Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/1BC_BpbA2GzbaToooq30FYdroPI.roa
File: 1BC_BpbA2GzbaToooq30FYdroPI.roa (raw, json)
Hash identifier: gg2KlWBJkXhV3AOGlQAje+jseiGcUowMAE5M8+Z/0Gc=
Subject key identifier: D4:10:BF:06:96:C0:D8:6C:DB:69:3A:28:A2:AD:F4:15:87:6B:A0:F2
Certificate issuer: /CN=44f610f872cf31b7c3224cd2c1669c9968350b7a
Certificate serial: 01856F14E18B57CE7DD3231B2C3F42413129
Authority key identifier: 44:F6:10:F8:72:CF:31:B7:C3:22:4C:D2:C1:66:9C:99:68:35:0B:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPYQ-HLPMbfDIkzSwWacmWg1C3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/1BC_BpbA2GzbaToooq30FYdroPI.roa
Signing time: Sun 01 Jan 2023 20:45:17 +0000
ROA not before: Sun 01 Jan 2023 20:45:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12508
IP address blocks: 212.89.224.0/19 maxlen: 32
2a09:6c0::/29 maxlen: 64
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:e1:8b:57:ce:7d:d3:23:1b:2c:3f:42:41:31:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44f610f872cf31b7c3224cd2c1669c9968350b7a
Validity
Not Before: Jan 1 20:45:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d410bf0696c0d86cdb693a28a2adf415876ba0f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e7:4c:83:8d:55:ed:f7:0c:14:21:38:fe:ab:
c8:27:b4:79:c1:82:04:17:24:85:0b:9a:57:8a:7b:
ad:9d:e7:da:f0:33:29:d3:fc:b7:cb:d0:5e:5f:e8:
0a:44:62:c8:dd:44:33:3f:78:38:d6:bf:6d:f6:e2:
cd:e2:a1:ec:27:75:3a:b0:50:36:3c:01:99:59:52:
3f:3d:d7:72:83:94:4c:d2:41:f8:3d:82:f1:5b:55:
28:69:17:93:4e:f0:1b:bb:db:a6:12:12:97:95:33:
3e:f7:c1:c2:77:89:9b:7c:56:cb:c9:5c:9d:6d:de:
fd:71:1c:fa:a9:87:10:65:d2:4c:e1:67:15:fc:c7:
d1:36:2c:71:5c:16:9a:eb:dd:0f:4a:b1:eb:78:93:
05:f5:60:23:f0:cf:27:44:01:ba:e7:8f:4e:03:c2:
96:78:ab:6a:32:fb:a6:1b:32:2d:55:83:0e:e9:eb:
d2:0d:1e:95:86:32:9d:5b:b2:be:07:98:2e:5c:d6:
d4:1b:8e:fc:56:b9:6e:74:4c:41:27:ca:18:7b:1b:
0b:66:2b:9c:9b:e6:6d:73:38:43:95:92:b9:cf:df:
b2:b5:2b:7f:2e:47:73:0f:39:04:35:f1:9d:c1:1a:
e2:ad:f4:f8:11:89:ae:da:49:1a:f6:c1:93:0f:8a:
8c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:10:BF:06:96:C0:D8:6C:DB:69:3A:28:A2:AD:F4:15:87:6B:A0:F2
X509v3 Authority Key Identifier:
keyid:44:F6:10:F8:72:CF:31:B7:C3:22:4C:D2:C1:66:9C:99:68:35:0B:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPYQ-HLPMbfDIkzSwWacmWg1C3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/1BC_BpbA2GzbaToooq30FYdroPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/RPYQ-HLPMbfDIkzSwWacmWg1C3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.89.224.0/19
IPv6:
2a09:6c0::/29
