Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/_bGpkMUpCQBFEcPye4GSHkPNo2o.roa
File: _bGpkMUpCQBFEcPye4GSHkPNo2o.roa (raw, json)
Hash identifier: rzDgMb7EUaJOWi2STW+J7vQSUrg+/KTDecrUrkm0Ofw=
Subject key identifier: FD:B1:A9:90:C5:29:09:00:45:11:C3:F2:7B:81:92:1E:43:CD:A3:6A
Certificate issuer: /CN=d04687a3ee6322b757de81e7f53c5d32eebe33a6
Certificate serial: 0185702701857B294F048B345BACBF10552D
Authority key identifier: D0:46:87:A3:EE:63:22:B7:57:DE:81:E7:F5:3C:5D:32:EE:BE:33:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/_bGpkMUpCQBFEcPye4GSHkPNo2o.roa
Signing time: Mon 02 Jan 2023 01:44:42 +0000
ROA not before: Mon 02 Jan 2023 01:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42669
IP address blocks: 185.128.76.0/22 maxlen: 24
77.242.176.0/20 maxlen: 20
2a0b:aa80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:27:01:85:7b:29:4f:04:8b:34:5b:ac:bf:10:55:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04687a3ee6322b757de81e7f53c5d32eebe33a6
Validity
Not Before: Jan 2 01:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdb1a990c52909004511c3f27b81921e43cda36a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:4e:31:4a:e2:83:5e:f2:4b:2f:36:44:29:76:
09:2e:fc:e4:5e:f6:20:ef:23:42:ac:7f:e9:30:45:
b9:b5:69:e3:4a:8d:c5:98:98:e0:12:d0:13:62:21:
6d:c8:1b:ca:08:7f:09:60:45:c4:7b:c4:b0:0e:a2:
d2:07:98:ac:c7:7f:0c:86:c9:f6:43:a5:49:02:ca:
a1:c4:c8:52:05:d5:df:b6:6d:25:a8:4b:d1:bc:87:
91:1d:1b:9c:78:fb:45:da:a4:b0:60:7c:d9:52:d9:
b1:f0:63:60:6b:5b:70:3f:9d:f6:5e:de:c7:32:48:
39:d2:4d:c9:c0:4f:e4:3c:51:7f:7a:30:91:59:51:
08:3e:58:0a:86:8c:f9:3f:17:3e:ba:40:6d:04:26:
e1:96:7d:51:b7:6e:ea:ba:09:bf:eb:db:ef:28:42:
28:38:cb:a6:1c:11:16:ba:25:d7:e8:9d:3c:fa:79:
08:90:46:25:74:19:0a:52:4f:bc:e7:eb:50:17:b3:
97:08:47:82:dd:ab:42:69:77:9c:e1:e8:83:ca:8c:
c7:ab:a9:3f:46:b6:db:5d:e6:5f:dd:21:c2:23:7d:
a0:24:84:45:9a:f1:11:e4:07:29:bf:9a:5d:d4:74:
7e:a9:88:29:0c:62:8c:ec:8b:4d:4b:23:5d:54:7d:
a4:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B1:A9:90:C5:29:09:00:45:11:C3:F2:7B:81:92:1E:43:CD:A3:6A
X509v3 Authority Key Identifier:
keyid:D0:46:87:A3:EE:63:22:B7:57:DE:81:E7:F5:3C:5D:32:EE:BE:33:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/_bGpkMUpCQBFEcPye4GSHkPNo2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.176.0/20
185.128.76.0/22
IPv6:
2a0b:aa80::/29
Signature Algorithm: sha256WithRSAEncryption
0c:76:fe:54:ae:a9:9a:05:1c:68:90:01:27:8a:a6:78:12:4a:
