Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/b417f8-0732-48af-b00c-bb797ce7e108/1/BxmqP0QH59XghhiEY-1u2sIUOJw.roa
File: BxmqP0QH59XghhiEY-1u2sIUOJw.roa (raw, json)
Hash identifier: N3EKWNH2T/zuHwKuQzXoU1+83UtS5yiCMn8KclmBunk=
Subject key identifier: 07:19:AA:3F:44:07:E7:D5:E0:86:18:84:63:ED:6E:DA:C2:14:38:9C
Certificate issuer: /CN=9d115fe9c9e9cfdef17e924165592c023efb2b16
Certificate serial: 018570398A77D89E893B822CAA4B6D2168C8
Authority key identifier: 9D:11:5F:E9:C9:E9:CF:DE:F1:7E:92:41:65:59:2C:02:3E:FB:2B:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nRFf6cnpz97xfpJBZVksAj77KxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/b417f8-0732-48af-b00c-bb797ce7e108/1/BxmqP0QH59XghhiEY-1u2sIUOJw.roa
Signing time: Mon 02 Jan 2023 02:04:57 +0000
ROA not before: Mon 02 Jan 2023 02:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43354
IP address blocks: 194.45.94.0/24 maxlen: 24
91.197.28.0/24 maxlen: 24
91.197.29.0/24 maxlen: 24
91.197.30.0/24 maxlen: 24
91.197.28.0/22 maxlen: 22
91.197.31.0/24 maxlen: 24
2001:67c:4d0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:8a:77:d8:9e:89:3b:82:2c:aa:4b:6d:21:68:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d115fe9c9e9cfdef17e924165592c023efb2b16
Validity
Not Before: Jan 2 02:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0719aa3f4407e7d5e086188463ed6edac214389c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:31:7e:8c:c3:61:22:2c:5d:0d:b4:bc:8d:97:
e2:1b:62:8d:94:20:9d:24:93:fd:f8:34:2b:d7:0a:
09:a4:90:53:8e:14:37:d8:48:75:bb:46:3d:c1:a6:
3e:d0:4e:33:3d:c4:ab:df:5f:f7:6e:ee:97:b3:3a:
6d:95:0b:59:cb:a3:4b:f5:2e:f8:30:8b:b9:00:98:
83:d4:10:58:29:f9:3e:47:7c:ed:49:8b:7f:ef:73:
ea:99:0f:ae:d0:14:7b:cc:b8:73:ab:4c:d0:78:40:
b8:8f:e5:69:ec:36:64:61:17:4f:1a:77:26:f4:41:
b5:f5:2b:39:df:ce:c4:04:1b:f6:b2:a0:4b:a7:6e:
28:e8:0a:06:47:e9:48:01:48:7d:18:19:fc:b1:f2:
bd:c1:df:80:c7:8b:41:81:c6:a4:35:39:cc:9e:1e:
93:0a:b5:63:fc:b1:7d:43:34:fc:7c:da:6a:d5:20:
61:41:79:1b:76:95:b1:19:ea:f1:f4:eb:17:c1:44:
5b:fc:d7:6f:bb:05:05:d1:b9:d0:a3:5c:2e:ba:16:
61:a3:89:7b:74:34:7d:6b:48:b2:c0:69:c8:d4:d6:
53:51:d0:dd:d9:12:5b:4b:94:1e:9e:df:d5:d9:a7:
b2:b0:51:49:ee:83:72:db:ed:e1:d0:d2:59:76:ff:
8e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:19:AA:3F:44:07:E7:D5:E0:86:18:84:63:ED:6E:DA:C2:14:38:9C
X509v3 Authority Key Identifier:
keyid:9D:11:5F:E9:C9:E9:CF:DE:F1:7E:92:41:65:59:2C:02:3E:FB:2B:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nRFf6cnpz97xfpJBZVksAj77KxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/b417f8-0732-48af-b00c-bb797ce7e108/1/BxmqP0QH59XghhiEY-1u2sIUOJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/b417f8-0732-48af-b00c-bb797ce7e108/1/nRFf6cnpz97xfpJBZVksAj77KxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.28.0/22
