Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/BqHJcK9aYzokqR3I8lXM4Ivsa2w.roa
File: BqHJcK9aYzokqR3I8lXM4Ivsa2w.roa (raw, json)
Hash identifier: SwE+Hf7+rhNR/XENogsXopaoMU5pB6gep+wKTAFkMrg=
Subject key identifier: 06:A1:C9:70:AF:5A:63:3A:24:A9:1D:C8:F2:55:CC:E0:8B:EC:6B:6C
Certificate issuer: /CN=02fc5c064f5159c8a1fa4066c8cb8ff701671dd2
Certificate serial: 01856B9C6703F182CDC2E5C0F2FDD31C16CA
Authority key identifier: 02:FC:5C:06:4F:51:59:C8:A1:FA:40:66:C8:CB:8F:F7:01:67:1D:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AvxcBk9RWcih-kBmyMuP9wFnHdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/BqHJcK9aYzokqR3I8lXM4Ivsa2w.roa
Signing time: Sun 01 Jan 2023 04:34:50 +0000
ROA not before: Sun 01 Jan 2023 04:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208731
IP address blocks: 147.78.192.0/23 maxlen: 24
185.203.112.0/24 maxlen: 24
2a0f:98c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:9c:67:03:f1:82:cd:c2:e5:c0:f2:fd:d3:1c:16:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02fc5c064f5159c8a1fa4066c8cb8ff701671dd2
Validity
Not Before: Jan 1 04:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06a1c970af5a633a24a91dc8f255cce08bec6b6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6d:7d:33:a8:57:a1:50:14:b7:57:b7:86:56:
8a:5a:5a:09:ae:02:33:f0:0c:9e:64:96:9c:d2:01:
c6:78:34:9b:56:7d:75:c2:6e:7a:10:c2:60:26:08:
d5:21:b9:e2:fe:4a:01:19:f6:3a:94:41:cf:7d:fe:
b5:2d:b1:de:d0:7a:31:03:cf:e7:26:03:05:b6:6a:
71:82:35:d7:68:94:21:56:92:9f:9e:58:3d:e8:40:
54:69:ec:e7:d5:ae:6f:71:f6:fd:53:67:75:9d:7e:
bd:33:eb:dc:82:39:78:56:ab:02:3c:10:98:04:83:
a8:c0:cf:c9:ae:68:50:a8:04:78:bd:c3:42:f7:e2:
b0:fe:25:2a:6e:83:8d:1f:b2:43:fb:92:8f:e5:32:
c2:7d:c9:eb:fd:af:de:ab:b0:1c:81:6d:d1:17:af:
cf:20:4f:96:e0:40:f4:69:b4:8f:1c:9b:ae:7e:13:
96:f4:5e:4d:f7:3c:02:82:10:f9:a2:6f:b8:9e:3e:
10:5b:c8:9d:61:71:6a:1a:77:ca:7a:93:29:2e:67:
1a:46:aa:f0:96:75:c6:04:aa:14:7b:22:30:f8:cc:
92:39:cf:84:ea:a3:ac:ca:c9:d5:fb:ad:2a:3f:95:
45:de:b8:35:08:75:da:3e:6d:7d:b0:9f:96:3a:de:
9d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A1:C9:70:AF:5A:63:3A:24:A9:1D:C8:F2:55:CC:E0:8B:EC:6B:6C
X509v3 Authority Key Identifier:
keyid:02:FC:5C:06:4F:51:59:C8:A1:FA:40:66:C8:CB:8F:F7:01:67:1D:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AvxcBk9RWcih-kBmyMuP9wFnHdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/BqHJcK9aYzokqR3I8lXM4Ivsa2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/AvxcBk9RWcih-kBmyMuP9wFnHdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.192.0/23
185.203.112.0/24
IPv6:
2a0f:98c0::/29
