Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/bwqe4p6uI8i30vMgWun0UbyJi_k.roa
File: bwqe4p6uI8i30vMgWun0UbyJi_k.roa (raw, json)
Hash identifier: RTCH4h9klx1sLyBK+kp64Nv/7kDmUsbk9DJCxVCGWpM=
Subject key identifier: 6F:0A:9E:E2:9E:AE:23:C8:B7:D2:F3:20:5A:E9:F4:51:BC:89:8B:F9
Certificate issuer: /CN=324c71046c549fb3c7d4ebc4cf9519d002e76df1
Certificate serial: 0185A1782827B3018E10F06E67271EB968D1
Authority key identifier: 32:4C:71:04:6C:54:9F:B3:C7:D4:EB:C4:CF:95:19:D0:02:E7:6D:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/bwqe4p6uI8i30vMgWun0UbyJi_k.roa
Signing time: Wed 11 Jan 2023 15:34:44 +0000
ROA not before: Wed 11 Jan 2023 15:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208354
IP address blocks: 185.203.24.0/22 maxlen: 24
2a0c:8500::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a1:78:28:27:b3:01:8e:10:f0:6e:67:27:1e:b9:68:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=324c71046c549fb3c7d4ebc4cf9519d002e76df1
Validity
Not Before: Jan 11 15:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f0a9ee29eae23c8b7d2f3205ae9f451bc898bf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:1b:d0:42:64:cf:5f:d0:00:c5:ed:31:3f:83:
5b:a2:6e:26:4e:2d:5d:b2:6a:bf:23:ac:df:16:5c:
4e:8b:17:2c:78:7e:88:26:b7:d8:2c:94:98:aa:aa:
c9:d7:a0:f0:1e:5a:88:4a:6f:1e:eb:0b:67:29:1d:
7f:b7:d2:ca:4d:aa:29:0e:c0:57:bb:94:1a:5b:23:
9a:fe:78:39:9f:c8:cf:ce:ea:36:ab:ee:1c:9e:7d:
10:cc:29:d6:47:3f:91:37:4f:c0:d3:36:2f:ee:40:
5c:2b:f5:0d:94:a3:74:19:39:f9:3f:ec:de:62:e2:
60:51:75:40:9c:d8:f4:50:9c:15:fb:f4:bc:74:0e:
1e:3d:dd:40:dc:c7:50:ef:29:17:a4:08:d2:09:c8:
86:9a:0d:6c:e6:c8:74:34:0b:a9:9d:58:93:34:7d:
bd:a7:38:3d:25:12:e3:b4:3e:b2:28:88:58:4b:de:
61:fa:4d:10:9d:f8:fd:fe:d9:ed:8d:92:c5:9e:df:
ff:b9:e0:83:49:7a:99:4c:5d:f0:e9:cb:82:0b:3d:
e7:e4:5f:50:57:85:0b:00:d8:92:2c:58:bd:8c:a6:
87:23:3b:e5:c0:27:72:e2:97:7a:fc:3f:fe:f9:50:
3c:dd:b2:2a:6a:99:f3:61:a4:3a:9d:cd:b4:3c:95:
af:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:0A:9E:E2:9E:AE:23:C8:B7:D2:F3:20:5A:E9:F4:51:BC:89:8B:F9
X509v3 Authority Key Identifier:
keyid:32:4C:71:04:6C:54:9F:B3:C7:D4:EB:C4:CF:95:19:D0:02:E7:6D:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/bwqe4p6uI8i30vMgWun0UbyJi_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.24.0/22
IPv6:
2a0c:8500::/29
Signature Algorithm: sha256WithRSAEncryption
2d:5d:f2:e0:81:54:7a:2f:9d:56:37:51:b0:5f:30:1d:25:ac:
8f:61:b1:5d:13:3a:6c:ad:cd:4c:91:4f:d8:a7:70:2e:da:0d:
