Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/bkkWoBGS5cSoE4zRy9HP79gJkWo.roa
File: bkkWoBGS5cSoE4zRy9HP79gJkWo.roa (raw, json)
Hash identifier: mIjFOSNuCCW5zuZR76mJ3xleYjHdibWTIktgHKKmsuU=
Subject key identifier: 6E:49:16:A0:11:92:E5:C4:A8:13:8C:D1:CB:D1:CF:EF:D8:09:91:6A
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 01856E38D349307A583F2680FF35BE799105
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/bkkWoBGS5cSoE4zRy9HP79gJkWo.roa
Signing time: Sun 01 Jan 2023 16:44:55 +0000
ROA not before: Sun 01 Jan 2023 16:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 212.111.215.0/24 maxlen: 24
195.178.132.0/22 maxlen: 24
77.47.152.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:d3:49:30:7a:58:3f:26:80:ff:35:be:79:91:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 1 16:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e4916a01192e5c4a8138cd1cbd1cfefd809916a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6c:1e:8c:1d:f2:28:f4:f6:e1:99:74:12:aa:
5b:be:02:85:d0:a4:89:0a:43:95:49:77:54:de:cf:
53:32:56:a0:2a:17:49:b1:5f:cd:b1:bb:46:b2:7c:
c7:f0:96:34:34:14:dc:01:b7:8d:e2:fa:f1:e9:fe:
9b:90:70:44:78:3a:bb:99:22:38:6f:70:e9:37:56:
f4:80:27:bc:fd:15:b2:b5:71:a2:36:26:b7:04:71:
c2:ff:c0:f8:86:3a:3c:ce:bb:a2:61:88:84:55:05:
c1:31:26:39:4e:28:9d:27:d1:f1:7a:d0:b4:b4:aa:
de:43:72:4a:09:8f:1f:67:33:38:5b:ec:75:63:9d:
b9:f5:be:d7:ca:d6:9f:73:30:40:fa:99:65:55:c2:
61:45:fb:a6:14:b1:fd:da:d7:0d:75:6a:62:36:51:
1e:3a:28:57:96:81:2e:bd:21:df:a1:51:b2:6f:e3:
23:93:ea:da:c3:b8:47:e9:2f:a1:59:3c:9a:08:16:
38:99:8e:70:b9:fd:95:97:5d:e7:36:d3:ff:58:cd:
9a:91:c6:8a:cc:cb:86:d3:78:5a:af:2d:b7:b3:99:
16:78:c4:3c:5c:1a:e4:f9:0a:5f:c0:96:94:9d:d4:
25:c7:fb:23:b4:a0:4d:ed:1c:a5:58:00:a7:34:af:
0c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:49:16:A0:11:92:E5:C4:A8:13:8C:D1:CB:D1:CF:EF:D8:09:91:6A
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/bkkWoBGS5cSoE4zRy9HP79gJkWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.152.0/22
195.178.132.0/22
212.111.215.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:47:67:13:95:6a:03:bc:0f:14:64:14:7d:03:c9:0b:62:96:
40:06:9a:df:bb:ad:46:64:3f:93:52:db:ba:b7:f5:da:13:2a:
96:7d:94:4a:78:fa:76:54:32:8e:99:f3:73:71:b6:76:7d:e8:
24:cb:9b:83:77:45:dc:f7:5e:71:57:b8:a1:b2:1e:97:03:a7:
14:64:9c:bd:e8:78:c0:f9:fa:4a:e7:6b:78:aa:4a:4c:54:d2:
0e:72:ad:2b:33:1b:45:58:f9:fc:b3:1f:86:09:f8:d5:42:75:
c1:11:5b:fe:59:84:5c:41:62:d2:a9:67:8e:33:e3:81:aa:49:
9e:6f:ed:48:3b:5c:2d:4e:f3:f9:d9:7d:3e:df:98:8d:fb:35:
80:86:5d:b2:c4:f8:17:ec:c9:11:67:e2:8d:73:a9:09:26:be:
40:d0:68:59:76:c3:3f:9a:78:58:02:d1:dd:62:15:b3:90:56:
e5:bb:19:a2:4f:77:33:04:0d:b4:b5:7d:b3:ea:22:3b:41:99:
fd:5a:7f:bd:a6:63:29:6e:60:89:4c:de:49:99:a4:9f:13:6b:
cd:ed:d3:63:f4:93:1a:f2:83:2c:ea:c3:9a:d3:b2:e8:07:2b:
7a:05:95:e2:05:1e:ce:de:19:fe:1e:b3:83:41:c2:d6:9f:2f:
be:3e:57:a4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuONNJMHpYPyaA/zW+eZEFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjMwMTAxMTY0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQ5MTZhMDExOTJlNWM0YTgxMzhjZDFjYmQxY2ZlZmQ4MDk5MTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWwejB3yKPT24Zl0EqpbvgKF0KSJ
CkOVSXdU3s9TMlagKhdJsV/NsbtGsnzH8JY0NBTcAbeN4vrx6f6bkHBEeDq7mSI4
b3DpN1b0gCe8/RWytXGiNia3BHHC/8D4hjo8zruiYYiEVQXBMSY5TiidJ9HxetC0
tKreQ3JKCY8fZzM4W+x1Y5259b7XytafczBA+pllVcJhRfumFLH92tcNdWpiNlEe
OihXloEuvSHfoVGyb+Mjk+raw7hH6S+hWTyaCBY4mY5wuf2Vl13nNtP/WM2akcaK
zMuG03hary23s5kWeMQ8XBrk+QpfwJaUndQlx/sjtKBN7RylWACnNK8MXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG5JFqARkuXEqBOM0cvRz+/YCZFqMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvYmtrV29CR1M1Y1NvRTR6Unk5SFA3OWdKa1dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCTS+YAwQC
w7KEAwQA1G/XMA0GCSqGSIb3DQEBCwUAA4IBAQCpR2cTlWoDvA8UZBR9A8kLYpZA
Bprfu61GZD+TUtu6t/XaEyqWfZRKePp2VDKOmfNzcbZ2fegky5uDd0Xc915xV7ih
sh6XA6cUZJy96HjA+fpK52t4qkpMVNIOcq0rMxtFWPn8sx+GCfjVQnXBEVv+WYRc
QWLSqWeOM+OBqkmeb+1IO1wtTvP52X0+35iN+zWAhl2yxPgX7MkRZ+KNc6kJJr5A
0GhZdsM/mnhYAtHdYhWzkFbluxmiT3czBA20tX2z6iI7QZn9Wn+9pmMpbmCJTN5J
maSfE2vN7dNj9JMa8oMs6sOa07LoByt6BZXiBR7O3hn+HrODQcLWny++Plek
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:38 2024 by rpki-client on console-ams.rpki-client.org