Signature Algorithm: sha256WithRSAEncryption
5e:bb:78:c7:51:fd:34:5b:19:e2:58:b0:ef:c3:20:12:22:4d:
f4:64:e7:4f:29:93:70:1a:02:7b:64:9c:4a:1a:bc:65:79:7f:
0c:8e:7f:fa:1f:94:4a:a6:ff:bf:17:e5:14:36:9c:cc:9f:26:
35:e8:e2:8b:22:1b:45:5c:c9:d9:fb:5b:8b:7c:1d:06:0e:30:
b1:7e:2b:ff:a6:ee:a8:72:db:69:fe:34:29:15:a3:45:6f:d9:
ce:2c:ee:a3:d1:f8:f9:87:39:33:7c:8c:94:99:0a:b4:60:e7:
50:18:f0:bd:67:52:bb:14:60:be:f9:ed:72:68:dd:b8:41:18:
bc:78:c9:c3:5d:ef:e1:c6:2e:5a:a0:93:19:08:26:d3:37:32:
01:79:c3:d9:16:e0:c9:78:40:8d:0e:ff:13:5f:c4:a8:11:a7:
0a:ab:98:82:62:b7:c4:0d:7f:26:71:cf:02:fc:e9:79:e1:c9:
68:34:03:19:8f:04:fa:a4:93:bb:44:3b:da:ce:82:1f:df:57:
ff:56:52:38:a8:ad:6c:97:28:4b:8c:c8:a4:d2:a4:8b:8c:f7:
94:37:6e:81:a0:5f:6a:bb:9b:17:80:2f:20:62:66:ad:ad:85:
e8:de:96:57:b9:26:c1:69:97:be:dc:b1:bd:d3:98:ae:eb:6a:
72:c8:ea:8f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVrnGcD8YLNwuXA8v3THBbKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZmM1YzA2NGY1MTU5YzhhMWZhNDA2NmM4Y2I4ZmY3MDE2
NzFkZDIwHhcNMjMwMTAxMDQzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmExYzk3MGFmNWE2MzNhMjRhOTFkYzhmMjU1Y2NlMDhiZWM2YjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj219M6hXoVAUt1e3hlaKWloJrgIz
8AyeZJac0gHGeDSbVn11wm56EMJgJgjVIbni/koBGfY6lEHPff61LbHe0HoxA8/n
JgMFtmpxgjXXaJQhVpKfnlg96EBUaezn1a5vcfb9U2d1nX69M+vcgjl4VqsCPBCY
BIOowM/JrmhQqAR4vcNC9+Kw/iUqboONH7JD+5KP5TLCfcnr/a/eq7AcgW3RF6/P
IE+W4ED0abSPHJuufhOW9F5N9zwCghD5om+4nj4QW8idYXFqGnfKepMpLmcaRqrw
lnXGBKoUeyIw+MySOc+E6qOsysnV+60qP5VF3rg1CHXaPm19sJ+WOt6dNwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAahyXCvWmM6JKkdyPJVzOCL7GtsMB8GA1UdIwQY
MBaAFAL8XAZPUVnIofpAZsjLj/cBZx3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXZ4Y0JrOVJXY2loLWtCbXlNdVA5d0ZuSGRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iMTVhN2QtNWFlZS00ZDQwLWJlNWEt
NzkyYTkxYzVjYTJiLzEvQnFISmNLOWFZem9rcVIzSThsWE00SXZzYTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iMTVhN2QtNWFlZS00ZDQwLWJlNWEtNzkyYTkxYzVjYTJi
LzEvQXZ4Y0JrOVJXY2loLWtCbXlNdVA5d0ZuSGRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBk07AAwQA
uctwMA0EAgACMAcDBQMqD5jAMA0GCSqGSIb3DQEBCwUAA4IBAQBeu3jHUf00Wxni
WLDvwyASIk30ZOdPKZNwGgJ7ZJxKGrxleX8Mjn/6H5RKpv+/F+UUNpzMnyY16OKL
IhtFXMnZ+1uLfB0GDjCxfiv/pu6octtp/jQpFaNFb9nOLO6j0fj5hzkzfIyUmQq0
YOdQGPC9Z1K7FGC++e1yaN24QRi8eMnDXe/hxi5aoJMZCCbTNzIBecPZFuDJeECN
Dv8TX8SoEacKq5iCYrfEDX8mcc8C/Ol54cloNAMZjwT6pJO7RDvazoIf31f/VlI4
qK1slyhLjMik0qSLjPeUN26BoF9qu5sXgC8gYmatrYXo3pZXuSbBaZe+3LG905iu
62pyyOqP
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:59 2024 by rpki-client on console-ams.rpki-client.org