Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/36190d-1c6c-48c6-a414-2fbb208ad182/1/bGaMEDo5dz0_Nm35puirEj0NyCE.roa
File: bGaMEDo5dz0_Nm35puirEj0NyCE.roa (raw, json)
Hash identifier: AH1nbwe+7bdAfWsdxyfRbAVS1SY9r5JfKndL41unydg=
Subject key identifier: 6C:66:8C:10:3A:39:77:3D:3F:36:6D:F9:A6:E8:AB:12:3D:0D:C8:21
Certificate issuer: /CN=f9c9e0305cfed5794448732a8b0bd8427450d813
Certificate serial: 01869DBF5576B089933335A4E0A0DC1B4E78
Authority key identifier: F9:C9:E0:30:5C:FE:D5:79:44:48:73:2A:8B:0B:D8:42:74:50:D8:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-cngMFz-1XlESHMqiwvYQnRQ2BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/36190d-1c6c-48c6-a414-2fbb208ad182/1/bGaMEDo5dz0_Nm35puirEj0NyCE.roa
Signing time: Wed 01 Mar 2023 15:16:47 +0000
ROA not before: Wed 01 Mar 2023 15:16:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.76.38.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9d:bf:55:76:b0:89:93:33:35:a4:e0:a0:dc:1b:4e:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9c9e0305cfed5794448732a8b0bd8427450d813
Validity
Not Before: Mar 1 15:16:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c668c103a39773d3f366df9a6e8ab123d0dc821
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ed:37:2a:6d:e0:25:16:b2:15:82:b9:1d:70:
c0:21:87:de:d8:74:93:f0:9d:ef:df:78:7e:81:f1:
2e:18:7f:a4:58:94:09:6d:10:a9:8c:7c:e8:4b:95:
90:8c:c8:7e:5d:4f:49:c5:94:3c:7a:78:0b:32:be:
31:6b:6d:4e:77:28:21:95:b0:5d:59:03:ba:6c:49:
be:39:85:57:fd:bd:12:4a:c7:af:a5:be:52:a7:15:
9c:1d:03:02:00:1b:f1:4a:77:0d:17:ec:ee:ac:68:
2d:12:53:e1:6c:56:8d:62:fa:84:53:30:73:0b:9e:
d8:61:f7:7c:83:8d:fb:4c:0a:ea:e6:33:12:21:9e:
ac:d6:8f:b1:b9:e7:8f:7f:81:29:8c:30:b3:fa:c2:
7d:61:94:ce:76:b4:09:a9:dc:07:97:ea:cb:48:be:
46:93:8d:92:65:e8:87:05:bc:2e:df:9d:5a:7c:3a:
97:89:1a:64:2a:d9:78:0c:f2:7f:f3:4c:52:1b:b9:
f5:31:27:2d:1b:c8:2f:5d:64:38:59:f7:95:15:77:
00:b1:3f:37:69:f0:db:42:62:88:22:c8:c8:53:6b:
24:1c:fc:d1:67:36:f3:e6:02:a5:30:af:5e:f6:86:
60:fe:54:f8:a6:c7:e1:78:70:72:0c:0f:0f:cb:15:
6b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:66:8C:10:3A:39:77:3D:3F:36:6D:F9:A6:E8:AB:12:3D:0D:C8:21
X509v3 Authority Key Identifier:
keyid:F9:C9:E0:30:5C:FE:D5:79:44:48:73:2A:8B:0B:D8:42:74:50:D8:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-cngMFz-1XlESHMqiwvYQnRQ2BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/36190d-1c6c-48c6-a414-2fbb208ad182/1/bGaMEDo5dz0_Nm35puirEj0NyCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/36190d-1c6c-48c6-a414-2fbb208ad182/1/1-cngMFz-1XlESHMqiwvYQnRQ2BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.38.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:1a:31:43:76:76:b5:bc:94:d7:72:3c:53:f6:7e:f1:a7:25:
