Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/bcnXeI3HPbT9tqeLu2MyQifRtNA.roa
File: bcnXeI3HPbT9tqeLu2MyQifRtNA.roa (raw, json)
Hash identifier: xyLl5upVi7OYqR9KMSg2D+sX2GokIKwYHuQj3xDQIEY=
Subject key identifier: 6D:C9:D7:78:8D:C7:3D:B4:FD:B6:A7:8B:BB:63:32:42:27:D1:B4:D0
Certificate issuer: /CN=e378a94b9964ea5e9f8b05938702ba58316b500f
Certificate serial: 018CC56EFFA169B457E6B3EF1ED0C542D0AA
Authority key identifier: E3:78:A9:4B:99:64:EA:5E:9F:8B:05:93:87:02:BA:58:31:6B:50:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/43ipS5lk6l6fiwWThwK6WDFrUA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/bcnXeI3HPbT9tqeLu2MyQifRtNA.roa
Signing time: Mon 01 Jan 2024 14:30:35 +0000
ROA not before: Mon 01 Jan 2024 14:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50057
IP address blocks: 185.161.112.0/24 maxlen: 24
185.161.113.0/24 maxlen: 24
185.161.114.0/24 maxlen: 24
185.161.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Jul 2024 16:10:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ff:a1:69:b4:57:e6:b3:ef:1e:d0:c5:42:d0:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e378a94b9964ea5e9f8b05938702ba58316b500f
Validity
Not Before: Jan 1 14:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dc9d7788dc73db4fdb6a78bbb63324227d1b4d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e8:e8:55:06:8d:70:c9:92:8f:43:30:a3:a8:
09:83:74:0a:ee:8f:40:e8:c5:cd:b9:e5:c7:e8:14:
4f:cb:6c:27:32:82:c5:8e:f8:8e:25:3b:b7:c9:7c:
f0:28:b2:f8:51:bd:e4:da:0b:bd:94:a6:5c:7a:7e:
5e:32:d0:e6:64:1a:2c:b2:00:6e:2b:c9:be:91:19:
11:49:60:c3:5b:7d:0f:59:66:fb:3b:06:2b:50:79:
b1:17:61:5b:a6:4e:38:c3:d3:b6:ae:27:20:78:a3:
97:da:a5:5f:a0:2d:68:19:ab:eb:9e:7d:64:a3:c6:
0c:d1:4f:21:ce:f1:f2:bf:86:cc:0a:19:f6:d3:c1:
a3:38:6b:e1:8e:1b:6e:a6:60:fa:23:d4:48:39:84:
82:52:50:15:1e:49:66:c8:60:c2:d4:d4:66:f5:84:
b5:d5:1c:33:df:3a:b0:b4:f4:33:ff:08:1e:97:fa:
1b:6d:63:30:af:3f:07:f8:96:66:9e:87:30:d9:1c:
a1:00:46:7e:02:5a:2f:c2:4b:ea:b6:52:c0:1c:35:
50:74:76:33:71:56:c9:89:6b:9b:76:00:19:36:f1:
21:da:0b:dd:78:52:2f:1b:ee:57:db:9f:5c:a7:7b:
e1:59:f4:32:92:bb:a3:d2:8a:36:28:c2:b6:bb:5d:
b9:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C9:D7:78:8D:C7:3D:B4:FD:B6:A7:8B:BB:63:32:42:27:D1:B4:D0
X509v3 Authority Key Identifier:
keyid:E3:78:A9:4B:99:64:EA:5E:9F:8B:05:93:87:02:BA:58:31:6B:50:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/43ipS5lk6l6fiwWThwK6WDFrUA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/bcnXeI3HPbT9tqeLu2MyQifRtNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/43ipS5lk6l6fiwWThwK6WDFrUA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.112.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:03:fe:c9:20:c5:f2:92:ae:2f:5c:10:3a:e9:64:41:2a:c3:
