Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/86d1aa-6475-4013-86ea-38c756aa4b50/1/bAKl1PGBZI84vXF1nNhbv9iXQ4c.roa
File: bAKl1PGBZI84vXF1nNhbv9iXQ4c.roa (raw, json)
Hash identifier: c2FqA/1UDKMtFV/+CrRGWR3+V6mM/WFvghgbDhZDlYg=
Subject key identifier: 6C:02:A5:D4:F1:81:64:8F:38:BD:71:75:9C:D8:5B:BF:D8:97:43:87
Certificate issuer: /CN=f3544e923d883bace4aa3f7ef70072afe3511f28
Certificate serial: 0192476BEED4713CCCF526C32310AC0D7FEE
Authority key identifier: F3:54:4E:92:3D:88:3B:AC:E4:AA:3F:7E:F7:00:72:AF:E3:51:1F:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/81ROkj2IO6zkqj9-9wByr-NRHyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/86d1aa-6475-4013-86ea-38c756aa4b50/1/bAKl1PGBZI84vXF1nNhbv9iXQ4c.roa
Signing time: Tue 01 Oct 2024 09:31:48 +0000
ROA not before: Tue 01 Oct 2024 09:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41536
IP address blocks: 193.222.57.0/24 maxlen: 24
195.14.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Oct 2024 10:32:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:47:6b:ee:d4:71:3c:cc:f5:26:c3:23:10:ac:0d:7f:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3544e923d883bace4aa3f7ef70072afe3511f28
Validity
Not Before: Oct 1 09:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c02a5d4f181648f38bd71759cd85bbfd8974387
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9b:b7:34:6a:9b:9e:f9:2e:94:83:a4:7d:d0:
97:28:38:c1:c4:f0:ba:fd:0b:f6:00:70:2d:95:79:
f3:05:59:ac:bd:b6:ca:c4:77:00:64:c9:9d:0e:e3:
ab:1c:10:48:77:db:83:14:ee:28:6e:b9:f7:9d:a5:
27:17:4d:fe:c8:60:b5:60:57:59:9e:ec:07:bc:2f:
dd:7d:a1:03:c3:65:7e:54:97:16:b5:96:e5:88:a4:
bc:05:0a:cb:1c:0e:7f:3f:21:e4:19:31:46:09:da:
74:09:7f:58:08:45:0c:07:b3:94:f8:60:00:53:e9:
50:3b:5b:0a:64:e1:87:9d:51:2e:aa:f7:cb:fc:32:
d4:9f:5c:34:2b:0b:73:17:06:1f:b4:e1:ba:c8:6f:
b6:27:45:fd:47:20:1a:2a:06:44:35:03:8f:6e:d0:
35:18:e0:7e:38:8a:74:d1:a3:27:e3:1d:9e:95:2d:
dc:77:b8:23:62:e6:1d:0a:11:2c:3a:cb:81:82:0d:
ef:4f:8a:72:18:aa:f1:1b:d1:25:84:6c:d1:79:93:
57:16:d0:3b:54:8b:b1:d6:a0:5a:7a:f3:7d:1c:e3:
7a:a6:9f:7b:16:e6:ec:c3:02:4b:f6:7a:35:25:6d:
2a:2d:5c:59:68:65:a5:1b:ae:84:ed:be:c8:67:d5:
27:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:02:A5:D4:F1:81:64:8F:38:BD:71:75:9C:D8:5B:BF:D8:97:43:87
X509v3 Authority Key Identifier:
keyid:F3:54:4E:92:3D:88:3B:AC:E4:AA:3F:7E:F7:00:72:AF:E3:51:1F:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/81ROkj2IO6zkqj9-9wByr-NRHyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/86d1aa-6475-4013-86ea-38c756aa4b50/1/bAKl1PGBZI84vXF1nNhbv9iXQ4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/86d1aa-6475-4013-86ea-38c756aa4b50/1/81ROkj2IO6zkqj9-9wByr-NRHyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.222.57.0/24
