Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/3fd6e9-17d3-4019-8669-9666d976285d/1/BiKjKYPgmMryGwsMVjJodaHP-CQ.roa
File: BiKjKYPgmMryGwsMVjJodaHP-CQ.roa (raw, json)
Hash identifier: DZoz1CvhrR+IiepMrRrKBjTgN7YHeuFCU60HSg+Yi3g=
Subject key identifier: 06:22:A3:29:83:E0:98:CA:F2:1B:0B:0C:56:32:68:75:A1:CF:F8:24
Certificate issuer: /CN=b0a5699a08c7bfd707cfb06d3213f5cacbf28257
Certificate serial: 018C6329B1FBE3C034892F50E3757B23D0D6
Authority key identifier: B0:A5:69:9A:08:C7:BF:D7:07:CF:B0:6D:32:13:F5:CA:CB:F2:82:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sKVpmgjHv9cHz7BtMhP1ysvyglc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/3fd6e9-17d3-4019-8669-9666d976285d/1/BiKjKYPgmMryGwsMVjJodaHP-CQ.roa
Signing time: Wed 13 Dec 2023 12:32:06 +0000
ROA not before: Wed 13 Dec 2023 12:32:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199290
IP address blocks: 185.171.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:63:29:b1:fb:e3:c0:34:89:2f:50:e3:75:7b:23:d0:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0a5699a08c7bfd707cfb06d3213f5cacbf28257
Validity
Not Before: Dec 13 12:32:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0622a32983e098caf21b0b0c56326875a1cff824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e4:07:d9:17:e9:cc:55:92:9b:78:44:1e:7b:
f1:6b:6d:b5:48:b3:83:2f:91:f5:6a:ce:10:e4:63:
b4:a5:4f:aa:64:1b:61:6b:f7:c6:2a:32:b1:46:af:
01:0d:d9:b9:a1:65:dc:2c:0e:e3:66:46:8c:8f:c9:
d2:f4:a9:a5:ab:a3:b5:24:ae:39:ec:d1:c2:4f:8e:
87:1c:00:f5:28:33:c1:df:d7:59:7f:82:46:f8:51:
62:75:1c:2b:ee:70:24:c0:c2:cd:bc:c7:53:f7:73:
35:0a:22:55:a2:c9:5f:01:dc:7d:d5:de:d4:7e:b4:
5e:e2:00:83:0b:21:9d:6b:a1:c9:da:e4:c9:b8:15:
42:46:44:37:ac:f7:57:9d:a1:38:b0:ac:0e:24:20:
31:bb:b1:84:01:c9:7f:80:ad:4b:7b:d3:03:89:43:
16:23:4d:55:06:31:34:55:0d:a5:ce:06:63:27:1e:
c1:96:ec:fb:a3:7b:65:ac:ab:6e:33:d5:b6:ca:ed:
6c:95:1a:0b:03:35:16:0d:48:5a:c7:0d:2c:29:f7:
43:f3:84:65:21:92:2e:e9:ec:bb:4c:85:66:31:de:
1f:5e:2a:ce:1e:d8:ba:a7:f1:e5:39:19:8e:fd:bb:
34:20:d5:84:e8:0c:09:d5:d1:f2:09:cf:4d:fa:c4:
bc:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:22:A3:29:83:E0:98:CA:F2:1B:0B:0C:56:32:68:75:A1:CF:F8:24
X509v3 Authority Key Identifier:
keyid:B0:A5:69:9A:08:C7:BF:D7:07:CF:B0:6D:32:13:F5:CA:CB:F2:82:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sKVpmgjHv9cHz7BtMhP1ysvyglc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/3fd6e9-17d3-4019-8669-9666d976285d/1/BiKjKYPgmMryGwsMVjJodaHP-CQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/3fd6e9-17d3-4019-8669-9666d976285d/1/sKVpmgjHv9cHz7BtMhP1ysvyglc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.164.0/24