00:82:8a:81:71:83:2c:e6:6d:19:dc:c6:30:29:e8:7d:f5:74:
0c:1c:73:34:37:2d:2d:f4:d9:26:43:18:eb:3c:be:8a:71:56:
6f:65:5c:32:8f:06:ca:fd:62:fd:f1:1a:58:a9:c1:73:99:6d:
14:ab:3f:d5:df:7c:41:3d:d7:f2:ac:63:e4:73:f9:09:72:7f:
21:2b:42:e3:f6:8e:22:99:91:ec:c8:a0:c7:1a:9b:62:19:f3:
34:20:0b:3f:bf:64:a7:7f:eb:0a:6c:ae:1e:74:e2:10:58:fb:
36:2b:2b:d2:83:93:69:fc:8a:d3:c2:23:a4:fa:cb:88:24:fe:
5b:23:6b:69:6d:b1:6c:4b:99:5a:2f:6d:f8:4c:ef:ee:30:1e:
17:61:42:58:4b:e2:09:94:35:24:43:bc:5e:a3:25:8d:b0:0f:
90:6c:86:cf:27:37:e8:37:76:0b:3f:89:59:fa:2f:d5:2a:fb:
73:ff:dc:66:10:65:0c:7f:cc:4b:ea:73:19:e7:93:5e:dc:28:
bd:b6:62:2c:70:dd:e3:aa:5b:ad:aa:48:5b:bd:b9:99:e0:04:
16:cb:86:e3:e4:86:67:d1:6a:b5:77:9b:6a:96:4a:2b:d3:fc:
8e:ff:36:2c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYadv1V2sImTMzWk4KDcG054MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5YzllMDMwNWNmZWQ1Nzk0NDQ4NzMyYThiMGJkODQyNzQ1
MGQ4MTMwHhcNMjMwMzAxMTUxNjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzY2OGMxMDNhMzk3NzNkM2YzNjZkZjlhNmU4YWIxMjNkMGRjODIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3O03Km3gJRayFYK5HXDAIYfe2HST
8J3v33h+gfEuGH+kWJQJbRCpjHzoS5WQjMh+XU9JxZQ8engLMr4xa21OdyghlbBd
WQO6bEm+OYVX/b0SSsevpb5SpxWcHQMCABvxSncNF+zurGgtElPhbFaNYvqEUzBz
C57YYfd8g437TArq5jMSIZ6s1o+xueePf4EpjDCz+sJ9YZTOdrQJqdwHl+rLSL5G
k42SZeiHBbwu351afDqXiRpkKtl4DPJ/80xSG7n1MSctG8gvXWQ4WfeVFXcAsT83
afDbQmKIIsjIU2skHPzRZzbz5gKlMK9e9oZg/lT4psfheHByDA8PyxVr6QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGxmjBA6OXc9PzZt+aboqxI9DcghMB8GA1UdIwQY
MBaAFPnJ4DBc/tV5REhzKosL2EJ0UNgTMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1jbmdNRnotMVhsRVNITXFpd3ZZUW5SUTJCTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcvMzYxOTBkLTFjNmMtNDhjNi1hNDE0
LTJmYmIyMDhhZDE4Mi8xL2JHYU1FRG81ZHowX05tMzVwdWlyRWowTnlDRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzcvMzYxOTBkLTFjNmMtNDhjNi1hNDE0LTJmYmIyMDhhZDE4
Mi8xLzEtY25nTUZ6LTFYbEVTSE1xaXd2WVFuUlEyQk0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5TCYw
DQYJKoZIhvcNAQELBQADggEBALwaMUN2drW8lNdyPFP2fvGnJQCCioFxgyzmbRnc
xjAp6H31dAwcczQ3LS302SZDGOs8vopxVm9lXDKPBsr9Yv3xGlipwXOZbRSrP9Xf
fEE91/KsY+Rz+QlyfyErQuP2jiKZkezIoMcam2IZ8zQgCz+/ZKd/6wpsrh504hBY
+zYrK9KDk2n8itPCI6T6y4gk/lsja2ltsWxLmVovbfhM7+4wHhdhQlhL4gmUNSRD
vF6jJY2wD5Bshs8nN+g3dgs/iVn6L9Uq+3P/3GYQZQx/zEvqcxnnk17cKL22Yixw
3eOqW62qSFu9uZngBBbLhuPkhmfRarV3m2qWSivT/I7/Niw=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:42 2024 by rpki-client on console-fra.rpki-client.org