195.14.6.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:5f:8e:f9:30:1c:62:d6:83:49:74:a6:43:e1:49:47:4d:91:
41:6b:63:08:a8:7e:6a:ef:f1:76:38:93:82:2c:59:f8:3a:29:
12:d0:51:ec:2d:f3:a4:26:58:d2:bb:1b:8b:2c:2e:a4:d6:77:
bc:43:c7:f1:7f:a1:0a:7d:27:38:cd:fb:0d:c8:3c:cb:96:a5:
57:e1:d4:96:fe:01:8a:c4:ea:5c:1e:84:42:b5:96:ac:39:1f:
90:55:54:9a:67:89:78:4a:0a:c6:b2:d2:cd:e3:13:2c:b9:43:
87:1d:a7:5f:a1:2e:47:cb:5f:38:af:6a:be:37:b2:59:7f:e4:
43:89:a5:07:3a:b9:c6:19:c6:c7:ee:0b:1b:8a:76:e8:7a:41:
82:fd:35:87:a3:c6:03:e3:99:b3:3a:04:f9:3d:b1:63:f8:74:
66:13:50:bb:76:16:6e:da:ec:6f:c3:8d:51:e3:ec:92:14:c6:
7f:e5:fd:e3:8b:f3:81:c5:59:8e:6a:1f:bb:e5:b3:46:4b:79:
58:f6:31:77:3e:7f:8d:76:41:e4:ac:2e:31:04:23:32:a1:2c:
04:97:ad:de:77:31:56:47:cb:33:70:b5:82:27:eb:e8:0b:b7:
5c:26:d4:60:5c:b5:ec:8b:60:49:97:d5:32:82:1a:4d:44:4b:
78:04:ec:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJHa+7UcTzM9SbDIxCsDX/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNTQ0ZTkyM2Q4ODNiYWNlNGFhM2Y3ZWY3MDA3MmFmZTM1
MTFmMjgwHhcNMjQxMDAxMDkzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzAyYTVkNGYxODE2NDhmMzhiZDcxNzU5Y2Q4NWJiZmQ4OTc0Mzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZu3NGqbnvkulIOkfdCXKDjBxPC6
/Qv2AHAtlXnzBVmsvbbKxHcAZMmdDuOrHBBId9uDFO4obrn3naUnF03+yGC1YFdZ
nuwHvC/dfaEDw2V+VJcWtZbliKS8BQrLHA5/PyHkGTFGCdp0CX9YCEUMB7OU+GAA
U+lQO1sKZOGHnVEuqvfL/DLUn1w0KwtzFwYftOG6yG+2J0X9RyAaKgZENQOPbtA1
GOB+OIp00aMn4x2elS3cd7gjYuYdChEsOsuBgg3vT4pyGKrxG9ElhGzReZNXFtA7
VIux1qBaevN9HON6pp97FubswwJL9no1JW0qLVxZaGWlG66E7b7IZ9UnEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGwCpdTxgWSPOL1xdZzYW7/Yl0OHMB8GA1UdIwQY
MBaAFPNUTpI9iDus5Ko/fvcAcq/jUR8oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODFST2tqMklPNnprcWo5LTl3QnlyLU5SSHlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC84NmQxYWEtNjQ3NS00MDEzLTg2ZWEt
MzhjNzU2YWE0YjUwLzEvYkFLbDFQR0JaSTg0dlhGMW5OaGJ2OWlYUTRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC84NmQxYWEtNjQ3NS00MDEzLTg2ZWEtMzhjNzU2YWE0YjUw
LzEvODFST2tqMklPNnprcWo5LTl3QnlyLU5SSHlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwd45AwQA
ww4GMA0GCSqGSIb3DQEBCwUAA4IBAQB+X475MBxi1oNJdKZD4UlHTZFBa2MIqH5q
7/F2OJOCLFn4OikS0FHsLfOkJljSuxuLLC6k1ne8Q8fxf6EKfSc4zfsNyDzLlqVX
4dSW/gGKxOpcHoRCtZasOR+QVVSaZ4l4SgrGstLN4xMsuUOHHadfoS5Hy184r2q+
N7JZf+RDiaUHOrnGGcbH7gsbinboekGC/TWHo8YD45mzOgT5PbFj+HRmE1C7dhZu
2uxvw41R4+ySFMZ/5f3ji/OBxVmOah+75bNGS3lY9jF3Pn+NdkHkrC4xBCMyoSwE
l63edzFWR8szcLWCJ+voC7dcJtRgXLXsi2BJl9UyghpNREt4BOwl
-----END CERTIFICATE-----
Generated at Tue Oct 1 14:39:06 2024 by rpki-client on console-ams.rpki-client.org