:
67:ab:8e:fe:37:de:e0:35:39:1f:69:a9:05:e5:cf:f7:5b:56:
1b:93:0b:38:64:ea:55:43:d0:d5:88:31:10:79:19:f2:0a:f3:
b6:eb:34:f3:7b:05:3e:e3:af:bd:27:a5:4a:41:6a:26:17:a2:
bb:85:36:0b:ec:fa:6a:27:27:c1:1d:a6:de:5f:e7:00:88:f9:
cf:72:d8:17:b7:ab:8f:f2:da:09:63:5f:22:68:d4:12:24:39:
73:4e:d8:c2:b7:84:1b:26:55:2c:b9:f7:71:09:4c:d1:b5:42:
35:9b:2a:a5:fd:7a:8b:98:fc:0b:d2:17:4e:af:5f:75:c4:c7:
7d:17:b7:fb:1d:dd:c4:69:e8:3f:f5:b5:27:6c:7b:4f:a4:e6:
f9:dd:21:95
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyA1zipXOPVAQiEx9hDiS4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYjQ3MGZkNGQ2NzQyMTJmZmM4MmE5OTM2ZjNmZTI1NGJl
Y2NlNjYwHhcNMjMwMTAyMTAyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWFhNWY2NzYxOTA5ZjM0ZjA1M2I0ZTk0MDg5OTYxNWQxYzg1ZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3Zr2WeKUK7wayZj4ESz7lvWsbIJ
2x1xUJB9KoKuAOs6hqZiJj9np/bz/5LbUvNMx3IkrJ7Sjdw1ZelcwNFpuetzL8Gz
j5xI//t7ssJeLafeTlAjJAIbu+V3YPys6/PKvbL254JySx80aSjiRww6FZevpL3l
nCtfo86mzIY5qmMgij4ytF1/5Dvm9Isj9fS9EVAHERfvSChJwqzkVf0Xx+bMMLLr
k5jqlwSBwQfD9MP8n70HhfWEW5gKLBIwH9ub6ZM0VCtykYRC0BSQ0ODSOrvkZ0ke
bqMSW8Nyp3d1v6IV/yUfULEqPnlKdSH/i/YKlojSy7F2k5Qb39uRe3PyYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAWqX2dhkJ808FO06UCJlhXRyF7zMB8GA1UdIwQY
MBaAFD60cP1NZ0IS/8gqmTbz/iVL7M5mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJSd19VMW5RaExfeUNxWk52UC1KVXZzem1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83NDRlNTMtOGRlNi00NjcxLTlmODAt
NWYwMTU3MzBkODExLzEvQmFwZloyR1FuelR3VTdUcFFJbVdGZEhJWHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83NDRlNTMtOGRlNi00NjcxLTlmODAtNWYwMTU3MzBkODEx
LzEvUHJSd19VMW5RaExfeUNxWk52UC1KVXZzem1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuU1oMA0E
AgACMAcDBQMqBWLAMA0GCSqGSIb3DQEBCwUAA4IBAQBe7KrMcfdXxX95GQrAl8Gn
0vqCSp1z8gcNQK4/EG8hmWRn2v6fdEtLBnaQfMs6zjLDrPaJskz6vdaLpmDqL/ou
0m32Iz8ezDCd4reCpu4eC0zBmfJ8R+RjassU9TbhbeobTjelpwVwTH7DoU9nq47+
N97gNTkfaakF5c/3W1Ybkws4ZOpVQ9DViDEQeRnyCvO26zTzewU+46+9J6VKQWom
F6K7hTYL7PpqJyfBHabeX+cAiPnPctgXt6uP8toJY18iaNQSJDlzTtjCt4QbJlUs
ufdxCUzRtUI1myql/XqLmPwL0hdOr191xMd9F7f7Hd3Eaeg/9bUnbHtPpOb53SGV
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:42 2024 by rpki-client on console-fra.rpki-client.org