Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/bHGYR56YG-0eAlIQ7dGKPMvZg8U.roa
File: bHGYR56YG-0eAlIQ7dGKPMvZg8U.roa (raw, json)
Hash identifier: fbRP0sZDuA0zukCdoxrayUFZCVq5Vjh9lLQn/r7z2Mo=
Subject key identifier: 6C:71:98:47:9E:98:1B:ED:1E:02:52:10:ED:D1:8A:3C:CB:D9:83:C5
Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Certificate serial: 01856BD3402502AF84F2C4DF60DB936196EF
Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/bHGYR56YG-0eAlIQ7dGKPMvZg8U.roa
Signing time: Sun 01 Jan 2023 05:34:44 +0000
ROA not before: Sun 01 Jan 2023 05:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57142
IP address blocks: 91.230.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:40:25:02:af:84:f2:c4:df:60:db:93:61:96:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Validity
Not Before: Jan 1 05:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c7198479e981bed1e025210edd18a3ccbd983c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:34:8f:36:70:87:50:60:c5:3b:76:f0:78:8b:
e3:ca:46:33:c3:00:59:e2:b5:0d:35:ed:55:fe:3e:
37:bc:37:98:86:00:44:40:a8:20:25:d1:fd:d4:c7:
5b:ec:35:00:84:45:53:f6:72:b6:5d:c3:e2:17:34:
cc:35:5e:a6:f8:42:25:93:bb:b2:75:5d:85:c9:ee:
d5:f3:62:2e:a3:09:78:26:60:a4:b3:a0:15:ee:70:
c7:c7:e3:99:cf:dd:d5:f4:87:ba:aa:c3:88:76:51:
35:28:42:d3:68:b8:09:ef:3b:bf:28:bc:24:3c:e9:
58:31:05:25:9a:f1:88:6e:15:1f:04:f9:b1:37:eb:
13:6d:e1:ea:07:17:73:a5:40:a1:c4:8c:fe:8e:58:
49:2d:fc:e3:cd:da:bb:65:81:d5:46:48:50:99:8e:
53:78:be:e8:87:78:e5:62:f5:10:05:c5:37:ca:78:
d9:0a:9d:44:8a:f5:1c:a4:5e:64:ed:af:20:73:d2:
07:78:75:78:aa:ac:9e:6c:ce:1b:72:64:2a:5e:26:
5d:dc:67:54:6a:4d:c2:44:aa:a9:7b:0f:93:2e:d8:
49:4e:4f:b6:f6:84:10:9f:8b:0d:96:a4:17:06:4f:
b9:18:4f:e1:82:c8:79:2c:db:fc:35:78:00:14:b8:
82:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:71:98:47:9E:98:1B:ED:1E:02:52:10:ED:D1:8A:3C:CB:D9:83:C5
X509v3 Authority Key Identifier:
keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/bHGYR56YG-0eAlIQ7dGKPMvZg8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.247.0/24
Signature Algorithm: sha256WithRSAEncryption
79:d9:3f:9a:e6:55:34:5d:5f:68:e8:d4:73:6e:a7:98:f2:14:
95:e6:87:7b:13:6b:e8:53:8d:1d:36:4e:c8:d3:e3:ab:92:37:
76:9a:89:4a:41:3a:77:22:c4:7a:ad:6f:98:8c:32:76:3d:a1:
c6:d8:ae:10:55:02:76:c1:31:02:9e:75:c8:9e:59:eb:d5:50:
50:86:12:5a:df:50:60:c5:9f:76:64:c7:6b:ac:d9:71:0e:ab:
d0:84:b9:56:b1:34:a8:d0:c1:f5:fb:ea:40:48:2f:f3:88:ac:
bc:50:12:35:09:0e:01:de:3f:92:a6:c1:e8:e5:20:01:67:0c:
6e:e6:99:b1:a8:3f:db:22:39:4e:aa:57:4f:47:db:f8:bd:0f:
cc:3f:1b:5b:22:61:4b:39:ec:93:61:f1:46:90:e7:1b:a1:b3:
66:d0:e7:19:ea:8f:45:06:2c:be:e7:fe:35:87:63:bd:41:db:
c9:b1:aa:71:1b:cf:7b:dc:eb:1b:80:2d:53:9a:fb:98:30:75:
9b:0a:06:06:1d:91:00:f7:62:8f:38:9e:de:85:47:1b:7e:41:
fb:78:41:f6:7b:59:14:24:1f:42:6c:fa:90:ff:9d:fc:22:f3:
e1:6e:20:75:57:b8:2c:73:39:a2:56:32:2d:d8:b3:df:98:14:
df:1b:69:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr00AlAq+E8sTfYNuTYZbvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWU5M2Y5MDIzNTRjZTQ4MDRiNGNiMDQ5Y2Y2OGIyMGY3
NmFlYjIwHhcNMjMwMTAxMDUzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzcxOTg0NzllOTgxYmVkMWUwMjUyMTBlZGQxOGEzY2NiZDk4M2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDSPNnCHUGDFO3bweIvjykYzwwBZ
4rUNNe1V/j43vDeYhgBEQKggJdH91Mdb7DUAhEVT9nK2XcPiFzTMNV6m+EIlk7uy
dV2Fye7V82Iuowl4JmCks6AV7nDHx+OZz93V9Ie6qsOIdlE1KELTaLgJ7zu/KLwk
POlYMQUlmvGIbhUfBPmxN+sTbeHqBxdzpUChxIz+jlhJLfzjzdq7ZYHVRkhQmY5T
eL7oh3jlYvUQBcU3ynjZCp1EivUcpF5k7a8gc9IHeHV4qqyebM4bcmQqXiZd3GdU
ak3CRKqpew+TLthJTk+29oQQn4sNlqQXBk+5GE/hgsh5LNv8NXgAFLiC9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGxxmEeemBvtHgJSEO3RijzL2YPFMB8GA1UdIwQY
MBaAFK9ek/kCNUzkgEtMsEnPaLIPdq6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWIt
N2UwNWFkMDE5MGNlLzEvYkhHWVI1NllHLTBlQWxJUTdkR0tQTXZaZzhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWItN2UwNWFkMDE5MGNl
LzEvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+b3MA0G
CSqGSIb3DQEBCwUAA4IBAQB52T+a5lU0XV9o6NRzbqeY8hSV5od7E2voU40dNk7I
0+Orkjd2molKQTp3IsR6rW+YjDJ2PaHG2K4QVQJ2wTECnnXInlnr1VBQhhJa31Bg
xZ92ZMdrrNlxDqvQhLlWsTSo0MH1++pASC/ziKy8UBI1CQ4B3j+SpsHo5SABZwxu
5pmxqD/bIjlOqldPR9v4vQ/MPxtbImFLOeyTYfFGkOcbobNm0OcZ6o9FBiy+5/41
h2O9QdvJsapxG8973OsbgC1TmvuYMHWbCgYGHZEA92KPOJ7ehUcbfkH7eEH2e1kU
JB9CbPqQ/538IvPhbiB1V7gsczmiVjIt2LPfmBTfG2ky
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:09 2024 by rpki-client on console-fra.rpki-client.org