Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/963d75-4cff-4b14-83df-b774320d997f/1/BOAsGUvRhKLy_7_mEV9g3mrMYZU.roa
File: BOAsGUvRhKLy_7_mEV9g3mrMYZU.roa (raw, json)
Hash identifier: C9dZwMMUKpYRDZ/pBrzNAB8QoZj/aBGYtpV3Mr4R40o=
Subject key identifier: 04:E0:2C:19:4B:D1:84:A2:F2:FF:BF:E6:11:5F:60:DE:6A:CC:61:95
Certificate issuer: /CN=b7b67ba579f48a4207ac409abf4f01194046ea3a
Certificate serial: 018A431D3EA65E7FA068B113BE427BFAE11B
Authority key identifier: B7:B6:7B:A5:79:F4:8A:42:07:AC:40:9A:BF:4F:01:19:40:46:EA:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t7Z7pXn0ikIHrECav08BGUBG6jo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/963d75-4cff-4b14-83df-b774320d997f/1/BOAsGUvRhKLy_7_mEV9g3mrMYZU.roa
Signing time: Tue 29 Aug 2023 21:05:04 +0000
ROA not before: Tue 29 Aug 2023 21:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199332
IP address blocks: 79.171.192.0/21 maxlen: 24
185.19.236.0/22 maxlen: 24
2a02:fe00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:43:1d:3e:a6:5e:7f:a0:68:b1:13:be:42:7b:fa:e1:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7b67ba579f48a4207ac409abf4f01194046ea3a
Validity
Not Before: Aug 29 21:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04e02c194bd184a2f2ffbfe6115f60de6acc6195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fe:dc:60:02:c4:8a:4c:1f:ad:e8:4b:0b:a1:
17:84:e0:b5:7d:2b:14:ec:99:1d:20:48:89:1d:94:
8c:ec:74:1f:aa:37:39:bc:7b:ad:d9:47:cb:f6:4f:
d9:eb:62:72:3b:51:95:39:07:23:1a:91:9d:54:da:
90:4b:44:9a:c0:25:a9:67:a2:83:69:c6:2c:fc:03:
53:5d:2e:e4:a6:4d:d7:98:0d:fe:59:cd:68:dd:7e:
a1:72:b5:5f:f2:14:39:cb:6f:29:2f:fb:d9:d6:64:
8b:d8:92:20:8f:8f:fc:83:3e:6a:15:39:44:13:8b:
29:e5:2e:39:04:4b:fb:18:b1:b9:e0:84:90:b5:73:
05:c5:b1:ec:86:eb:02:16:f4:3f:c8:de:ee:69:f8:
d7:f9:6f:b5:26:e5:d5:f5:ea:73:97:0c:f3:01:e7:
c2:96:cf:82:4c:02:de:16:8e:bd:bb:59:4d:89:2f:
ea:9b:e8:6e:fc:90:07:1c:c4:8b:98:12:17:3e:d3:
07:da:c1:d2:75:ad:82:30:02:71:d3:23:09:68:80:
e5:af:9e:53:ea:62:6b:aa:b3:c7:55:51:c2:67:9c:
41:69:6e:95:6a:e5:8b:dd:04:4d:87:17:b2:8e:db:
fa:1b:bb:6d:6d:4b:8d:39:ab:2d:b1:57:24:77:09:
be:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E0:2C:19:4B:D1:84:A2:F2:FF:BF:E6:11:5F:60:DE:6A:CC:61:95
X509v3 Authority Key Identifier:
keyid:B7:B6:7B:A5:79:F4:8A:42:07:AC:40:9A:BF:4F:01:19:40:46:EA:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t7Z7pXn0ikIHrECav08BGUBG6jo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/963d75-4cff-4b14-83df-b774320d997f/1/BOAsGUvRhKLy_7_mEV9g3mrMYZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/963d75-4cff-4b14-83df-b774320d997f/1/t7Z7pXn0ikIHrECav08BGUBG6jo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.192.0/21
