Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/bRLgyNpIHG2W0P6eanaiDaUbbd8.roa
File: bRLgyNpIHG2W0P6eanaiDaUbbd8.roa (raw, json)
Hash identifier: 9Kvb2T9/u3PDfFy1Auiodq+QYP+F3JWa1z7VVRDCoC0=
Subject key identifier: 6D:12:E0:C8:DA:48:1C:6D:96:D0:FE:9E:6A:76:A2:0D:A5:1B:6D:DF
Certificate issuer: /CN=050b1e38c704bd08e3b9d17f590367b1d1f03c4a
Certificate serial: 01857295E43A7DC90611E9872B4672123592
Authority key identifier: 05:0B:1E:38:C7:04:BD:08:E3:B9:D1:7F:59:03:67:B1:D1:F0:3C:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/bRLgyNpIHG2W0P6eanaiDaUbbd8.roa
Signing time: Mon 02 Jan 2023 13:05:03 +0000
ROA not before: Mon 02 Jan 2023 13:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15924
IP address blocks: 128.127.169.0/24 maxlen: 24
128.127.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:e4:3a:7d:c9:06:11:e9:87:2b:46:72:12:35:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=050b1e38c704bd08e3b9d17f590367b1d1f03c4a
Validity
Not Before: Jan 2 13:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d12e0c8da481c6d96d0fe9e6a76a20da51b6ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:1c:5a:ae:7d:71:f8:46:20:29:1f:a0:35:d5:
ae:b4:9d:49:c3:34:2c:68:29:cd:33:72:b6:2d:fc:
29:b8:31:6c:4e:7c:91:07:c0:ef:dc:85:a9:2e:82:
ba:8c:e0:10:94:a9:cb:f0:ad:30:84:f4:7e:78:52:
9b:4c:7c:5a:85:8f:90:d9:51:c1:13:1c:a0:96:03:
88:57:5e:27:13:c3:42:7b:06:f1:63:56:b4:e6:5c:
9f:d7:17:42:b4:da:21:8c:1d:46:7f:e5:33:20:e1:
d8:e9:2a:35:95:05:d9:c0:59:08:f4:a7:e0:a8:64:
78:c9:ac:52:dc:4c:51:f4:bf:1e:d1:b4:ab:7b:74:
bf:97:94:32:76:1c:23:54:33:e3:c9:fc:ab:69:8a:
63:a9:fd:dd:31:29:a2:88:fe:e9:29:59:75:ba:67:
54:96:12:12:4e:dc:4f:49:69:0e:7d:9e:61:39:6a:
d2:56:f0:05:f7:aa:cf:24:18:93:4d:45:41:ad:15:
66:37:e0:4a:c9:39:c1:2e:6d:d4:0d:1b:54:8e:9b:
51:fe:ff:78:7e:28:54:38:a0:b0:0e:17:d0:c2:c4:
03:e2:78:b0:0d:ba:01:aa:22:cc:6b:16:32:b9:d8:
7d:f3:84:14:4f:da:7f:de:85:32:b5:ab:32:e7:db:
42:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:12:E0:C8:DA:48:1C:6D:96:D0:FE:9E:6A:76:A2:0D:A5:1B:6D:DF
X509v3 Authority Key Identifier:
keyid:05:0B:1E:38:C7:04:BD:08:E3:B9:D1:7F:59:03:67:B1:D1:F0:3C:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/bRLgyNpIHG2W0P6eanaiDaUbbd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/BQseOMcEvQjjudF_WQNnsdHwPEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.127.169.0-128.127.170.255
Signature Algorithm: sha256WithRSAEncryption
70:b8:2d:0d:b8:32:cd:02:3e:c8:a4:31:7a:f5:0f:51:7b:d1:
