Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/66ca64-6fce-4b84-8c15-cb868127a9b1/1/BlBMGT-Yg0OFPZX9qCc7guqridc.roa
File: BlBMGT-Yg0OFPZX9qCc7guqridc.roa (raw, json)
Hash identifier: yNIECt/dy4MTV4q4ZSDsX3ATv3mK7P/Mrt4nVGwubd0=
Subject key identifier: 06:50:4C:19:3F:98:83:43:85:3D:95:FD:A8:27:3B:82:EA:AB:89:D7
Certificate issuer: /CN=6eb61057b826541d216cd595cf86c6a06fb2ae11
Certificate serial: 01857079B315CCF0E5D233A4EA5A125625B3
Authority key identifier: 6E:B6:10:57:B8:26:54:1D:21:6C:D5:95:CF:86:C6:A0:6F:B2:AE:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/brYQV7gmVB0hbNWVz4bGoG-yrhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/66ca64-6fce-4b84-8c15-cb868127a9b1/1/BlBMGT-Yg0OFPZX9qCc7guqridc.roa
Signing time: Mon 02 Jan 2023 03:15:01 +0000
ROA not before: Mon 02 Jan 2023 03:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137
IP address blocks: 192.146.242.0/24 maxlen: 24
192.160.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:b3:15:cc:f0:e5:d2:33:a4:ea:5a:12:56:25:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eb61057b826541d216cd595cf86c6a06fb2ae11
Validity
Not Before: Jan 2 03:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06504c193f988343853d95fda8273b82eaab89d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:01:88:26:70:f4:2c:6b:4f:03:ff:1f:56:d9:
c9:05:a0:62:a1:62:2a:4d:2b:90:e8:52:82:7b:20:
55:b1:30:4c:13:e3:02:9d:de:4d:91:e9:a2:25:32:
f9:b2:79:e8:42:a4:08:e9:a8:93:3d:84:fe:f3:d9:
b2:56:b7:f6:dc:9a:14:e2:99:3c:04:5b:fe:ce:4f:
f2:2f:a0:fa:fd:70:33:49:36:27:eb:11:57:f8:2e:
07:0c:09:d8:97:bb:c0:10:6e:b9:ca:83:a5:85:44:
2a:e8:b0:8e:90:3f:92:12:bc:c7:00:b2:ec:26:d4:
8b:9e:76:21:e8:b9:25:da:4b:a8:a5:42:38:cd:d5:
79:c3:4e:a0:e4:a4:ec:ed:8a:1d:c1:95:d3:b4:2b:
0b:24:73:61:e5:17:23:ad:70:1a:85:1d:95:f0:a7:
63:28:6e:70:d4:7e:ee:d0:55:f5:41:20:c1:65:20:
f7:7c:c6:95:7a:0d:c1:ac:0c:fa:10:62:c4:b4:24:
1c:96:1c:1b:b2:de:3e:57:2b:44:96:5a:85:4d:83:
3f:58:fb:ae:a3:80:bd:be:d1:42:ad:1d:15:e2:6d:
58:c6:d7:f7:c8:77:9a:7e:be:07:0f:2c:5e:c7:0e:
6b:d0:c6:9b:72:61:b5:12:6e:2a:4a:5b:a8:45:22:
c8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:50:4C:19:3F:98:83:43:85:3D:95:FD:A8:27:3B:82:EA:AB:89:D7
X509v3 Authority Key Identifier:
keyid:6E:B6:10:57:B8:26:54:1D:21:6C:D5:95:CF:86:C6:A0:6F:B2:AE:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/brYQV7gmVB0hbNWVz4bGoG-yrhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/66ca64-6fce-4b84-8c15-cb868127a9b1/1/BlBMGT-Yg0OFPZX9qCc7guqridc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/66ca64-6fce-4b84-8c15-cb868127a9b1/1/brYQV7gmVB0hbNWVz4bGoG-yrhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.146.242.0/24
