Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/j2bi2FiUuJIjV2BGqtvMfJNHkRU.roa
File: j2bi2FiUuJIjV2BGqtvMfJNHkRU.roa (raw, json)
Hash identifier: LbUnYBTIliNWn6NTQNeErAIW1C5waawwYWF5DGevMk4=
Subject key identifier: 8F:66:E2:D8:58:94:B8:92:23:57:60:46:AA:DB:CC:7C:93:47:91:15
Certificate issuer: /CN=05bcde319a3dca2cf6744d2881ca91b83db9bdea
Certificate serial: 018A9311777261037C14B29E2E73E9BE2F61
Authority key identifier: 05:BC:DE:31:9A:3D:CA:2C:F6:74:4D:28:81:CA:91:B8:3D:B9:BD:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/j2bi2FiUuJIjV2BGqtvMfJNHkRU.roa
Signing time: Thu 14 Sep 2023 09:41:50 +0000
ROA not before: Thu 14 Sep 2023 09:41:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211775
IP address blocks: 194.59.0.0/23 maxlen: 23
5.150.8.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:11:77:72:61:03:7c:14:b2:9e:2e:73:e9:be:2f:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bcde319a3dca2cf6744d2881ca91b83db9bdea
Validity
Not Before: Sep 14 09:41:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f66e2d85894b89223576046aadbcc7c93479115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6d:2e:82:7c:e5:00:b3:3a:98:94:34:35:41:
ab:1e:77:46:10:f4:af:04:25:65:22:89:db:25:7b:
9e:8d:35:8f:c3:ef:56:d0:93:d8:03:b1:b8:72:37:
37:34:9c:af:5a:9e:cf:65:fc:81:fc:26:68:6e:ca:
4f:ec:b4:14:a4:be:a7:77:c0:dd:73:8e:76:03:82:
5f:ce:f5:d9:7e:7c:48:2c:cd:a2:7f:fb:8b:e4:d5:
52:ea:bd:7b:35:d5:73:0e:de:77:f9:bd:07:e1:3a:
81:b6:7f:26:1b:0a:d3:ee:cf:c2:17:58:7f:7c:0b:
4e:07:cc:af:9c:b1:4a:9d:9f:df:52:1f:0d:d2:08:
b6:4f:b0:fb:9c:44:eb:5a:d1:21:dd:7a:22:b0:7e:
82:d3:7f:a5:e9:37:9a:8d:a6:71:73:73:ea:52:3d:
5b:f7:74:44:85:7f:ac:59:45:5b:53:bc:49:e0:ba:
0b:b5:13:fe:ba:27:83:5d:ee:1f:6f:ae:11:fa:ed:
58:ca:6d:1d:9d:b6:d7:39:9b:7c:17:ee:78:1d:f8:
9e:63:b5:a0:36:ba:c2:ab:79:a5:e1:31:82:bd:d3:
02:36:df:11:18:e8:ad:84:df:ad:e3:c4:c4:1c:e5:
37:97:e3:c7:20:1e:8c:0e:43:8d:3b:3c:ae:33:d9:
85:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:66:E2:D8:58:94:B8:92:23:57:60:46:AA:DB:CC:7C:93:47:91:15
X509v3 Authority Key Identifier:
keyid:05:BC:DE:31:9A:3D:CA:2C:F6:74:4D:28:81:CA:91:B8:3D:B9:BD:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/j2bi2FiUuJIjV2BGqtvMfJNHkRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/BbzeMZo9yiz2dE0ogcqRuD25veo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.150.8.0/21
194.59.0.0/23
Signature Algorithm: sha256WithRSAEncryption
69:39:19:09:cc:9e:7b:f2:41:f1:4c:7e:05:7f:8f:bb:b7:62:
