Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/bJOyYxKG1vBO5rMSAzdVe-LZFzM.roa
File: bJOyYxKG1vBO5rMSAzdVe-LZFzM.roa (raw, json)
Hash identifier: SdarZZEYZxD+k0SFv4PXb0Ng1LyksUhPAjrWU5NfCdY=
Subject key identifier: 6C:93:B2:63:12:86:D6:F0:4E:E6:B3:12:03:37:55:7B:E2:D9:17:33
Certificate issuer: /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial: 0187E92D9820E7A6B1F20882E6C7A37DB6B7
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/bJOyYxKG1vBO5rMSAzdVe-LZFzM.roa
Signing time: Thu 04 May 2023 23:51:32 +0000
ROA not before: Thu 04 May 2023 23:51:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51540
IP address blocks: 176.43.129.0/24 maxlen: 24
176.43.128.0/24 maxlen: 24
176.43.132.0/24 maxlen: 24
176.43.131.0/24 maxlen: 24
176.43.130.0/24 maxlen: 24
176.43.133.0/24 maxlen: 24
176.43.135.0/24 maxlen: 24
176.43.134.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e9:2d:98:20:e7:a6:b1:f2:08:82:e6:c7:a3:7d:b6:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Validity
Not Before: May 4 23:51:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c93b2631286d6f04ee6b3120337557be2d91733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4a:a9:96:38:95:30:d8:5a:d3:27:ff:89:f6:
3e:1c:5f:a8:ab:dc:40:3f:12:68:7e:76:bf:5c:6d:
fb:15:ad:a8:28:e1:d6:94:ac:10:19:41:a4:71:9f:
aa:98:f3:ae:78:27:10:4a:80:20:1b:d3:2d:3c:55:
84:0a:10:f0:54:3f:2d:53:34:a8:f2:6d:28:ab:6a:
8a:d7:0e:69:5a:7b:7d:e4:5f:90:c1:1d:5a:3f:bc:
27:9a:e2:4d:b0:3b:08:d8:f4:2f:2a:28:be:af:02:
88:34:0f:5e:67:bd:08:d0:5d:4f:13:e6:e3:70:f7:
25:f8:e0:8a:b0:0f:b5:7f:da:63:70:c0:ff:82:c0:
0f:fd:8d:7e:2a:59:c4:1b:8b:66:9d:de:7e:5c:1f:
94:d4:02:a7:7c:ae:5b:aa:24:0c:6b:ca:98:2c:c1:
a5:45:d2:5b:d9:df:80:7f:e0:39:d6:91:26:a3:33:
1f:e1:a0:74:03:0d:5e:7e:09:1f:61:6f:c0:08:7b:
fe:c2:d9:c0:b4:d9:6c:41:09:2d:6d:9e:cd:66:45:
7e:68:f7:32:cc:74:0e:e1:a3:64:ef:2e:10:c3:38:
56:6e:8d:45:99:d2:03:ef:10:0d:1c:38:ab:31:91:
bf:e6:62:a8:d3:ea:56:37:37:37:aa:a4:52:9f:ea:
4a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:93:B2:63:12:86:D6:F0:4E:E6:B3:12:03:37:55:7B:E2:D9:17:33
X509v3 Authority Key Identifier:
keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/bJOyYxKG1vBO5rMSAzdVe-LZFzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.43.128.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:8e:d9:e7:f4:b1:99:1b:66:12:6f:25:55:70:b6:ba:46:73:
2b:8c:f0:1d:6a:a3:6c:22:af:72:de:44:70:09:f3:38:7b:58:
ba:6b:8f:ae:61:fc:71:14:d4:48:37:95:af:4d:b8:0e:c0:c8:
98:72:91:c1:c4:95:1e:6c:d9:0d:9c:97:bc:a8:80:02:71:f9:
ec:c9:cd:07:e8:6d:c3:c7:f4:e7:6b:79:b0:6a:1d:e5:8a:d6:
2e:8c:5e:4b:a6:d9:9b:f6:8a:b8:14:7e:06:3f:8d:a5:40:93:
58:8a:4d:a4:b9:d1:60:5b:df:fa:5a:1a:ff:82:77:26:11:35:
77:41:b4:a4:54:c7:b4:1a:84:33:49:41:d3:4b:bc:08:3e:ab:
88:70:2d:f8:a7:ac:20:d7:22:59:bf:55:4e:e8:65:90:78:a6:
92:a3:b2:02:95:62:c1:34:b4:d2:fa:3a:a4:04:5f:41:63:89:
5c:4f:5c:f3:a9:af:d5:09:d6:9c:91:be:75:84:6f:6f:b4:e5:
37:2f:e5:13:30:c0:98:d9:a2:49:c6:0c:2e:22:6a:26:4d:44:
15:87:3b:e5:0d:7d:99:00:02:c9:b8:17:c6:44:96:33:1c:01:
bc:98:64:2b:91:ad:e4:e8:f3:03:1e:d0:f6:03:09:d7:97:20:
82:e6:b4:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfpLZgg56ax8giC5sejfba3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWQzMGU2MDM1YmU4YjgzODYwNjFmMjcxNDgxYzcwN2Uw
NGNlMmIwHhcNMjMwNTA0MjM1MTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzkzYjI2MzEyODZkNmYwNGVlNmIzMTIwMzM3NTU3YmUyZDkxNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEqpljiVMNha0yf/ifY+HF+oq9xA
PxJofna/XG37Fa2oKOHWlKwQGUGkcZ+qmPOueCcQSoAgG9MtPFWEChDwVD8tUzSo
8m0oq2qK1w5pWnt95F+QwR1aP7wnmuJNsDsI2PQvKii+rwKINA9eZ70I0F1PE+bj
cPcl+OCKsA+1f9pjcMD/gsAP/Y1+KlnEG4tmnd5+XB+U1AKnfK5bqiQMa8qYLMGl
RdJb2d+Af+A51pEmozMf4aB0Aw1efgkfYW/ACHv+wtnAtNlsQQktbZ7NZkV+aPcy
zHQO4aNk7y4QwzhWbo1FmdID7xANHDirMZG/5mKo0+pWNzc3qqRSn+pKiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGyTsmMShtbwTuazEgM3VXvi2RczMB8GA1UdIwQY
MBaAFLqdMOYDW+i4OGBh8nFIHHB+BM4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgt
NWQ1ODRmYmM1ZDI3LzEvYkpPeVl4S0cxdkJPNXJNU0F6ZFZlLUxaRnpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgtNWQ1ODRmYmM1ZDI3
LzEvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsCuAMA0G
CSqGSIb3DQEBCwUAA4IBAQCKjtnn9LGZG2YSbyVVcLa6RnMrjPAdaqNsIq9y3kRw
CfM4e1i6a4+uYfxxFNRIN5WvTbgOwMiYcpHBxJUebNkNnJe8qIACcfnsyc0H6G3D
x/Tna3mwah3litYujF5Lptmb9oq4FH4GP42lQJNYik2kudFgW9/6Whr/gncmETV3
QbSkVMe0GoQzSUHTS7wIPquIcC34p6wg1yJZv1VO6GWQeKaSo7IClWLBNLTS+jqk
BF9BY4lcT1zzqa/VCdackb51hG9vtOU3L+UTMMCY2aJJxgwuImomTUQVhzvlDX2Z
AALJuBfGRJYzHAG8mGQrka3k6PMDHtD2AwnXlyCC5rTw
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:35 2024 by rpki-client on console-fra.rpki-client.org