16:1d:7b:77:83:57:d9:46:54:8b:c7:ca:a4:16:9d:8b:85:4e:
89:08:1d:e0:e7:43:4a:e7:32:0e:ef:e7:9b:86:7f:74:b1:00:
54:c8:5b:1e:a1:93:09:2b:24:74:88:f1:a7:8b:06:0e:6c:ab:
48:d2:3a:bf:5f:fe:6e:ff:b6:da:ac:61:e6:45:36:09:ff:b9:
24:03:4f:16:9d:7e:bc:24:c9:b2:af:2f:ba:ac:cb:88:07:ca:
5d:fb:e6:84:bf:93:89:3b:5c:75:9e:09:ad:6b:df:ec:31:b6:
6a:12:6a:af:b9:b1:67:ad:8d:3b:89:0c:a2:d3:f2:e0:67:09:
97:df:f1:36:b8:2a:59:91:7e:16:71:80:21:5d:b3:9e:e0:6c:
7e:ee:d0:72:da:35:ee:ee:9f:86:ab:11:91:98:2b:06:c6:d0:
a4:cf:28:e9:e4:29:af:5a:0e:c6:02:21:47:84:0f:b5:be:4c:
36:c7:ed:75:6e:85:2b:b1:32:ac:dd:f5:7a:17:a9:84:18:f4:
cc:7b:28:c6:b5:a4:2c:b1:e5:7c:ca:f8:ea:bf:58:eb:1b:b9:
cd:1f:8a:f3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYWheCgnswGOEPBuZyceuWjRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNGM3MTA0NmM1NDlmYjNjN2Q0ZWJjNGNmOTUxOWQwMDJl
NzZkZjEwHhcNMjMwMTExMTUzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjBhOWVlMjllYWUyM2M4YjdkMmYzMjA1YWU5ZjQ1MWJjODk4YmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRvQQmTPX9AAxe0xP4Nbom4mTi1d
smq/I6zfFlxOixcseH6IJrfYLJSYqqrJ16DwHlqISm8e6wtnKR1/t9LKTaopDsBX
u5QaWyOa/ng5n8jPzuo2q+4cnn0QzCnWRz+RN0/A0zYv7kBcK/UNlKN0GTn5P+ze
YuJgUXVAnNj0UJwV+/S8dA4ePd1A3MdQ7ykXpAjSCciGmg1s5sh0NAupnViTNH29
pzg9JRLjtD6yKIhYS95h+k0Qnfj9/tntjZLFnt//ueCDSXqZTF3w6cuCCz3n5F9Q
V4ULANiSLFi9jKaHIzvlwCdy4pd6/D/++VA83bIqapnzYaQ6nc20PJWv7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG8KnuKeriPIt9LzIFrp9FG8iYv5MB8GA1UdIwQY
MBaAFDJMcQRsVJ+zx9TrxM+VGdAC523xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWt4eEJHeFVuN1BIMU92RXo1VVowQUxuYmZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8xMjViOWQtMmExZi00NjNhLTk2NWUt
N2NmZWFmMDg2ZTE0LzEvYndxZTRwNnVJOGkzMHZNZ1d1bjBVYnlKaV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8xMjViOWQtMmExZi00NjNhLTk2NWUtN2NmZWFmMDg2ZTE0
LzEvTWt4eEJHeFVuN1BIMU92RXo1VVowQUxuYmZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucsYMA0E
AgACMAcDBQMqDIUAMA0GCSqGSIb3DQEBCwUAA4IBAQAtXfLggVR6L51WN1GwXzAd
JayPYbFdEzpsrc1MkU/Yp3Au2g0WHXt3g1fZRlSLx8qkFp2LhU6JCB3g50NK5zIO
7+ebhn90sQBUyFseoZMJKyR0iPGniwYObKtI0jq/X/5u/7barGHmRTYJ/7kkA08W
nX68JMmyry+6rMuIB8pd++aEv5OJO1x1ngmta9/sMbZqEmqvubFnrY07iQyi0/Lg
ZwmX3/E2uCpZkX4WcYAhXbOe4Gx+7tBy2jXu7p+GqxGRmCsGxtCkzyjp5CmvWg7G
AiFHhA+1vkw2x+11boUrsTKs3fV6F6mEGPTMeyjGtaQsseV8yvjqv1jrG7nNH4rz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:26 2024 by rpki-client on console-ams.rpki-client.org