Signature Algorithm: sha256WithRSAEncryption
09:11:64:3d:81:d2:5a:f7:6a:50:dd:69:d9:ec:23:43:77:9f:
e5:52:5b:ee:e9:95:b4:94:96:bf:98:a0:d6:85:67:76:03:73:
c6:8f:27:c8:bf:d9:e1:c6:4e:b6:64:75:2e:93:78:3e:23:ac:
4b:81:c5:ff:f5:73:6c:f9:83:7b:9f:a1:7c:50:2b:37:ac:94:
83:2c:09:07:ab:60:9a:01:4c:89:d1:ad:6a:6a:cb:67:9c:29:
aa:21:50:51:fc:a9:95:73:7e:a3:4a:92:cf:1b:a5:25:63:ef:
02:b6:d1:e7:0c:32:20:d9:c8:d7:75:97:58:f8:cc:94:98:dd:
c8:5c:df:c8:87:f0:31:e5:f8:ed:05:23:e7:77:34:70:f4:5b:
fa:b4:8c:79:cb:83:3e:a4:01:c5:0f:bc:87:75:bf:18:f7:d0:
01:a6:cb:9a:4e:50:3d:a5:13:a1:90:c6:2a:e6:8a:4b:00:ef:
e1:0f:8e:7b:3b:a8:89:cb:39:2f:ff:44:e2:64:1f:22:87:4d:
5e:49:fa:7b:64:51:1f:e1:15:e7:2b:c3:e8:d4:5d:91:bd:10:
7d:8a:ed:65:e1:1f:e8:c6:23:2c:6b:0c:55:71:d8:8a:ed:06:
61:a1:56:0b:f4:f5:3a:69:91:69:a4:15:86:e6:88:2c:3b:23:
7f:68:88:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxjKbH748A0iS9Q43V7I9DWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYTU2OTlhMDhjN2JmZDcwN2NmYjA2ZDMyMTNmNWNhY2Jm
MjgyNTcwHhcNMjMxMjEzMTIzMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjIyYTMyOTgzZTA5OGNhZjIxYjBiMGM1NjMyNjg3NWExY2ZmODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOQH2RfpzFWSm3hEHnvxa221SLOD
L5H1as4Q5GO0pU+qZBtha/fGKjKxRq8BDdm5oWXcLA7jZkaMj8nS9Kmlq6O1JK45
7NHCT46HHAD1KDPB39dZf4JG+FFidRwr7nAkwMLNvMdT93M1CiJVoslfAdx91d7U
frRe4gCDCyGda6HJ2uTJuBVCRkQ3rPdXnaE4sKwOJCAxu7GEAcl/gK1Le9MDiUMW
I01VBjE0VQ2lzgZjJx7Bluz7o3tlrKtuM9W2yu1slRoLAzUWDUhaxw0sKfdD84Rl
IZIu6ey7TIVmMd4fXirOHti6p/HlORmO/bs0INWE6AwJ1dHyCc9N+sS8IQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAYioymD4JjK8hsLDFYyaHWhz/gkMB8GA1UdIwQY
MBaAFLClaZoIx7/XB8+wbTIT9crL8oJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0tWcG1nakh2OWNIejdCdE1oUDF5c3Z5Z2xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8zZmQ2ZTktMTdkMy00MDE5LTg2Njkt
OTY2NmQ5NzYyODVkLzEvQmlLaktZUGdtTXJ5R3dzTVZqSm9kYUhQLUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8zZmQ2ZTktMTdkMy00MDE5LTg2NjktOTY2NmQ5NzYyODVk
LzEvc0tWcG1nakh2OWNIejdCdE1oUDF5c3Z5Z2xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaukMA0G
CSqGSIb3DQEBCwUAA4IBAQAJEWQ9gdJa92pQ3WnZ7CNDd5/lUlvu6ZW0lJa/mKDW
hWd2A3PGjyfIv9nhxk62ZHUuk3g+I6xLgcX/9XNs+YN7n6F8UCs3rJSDLAkHq2Ca
AUyJ0a1qastnnCmqIVBR/KmVc36jSpLPG6UlY+8CttHnDDIg2cjXdZdY+MyUmN3I
XN/Ih/Ax5fjtBSPndzRw9Fv6tIx5y4M+pAHFD7yHdb8Y99ABpsuaTlA9pROhkMYq
5opLAO/hD457O6iJyzkv/0TiZB8ih01eSfp7ZFEf4RXnK8Po1F2RvRB9iu1l4R/o
xiMsawxVcdiK7QZhoVYL9PU6aZFppBWG5ogsOyN/aIju
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:44 2024 by rpki-client on console-ams.rpki-client.org