Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/baKBHi3-fUn7F5WxW23lA-zn-DU.roa
File: baKBHi3-fUn7F5WxW23lA-zn-DU.roa (raw, json)
Hash identifier: oJKnWGNIZKILWNmJ47y1nYYrhwbz23JI3gg57DNFXB4=
Subject key identifier: 6D:A2:81:1E:2D:FE:7D:49:FB:17:95:B1:5B:6D:E5:03:EC:E7:F8:35
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 0186B849C7C18014DA9FE0EE8352464A77BE
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/baKBHi3-fUn7F5WxW23lA-zn-DU.roa
Signing time: Mon 06 Mar 2023 18:58:08 +0000
ROA not before: Mon 06 Mar 2023 18:58:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397373
IP address blocks: 185.114.206.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 09 Mar 2023 16:56:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b8:49:c7:c1:80:14:da:9f:e0:ee:83:52:46:4a:77:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Mar 6 18:58:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6da2811e2dfe7d49fb1795b15b6de503ece7f835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:81:99:12:c1:21:6e:d4:c0:bf:8b:d7:72:2d:
45:ee:bc:c3:9c:21:bb:eb:01:eb:77:15:fb:02:f9:
e4:65:18:df:cc:54:9f:d7:ca:f5:fc:88:08:4b:37:
a1:e3:27:36:8f:08:18:ed:51:05:51:ae:8f:23:aa:
48:9b:a7:77:a9:34:9c:81:c7:05:38:21:e3:38:03:
38:8c:b3:d3:59:97:a0:b8:1e:bc:9b:f1:80:e3:32:
3d:79:2c:75:3c:18:50:39:16:20:e7:3a:65:f5:c6:
de:10:66:a8:83:4d:56:f9:63:2f:f5:16:75:22:5a:
7e:80:3d:d6:50:fe:ae:45:cc:ac:41:f4:f7:b6:a2:
08:3d:00:3e:0a:b4:48:eb:95:ac:86:48:0e:3d:fd:
6c:68:16:6a:69:48:d2:de:7c:37:9f:65:d5:22:b7:
75:0a:29:39:94:c1:48:c9:4a:60:14:3d:5a:cf:68:
a2:45:ce:e6:83:0e:e5:e6:a9:d6:08:97:7f:30:86:
70:76:f6:81:ab:af:df:e2:21:9d:8b:ff:af:9c:3f:
16:dc:64:a1:bb:10:1f:10:b0:66:c6:68:c0:9b:ab:
90:3f:43:fa:e2:0b:7c:dc:a6:ea:00:22:22:d4:63:
ce:d5:10:5d:e7:89:17:ca:4f:dd:44:ef:ec:8c:d2:
a5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A2:81:1E:2D:FE:7D:49:FB:17:95:B1:5B:6D:E5:03:EC:E7:F8:35
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/baKBHi3-fUn7F5WxW23lA-zn-DU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.206.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:cb:c7:28:9a:46:21:8b:8d:d0:37:e5:d8:9e:94:c9:4d:5a:
74:9e:6f:3b:2b:dc:46:dc:42:25:59:8f:48:6f:81:ce:5c:19:
5d:27:f8:eb:c0:c7:47:16:fd:0c:57:32:7e:d4:4d:9a:85:f1:
38:5b:e1:38:7b:0a:d9:51:9d:6a:ad:ac:bb:1d:5a:82:9e:e8:
91:28:9b:7a:de:30:c5:59:69:6b:8b:fa:1a:59:b1:f9:bc:5b:
b5:7a:21:0b:9b:e7:ca:77:ea:6b:72:c3:13:70:66:41:9a:cc:
9c:ad:31:93:e0:48:68:da:49:29:09:87:d0:c8:9e:48:62:a9:
e3:d3:c5:0b:bf:d1:6b:1f:12:aa:a8:e0:75:0f:50:0f:ff:2c:
36:67:83:d1:32:7f:cc:e5:b8:73:76:f4:d9:45:a0:83:bb:6c:
f7:98:9e:dd:09:29:cf:6e:e6:25:56:e4:84:1f:41:e1:1c:59:
b5:54:55:7e:c0:ef:f0:9f:a4:28:85:66:b5:ca:ab:a2:03:07:
71:26:31:0f:d9:29:1b:bf:b6:cd:1f:d4:14:5a:7e:7a:38:a0:
1f:4f:1b:83:67:a9:8f:4c:97:a1:6d:4a:57:12:8f:ce:a5:27:
c3:26:8b:33:39:61:28:94:b9:0c:f3:47:2a:ab:fb:57:1e:57:
ca:4e:33:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa4ScfBgBTan+Dug1JGSne+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjMwMzA2MTg1ODA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGEyODExZTJkZmU3ZDQ5ZmIxNzk1YjE1YjZkZTUwM2VjZTdmODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoGZEsEhbtTAv4vXci1F7rzDnCG7
6wHrdxX7AvnkZRjfzFSf18r1/IgISzeh4yc2jwgY7VEFUa6PI6pIm6d3qTScgccF
OCHjOAM4jLPTWZeguB68m/GA4zI9eSx1PBhQORYg5zpl9cbeEGaog01W+WMv9RZ1
Ilp+gD3WUP6uRcysQfT3tqIIPQA+CrRI65WshkgOPf1saBZqaUjS3nw3n2XVIrd1
Cik5lMFIyUpgFD1az2iiRc7mgw7l5qnWCJd/MIZwdvaBq6/f4iGdi/+vnD8W3GSh
uxAfELBmxmjAm6uQP0P64gt83KbqACIi1GPO1RBd54kXyk/dRO/sjNKlmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG2igR4t/n1J+xeVsVtt5QPs5/g1MB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvYmFLQkhpMy1mVW43RjVXeFcyM2xBLXpuLURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuXLOMA0G
CSqGSIb3DQEBCwUAA4IBAQCKy8comkYhi43QN+XYnpTJTVp0nm87K9xG3EIlWY9I
b4HOXBldJ/jrwMdHFv0MVzJ+1E2ahfE4W+E4ewrZUZ1qray7HVqCnuiRKJt63jDF
WWlri/oaWbH5vFu1eiELm+fKd+prcsMTcGZBmsycrTGT4Eho2kkpCYfQyJ5IYqnj
08ULv9FrHxKqqOB1D1AP/yw2Z4PRMn/M5bhzdvTZRaCDu2z3mJ7dCSnPbuYlVuSE
H0HhHFm1VFV+wO/wn6QohWa1yquiAwdxJjEP2Skbv7bNH9QUWn56OKAfTxuDZ6mP
TJehbUpXEo/OpSfDJoszOWEolLkM80cqq/tXHlfKTjM9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:16 2024 by rpki-client on console-fra.rpki-client.org