Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/BMlml9SloBIeT-BkOlS6-_7wQq4.roa
File: BMlml9SloBIeT-BkOlS6-_7wQq4.roa (raw, json)
Hash identifier: oKJjZaqP4B6Zt2dj0oRWBX3DLYnH5GtFNObY5XqJAwQ=
Subject key identifier: 04:C9:66:97:D4:A5:A0:12:1E:4F:E0:64:3A:54:BA:FB:FE:F0:42:AE
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01856BDCB4E5EA4AA30211F4F752591C2755
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/BMlml9SloBIeT-BkOlS6-_7wQq4.roa
Signing time: Sun 01 Jan 2023 05:45:04 +0000
ROA not before: Sun 01 Jan 2023 05:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210878
IP address blocks: 109.207.140.0/23 maxlen: 23
64.43.92.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:b4:e5:ea:4a:a3:02:11:f4:f7:52:59:1c:27:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04c96697d4a5a0121e4fe0643a54bafbfef042ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3e:96:79:66:4c:81:dd:e9:f9:03:26:b7:4e:
da:a9:65:aa:b2:53:67:98:19:fd:e8:e7:00:ec:5d:
8f:83:6b:e8:8d:53:9e:1d:d4:bd:83:8f:7d:ba:86:
63:5a:c1:07:69:3d:ba:21:9a:a9:48:ca:f8:c2:45:
5e:63:ba:05:f8:0b:98:37:e9:49:34:22:75:15:64:
60:23:eb:7d:f8:9c:c4:c7:e2:e6:5d:19:b5:a7:8c:
0c:f9:fe:62:db:eb:79:81:ea:3c:e4:06:d0:73:b9:
15:2c:f5:c1:b6:dc:45:16:35:28:50:29:13:a4:34:
4d:c3:17:48:8a:81:66:cd:b6:cf:21:3a:60:24:22:
8c:95:9d:ec:9a:54:f3:84:86:77:7a:c9:2d:d7:5d:
cf:c2:7e:90:38:43:fa:75:95:dd:0b:ff:04:9b:e5:
9f:83:72:e8:ec:31:f3:64:46:7d:5f:0e:85:ef:a2:
4f:71:fd:f0:d1:b5:ac:2a:b2:84:b4:a3:d9:16:76:
84:c4:a1:53:32:27:97:02:30:8b:10:82:54:b0:61:
a1:6b:12:ab:2f:dd:c9:43:9e:f7:69:22:05:7a:d7:
1b:8f:e5:fd:02:f2:ee:eb:dc:a7:89:c1:1a:bc:83:
9c:05:8d:0d:89:ef:f6:e9:62:2b:a5:b5:fe:7b:2b:
a0:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:C9:66:97:D4:A5:A0:12:1E:4F:E0:64:3A:54:BA:FB:FE:F0:42:AE
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/BMlml9SloBIeT-BkOlS6-_7wQq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.92.0/22
109.207.140.0/23
Signature Algorithm: sha256WithRSAEncryption
59:83:74:4d:1a:2f:fc:0a:7d:27:7b:5f:97:4f:9d:05:a9:b0:
42:18:51:82:17:95:54:ee:6c:f4:95:8b:85:77:b6:73:8b:50:
39:94:f0:5a:0a:cc:1f:ce:04:4d:d6:e1:47:38:f4:50:ec:62:
c8:ae:06:9f:8e:a5:09:d5:ad:b5:12:06:cc:7e:01:fc:d7:0b:
b3:b7:98:d8:13:e3:84:93:6f:af:1c:af:10:1e:8b:15:a6:51:
4f:71:81:35:9e:9f:98:a3:e2:ec:de:33:e1:8e:b3:86:22:b7:
c0:97:f4:b2:10:92:35:ef:9b:bf:b8:f2:cb:00:3f:bc:0a:34:
a5:6a:e0:1b:81:75:d0:13:dd:ad:df:be:d9:e0:c1:5d:ad:db:
48:6e:b4:45:1e:77:14:80:c2:4d:6c:6b:23:3b:45:db:3c:e4:
70:29:d5:80:e0:b8:9f:57:b2:a8:31:41:67:e5:ee:0c:fb:bc:
10:19:29:37:e6:e5:9a:25:20:02:84:57:e8:82:9d:f9:3e:eb:
9e:0a:1a:c4:a4:36:8d:c8:e9:96:51:08:9b:08:f9:b7:bc:7f:
3a:25:91:82:90:35:e2:1a:fe:9b:d7:1d:36:7d:9b:03:f6:82:
9e:50:05:bb:9d:2d:ad:6a:80:b6:f8:e7:f6:e5:a9:e2:dc:e1:
e4:f5:bf:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVr3LTl6kqjAhH091JZHCdVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMTAxMDU0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGM5NjY5N2Q0YTVhMDEyMWU0ZmUwNjQzYTU0YmFmYmZlZjA0MmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxT6WeWZMgd3p+QMmt07aqWWqslNn
mBn96OcA7F2Pg2vojVOeHdS9g499uoZjWsEHaT26IZqpSMr4wkVeY7oF+AuYN+lJ
NCJ1FWRgI+t9+JzEx+LmXRm1p4wM+f5i2+t5geo85AbQc7kVLPXBttxFFjUoUCkT
pDRNwxdIioFmzbbPITpgJCKMlZ3smlTzhIZ3eskt113Pwn6QOEP6dZXdC/8Em+Wf
g3Lo7DHzZEZ9Xw6F76JPcf3w0bWsKrKEtKPZFnaExKFTMieXAjCLEIJUsGGhaxKr
L93JQ573aSIFetcbj+X9AvLu69ynicEavIOcBY0Nie/26WIrpbX+eyugFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFATJZpfUpaASHk/gZDpUuvv+8EKuMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvQk1sbWw5U2xvQkllVC1Ca09sUzYtXzd3UXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCQCtcAwQB
bc+MMA0GCSqGSIb3DQEBCwUAA4IBAQBZg3RNGi/8Cn0ne1+XT50FqbBCGFGCF5VU
7mz0lYuFd7Zzi1A5lPBaCswfzgRN1uFHOPRQ7GLIrgafjqUJ1a21EgbMfgH81wuz
t5jYE+OEk2+vHK8QHosVplFPcYE1np+Yo+Ls3jPhjrOGIrfAl/SyEJI175u/uPLL
AD+8CjSlauAbgXXQE92t377Z4MFdrdtIbrRFHncUgMJNbGsjO0XbPORwKdWA4Lif
V7KoMUFn5e4M+7wQGSk35uWaJSAChFfogp35PuueChrEpDaNyOmWUQibCPm3vH86
JZGCkDXiGv6b1x02fZsD9oKeUAW7nS2taoC2+Of25ani3OHk9b+S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org