ee:69:87:a5:75:af:58:2a:b1:90:c0:75:bf:04:8a:fa:bf:52:
de:b9:f5:14:13:01:38:21:94:c2:11:b3:e6:31:22:3c:36:e7:
48:c2:b9:ae:60:ac:8f:16:33:56:6f:f2:ee:23:88:f9:59:ac:
13:a2:36:83:2a:42:b3:bd:3d:d0:07:b0:8c:ca:ba:fa:c1:f7:
8c:88:ab:b4:d2:b0:b8:3d:7f:aa:c6:d5:99:8a:d6:95:dd:16:
eb:93:42:3d:b8:80:7b:01:69:a3:27:1c:0b:be:e5:1a:e6:75:
e1:4d:0e:48:26:ae:eb:c0:9b:17:ed:d3:99:ef:c6:97:1f:10:
a7:f5:84:59:eb:e1:c8:7e:6a:2f:9c:29:b5:3a:63:57:ef:ea:
2f:4e:de:80:1e:f9:37:04:6d:92:3e:ef:ef:53:a1:08:05:b5:
35:28:e2:0e:a1:3c:35:d0:a5:73:32:5b:9f:ae:4d:d1:86:6a:
e1:be:ce:bd:bf:7e:23:5f:03:c7:bc:c9:76:1b:6a:29:72:44:
03:4a:9b:fc:5a:f5:b1:7e:ce:d0:da:51:e9:ab:09:78:ea:03:
0a:c1:52:49:f9:4e:22:53:45:cc:be:23:8c:e4:76:8e:57:ea:
6a:05:b1:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqTEXdyYQN8FLKeLnPpvi9hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmNkZTMxOWEzZGNhMmNmNjc0NGQyODgxY2E5MWI4M2Ri
OWJkZWEwHhcNMjMwOTE0MDk0MTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjY2ZTJkODU4OTRiODkyMjM1NzYwNDZhYWRiY2M3YzkzNDc5MTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxW0ugnzlALM6mJQ0NUGrHndGEPSv
BCVlIonbJXuejTWPw+9W0JPYA7G4cjc3NJyvWp7PZfyB/CZobspP7LQUpL6nd8Dd
c452A4JfzvXZfnxILM2if/uL5NVS6r17NdVzDt53+b0H4TqBtn8mGwrT7s/CF1h/
fAtOB8yvnLFKnZ/fUh8N0gi2T7D7nETrWtEh3XoisH6C03+l6TeajaZxc3PqUj1b
93REhX+sWUVbU7xJ4LoLtRP+uieDXe4fb64R+u1Yym0dnbbXOZt8F+54HfieY7Wg
NrrCq3ml4TGCvdMCNt8RGOithN+t48TEHOU3l+PHIB6MDkONOzyuM9mF+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI9m4thYlLiSI1dgRqrbzHyTR5EVMB8GA1UdIwQY
MBaAFAW83jGaPcos9nRNKIHKkbg9ub3qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJ6ZU1abzl5aXoyZEUwb2djcVJ1RDI1dmVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9lZDI4ZDUtNzhkMy00NWUyLWE3ZDMt
Njg2N2M0YWUzMTYxLzEvajJiaTJGaVV1SklqVjJCR3F0dk1mSk5Ia1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9lZDI4ZDUtNzhkMy00NWUyLWE3ZDMtNjg2N2M0YWUzMTYx
LzEvQmJ6ZU1abzl5aXoyZEUwb2djcVJ1RDI1dmVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBZYIAwQB
wjsAMA0GCSqGSIb3DQEBCwUAA4IBAQBpORkJzJ578kHxTH4Ff4+7t2LuaYelda9Y
KrGQwHW/BIr6v1LeufUUEwE4IZTCEbPmMSI8NudIwrmuYKyPFjNWb/LuI4j5WawT
ojaDKkKzvT3QB7CMyrr6wfeMiKu00rC4PX+qxtWZitaV3Rbrk0I9uIB7AWmjJxwL
vuUa5nXhTQ5IJq7rwJsX7dOZ78aXHxCn9YRZ6+HIfmovnCm1OmNX7+ovTt6AHvk3
BG2SPu/vU6EIBbU1KOIOoTw10KVzMlufrk3Rhmrhvs69v34jXwPHvMl2G2opckQD
Spv8WvWxfs7Q2lHpqwl46gMKwVJJ+U4iU0XMviOM5HaOV+pqBbGo
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:23 2024 by rpki-client on console-fra.rpki-client.org