9d:5f:2a:3a:b5:31:32:50:a0:e3:99:a5:96:4b:3e:8f:f4:5e:
f0:91:9a:6b:0a:bd:41:e4:1b:26:53:4a:95:0d:34:63:83:b4:
74:3a:df:d8:78:32:1a:40:66:46:da:ea:a0:ff:7f:ac:14:ee:
f1:ca:e3:af:25:b0:85:b3:87:31:45:9a:cd:29:dc:d9:26:0f:
c9:8e:12:29:29:dc:0f:74:af:d8:30:92:07:4a:35:8f:0b:a5:
71:f6:47:c5:a7:7e:0e:b7:ac:3f:28:45:c4:99:d0:f3:77:48:
62:80:be:59:74:ed:55:bd:b7:ce:29:a3:cc:c1:7d:5c:a8:eb:
11:1d:04:25:a0:f3:58:75:6d:73:02:ec:27:90:0d:57:c1:a5:
9c:69:4d:90:ea:2d:59:70:5c:d0:3f:f5:1e:10:b1:4f:e5:ea:
5d:ef:bc:fe:5f:2b:d2:f7:e2:ea:04:ba:6b:0b:e8:61:3c:50:
93:70:6f:8a:a8:15:b4:52:43:2c:cb:0f:c9:82:18:f1:c9:dd:
29:6e:51:ef:c7:d2:52:33:a6:2c:06:d3:94:a6:30:79:e3:e8:
3b:ab:a8:75:8b:2c:bb:a9:b8:8b:93:10:5d:3e:31:59:71:db:
ca:1b:b0:a3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwJwGFeylPBIs0W6y/EFUtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDY4N2EzZWU2MzIyYjc1N2RlODFlN2Y1M2M1ZDMyZWVi
ZTMzYTYwHhcNMjMwMTAyMDE0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGIxYTk5MGM1MjkwOTAwNDUxMWMzZjI3YjgxOTIxZTQzY2RhMzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAik4xSuKDXvJLLzZEKXYJLvzkXvYg
7yNCrH/pMEW5tWnjSo3FmJjgEtATYiFtyBvKCH8JYEXEe8SwDqLSB5isx38Mhsn2
Q6VJAsqhxMhSBdXftm0lqEvRvIeRHRucePtF2qSwYHzZUtmx8GNga1twP532Xt7H
Mkg50k3JwE/kPFF/ejCRWVEIPlgKhoz5Pxc+ukBtBCbhln1Rt27qugm/69vvKEIo
OMumHBEWuiXX6J08+nkIkEYldBkKUk+85+tQF7OXCEeC3atCaXec4eiDyozHq6k/
RrbbXeZf3SHCI32gJIRFmvER5Acpv5pd1HR+qYgpDGKM7ItNSyNdVH2k6wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP2xqZDFKQkARRHD8nuBkh5DzaNqMB8GA1UdIwQY
MBaAFNBGh6PuYyK3V96B5/U8XTLuvjOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVhSG8tNWpJcmRYM29IbjlUeGRNdTYtTTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iZmRkMTktNmJiYS00ZGM5LWFmYzYt
OTdiZTQyNmEyMzM0LzEvX2JHcGtNVXBDUUJGRWNQeWU0R1NIa1BObzJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iZmRkMTktNmJiYS00ZGM5LWFmYzYtOTdiZTQyNmEyMzM0
LzEvMEVhSG8tNWpJcmRYM29IbjlUeGRNdTYtTTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQETfKwAwQC
uYBMMA0EAgACMAcDBQMqC6qAMA0GCSqGSIb3DQEBCwUAA4IBAQAMdv5UrqmaBRxo
kAEniqZ4EkqdXyo6tTEyUKDjmaWWSz6P9F7wkZprCr1B5BsmU0qVDTRjg7R0Ot/Y
eDIaQGZG2uqg/3+sFO7xyuOvJbCFs4cxRZrNKdzZJg/JjhIpKdwPdK/YMJIHSjWP
C6Vx9kfFp34Ot6w/KEXEmdDzd0higL5ZdO1VvbfOKaPMwX1cqOsRHQQloPNYdW1z
AuwnkA1XwaWcaU2Q6i1ZcFzQP/UeELFP5epd77z+XyvS9+LqBLprC+hhPFCTcG+K
qBW0UkMsyw/Jghjxyd0pblHvx9JSM6YsBtOUpjB54+g7q6h1iyy7qbiLkxBdPjFZ
cdvKG7Cj
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:53 2024 by rpki-client on console-fra.rpki-client.org