185.19.236.0/22
IPv6:
2a02:fe00::/29
Signature Algorithm: sha256WithRSAEncryption
68:a8:8f:05:09:50:1c:7f:56:28:08:5b:20:bd:e2:eb:c8:ed:
3a:c9:67:78:79:db:97:44:7b:65:08:88:02:f2:03:a8:76:5a:
2a:a7:e7:64:0c:81:94:2f:cb:0b:94:48:3d:e6:a0:7c:45:3e:
86:c4:6c:8b:c8:ad:3f:dc:b3:1d:9f:ac:54:38:a5:40:d2:0e:
8f:86:18:36:12:08:19:2b:22:e2:c4:4f:a6:95:de:d6:33:be:
b4:b4:4a:d4:e2:85:e3:4b:ab:72:91:e4:9a:3e:0f:6f:c1:85:
fa:9d:3c:f1:75:45:0e:94:7b:5d:cb:c1:c6:9f:7c:cc:cf:59:
2d:d5:38:b9:2b:92:ba:60:b8:d6:c2:c7:e0:67:b6:d0:9e:d0:
55:49:00:b0:1f:c2:a8:fc:09:e1:09:38:2d:4d:2b:a5:3a:2c:
ba:87:b2:54:5e:c0:2e:c9:cb:1d:3a:aa:99:ad:36:c3:33:ea:
6c:24:02:1b:77:c7:8e:0b:76:27:29:bc:1a:97:6d:dd:58:9e:
91:ec:a4:df:38:c1:3a:b0:6b:32:29:7d:4d:c5:97:c9:f5:97:
a2:3a:1a:d1:25:5a:af:df:6b:78:73:69:af:8d:02:1f:24:4c:
94:e7:23:33:1a:fe:7a:c1:40:85:b3:83:be:11:8e:c9:01:49:
14:ad:be:b3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYpDHT6mXn+gaLETvkJ7+uEbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YjY3YmE1NzlmNDhhNDIwN2FjNDA5YWJmNGYwMTE5NDA0
NmVhM2EwHhcNMjMwODI5MjEwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGUwMmMxOTRiZDE4NGEyZjJmZmJmZTYxMTVmNjBkZTZhY2M2MTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkv7cYALEikwfrehLC6EXhOC1fSsU
7JkdIEiJHZSM7HQfqjc5vHut2UfL9k/Z62JyO1GVOQcjGpGdVNqQS0SawCWpZ6KD
acYs/ANTXS7kpk3XmA3+Wc1o3X6hcrVf8hQ5y28pL/vZ1mSL2JIgj4/8gz5qFTlE
E4sp5S45BEv7GLG54ISQtXMFxbHshusCFvQ/yN7uafjX+W+1JuXV9epzlwzzAefC
ls+CTALeFo69u1lNiS/qm+hu/JAHHMSLmBIXPtMH2sHSda2CMAJx0yMJaIDlr55T
6mJrqrPHVVHCZ5xBaW6VauWL3QRNhxeyjtv6G7ttbUuNOastsVckdwm+qQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFATgLBlL0YSi8v+/5hFfYN5qzGGVMB8GA1UdIwQY
MBaAFLe2e6V59IpCB6xAmr9PARlARuo6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDdaN3BYbjBpa0lIckVDYXYwOEJHVUJHNmpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni85NjNkNzUtNGNmZi00YjE0LTgzZGYt
Yjc3NDMyMGQ5OTdmLzEvQk9Bc0dVdlJoS0x5XzdfbUVWOWczbXJNWVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni85NjNkNzUtNGNmZi00YjE0LTgzZGYtYjc3NDMyMGQ5OTdm
LzEvdDdaN3BYbjBpa0lIckVDYXYwOEJHVUJHNmpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDT6vAAwQC
uRPsMA0EAgACMAcDBQMqAv4AMA0GCSqGSIb3DQEBCwUAA4IBAQBoqI8FCVAcf1Yo
CFsgveLryO06yWd4eduXRHtlCIgC8gOodloqp+dkDIGUL8sLlEg95qB8RT6GxGyL
yK0/3LMdn6xUOKVA0g6Phhg2EggZKyLixE+mld7WM760tErU4oXjS6tykeSaPg9v
wYX6nTzxdUUOlHtdy8HGn3zMz1kt1Ti5K5K6YLjWwsfgZ7bQntBVSQCwH8Ko/Anh
CTgtTSulOiy6h7JUXsAuycsdOqqZrTbDM+psJAIbd8eOC3YnKbwal23dWJ6R7KTf
OME6sGsyKX1NxZfJ9ZeiOhrRJVqv32t4c2mvjQIfJEyU5yMzGv56wUCFs4O+EY7J
AUkUrb6z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:31 2024 by rpki-client on console-ams.rpki-client.org