Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/BmI8-tuX7zJzyZjrKLV3VNqsNlo.roa
File: BmI8-tuX7zJzyZjrKLV3VNqsNlo.roa (raw, json)
Hash identifier: iVSaho6FJYyIyMnxscH2iXxg4w2yYYt5G/iHUqaYU+k=
Subject key identifier: 06:62:3C:FA:DB:97:EF:32:73:C9:98:EB:28:B5:77:54:DA:AC:36:5A
Certificate issuer: /CN=2864bb34fb5d16ca9d1fa3f9794cb48d4bed8473
Certificate serial: 0185728345AA0A21553E2F655C4D6384502A
Authority key identifier: 28:64:BB:34:FB:5D:16:CA:9D:1F:A3:F9:79:4C:B4:8D:4B:ED:84:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KGS7NPtdFsqdH6P5eUy0jUvthHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/BmI8-tuX7zJzyZjrKLV3VNqsNlo.roa
Signing time: Mon 02 Jan 2023 12:44:43 +0000
ROA not before: Mon 02 Jan 2023 12:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59456
IP address blocks: 194.99.66.0/23 maxlen: 23
45.88.128.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:45:aa:0a:21:55:3e:2f:65:5c:4d:63:84:50:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2864bb34fb5d16ca9d1fa3f9794cb48d4bed8473
Validity
Not Before: Jan 2 12:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06623cfadb97ef3273c998eb28b57754daac365a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2f:e7:58:70:95:41:63:c4:78:3f:14:53:37:
01:43:b3:8f:32:68:0f:22:2b:97:7e:ad:51:67:f1:
d6:4b:33:32:a0:cf:6b:38:a9:49:5c:34:9c:c2:ad:
ef:a2:6b:fa:24:5f:ef:ce:22:87:47:ea:61:a3:95:
e5:e4:ae:2f:95:96:05:6d:70:ad:72:28:29:7c:61:
16:8b:5b:e0:e4:39:a1:fd:3d:80:a9:c2:e6:32:e2:
94:95:b0:07:92:09:be:50:21:33:da:fb:00:06:ab:
ea:52:3a:b8:95:e4:7b:30:b9:ef:25:21:06:62:4c:
d7:a9:63:40:f7:f6:96:2c:7a:24:4a:41:89:85:3d:
9a:40:84:7d:9e:a9:05:c7:96:cc:50:d0:40:e7:bf:
62:3e:c5:e6:eb:04:e2:82:90:f5:ab:ca:ca:a2:87:
11:33:1c:92:50:97:f2:c7:3e:34:0a:38:09:a0:33:
09:25:70:2a:be:46:be:60:97:99:9f:ab:65:04:51:
d7:fa:3e:7e:37:bd:3f:4b:92:01:c0:6f:c6:a5:53:
84:1e:80:5f:80:30:75:f2:f3:aa:a3:8e:db:08:5b:
21:f2:19:e5:29:fa:e2:fc:fd:8a:9d:60:a6:af:32:
31:ef:ef:55:0d:37:7b:1d:22:6e:5e:de:16:a0:f1:
f7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:62:3C:FA:DB:97:EF:32:73:C9:98:EB:28:B5:77:54:DA:AC:36:5A
X509v3 Authority Key Identifier:
keyid:28:64:BB:34:FB:5D:16:CA:9D:1F:A3:F9:79:4C:B4:8D:4B:ED:84:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGS7NPtdFsqdH6P5eUy0jUvthHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/BmI8-tuX7zJzyZjrKLV3VNqsNlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/KGS7NPtdFsqdH6P5eUy0jUvthHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.128.0/22
