Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/4eca5e-4343-46fe-bbb6-44977d7ab9ca/1/bHl1mDi5SnaVmqsUNJS5DiuJCEg.roa
File: bHl1mDi5SnaVmqsUNJS5DiuJCEg.roa (raw, json)
Hash identifier: hDG+sr4zICjLCnauclqLEpZbWjadQTLt4P/RBNCIdjc=
Subject key identifier: 6C:79:75:98:38:B9:4A:76:95:9A:AB:14:34:94:B9:0E:2B:89:08:48
Certificate issuer: /CN=19bcc407bf3881e2966a548c432b3f04014699dd
Certificate serial: 018573683B31E7F700A8539C407C72A48393
Authority key identifier: 19:BC:C4:07:BF:38:81:E2:96:6A:54:8C:43:2B:3F:04:01:46:99:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GbzEB784geKWalSMQys_BAFGmd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/4eca5e-4343-46fe-bbb6-44977d7ab9ca/1/bHl1mDi5SnaVmqsUNJS5DiuJCEg.roa
Signing time: Mon 02 Jan 2023 16:54:48 +0000
ROA not before: Mon 02 Jan 2023 16:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12926
IP address blocks: 213.63.0.0/17 maxlen: 17
185.113.156.0/22 maxlen: 22
213.63.128.0/17 maxlen: 17
213.141.0.0/19 maxlen: 19
2a00:fa00::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:68:3b:31:e7:f7:00:a8:53:9c:40:7c:72:a4:83:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19bcc407bf3881e2966a548c432b3f04014699dd
Validity
Not Before: Jan 2 16:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c79759838b94a76959aab143494b90e2b890848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1b:87:91:fc:62:b7:97:50:ce:7f:9f:79:6a:
e3:e2:31:41:ec:5b:89:d7:ff:97:26:44:ef:00:f1:
5e:18:07:b4:b9:54:48:da:ca:06:18:c0:88:24:6e:
60:17:c1:d6:7d:2a:19:1f:ee:c2:5f:fa:18:ce:e3:
70:47:bb:54:aa:32:5e:c0:a4:f1:0f:ef:61:c4:d9:
06:f4:65:24:a5:86:d3:2a:ac:09:a6:b7:ca:8c:6f:
b2:35:c2:9d:8e:8d:85:d8:a7:3d:35:ee:09:ff:0a:
71:8a:96:b6:63:44:16:2a:45:df:5a:e9:0a:07:25:
8a:09:4f:3c:35:b3:d3:64:ce:6a:63:d0:cd:b9:4b:
43:ad:3e:86:ff:72:20:f6:c6:83:c2:02:d8:88:0b:
28:27:80:c9:75:bf:25:7f:e3:31:86:40:2d:f5:42:
e8:49:3f:16:8c:64:0e:9e:00:6e:a4:d8:94:1e:8b:
5b:57:ac:1b:b9:2c:44:09:a1:77:a7:da:e6:be:55:
cf:3e:a4:4b:61:5d:dc:90:bf:e7:51:bb:d5:cf:5e:
ec:47:4f:47:32:81:49:42:d1:00:ed:41:46:94:e9:
09:99:2a:bd:d3:8d:e8:7c:0a:e8:63:1a:8e:a9:d0:
a5:98:ea:84:e8:98:ea:53:b0:24:0a:57:31:f2:9c:
54:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:79:75:98:38:B9:4A:76:95:9A:AB:14:34:94:B9:0E:2B:89:08:48
X509v3 Authority Key Identifier:
keyid:19:BC:C4:07:BF:38:81:E2:96:6A:54:8C:43:2B:3F:04:01:46:99:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GbzEB784geKWalSMQys_BAFGmd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/4eca5e-4343-46fe-bbb6-44977d7ab9ca/1/bHl1mDi5SnaVmqsUNJS5DiuJCEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/4eca5e-4343-46fe-bbb6-44977d7ab9ca/1/GbzEB784geKWalSMQys_BAFGmd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.156.0/22
