Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/BQVev0cBJ4B60UIpoU7WY5uogQs.roa
File: BQVev0cBJ4B60UIpoU7WY5uogQs.roa (raw, json)
Hash identifier: ZGpcTrvokEH7+Ym4jteXQhXHxaAQgUQyB+APcsvn+Qo=
Subject key identifier: 05:05:5E:BF:47:01:27:80:7A:D1:42:29:A1:4E:D6:63:9B:A8:81:0B
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 018A5F57808AC7D73F8B6F80ACE62163D78A
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/BQVev0cBJ4B60UIpoU7WY5uogQs.roa
Signing time: Mon 04 Sep 2023 08:38:04 +0000
ROA not before: Mon 04 Sep 2023 08:38:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213107
IP address blocks: 185.88.174.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
185.98.63.0/24 maxlen: 24
185.86.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Oct 2023 07:09:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:57:80:8a:c7:d7:3f:8b:6f:80:ac:e6:21:63:d7:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Sep 4 08:38:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05055ebf470127807ad14229a14ed6639ba8810b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:09:37:be:3b:57:52:58:85:c2:8d:02:39:c5:
43:91:19:e6:10:f7:d6:5d:b9:09:9e:7b:10:2c:00:
db:4e:02:71:2e:9e:8d:6e:1b:ef:1b:ef:45:11:4e:
c8:47:bc:34:6d:ff:34:29:f2:5b:d4:6c:92:41:7f:
13:22:ab:1d:a5:93:aa:34:57:4e:84:b5:64:46:f1:
b4:20:c3:ea:cd:00:7e:53:e7:db:59:a2:1d:f3:67:
20:15:dc:ae:4a:f6:55:ed:d8:1d:3c:ae:55:ea:c9:
24:cc:bf:17:37:95:73:c1:07:b9:f8:22:51:53:30:
14:63:fe:1c:67:01:60:12:c3:ee:af:b2:3e:e9:88:
6a:1b:84:bf:8f:6b:6d:4d:e0:a8:58:2b:e0:41:99:
26:37:81:51:c9:92:d5:75:f2:e4:ae:c0:8d:55:ca:
29:c8:0e:af:e2:3b:71:fe:b3:85:0a:04:45:73:90:
19:e0:00:50:d8:57:c1:00:02:50:99:7f:ad:3b:35:
10:08:51:88:fb:ae:a2:00:81:4d:8e:79:1e:b6:9c:
bf:15:80:29:62:2c:13:98:51:f9:9c:e7:49:93:64:
7b:69:8d:05:db:41:80:d2:9c:0c:97:95:08:69:31:
ca:2c:6f:c0:9e:cf:8c:3e:5e:c9:7b:84:af:2f:5d:
cf:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:05:5E:BF:47:01:27:80:7A:D1:42:29:A1:4E:D6:63:9B:A8:81:0B
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/BQVev0cBJ4B60UIpoU7WY5uogQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.14.0/24
185.88.174.0/23
185.98.63.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:2e:6c:1e:59:0e:57:c2:80:a6:be:cf:4e:81:f9:8b:d0:1c:
0e:1e:7c:4e:89:3f:99:48:eb:2b:b4:75:52:ab:fb:8c:52:c0:
67:40:4c:d6:01:80:b0:77:d9:1a:4f:1e:36:09:50:1c:49:4d:
62:09:fc:d1:77:4b:fe:66:73:fd:df:70:4f:be:5b:a9:96:47:
6e:79:1b:98:43:e9:7f:1e:33:c6:c2:30:e2:3a:78:91:70:8b:
8a:2d:21:1d:b2:7f:29:ca:5a:e6:79:76:c5:58:6b:5e:4d:ad:
f1:2f:f4:94:31:a7:48:d3:70:20:cd:e2:57:bb:59:5f:af:fd:
17:43:22:d2:38:ee:ce:91:78:da:13:21:9b:69:b8:57:f6:3c:
13:80:62:34:33:5a:9a:f5:d5:64:d6:06:dd:55:17:12:9e:e4:
97:ce:d1:59:de:60:72:c9:1b:c6:c5:08:0c:8b:be:77:94:41:
62:0d:bd:c4:cb:4d:94:d1:64:d1:f2:4d:9a:8f:26:ae:c9:6e:
47:2f:f6:a9:c9:ef:45:f9:98:b5:59:0a:48:6a:dc:d7:94:46:
d1:52:90:20:75:aa:bd:26:3d:6b:2e:e6:93:b3:97:f1:df:34:
d1:99:01:64:97:56:8c:ee:9d:29:65:76:8d:3b:b7:e1:f5:0f:
c4:f6:78:f6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpfV4CKx9c/i2+ArOYhY9eKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjMwOTA0MDgzODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTA1NWViZjQ3MDEyNzgwN2FkMTQyMjlhMTRlZDY2MzliYTg4MTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwk3vjtXUliFwo0COcVDkRnmEPfW
XbkJnnsQLADbTgJxLp6NbhvvG+9FEU7IR7w0bf80KfJb1GySQX8TIqsdpZOqNFdO
hLVkRvG0IMPqzQB+U+fbWaId82cgFdyuSvZV7dgdPK5V6skkzL8XN5VzwQe5+CJR
UzAUY/4cZwFgEsPur7I+6YhqG4S/j2ttTeCoWCvgQZkmN4FRyZLVdfLkrsCNVcop
yA6v4jtx/rOFCgRFc5AZ4ABQ2FfBAAJQmX+tOzUQCFGI+66iAIFNjnketpy/FYAp
YiwTmFH5nOdJk2R7aY0F20GA0pwMl5UIaTHKLG/Ans+MPl7Je4SvL13PhQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAUFXr9HASeAetFCKaFO1mObqIELMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvQlFWZXYwY0JKNEI2MFVJcG9VN1dZNXVvZ1FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuVYOAwQB
uViuAwQAuWI/MA0GCSqGSIb3DQEBCwUAA4IBAQBrLmweWQ5XwoCmvs9OgfmL0BwO
HnxOiT+ZSOsrtHVSq/uMUsBnQEzWAYCwd9kaTx42CVAcSU1iCfzRd0v+ZnP933BP
vluplkdueRuYQ+l/HjPGwjDiOniRcIuKLSEdsn8pylrmeXbFWGteTa3xL/SUMadI
03AgzeJXu1lfr/0XQyLSOO7OkXjaEyGbabhX9jwTgGI0M1qa9dVk1gbdVRcSnuSX
ztFZ3mByyRvGxQgMi753lEFiDb3Ey02U0WTR8k2ajyauyW5HL/apye9F+Zi1WQpI
atzXlEbRUpAgdaq9Jj1rLuaTs5fx3zTRmQFkl1aM7p0pZXaNO7fh9Q/E9nj2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org