Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/d6de9f-30c6-46a5-84d1-8d15569b5bfe/1/bncwF5XEDixyfNM2uwyS0yuVoUs.roa
File: bncwF5XEDixyfNM2uwyS0yuVoUs.roa (raw, json)
Hash identifier: 9Uzk/udu56IbvZEOk3iO2lsDglzUuaRJWa7yrDQoHm8=
Subject key identifier: 6E:77:30:17:95:C4:0E:2C:72:7C:D3:36:BB:0C:92:D3:2B:95:A1:4B
Certificate issuer: /CN=6ec392f83e38f92a5d6f3b7a64b36f8c4b3509e6
Certificate serial: 01912E1578AFD62C5D2A06E88AC9D11C2E8E
Authority key identifier: 6E:C3:92:F8:3E:38:F9:2A:5D:6F:3B:7A:64:B3:6F:8C:4B:35:09:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bsOS-D44-Spdbzt6ZLNvjEs1CeY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/d6de9f-30c6-46a5-84d1-8d15569b5bfe/1/bncwF5XEDixyfNM2uwyS0yuVoUs.roa
Signing time: Wed 07 Aug 2024 18:24:04 +0000
ROA not before: Wed 07 Aug 2024 18:24:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51579
IP address blocks: 178.213.112.0/21 maxlen: 22
178.213.112.0/22 maxlen: 22
178.213.116.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2e:15:78:af:d6:2c:5d:2a:06:e8:8a:c9:d1:1c:2e:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ec392f83e38f92a5d6f3b7a64b36f8c4b3509e6
Validity
Not Before: Aug 7 18:24:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e77301795c40e2c727cd336bb0c92d32b95a14b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:64:fd:b4:aa:f8:75:9b:d5:4b:11:fe:f2:d4:
dc:02:df:21:3c:b0:76:42:c5:8a:34:a2:e1:37:2c:
0e:04:fb:40:e0:6c:09:b2:90:34:76:fb:99:d5:65:
cf:ba:ef:22:52:a3:bc:21:a8:0b:67:4b:cf:b2:4b:
da:4c:1c:93:7a:65:ee:a7:f4:33:e1:4e:7b:74:32:
a6:0b:75:f6:a3:13:e5:3e:ea:68:db:e0:6e:9f:25:
a9:28:07:f6:bf:db:fb:ed:0b:1f:5f:78:a1:6a:0f:
0e:f0:31:de:8e:27:bd:e8:3f:0e:73:89:ce:c3:4d:
15:c4:f9:7c:29:c7:97:c0:f8:c2:8f:47:c9:21:32:
3a:6f:e8:bf:ce:f6:92:50:a4:3d:94:30:10:69:2c:
5a:7d:33:d2:7a:f8:a9:20:18:49:dc:99:f4:ec:6d:
34:92:5d:49:a5:d6:69:00:6a:a4:14:17:5c:fb:69:
1a:4b:41:26:82:15:f1:c1:ed:3c:19:ba:04:4c:eb:
72:2e:72:e6:f8:fa:a1:d3:11:5f:3b:34:ab:1b:66:
a0:99:c3:49:7e:d0:47:cd:98:a1:4e:cf:ba:97:d7:
c3:07:1b:69:37:ae:03:57:ed:50:f0:24:dd:22:6f:
bd:77:bf:7f:b5:4c:1e:61:61:1b:9c:8e:68:03:c4:
1d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:77:30:17:95:C4:0E:2C:72:7C:D3:36:BB:0C:92:D3:2B:95:A1:4B
X509v3 Authority Key Identifier:
keyid:6E:C3:92:F8:3E:38:F9:2A:5D:6F:3B:7A:64:B3:6F:8C:4B:35:09:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bsOS-D44-Spdbzt6ZLNvjEs1CeY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d6de9f-30c6-46a5-84d1-8d15569b5bfe/1/bncwF5XEDixyfNM2uwyS0yuVoUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d6de9f-30c6-46a5-84d1-8d15569b5bfe/1/bsOS-D44-Spdbzt6ZLNvjEs1CeY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.213.112.0/21