192.160.156.0/24
Signature Algorithm: sha256WithRSAEncryption
61:75:40:ba:61:40:eb:c6:78:89:28:8b:80:ef:4d:d3:3a:44:
32:70:fa:44:ba:80:ce:3f:8a:27:a4:fd:d5:74:d2:00:df:99:
27:b5:52:40:bf:93:26:4b:51:8e:fd:9e:96:dc:89:41:8d:b4:
a1:56:62:af:f4:9f:c5:af:b3:ec:aa:2f:0d:06:15:ab:a6:79:
09:07:cb:38:c0:3b:a9:af:95:6a:28:b7:cd:86:90:63:56:31:
f2:e8:7f:73:82:ee:be:4c:e4:5e:b7:18:76:38:af:24:d8:6b:
76:4c:a4:c2:3f:e0:fa:d0:8a:6b:b5:24:e9:97:4d:81:c7:2d:
f2:ca:9e:64:5a:38:8a:95:e4:ee:65:a7:8a:9c:55:6c:97:26:
7c:71:3f:c2:9a:ef:cd:7b:2a:49:c2:fe:88:52:53:f9:e0:9b:
05:42:68:a7:0e:ca:08:18:18:fc:1e:8e:a5:aa:b3:7b:5b:8f:
7a:9d:36:2f:ea:b5:c4:42:f9:dd:51:61:65:7f:d4:5a:68:e3:
c3:24:be:5c:97:ce:3f:c6:8d:ca:e3:a0:48:fe:99:c2:29:83:
c5:bd:20:4e:26:c3:19:6e:48:e8:16:f0:cc:ca:7c:dd:e1:07:
6b:32:4e:dc:65:2b:a3:3f:95:a9:2d:90:70:e9:94:0f:bd:e8:
0a:55:7a:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwebMVzPDl0jOk6loSViWzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlYjYxMDU3YjgyNjU0MWQyMTZjZDU5NWNmODZjNmEwNmZi
MmFlMTEwHhcNMjMwMTAyMDMxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjUwNGMxOTNmOTg4MzQzODUzZDk1ZmRhODI3M2I4MmVhYWI4OWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwGIJnD0LGtPA/8fVtnJBaBioWIq
TSuQ6FKCeyBVsTBME+MCnd5NkemiJTL5snnoQqQI6aiTPYT+89myVrf23JoU4pk8
BFv+zk/yL6D6/XAzSTYn6xFX+C4HDAnYl7vAEG65yoOlhUQq6LCOkD+SErzHALLs
JtSLnnYh6Lkl2kuopUI4zdV5w06g5KTs7YodwZXTtCsLJHNh5RcjrXAahR2V8Kdj
KG5w1H7u0FX1QSDBZSD3fMaVeg3BrAz6EGLEtCQclhwbst4+VytEllqFTYM/WPuu
o4C9vtFCrR0V4m1Yxtf3yHeafr4HDyxexw5r0MabcmG1Em4qSluoRSLI3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAZQTBk/mINDhT2V/agnO4Lqq4nXMB8GA1UdIwQY
MBaAFG62EFe4JlQdIWzVlc+GxqBvsq4RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnJZUVY3Z21WQjBoYk5XVno0YkdvRy15cmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My82NmNhNjQtNmZjZS00Yjg0LThjMTUt
Y2I4NjgxMjdhOWIxLzEvQmxCTUdULVlnME9GUFpYOXFDYzdndXFyaWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My82NmNhNjQtNmZjZS00Yjg0LThjMTUtY2I4NjgxMjdhOWIx
LzEvYnJZUVY3Z21WQjBoYk5XVno0YkdvRy15cmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwJLyAwQA
wKCcMA0GCSqGSIb3DQEBCwUAA4IBAQBhdUC6YUDrxniJKIuA703TOkQycPpEuoDO
P4onpP3VdNIA35kntVJAv5MmS1GO/Z6W3IlBjbShVmKv9J/Fr7Psqi8NBhWrpnkJ
B8s4wDupr5VqKLfNhpBjVjHy6H9zgu6+TORetxh2OK8k2Gt2TKTCP+D60IprtSTp
l02Bxy3yyp5kWjiKleTuZaeKnFVslyZ8cT/Cmu/NeypJwv6IUlP54JsFQminDsoI
GBj8Ho6lqrN7W496nTYv6rXEQvndUWFlf9RaaOPDJL5cl84/xo3K46BI/pnCKYPF
vSBOJsMZbkjoFvDMynzd4QdrMk7cZSujP5WpLZBw6ZQPvegKVXpg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:12 2024 by rpki-client on console-fra.rpki-client.org