Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/bsmBvalz2mK-KD5IESxhgZwVY8c.roa
File: bsmBvalz2mK-KD5IESxhgZwVY8c.roa (raw, json)
Hash identifier: a21VYTiO6KnchobHpiflMZoP2qxCIkSXXXGk+waV198=
Subject key identifier: 6E:C9:81:BD:A9:73:DA:62:BE:28:3E:48:11:2C:61:81:9C:15:63:C7
Certificate issuer: /CN=c946c4befe0fbbe3624bd748296b5fe2e7ec2d68
Certificate serial: 018CC56DF071D0BBCAE5C0AF9162723B78BA
Authority key identifier: C9:46:C4:BE:FE:0F:BB:E3:62:4B:D7:48:29:6B:5F:E2:E7:EC:2D:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/bsmBvalz2mK-KD5IESxhgZwVY8c.roa
Signing time: Mon 01 Jan 2024 14:29:25 +0000
ROA not before: Mon 01 Jan 2024 14:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58007
IP address blocks: 82.117.245.0/24 maxlen: 24
194.8.28.0/24 maxlen: 24
2a13:4380::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jan 2024 13:50:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f0:71:d0:bb:ca:e5:c0:af:91:62:72:3b:78:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c946c4befe0fbbe3624bd748296b5fe2e7ec2d68
Validity
Not Before: Jan 1 14:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ec981bda973da62be283e48112c61819c1563c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e1:84:4a:3e:83:37:03:56:b0:89:6e:fb:f9:
6e:8b:a6:df:b6:38:c1:4f:5c:57:da:89:e0:e0:84:
05:4c:b7:23:70:2d:39:59:d7:00:0c:e8:04:71:53:
b0:71:50:a2:43:73:a4:ed:17:f1:88:33:e1:bd:bc:
e2:86:24:84:c3:24:4a:ea:a1:c8:39:cd:8a:d6:f7:
b3:ed:ff:39:be:dc:eb:62:ba:7e:1e:0e:31:a8:08:
75:2d:a2:1a:da:1d:16:1b:3c:74:b7:1f:91:02:59:
82:d3:11:41:aa:da:99:21:34:5e:d2:21:18:8f:3b:
9c:63:dd:34:64:94:6a:75:5f:7b:40:7e:1b:ae:50:
13:29:c6:30:13:22:1c:5f:70:d9:37:c0:e2:83:da:
44:68:3e:89:63:0e:d1:0b:2d:20:b1:69:da:0e:02:
7f:29:6b:81:db:a1:8e:c0:e9:59:45:39:da:27:24:
72:bf:4a:1f:3b:9d:b5:ed:80:70:29:05:6c:b0:0e:
98:bc:ca:2d:4c:1f:6d:b7:d8:4c:d7:98:82:33:98:
36:97:9c:e2:c8:16:01:36:8e:f0:08:1c:a9:38:5a:
ef:31:5b:46:b3:c4:d4:a2:b8:50:b6:4e:e1:e3:17:
ff:b9:7b:a8:8c:cb:94:cb:60:c2:a3:63:f1:70:c2:
86:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C9:81:BD:A9:73:DA:62:BE:28:3E:48:11:2C:61:81:9C:15:63:C7
X509v3 Authority Key Identifier:
keyid:C9:46:C4:BE:FE:0F:BB:E3:62:4B:D7:48:29:6B:5F:E2:E7:EC:2D:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/bsmBvalz2mK-KD5IESxhgZwVY8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.117.245.0/24
194.8.28.0/24
IPv6:
2a13:4380::/32
Signature Algorithm: sha256WithRSAEncryption
3b:f9:61:09:3a:98:14:60:38:c8:22:28:79:aa:6d:91:bc:56:
