Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/bmsKr9kyQMk1t9n6nw2XR5qBsV8.roa
File: bmsKr9kyQMk1t9n6nw2XR5qBsV8.roa (raw, json)
Hash identifier: isu1r0L0XrBBxA52kaDdr9k0ra4HK+l6ju4c6vM+tiU=
Subject key identifier: 6E:6B:0A:AF:D9:32:40:C9:35:B7:D9:FA:9F:0D:97:47:9A:81:B1:5F
Certificate issuer: /CN=597a01de87e011803f890ae17749020f995f140c
Certificate serial: 018A65110163ED4BF19E4AF91F7FFE2D9119
Authority key identifier: 59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/bmsKr9kyQMk1t9n6nw2XR5qBsV8.roa
Signing time: Tue 05 Sep 2023 11:18:47 +0000
ROA not before: Tue 05 Sep 2023 11:18:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2777
IP address blocks: 164.18.96.0/21 maxlen: 21
2a07:b982:c000::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:11:01:63:ed:4b:f1:9e:4a:f9:1f:7f:fe:2d:91:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=597a01de87e011803f890ae17749020f995f140c
Validity
Not Before: Sep 5 11:18:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e6b0aafd93240c935b7d9fa9f0d97479a81b15f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:05:78:c5:1e:84:37:92:81:6e:69:b9:a6:d8:
7c:3e:49:58:30:f3:e4:cd:b0:e7:84:fd:db:50:e2:
92:94:f0:d7:47:16:1e:22:3a:ed:9e:4a:a2:53:c5:
fd:81:07:30:fa:d4:c2:64:45:01:4c:12:0d:1c:9a:
04:e6:e0:49:8f:27:94:f1:46:ed:b3:8b:d3:ae:5f:
84:f3:4e:68:24:55:6f:5e:a0:5b:22:9b:81:8b:db:
f1:7e:b3:62:44:6d:9c:3f:7d:b6:f6:ec:7c:5d:87:
e6:a7:10:ce:65:e7:41:fb:96:bf:0c:4d:de:9d:03:
e7:25:93:bc:dc:b0:47:94:87:58:32:b0:a7:43:80:
16:98:56:ce:fa:53:70:be:d8:d8:3b:e7:6e:5e:8b:
95:22:03:56:5e:e2:4f:80:1b:6f:57:8b:88:02:66:
6d:57:46:da:a2:ef:36:5a:5a:7e:63:80:18:53:9e:
33:ab:48:60:8c:e6:a5:c8:98:1a:e9:e7:3f:59:73:
63:f8:07:ab:da:ca:e0:b8:c3:e7:70:a8:0f:b9:1c:
3f:ef:c9:06:6c:4a:9b:1e:02:47:83:0c:e5:80:ec:
4c:a7:e3:ad:7c:20:5a:f6:5e:3f:a3:d1:54:3a:1d:
3a:6d:89:7f:61:06:45:31:69:25:e5:fc:31:e3:48:
2b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:6B:0A:AF:D9:32:40:C9:35:B7:D9:FA:9F:0D:97:47:9A:81:B1:5F
X509v3 Authority Key Identifier:
keyid:59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/bmsKr9kyQMk1t9n6nw2XR5qBsV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.18.96.0/21
IPv6:
2a07:b982:c000::/48
Signature Algorithm: sha256WithRSAEncryption
57:74:9f:fc:44:1e:da:86:e9:68:fb:20:3f:3d:9a:ac:34:ab:
e3:5e:8b:85:8a:6d:60:18:11:4c:61:e4:0b:ca:7f:75:47:36:
2b:75:09:0a:78:55:c2:47:eb:9d:52:96:3c:eb:4f:b0:e6:71:
91:24:5d:16:d7:89:3c:e5:42:a6:c2:7e:80:85:11:e2:f1:10:
98:0a:ef:c6:3c:db:37:83:bd:3b:3c:0a:78:86:99:b2:12:00:
45:9b:37:e9:37:5c:ed:ca:79:38:75:59:de:8a:e9:4c:89:3b:
d0:92:89:10:10:3f:c4:12:47:f2:68:c8:55:c6:27:1f:49:ac:
c0:e3:63:27:fb:06:dd:fb:23:e9:54:34:6c:82:eb:a6:cd:99:
dc:b1:fb:34:fe:d0:a9:46:b7:a7:65:6c:77:52:63:18:36:a5:
ef:62:32:4d:70:de:d8:ab:a6:55:eb:95:2d:bf:7e:22:23:e2:
86:bd:7f:eb:78:d0:bc:dc:0f:47:bd:ff:6f:6c:38:ea:49:06:
2a:c5:95:12:14:c4:db:30:36:01:2a:a1:1a:9a:f3:9e:50:49:
c6:ce:be:46:84:eb:29:13:00:4b:7d:78:0a:a3:ac:17:15:95:
19:d5:0b:44:32:08:ba:22:53:a8:20:24:2c:07:0b:09:43:13:
e2:2c:33:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYplEQFj7Uvxnkr5H3/+LZEZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5N2EwMWRlODdlMDExODAzZjg5MGFlMTc3NDkwMjBmOTk1
ZjE0MGMwHhcNMjMwOTA1MTExODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTZiMGFhZmQ5MzI0MGM5MzViN2Q5ZmE5ZjBkOTc0NzlhODFiMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgV4xR6EN5KBbmm5pth8PklYMPPk
zbDnhP3bUOKSlPDXRxYeIjrtnkqiU8X9gQcw+tTCZEUBTBINHJoE5uBJjyeU8Ubt
s4vTrl+E805oJFVvXqBbIpuBi9vxfrNiRG2cP3229ux8XYfmpxDOZedB+5a/DE3e
nQPnJZO83LBHlIdYMrCnQ4AWmFbO+lNwvtjYO+duXouVIgNWXuJPgBtvV4uIAmZt
V0baou82Wlp+Y4AYU54zq0hgjOalyJga6ec/WXNj+Aer2srguMPncKgPuRw/78kG
bEqbHgJHgwzlgOxMp+OtfCBa9l4/o9FUOh06bYl/YQZFMWkl5fwx40grQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG5rCq/ZMkDJNbfZ+p8Nl0eagbFfMB8GA1UdIwQY
MBaAFFl6Ad6H4BGAP4kK4XdJAg+ZXxQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMt
NzM1MzNkZTA5OWMzLzEvYm1zS3I5a3lRTWsxdDluNm53MlhSNXFCc1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMtNzM1MzNkZTA5OWMz
LzEvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDpBJgMA8E
AgACMAkDBwAqB7mCwAAwDQYJKoZIhvcNAQELBQADggEBAFd0n/xEHtqG6Wj7ID89
mqw0q+Nei4WKbWAYEUxh5AvKf3VHNit1CQp4VcJH651SljzrT7DmcZEkXRbXiTzl
QqbCfoCFEeLxEJgK78Y82zeDvTs8CniGmbISAEWbN+k3XO3KeTh1Wd6K6UyJO9CS
iRAQP8QSR/JoyFXGJx9JrMDjYyf7Bt37I+lUNGyC66bNmdyx+zT+0KlGt6dlbHdS
Yxg2pe9iMk1w3tirplXrlS2/fiIj4oa9f+t40LzcD0e9/29sOOpJBirFlRIUxNsw
NgEqoRqa855QScbOvkaE6ykTAEt9eAqjrBcVlRnVC0QyCLoiU6ggJCwHCwlDE+Is
MxQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:57 2024 by rpki-client on console-ams.rpki-client.org