194.45.94.0/24
IPv6:
2001:67c:4d0::/48
Signature Algorithm: sha256WithRSAEncryption
33:98:ae:f3:4a:df:06:61:4b:9f:05:da:e0:31:00:38:28:5f:
79:26:fe:56:bb:ff:4b:a4:c4:4b:cf:01:ea:27:89:24:10:52:
47:c4:54:f2:93:d1:57:08:2c:e9:45:91:48:a2:49:d2:d0:fe:
cd:e0:ae:55:9a:77:ba:88:65:4f:63:3b:8d:47:86:aa:10:2a:
46:a8:ff:71:51:83:a3:60:8f:e8:36:21:2a:ad:a1:2e:a0:33:
39:14:d4:4c:69:ef:7f:0a:d2:89:ef:43:53:f3:7d:7a:2e:63:
5c:84:72:2a:7f:c8:7a:d5:05:ce:88:a0:88:27:3d:53:94:f9:
a8:53:5e:f4:d8:79:ed:63:51:d1:9f:c9:49:ca:f9:31:84:2a:
f6:3c:7a:c5:d5:b8:bd:a3:05:23:67:1e:81:db:6e:0e:cb:34:
14:34:cb:1c:aa:88:5e:e7:93:b8:66:1f:a7:7a:a7:ab:d0:7b:
5a:04:e6:bc:1d:53:ac:cc:79:b2:07:6e:73:a8:ad:36:0e:3b:
27:4e:ef:41:43:98:22:26:31:a0:38:01:59:61:c3:7c:5c:0b:
ba:1f:9f:48:43:34:46:18:ff:9e:3e:ec:4c:1f:0a:0a:ad:5a:
c4:ea:25:bd:a7:71:7e:8c:80:7f:07:71:28:62:e7:78:f6:05:
ad:ea:8b:f8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVwOYp32J6JO4IsqkttIWjIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMTE1ZmU5YzllOWNmZGVmMTdlOTI0MTY1NTkyYzAyM2Vm
YjJiMTYwHhcNMjMwMTAyMDIwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzE5YWEzZjQ0MDdlN2Q1ZTA4NjE4ODQ2M2VkNmVkYWMyMTQzODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzF+jMNhIixdDbS8jZfiG2KNlCCd
JJP9+DQr1woJpJBTjhQ32Eh1u0Y9waY+0E4zPcSr31/3bu6XszptlQtZy6NL9S74
MIu5AJiD1BBYKfk+R3ztSYt/73PqmQ+u0BR7zLhzq0zQeEC4j+Vp7DZkYRdPGncm
9EG19Ss5387EBBv2sqBLp24o6AoGR+lIAUh9GBn8sfK9wd+Ax4tBgcakNTnMnh6T
CrVj/LF9QzT8fNpq1SBhQXkbdpWxGerx9OsXwURb/NdvuwUF0bnQo1wuuhZho4l7
dDR9a0iywGnI1NZTUdDd2RJbS5Qent/V2aeysFFJ7oNy2+3h0NJZdv+OYwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAcZqj9EB+fV4IYYhGPtbtrCFDicMB8GA1UdIwQY
MBaAFJ0RX+nJ6c/e8X6SQWVZLAI++ysWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblJGZjZjbnB6OTd4ZnBKQlpWa3NBajc3S3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9iNDE3ZjgtMDczMi00OGFmLWIwMGMt
YmI3OTdjZTdlMTA4LzEvQnhtcVAwUUg1OVhnaGhpRVktMXUyc0lVT0p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9iNDE3ZjgtMDczMi00OGFmLWIwMGMtYmI3OTdjZTdlMTA4
LzEvblJGZjZjbnB6OTd4ZnBKQlpWa3NBajc3S3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCW8UcAwQA
wi1eMA8EAgACMAkDBwAgAQZ8BNAwDQYJKoZIhvcNAQELBQADggEBADOYrvNK3wZh
S58F2uAxADgoX3km/la7/0ukxEvPAeoniSQQUkfEVPKT0VcILOlFkUiiSdLQ/s3g
rlWad7qIZU9jO41HhqoQKkao/3FRg6Ngj+g2ISqtoS6gMzkU1Exp738K0onvQ1Pz
fXouY1yEcip/yHrVBc6IoIgnPVOU+ahTXvTYee1jUdGfyUnK+TGEKvY8esXVuL2j
BSNnHoHbbg7LNBQ0yxyqiF7nk7hmH6d6p6vQe1oE5rwdU6zMebIHbnOorTYOOydO
70FDmCImMaA4AVlhw3xcC7ofn0hDNEYY/54+7EwfCgqtWsTqJb2ncX6MgH8HcShi
53j2Ba3qi/g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:33 2024 by rpki-client on console-fra.rpki-client.org