d9:fb:47:82:a4:2e:30:ba:48:18:35:cd:ca:62:d6:74:66:39:
af:85:46:dc:51:c8:f7:05:d1:b8:56:ee:9c:2c:ca:af:5f:d6:
12:1f:cd:ef:39:41:60:23:61:ae:54:1c:8e:9d:87:ba:7b:41:
5c:12:04:e4:ef:df:df:35:93:85:1e:9c:99:98:68:41:1c:f9:
e6:78:dd:fe:af:25:a4:c5:56:c8:35:6f:bb:2b:cc:15:21:5b:
d4:90:e4:36:28:69:01:3f:c3:31:1a:12:e2:8f:56:9c:c1:03:
53:d0:a3:2f:e6:5b:41:9d:e3:21:1d:a6:53:e5:95:ff:18:4a:
9e:3e:10:aa:96:92:97:72:6f:3a:d7:35:f1:a1:12:c4:6a:0f:
c5:c1:52:31:69:d7:f3:f6:f1:d8:39:a8:ff:2e:98:e3:e4:75:
1c:86:70:3a:cf:9c:88:b8:bd:a2:eb:a5:f5:8e:a1:ee:8d:09:
30:62:1b:84:88:92:91:18:da:c1:7a:11:7f:6d:58:45:00:35:
67:60:e7:88:86:48:d2:c5:e4:3c:4a:8e:9d:9e:d0:49:85:fd:
4f:a5:cd:a6:75:2a:06:91:2c:6f:ef:6a:b7:2c:c5:9b:27:75:
ae:de:3f:a7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFbfBx0LvK5cCvkWJyO3i6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NDZjNGJlZmUwZmJiZTM2MjRiZDc0ODI5NmI1ZmUyZTdl
YzJkNjgwHhcNMjQwMTAxMTQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWM5ODFiZGE5NzNkYTYyYmUyODNlNDgxMTJjNjE4MTljMTU2M2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uGESj6DNwNWsIlu+/lui6bftjjB
T1xX2ong4IQFTLcjcC05WdcADOgEcVOwcVCiQ3Ok7RfxiDPhvbzihiSEwyRK6qHI
Oc2K1vez7f85vtzrYrp+Hg4xqAh1LaIa2h0WGzx0tx+RAlmC0xFBqtqZITRe0iEY
jzucY900ZJRqdV97QH4brlATKcYwEyIcX3DZN8Dig9pEaD6JYw7RCy0gsWnaDgJ/
KWuB26GOwOlZRTnaJyRyv0ofO5217YBwKQVssA6YvMotTB9tt9hM15iCM5g2l5zi
yBYBNo7wCBypOFrvMVtGs8TUorhQtk7h4xf/uXuojMuUy2DCo2PxcMKGlwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFG7Jgb2pc9pivig+SBEsYYGcFWPHMB8GA1UdIwQY
MBaAFMlGxL7+D7vjYkvXSClrX+Ln7C1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVViRXZ2NFB1LU5pUzlkSUtXdGY0dWZzTFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9mMmQ5ZTktZWVmZi00NjMzLWExODkt
NmJiYjI3MDgxZGUyLzEvYnNtQnZhbHoybUstS0Q1SUVTeGhnWndWWThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9mMmQ5ZTktZWVmZi00NjMzLWExODktNmJiYjI3MDgxZGUy
LzEveVViRXZ2NFB1LU5pUzlkSUtXdGY0dWZzTFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUnX1AwQA
wggcMA0EAgACMAcDBQAqE0OAMA0GCSqGSIb3DQEBCwUAA4IBAQA7+WEJOpgUYDjI
Iih5qm2RvFbZ+0eCpC4wukgYNc3KYtZ0ZjmvhUbcUcj3BdG4Vu6cLMqvX9YSH83v
OUFgI2GuVByOnYe6e0FcEgTk79/fNZOFHpyZmGhBHPnmeN3+ryWkxVbINW+7K8wV
IVvUkOQ2KGkBP8MxGhLij1acwQNT0KMv5ltBneMhHaZT5ZX/GEqePhCqlpKXcm86
1zXxoRLEag/FwVIxadfz9vHYOaj/Lpjj5HUchnA6z5yIuL2i66X1jqHujQkwYhuE
iJKRGNrBehF/bVhFADVnYOeIhkjSxeQ8So6dntBJhf1Ppc2mdSoGkSxv72q3LMWb
J3Wu3j+n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:38 2024 by rpki-client on console-fra.rpki-client.org