52:cc:6c:b6:73:48:ea:9f:36:89:48:b1:44:65:16:5d:96:ff:
89:f2:49:0f:f8:ec:ba:65:29:0b:b7:a0:ac:37:b3:f9:f4:1d:
29:2f:ce:0b:62:db:ef:0e:4e:d0:e8:d0:e6:65:e7:3c:c8:25:
c1:9a:4f:66:25:41:b7:43:c5:0f:fd:2d:d8:70:4c:b6:e7:18:
35:90:35:5d:08:f0:44:9d:b4:40:4e:7a:0d:22:d8:ce:37:22:
6c:12:66:39:14:96:00:0c:75:8e:a0:2f:59:54:03:02:4f:04:
55:41:c8:a9:ce:18:75:0c:83:9e:f8:11:f9:a8:46:43:62:b8:
b7:de:1a:90:20:c5:b2:01:bb:df:46:9d:53:ce:ae:e2:2c:66:
01:02:e9:65:55:73:79:75:9b:47:85:cc:90:6c:db:ca:3b:09:
b8:83:34:78:0c:f3:8d:32:4c:7d:98:d7:f0:25:6b:a1:a4:75:
12:c9:09:a2:b6:4c:6f:15:5e:88:67:1a:c3:49:5b:18:3c:49:
3c:e5:47:03:aa:c2:9a:e3:9a:30:ec:86:8d:b9:39:15:e6:8f:
4f:3d:56:9d:2a:a4:d0:8d:3e:80:5e:b0:92:4e:b8:b0:12:b8:
8e:75:81:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbv+habRX5rPvHtDFQtCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNzhhOTRiOTk2NGVhNWU5ZjhiMDU5Mzg3MDJiYTU4MzE2
YjUwMGYwHhcNMjQwMTAxMTQzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGM5ZDc3ODhkYzczZGI0ZmRiNmE3OGJiYjYzMzI0MjI3ZDFiNGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOjoVQaNcMmSj0Mwo6gJg3QK7o9A
6MXNueXH6BRPy2wnMoLFjviOJTu3yXzwKLL4Ub3k2gu9lKZcen5eMtDmZBossgBu
K8m+kRkRSWDDW30PWWb7OwYrUHmxF2Fbpk44w9O2ricgeKOX2qVfoC1oGavrnn1k
o8YM0U8hzvHyv4bMChn208GjOGvhjhtupmD6I9RIOYSCUlAVHklmyGDC1NRm9YS1
1Rwz3zqwtPQz/wgel/obbWMwrz8H+JZmnocw2RyhAEZ+AlovwkvqtlLAHDVQdHYz
cVbJiWubdgAZNvEh2gvdeFIvG+5X259cp3vhWfQykruj0oo2KMK2u125UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG3J13iNxz20/bani7tjMkIn0bTQMB8GA1UdIwQY
MBaAFON4qUuZZOpen4sFk4cCulgxa1APMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDNpcFM1bGs2bDZmaXdXVGh3SzZXREZyVUE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy82YTVlOGMtZDgzMS00MWUzLTg0ZTUt
ZjQyMTc2Y2QwNDQ1LzEvYmNuWGVJM0hQYlQ5dHFlTHUyTXlRaWZSdE5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy82YTVlOGMtZDgzMS00MWUzLTg0ZTUtZjQyMTc2Y2QwNDQ1
LzEvNDNpcFM1bGs2bDZmaXdXVGh3SzZXREZyVUE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaFwMA0G
CSqGSIb3DQEBCwUAA4IBAQB+A/7JIMXykq4vXBA66WRBKsNSzGy2c0jqnzaJSLFE
ZRZdlv+J8kkP+Oy6ZSkLt6CsN7P59B0pL84LYtvvDk7Q6NDmZec8yCXBmk9mJUG3
Q8UP/S3YcEy25xg1kDVdCPBEnbRATnoNItjONyJsEmY5FJYADHWOoC9ZVAMCTwRV
Qcipzhh1DIOe+BH5qEZDYri33hqQIMWyAbvfRp1Tzq7iLGYBAullVXN5dZtHhcyQ
bNvKOwm4gzR4DPONMkx9mNfwJWuhpHUSyQmitkxvFV6IZxrDSVsYPEk85UcDqsKa
45ow7IaNuTkV5o9PPVadKqTQjT6AXrCSTriwEriOdYE5
Generated at Sat Jul 27 18:20:57 2024 by rpki-client on console-ams.rpki-client.org