213.63.0.0/16
213.141.0.0/19
IPv6:
2a00:fa00::/32
Signature Algorithm: sha256WithRSAEncryption
4a:da:7b:48:24:c8:0f:56:04:89:bf:b4:c9:d7:f0:47:d6:db:
92:d8:47:c0:55:36:59:07:93:4b:d0:d1:95:13:c8:3d:00:19:
63:46:a2:e6:ab:26:a0:2b:28:61:6e:49:94:d6:9d:60:c6:e3:
26:e5:2a:28:eb:81:51:79:b8:7e:3b:5d:6c:08:6b:26:a9:66:
fe:ad:f1:72:c7:a3:51:f0:d0:93:2b:4d:d5:47:d1:9e:80:2c:
c7:de:07:6d:ce:01:e7:38:5a:e3:3f:bd:4b:a5:f7:e2:a9:41:
dc:5f:8b:9f:41:d6:d6:06:ac:c8:19:f4:5b:3c:85:8b:35:6c:
b2:60:62:01:b6:22:f1:f8:55:06:e8:2d:2c:2a:47:b2:d1:52:
ee:dd:d7:30:de:a4:00:e3:a5:37:bb:78:4e:09:cc:ab:d1:86:
80:c2:69:68:c1:e6:2c:16:c3:13:88:57:33:64:5c:da:2b:1d:
7c:45:67:1f:2a:79:8e:24:61:cf:d6:6d:e2:59:94:b5:31:97:
7f:79:67:06:76:65:11:50:95:e0:ae:8b:97:8a:36:86:51:7b:
92:e3:21:12:0b:f0:be:77:ef:2b:3b:89:8b:69:11:0a:f3:af:
04:0f:c5:91:94:d1:d5:3b:32:bb:72:51:d6:f1:ee:1a:67:e8:
25:3c:2e:86
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVzaDsx5/cAqFOcQHxypIOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YmNjNDA3YmYzODgxZTI5NjZhNTQ4YzQzMmIzZjA0MDE0
Njk5ZGQwHhcNMjMwMTAyMTY1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzc5NzU5ODM4Yjk0YTc2OTU5YWFiMTQzNDk0YjkwZTJiODkwODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphuHkfxit5dQzn+feWrj4jFB7FuJ
1/+XJkTvAPFeGAe0uVRI2soGGMCIJG5gF8HWfSoZH+7CX/oYzuNwR7tUqjJewKTx
D+9hxNkG9GUkpYbTKqwJprfKjG+yNcKdjo2F2Kc9Ne4J/wpxipa2Y0QWKkXfWukK
ByWKCU88NbPTZM5qY9DNuUtDrT6G/3Ig9saDwgLYiAsoJ4DJdb8lf+MxhkAt9ULo
ST8WjGQOngBupNiUHotbV6wbuSxECaF3p9rmvlXPPqRLYV3ckL/nUbvVz17sR09H
MoFJQtEA7UFGlOkJmSq9043ofAroYxqOqdClmOqE6JjqU7AkClcx8pxU7wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGx5dZg4uUp2lZqrFDSUuQ4riQhIMB8GA1UdIwQY
MBaAFBm8xAe/OIHilmpUjEMrPwQBRpndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2J6RUI3ODRnZUtXYWxTTVF5c19CQUZHbWQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy80ZWNhNWUtNDM0My00NmZlLWJiYjYt
NDQ5NzdkN2FiOWNhLzEvYkhsMW1EaTVTbmFWbXFzVU5KUzVEaXVKQ0VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy80ZWNhNWUtNDM0My00NmZlLWJiYjYtNDQ5NzdkN2FiOWNh
LzEvR2J6RUI3ODRnZUtXYWxTTVF5c19CQUZHbWQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQCuXGcAwMA
1T8DBAXVjQAwDQQCAAIwBwMFACoA+gAwDQYJKoZIhvcNAQELBQADggEBAErae0gk
yA9WBIm/tMnX8EfW25LYR8BVNlkHk0vQ0ZUTyD0AGWNGouarJqArKGFuSZTWnWDG
4yblKijrgVF5uH47XWwIayapZv6t8XLHo1Hw0JMrTdVH0Z6ALMfeB23OAec4WuM/
vUul9+KpQdxfi59B1tYGrMgZ9Fs8hYs1bLJgYgG2IvH4VQboLSwqR7LRUu7d1zDe
pADjpTe7eE4JzKvRhoDCaWjB5iwWwxOIVzNkXNorHXxFZx8qeY4kYc/WbeJZlLUx
l395ZwZ2ZRFQleCui5eKNoZRe5LjIRIL8L537ys7iYtpEQrzrwQPxZGU0dU7Mrty
Udbx7hpn6CU8LoY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:08 2024 by rpki-client on console-ams.rpki-client.org