194.99.66.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:ef:43:73:78:2e:b7:c1:f5:59:13:14:22:10:a7:48:fd:ba:
a8:79:7a:37:58:32:42:60:de:36:9f:2d:ef:d3:87:f1:52:c7:
e1:b0:3a:39:8a:ed:ed:d0:d4:c4:37:7e:a3:c9:f5:ef:f3:f5:
35:8c:98:dc:97:0f:39:b6:cc:3f:9a:55:38:95:49:63:45:6e:
53:b9:fa:12:1a:47:88:13:68:b7:6b:71:69:cb:9d:c7:d4:46:
8e:eb:20:54:84:06:62:2f:ec:58:c1:f3:87:3a:2e:6c:2b:5c:
33:74:e9:b0:95:36:58:21:aa:93:85:ce:52:e9:2a:c8:cf:09:
50:a8:c6:2b:99:7c:42:8d:0c:e6:b4:dc:3e:97:50:57:89:62:
21:bb:67:c9:03:9f:fc:67:b9:ef:df:2f:17:e7:98:2a:43:5b:
97:20:7b:07:80:80:b8:62:56:5b:a8:ab:f8:52:d0:15:e5:06:
8a:26:dc:2f:d2:9d:b5:e3:80:09:cd:0f:68:c7:0d:a0:3a:2d:
92:ee:92:52:40:49:cc:2f:1e:38:a5:9f:ac:f8:59:5f:42:36:
eb:a8:23:19:fc:56:7d:33:8e:57:fb:7c:06:db:bc:ab:20:1a:
6f:9f:60:5f:46:1a:ac:b8:e5:8e:21:71:20:eb:3d:9c:c9:a9:
c4:08:f5:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyg0WqCiFVPi9lXE1jhFAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NjRiYjM0ZmI1ZDE2Y2E5ZDFmYTNmOTc5NGNiNDhkNGJl
ZDg0NzMwHhcNMjMwMTAyMTI0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjYyM2NmYWRiOTdlZjMyNzNjOTk4ZWIyOGI1Nzc1NGRhYWMzNjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS/nWHCVQWPEeD8UUzcBQ7OPMmgP
IiuXfq1RZ/HWSzMyoM9rOKlJXDScwq3vomv6JF/vziKHR+pho5Xl5K4vlZYFbXCt
cigpfGEWi1vg5Dmh/T2AqcLmMuKUlbAHkgm+UCEz2vsABqvqUjq4leR7MLnvJSEG
YkzXqWNA9/aWLHokSkGJhT2aQIR9nqkFx5bMUNBA579iPsXm6wTigpD1q8rKoocR
MxySUJfyxz40CjgJoDMJJXAqvka+YJeZn6tlBFHX+j5+N70/S5IBwG/GpVOEHoBf
gDB18vOqo47bCFsh8hnlKfri/P2KnWCmrzIx7+9VDTd7HSJuXt4WoPH3+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAZiPPrbl+8yc8mY6yi1d1TarDZaMB8GA1UdIwQY
MBaAFChkuzT7XRbKnR+j+XlMtI1L7YRzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0dTN05QdGRGc3FkSDZQNWVVeTBqVXZ0aEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy80N2Y0NDUtNWVhOS00MzdkLWE1OWEt
NTkwMGE1OTQ3YjhkLzEvQm1JOC10dVg3ekp6eVpqcktMVjNWTnFzTmxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy80N2Y0NDUtNWVhOS00MzdkLWE1OWEtNTkwMGE1OTQ3Yjhk
LzEvS0dTN05QdGRGc3FkSDZQNWVVeTBqVXZ0aEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLViAAwQB
wmNCMA0GCSqGSIb3DQEBCwUAA4IBAQAd70NzeC63wfVZExQiEKdI/bqoeXo3WDJC
YN42ny3v04fxUsfhsDo5iu3t0NTEN36jyfXv8/U1jJjclw85tsw/mlU4lUljRW5T
ufoSGkeIE2i3a3Fpy53H1EaO6yBUhAZiL+xYwfOHOi5sK1wzdOmwlTZYIaqThc5S
6SrIzwlQqMYrmXxCjQzmtNw+l1BXiWIhu2fJA5/8Z7nv3y8X55gqQ1uXIHsHgIC4
YlZbqKv4UtAV5QaKJtwv0p2144AJzQ9oxw2gOi2S7pJSQEnMLx44pZ+s+FlfQjbr
qCMZ/FZ9M45X+3wG27yrIBpvn2BfRhqsuOWOIXEg6z2cyanECPUG
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:23:54 2024 by rpki-client on console-fra.rpki-client.org