Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/d27567-710c-48cd-9e5d-3002df825d5d/1/BHeWbrzz61Dvn0xXYrayPzlfHQM.roa
File: BHeWbrzz61Dvn0xXYrayPzlfHQM.roa (raw, json)
Hash identifier: eUPVwgEUz1iaXovbtJ+t8rrOPHy0T2ul8EJCHiteE98=
Subject key identifier: 04:77:96:6E:BC:F3:EB:50:EF:9F:4C:57:62:B6:B2:3F:39:5F:1D:03
Certificate issuer: /CN=1e7e08d56475bae407a4f2bca8e89a0997685a3a
Certificate serial: 018BA49739CBE6BC60D7D73BB4B1F0316E6A
Authority key identifier: 1E:7E:08:D5:64:75:BA:E4:07:A4:F2:BC:A8:E8:9A:09:97:68:5A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hn4I1WR1uuQHpPK8qOiaCZdoWjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/d27567-710c-48cd-9e5d-3002df825d5d/1/BHeWbrzz61Dvn0xXYrayPzlfHQM.roa
Signing time: Mon 06 Nov 2023 12:24:16 +0000
ROA not before: Mon 06 Nov 2023 12:24:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34525
IP address blocks: 185.13.232.0/22 maxlen: 22
91.224.120.0/23 maxlen: 23
2a00:1ce8::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 07 Nov 2023 06:26:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a4:97:39:cb:e6:bc:60:d7:d7:3b:b4:b1:f0:31:6e:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e7e08d56475bae407a4f2bca8e89a0997685a3a
Validity
Not Before: Nov 6 12:24:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0477966ebcf3eb50ef9f4c5762b6b23f395f1d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0f:5d:2a:04:e8:1d:40:b5:38:5d:44:d3:94:
28:d4:0f:b7:65:b4:b2:9a:40:79:50:2d:c0:53:50:
73:26:3f:f5:68:74:5e:d9:31:a6:3a:0b:0a:42:c1:
d2:21:3d:23:9a:e3:20:5f:a6:69:69:31:c8:27:9e:
ef:1c:d5:a9:fd:8b:40:7e:c0:1f:43:fc:6e:b4:87:
08:04:b2:2a:df:8f:a0:7c:d9:15:7d:b0:f1:0d:d1:
2b:41:95:60:93:c4:5d:f9:09:d4:da:38:03:22:f5:
91:58:18:15:78:2a:91:68:3f:75:af:2a:f4:17:07:
9b:27:1b:db:7e:26:16:3f:bf:09:c2:ec:63:8e:2d:
21:ea:6c:37:40:75:b7:19:15:e0:7f:9e:e9:e2:0c:
3b:fe:0a:36:54:67:f1:f3:d6:e7:87:3f:0b:71:4a:
00:eb:8e:56:96:fb:13:b7:6f:88:a1:08:6d:ef:3e:
66:4f:8d:d7:f7:63:df:42:1d:af:52:b4:db:7b:2b:
b5:48:bb:59:bb:aa:b9:c1:e6:ba:22:6b:5a:57:25:
01:38:44:87:a4:d5:b5:f4:f2:b6:07:7b:ce:f8:82:
8f:de:46:9b:f9:70:69:fc:f4:49:9e:71:83:5f:55:
c0:f3:c3:8b:86:6b:2c:0f:0e:bd:ce:5f:81:02:80:
cb:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:77:96:6E:BC:F3:EB:50:EF:9F:4C:57:62:B6:B2:3F:39:5F:1D:03
X509v3 Authority Key Identifier:
keyid:1E:7E:08:D5:64:75:BA:E4:07:A4:F2:BC:A8:E8:9A:09:97:68:5A:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hn4I1WR1uuQHpPK8qOiaCZdoWjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/d27567-710c-48cd-9e5d-3002df825d5d/1/BHeWbrzz61Dvn0xXYrayPzlfHQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/d27567-710c-48cd-9e5d-3002df825d5d/1/Hn4I1WR1uuQHpPK8qOiaCZdoWjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.120.0/23
