Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/Bj5D0JvdZY-2gX7111NK12BKeVg.roa
File: Bj5D0JvdZY-2gX7111NK12BKeVg.roa (raw, json)
Hash identifier: f3u7iRQn0wGrO/wENX3vTrihnyZYv0QfVMxGTlNS7d8=
Subject key identifier: 06:3E:43:D0:9B:DD:65:8F:B6:81:7E:F5:D7:53:4A:D7:60:4A:79:58
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 01857169E398D46E5C1BACCD6456864E1C61
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/Bj5D0JvdZY-2gX7111NK12BKeVg.roa
Signing time: Mon 02 Jan 2023 07:37:23 +0000
ROA not before: Mon 02 Jan 2023 07:37:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44547
IP address blocks: 193.31.116.0/24 maxlen: 24
213.226.119.0/24 maxlen: 24
176.98.41.0/24 maxlen: 24
84.54.13.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:e3:98:d4:6e:5c:1b:ac:cd:64:56:86:4e:1c:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jan 2 07:37:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=063e43d09bdd658fb6817ef5d7534ad7604a7958
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:77:ed:ab:96:bc:90:61:44:01:53:2e:8d:ea:
3b:01:00:05:31:0f:f1:34:94:f2:05:f0:9e:b3:df:
33:8d:71:10:90:bb:3a:ea:06:53:cd:3d:ca:1e:ec:
a3:77:e3:05:88:92:51:ba:f1:c6:18:e6:73:28:f0:
e6:0d:26:b5:5d:ce:74:b3:c6:98:6a:34:55:56:6d:
6c:e7:83:b0:3a:7e:91:a3:fb:d1:b6:cc:d0:7c:4d:
72:de:85:16:51:ae:a5:94:e0:b5:e6:60:6b:19:73:
b9:2e:5c:2f:a7:04:af:43:42:cb:d4:5f:dd:b2:c0:
73:45:be:34:7e:81:8f:d0:e6:1c:16:67:91:a2:5d:
e8:3f:87:30:3c:cc:6c:4f:2d:e1:d2:90:e0:b4:8f:
e4:41:e1:0e:8a:a5:21:c2:80:1d:4c:a1:7a:d2:4a:
80:c1:b7:9c:c6:f8:e9:65:17:b1:81:a6:c0:15:47:
45:6a:a6:31:d8:21:17:23:3f:9b:5a:ad:97:0b:77:
c0:71:ef:94:c7:75:5e:07:9c:24:36:cf:81:7f:86:
f6:11:9f:55:e4:1b:40:19:03:45:81:35:5c:29:ac:
ec:0d:6f:c8:40:19:f2:47:30:d0:03:19:c0:88:2c:
f2:51:4e:aa:04:3d:ea:cb:ee:a8:01:8f:d0:18:fe:
42:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:3E:43:D0:9B:DD:65:8F:B6:81:7E:F5:D7:53:4A:D7:60:4A:79:58
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/Bj5D0JvdZY-2gX7111NK12BKeVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.13.0/24
176.98.41.0/24
193.31.116.0/24
213.226.119.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:4f:a6:f9:15:aa:50:32:6b:b7:f1:45:6d:82:4b:6f:4f:8f:
d8:03:63:57:dc:57:05:e0:a4:e6:6b:88:b0:39:8c:21:a6:25:
82:28:cb:b5:37:10:ce:81:65:e4:98:96:fb:38:34:4b:8e:d0:
fa:87:3f:c0:10:d8:0e:50:2b:f1:50:36:66:2c:57:a3:f3:0e:
3e:04:0a:0a:28:af:d4:d9:4a:03:d6:d8:60:ed:8a:f0:6e:da:
23:a7:64:00:65:10:0a:bd:cc:1b:56:67:b2:e0:ff:25:12:57:
58:d6:18:ce:ba:46:0c:b9:19:32:41:4b:a5:b1:44:da:65:53:
2e:da:d4:56:ce:2c:53:91:ca:ee:f0:75:82:ed:9f:69:d9:95:
28:59:f7:79:cf:e8:e3:fa:05:19:3e:00:82:26:b2:b5:82:56:
11:0c:32:f6:93:9f:ec:39:24:9d:4a:6a:ea:17:0f:78:ec:b2:
69:d7:c5:ac:80:af:83:37:f6:27:e1:78:db:22:e2:30:5b:eb:
85:18:c8:a6:d9:9d:60:2f:14:41:07:59:41:c8:d4:65:ae:f4:
0d:aa:21:0b:ff:58:4f:7b:ed:5f:d4:ee:e6:4a:e6:18:18:cf:
d1:58:39:70:a3:98:6e:65:4d:8a:dc:77:d0:ca:a5:d8:46:b9:
04:17:59:75
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxaeOY1G5cG6zNZFaGThxhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjMwMTAyMDczNzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjNlNDNkMDliZGQ2NThmYjY4MTdlZjVkNzUzNGFkNzYwNGE3OTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXftq5a8kGFEAVMujeo7AQAFMQ/x
NJTyBfCes98zjXEQkLs66gZTzT3KHuyjd+MFiJJRuvHGGOZzKPDmDSa1Xc50s8aY
ajRVVm1s54OwOn6Ro/vRtszQfE1y3oUWUa6llOC15mBrGXO5LlwvpwSvQ0LL1F/d
ssBzRb40foGP0OYcFmeRol3oP4cwPMxsTy3h0pDgtI/kQeEOiqUhwoAdTKF60kqA
wbecxvjpZRexgabAFUdFaqYx2CEXIz+bWq2XC3fAce+Ux3VeB5wkNs+Bf4b2EZ9V
5BtAGQNFgTVcKazsDW/IQBnyRzDQAxnAiCzyUU6qBD3qy+6oAY/QGP5CAQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAY+Q9Cb3WWPtoF+9ddTStdgSnlYMB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvQmo1RDBKdmRaWS0yZ1g3MTExTksxMkJLZVZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVDYNAwQA
sGIpAwQAwR90AwQA1eJ3MA0GCSqGSIb3DQEBCwUAA4IBAQDFT6b5FapQMmu38UVt
gktvT4/YA2NX3FcF4KTma4iwOYwhpiWCKMu1NxDOgWXkmJb7ODRLjtD6hz/AENgO
UCvxUDZmLFej8w4+BAoKKK/U2UoD1thg7Yrwbtojp2QAZRAKvcwbVmey4P8lEldY
1hjOukYMuRkyQUulsUTaZVMu2tRWzixTkcru8HWC7Z9p2ZUoWfd5z+jj+gUZPgCC
JrK1glYRDDL2k5/sOSSdSmrqFw947LJp18WsgK+DN/Yn4XjbIuIwW+uFGMim2Z1g
LxRBB1lByNRlrvQNqiEL/1hPe+1f1O7mSuYYGM/RWDlwo5huZU2K3HfQyqXYRrkE
F1l1
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:05 2024 by rpki-client on console-ams.rpki-client.org