Signature Algorithm: sha256WithRSAEncryption
4c:ac:66:83:a9:5b:90:0e:90:a1:d9:71:dd:66:1d:0b:74:d2:
ec:52:76:6a:6d:38:1f:a8:e5:7a:93:32:7d:10:c6:d0:47:cc:
56:08:54:c4:f9:ac:bc:7c:97:7b:7e:f0:d3:fb:1d:09:2b:35:
56:76:89:1f:bf:60:33:41:a0:bd:ff:b7:9d:69:c8:f8:89:3c:
6d:22:12:49:6a:0c:7a:a4:2f:5d:27:7b:11:ab:c7:fb:69:7d:
25:97:45:1e:98:b3:d1:6f:2c:d0:71:30:7c:a3:33:83:5c:11:
1d:44:8a:92:8f:00:96:f9:7e:52:ac:07:a2:82:dd:8a:e4:3a:
b5:3c:4c:79:8e:8b:99:90:78:15:67:89:b1:fc:12:66:8e:1e:
46:75:e9:d8:89:44:f8:c0:43:82:91:69:6f:51:99:32:c2:16:
42:91:1b:1b:5d:2a:68:46:5d:37:d3:4a:77:fa:f2:68:0c:0c:
c4:23:d5:24:65:22:0c:82:35:84:26:87:22:57:77:b4:2c:6e:
06:c6:10:c0:67:15:61:fb:d6:92:1a:88:ea:a3:8c:78:89:1f:
bf:76:0d:e2:fa:d3:44:d6:e7:5c:5e:d3:8a:ac:60:db:e5:9c:
08:ec:f6:cb:20:34:a3:7b:d2:db:22:d1:41:5e:95:f0:a8:aa:
de:ff:f0:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvFOGLV8590yMbLD9CQTEpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjYxMGY4NzJjZjMxYjdjMzIyNGNkMmMxNjY5Yzk5Njgz
NTBiN2EwHhcNMjMwMTAxMjA0NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDEwYmYwNjk2YzBkODZjZGI2OTNhMjhhMmFkZjQxNTg3NmJhMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnudMg41V7fcMFCE4/qvIJ7R5wYIE
FySFC5pXinutnefa8DMp0/y3y9BeX+gKRGLI3UQzP3g41r9t9uLN4qHsJ3U6sFA2
PAGZWVI/Pddyg5RM0kH4PYLxW1UoaReTTvAbu9umEhKXlTM+98HCd4mbfFbLyVyd
bd79cRz6qYcQZdJM4WcV/MfRNixxXBaa690PSrHreJMF9WAj8M8nRAG6549OA8KW
eKtqMvumGzItVYMO6evSDR6VhjKdW7K+B5guXNbUG478VrludExBJ8oYexsLZiuc
m+ZtczhDlZK5z9+ytSt/LkdzDzkENfGdwRrirfT4EYmu2kka9sGTD4qM+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNQQvwaWwNhs22k6KKKt9BWHa6DyMB8GA1UdIwQY
MBaAFET2EPhyzzG3wyJM0sFmnJloNQt6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBZUS1ITFBNYmZESWt6U3dXYWNtV2cxQzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MjUzZjAtZDgyNS00ZGFiLTgwMWYt
OWI1MDllNTkzMWY5LzEvMUJDX0JwYkEyR3piYVRvb29xMzBGWWRyb1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MjUzZjAtZDgyNS00ZGFiLTgwMWYtOWI1MDllNTkzMWY5
LzEvUlBZUS1ITFBNYmZESWt6U3dXYWNtV2cxQzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1FngMA0E
AgACMAcDBQMqCQbAMA0GCSqGSIb3DQEBCwUAA4IBAQBMrGaDqVuQDpCh2XHdZh0L
dNLsUnZqbTgfqOV6kzJ9EMbQR8xWCFTE+ay8fJd7fvDT+x0JKzVWdokfv2AzQaC9
/7edacj4iTxtIhJJagx6pC9dJ3sRq8f7aX0ll0UemLPRbyzQcTB8ozODXBEdRIqS
jwCW+X5SrAeigt2K5Dq1PEx5jouZkHgVZ4mx/BJmjh5GdenYiUT4wEOCkWlvUZky
whZCkRsbXSpoRl0300p3+vJoDAzEI9UkZSIMgjWEJociV3e0LG4GxhDAZxVh+9aS
Gojqo4x4iR+/dg3i+tNE1udcXtOKrGDb5ZwI7PbLIDSje9LbItFBXpXwqKre//Cs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:18 2024 by rpki-client on console-fra.rpki-client.org