185.13.232.0/22
IPv6:
2a00:1ce8::/32
Signature Algorithm: sha256WithRSAEncryption
44:6b:72:c1:f4:9f:ed:a1:ce:9c:f3:35:63:63:13:20:64:86:
43:49:bb:98:f2:b8:4b:a6:71:e4:3b:9f:48:42:df:bb:45:a9:
92:21:e5:89:d3:76:bd:78:62:91:a3:7f:75:89:d4:a6:98:f1:
20:a3:94:08:5a:c3:8f:df:8b:f2:c4:b0:f4:66:4b:c8:3f:4a:
1d:8b:44:86:a1:c3:f7:23:a6:66:8a:0b:d5:db:58:6d:ec:09:
3a:d4:b4:c8:aa:34:20:d9:f8:4f:f8:89:61:c2:f1:d3:ca:3c:
6f:c9:b0:a4:1a:81:1c:4a:4d:e2:c7:a3:bf:bb:d5:19:08:e4:
02:9e:f4:80:93:a3:ef:02:38:d5:71:d1:26:ac:2f:8a:e0:92:
3b:8d:f6:1b:3a:6a:c3:00:85:8a:0e:53:e0:b8:0d:27:20:13:
cc:5d:da:af:2f:a1:ce:6c:4e:3e:57:33:17:72:db:e5:3b:7d:
6c:a5:22:5b:f0:36:02:4d:c2:3d:20:76:80:e3:7b:6c:ba:cd:
5c:3d:cb:64:23:9a:27:3a:d3:f7:91:15:43:83:10:ef:6b:2d:
26:d1:fe:7b:ba:ad:80:b3:91:19:35:5a:23:a7:3e:d3:46:21:
ad:22:82:b5:b7:aa:f0:b5:9e:21:5f:62:a2:7d:83:81:b6:25:
92:b3:b6:5d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuklznL5rxg19c7tLHwMW5qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlN2UwOGQ1NjQ3NWJhZTQwN2E0ZjJiY2E4ZTg5YTA5OTc2
ODVhM2EwHhcNMjMxMTA2MTIyNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDc3OTY2ZWJjZjNlYjUwZWY5ZjRjNTc2MmI2YjIzZjM5NWYxZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQ9dKgToHUC1OF1E05Qo1A+3ZbSy
mkB5UC3AU1BzJj/1aHRe2TGmOgsKQsHSIT0jmuMgX6ZpaTHIJ57vHNWp/YtAfsAf
Q/xutIcIBLIq34+gfNkVfbDxDdErQZVgk8Rd+QnU2jgDIvWRWBgVeCqRaD91ryr0
FwebJxvbfiYWP78Jwuxjji0h6mw3QHW3GRXgf57p4gw7/go2VGfx89bnhz8LcUoA
645WlvsTt2+IoQht7z5mT43X92PfQh2vUrTbeyu1SLtZu6q5wea6ImtaVyUBOESH
pNW19PK2B3vO+IKP3kab+XBp/PRJnnGDX1XA88OLhmssDw69zl+BAoDLHwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAR3lm688+tQ759MV2K2sj85Xx0DMB8GA1UdIwQY
MBaAFB5+CNVkdbrkB6TyvKjomgmXaFo6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG40STFXUjF1dVFIcFBLOHFPaWFDWmRvV2pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9kMjc1NjctNzEwYy00OGNkLTllNWQt
MzAwMmRmODI1ZDVkLzEvQkhlV2Jyeno2MUR2bjB4WFlyYXlQemxmSFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9kMjc1NjctNzEwYy00OGNkLTllNWQtMzAwMmRmODI1ZDVk
LzEvSG40STFXUjF1dVFIcFBLOHFPaWFDWmRvV2pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW+B4AwQC
uQ3oMA0EAgACMAcDBQAqABzoMA0GCSqGSIb3DQEBCwUAA4IBAQBEa3LB9J/toc6c
8zVjYxMgZIZDSbuY8rhLpnHkO59IQt+7RamSIeWJ03a9eGKRo391idSmmPEgo5QI
WsOP34vyxLD0ZkvIP0odi0SGocP3I6ZmigvV21ht7Ak61LTIqjQg2fhP+IlhwvHT
yjxvybCkGoEcSk3ix6O/u9UZCOQCnvSAk6PvAjjVcdEmrC+K4JI7jfYbOmrDAIWK
DlPguA0nIBPMXdqvL6HObE4+VzMXctvlO31spSJb8DYCTcI9IHaA43tsus1cPctk
I5onOtP3kRVDgxDvay0m0f57uq2As5EZNVojpz7TRiGtIoK1t6rwtZ4hX2KifYOB
tiWSs7Zd
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:56 2024 by rpki-client on console-ams.rpki-client.org