ef:89:32:76:a5:3d:07:b9:0e:c9:d8:e2:75:9a:f2:fe:36:6a:
b1:cb:07:25:e2:6d:3c:36:72:23:c7:3b:2d:f7:c6:1d:57:c6:
f6:5b:7d:59:5c:91:0b:eb:e2:22:5c:60:f0:a9:a3:fc:29:60:
59:fd:2c:20:48:72:45:76:97:d5:20:32:c0:48:1e:47:37:9d:
63:d1:de:f6:5c:85:17:e3:e6:73:b4:d8:dd:27:be:5e:e0:45:
76:b3:a3:e2:44:27:9c:09:4e:df:9a:70:86:33:d0:e4:5f:1e:
6c:9c:39:72:9b:b1:64:85:6c:8a:ca:3b:d5:60:81:95:ab:a0:
64:eb:22:f0:88:b0:e5:e3:52:5f:97:b6:ab:f7:df:7a:05:83:
47:87:1d:4b:04:3b:6d:2f:f1:a7:a4:f6:fa:d3:c6:7f:a6:e1:
98:ab:dc:29:dd:07:3a:dd:72:95:4a:9f:c8:66:40:25:ed:62:
fd:15:9c:c7:3c:ca:24:6c:93:0c:f6:70:cd:e4:9d:43:ee:a9:
53:0f:6c:30:e8:63:4a:81:8d:6d:d2:2e:93:13:a7:01:fb:a2:
b0:90:18:2e:78:3e:01:91:9f:f4:6e:9e:72:92:94:2c:c9:1a:
c7:5b:54:28
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVyleQ6fckGEemHK0ZyEjWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MGIxZTM4YzcwNGJkMDhlM2I5ZDE3ZjU5MDM2N2IxZDFm
MDNjNGEwHhcNMjMwMTAyMTMwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDEyZTBjOGRhNDgxYzZkOTZkMGZlOWU2YTc2YTIwZGE1MWI2ZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hxarn1x+EYgKR+gNdWutJ1JwzQs
aCnNM3K2LfwpuDFsTnyRB8Dv3IWpLoK6jOAQlKnL8K0whPR+eFKbTHxahY+Q2VHB
ExyglgOIV14nE8NCewbxY1a05lyf1xdCtNohjB1Gf+UzIOHY6So1lQXZwFkI9Kfg
qGR4yaxS3ExR9L8e0bSre3S/l5QydhwjVDPjyfyraYpjqf3dMSmiiP7pKVl1umdU
lhISTtxPSWkOfZ5hOWrSVvAF96rPJBiTTUVBrRVmN+BKyTnBLm3UDRtUjptR/v94
fihUOKCwDhfQwsQD4niwDboBqiLMaxYyudh984QUT9p/3oUytasy59tCcQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFG0S4MjaSBxtltD+nmp2og2lG23fMB8GA1UdIwQY
MBaAFAULHjjHBL0I47nRf1kDZ7HR8DxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFzZU9NY0V2UWpqdWRGX1dRTm5zZEh3UEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8zY2M5YjQtMWVmZi00OGM5LWIyZjYt
YTAxZTllNmRjYmYyLzEvYlJMZ3lOcElIRzJXMFA2ZWFuYWlEYVViYmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8zY2M5YjQtMWVmZi00OGM5LWIyZjYtYTAxZTllNmRjYmYy
LzEvQlFzZU9NY0V2UWpqdWRGX1dRTm5zZEh3UEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACAf6kD
BACAf6owDQYJKoZIhvcNAQELBQADggEBAHC4LQ24Ms0CPsikMXr1D1F70e+JMnal
PQe5DsnY4nWa8v42arHLByXibTw2ciPHOy33xh1XxvZbfVlckQvr4iJcYPCpo/wp
YFn9LCBIckV2l9UgMsBIHkc3nWPR3vZchRfj5nO02N0nvl7gRXazo+JEJ5wJTt+a
cIYz0ORfHmycOXKbsWSFbIrKO9VggZWroGTrIvCIsOXjUl+Xtqv333oFg0eHHUsE
O20v8aek9vrTxn+m4Zir3CndBzrdcpVKn8hmQCXtYv0VnMc8yiRskwz2cM3knUPu
qVMPbDDoY0qBjW3SLpMTpwH7orCQGC54PgGRn/RunnKSlCzJGsdbVCg=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:53 2024 by rpki-client on console-fra.rpki-client.org