Signature Algorithm: sha256WithRSAEncryption
29:da:c2:dc:ee:11:92:f6:26:df:91:52:53:27:c0:c9:9e:df:
aa:13:65:41:49:9e:00:7a:a7:ca:97:6d:88:1f:36:1b:18:92:
7f:18:e0:03:9b:2a:f9:fb:e1:52:29:47:e1:1c:c4:a4:68:ef:
67:1f:84:36:f0:25:ac:80:15:6b:13:51:a9:51:d3:e7:25:50:
9e:37:66:d4:a8:c9:6d:16:33:37:d5:a7:7e:b4:b1:54:74:7b:
1c:fe:d7:38:f5:84:67:5a:05:e4:e1:ab:a2:08:a0:50:8d:bd:
0a:ea:ed:49:04:c9:58:91:60:42:a0:34:64:b1:56:a5:a4:ab:
54:a3:38:c9:e0:98:a7:4b:49:c6:60:83:cc:01:ef:39:24:10:
27:b4:d8:66:e9:eb:5d:03:38:ff:b7:e6:a9:36:ae:18:6b:70:
e3:a7:6e:cc:a2:81:53:6a:ff:22:5f:ec:e5:b4:a8:c4:17:41:
5f:2e:10:02:8a:cc:46:81:07:cc:e1:88:1a:fd:a4:9c:41:b5:
23:f6:29:59:fd:a9:df:aa:f5:97:91:a3:90:e4:8c:c7:fd:22:
ea:08:95:96:df:22:20:4a:88:c3:57:67:2e:5b:81:71:8a:31:
33:19:8e:29:f4:cb:4f:9d:9c:12:79:b3:76:06:15:99:18:64:
01:81:b1:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEuFXiv1ixdKgboisnRHC6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlYzM5MmY4M2UzOGY5MmE1ZDZmM2I3YTY0YjM2ZjhjNGIz
NTA5ZTYwHhcNMjQwODA3MTgyNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTc3MzAxNzk1YzQwZTJjNzI3Y2QzMzZiYjBjOTJkMzJiOTVhMTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2T9tKr4dZvVSxH+8tTcAt8hPLB2
QsWKNKLhNywOBPtA4GwJspA0dvuZ1WXPuu8iUqO8IagLZ0vPskvaTByTemXup/Qz
4U57dDKmC3X2oxPlPupo2+BunyWpKAf2v9v77QsfX3ihag8O8DHejie96D8Oc4nO
w00VxPl8KceXwPjCj0fJITI6b+i/zvaSUKQ9lDAQaSxafTPSevipIBhJ3Jn07G00
kl1JpdZpAGqkFBdc+2kaS0EmghXxwe08GboETOtyLnLm+Pqh0xFfOzSrG2agmcNJ
ftBHzZihTs+6l9fDBxtpN64DV+1Q8CTdIm+9d79/tUweYWEbnI5oA8QdxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG53MBeVxA4scnzTNrsMktMrlaFLMB8GA1UdIwQY
MBaAFG7Dkvg+OPkqXW87emSzb4xLNQnmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnNPUy1ENDQtU3BkYnp0NlpMTnZqRXMxQ2VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9kNmRlOWYtMzBjNi00NmE1LTg0ZDEt
OGQxNTU2OWI1YmZlLzEvYm5jd0Y1WEVEaXh5Zk5NMnV3eVMweXVWb1VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9kNmRlOWYtMzBjNi00NmE1LTg0ZDEtOGQxNTU2OWI1YmZl
LzEvYnNPUy1ENDQtU3BkYnp0NlpMTnZqRXMxQ2VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDstVwMA0G
CSqGSIb3DQEBCwUAA4IBAQAp2sLc7hGS9ibfkVJTJ8DJnt+qE2VBSZ4AeqfKl22I
HzYbGJJ/GOADmyr5++FSKUfhHMSkaO9nH4Q28CWsgBVrE1GpUdPnJVCeN2bUqMlt
FjM31ad+tLFUdHsc/tc49YRnWgXk4auiCKBQjb0K6u1JBMlYkWBCoDRksValpKtU
ozjJ4JinS0nGYIPMAe85JBAntNhm6etdAzj/t+apNq4Ya3Djp27MooFTav8iX+zl
tKjEF0FfLhACisxGgQfM4Yga/aScQbUj9ilZ/anfqvWXkaOQ5IzH/SLqCJWW3yIg
SojDV2cuW4FxijEzGY4p9MtPnZwSebN2BhWZGGQBgbGD
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:52 2025 by rpki-client