Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/9e86ab-bc7f-4bc4-b127-42262161e940/1/bC7GcIJBi8OwCFAfjbV6kkqrKiw.roa
File: bC7GcIJBi8OwCFAfjbV6kkqrKiw.roa (raw, json)
Hash identifier: F2kQ99CtALVsyY5ZB6Q1eVM4h3eff5O/dIvFOzZlLK4=
Subject key identifier: 6C:2E:C6:70:82:41:8B:C3:B0:08:50:1F:8D:B5:7A:92:4A:AB:2A:2C
Certificate issuer: /CN=c38c3a1c05c899ebfe15d2361909a63597c68078
Certificate serial: 01856F4B66CA679C3E503C8FEFB3E0B8D461
Authority key identifier: C3:8C:3A:1C:05:C8:99:EB:FE:15:D2:36:19:09:A6:35:97:C6:80:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4w6HAXImev-FdI2GQmmNZfGgHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/9e86ab-bc7f-4bc4-b127-42262161e940/1/bC7GcIJBi8OwCFAfjbV6kkqrKiw.roa
Signing time: Sun 01 Jan 2023 21:44:50 +0000
ROA not before: Sun 01 Jan 2023 21:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43771
IP address blocks: 91.198.148.0/24 maxlen: 24
185.202.4.0/23 maxlen: 23
185.202.6.0/24 maxlen: 24
2a0a:cdc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:66:ca:67:9c:3e:50:3c:8f:ef:b3:e0:b8:d4:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38c3a1c05c899ebfe15d2361909a63597c68078
Validity
Not Before: Jan 1 21:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c2ec67082418bc3b008501f8db57a924aab2a2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:58:96:15:6d:47:cd:5b:26:a2:c4:83:07:d2:
b6:ec:91:dc:54:0a:ff:c1:85:38:28:81:4c:05:f2:
bb:f3:be:4d:57:fd:09:b9:84:cf:3b:8e:0c:be:91:
2e:a4:cb:f9:01:0d:1f:9a:8f:4a:3a:d0:32:de:a1:
90:e4:ca:a1:74:ac:aa:4b:84:00:33:b8:36:a4:92:
b4:8f:a9:6b:4e:f0:96:0a:1b:18:5c:11:60:6c:6f:
ff:ae:55:bd:3a:3d:6f:a5:6e:cd:af:4d:38:e6:4d:
0a:17:31:4a:5c:2a:f9:c0:4f:1e:f7:99:33:9c:bb:
37:ee:5d:0c:08:57:7c:f6:16:1f:03:b7:0a:82:a5:
79:93:d8:33:70:f3:d4:3d:65:0a:a7:a9:fd:09:53:
9e:47:ca:ac:00:6a:66:11:9f:40:80:28:a7:cb:a2:
80:ea:1a:cb:5d:30:da:60:be:ba:92:a4:6d:1a:66:
12:5a:89:b2:3e:bf:0c:3b:87:93:13:d7:3b:c2:96:
4c:41:1e:e1:8e:66:f8:be:57:fb:1d:e4:80:19:4d:
80:7f:7f:cb:cf:ca:f3:00:80:5f:18:47:20:84:e9:
a3:55:46:3e:47:15:8f:48:84:af:e2:b7:d5:05:e1:
7c:92:48:c5:78:09:30:e3:d4:b2:88:88:c5:5b:dd:
8f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:2E:C6:70:82:41:8B:C3:B0:08:50:1F:8D:B5:7A:92:4A:AB:2A:2C
X509v3 Authority Key Identifier:
keyid:C3:8C:3A:1C:05:C8:99:EB:FE:15:D2:36:19:09:A6:35:97:C6:80:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4w6HAXImev-FdI2GQmmNZfGgHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/9e86ab-bc7f-4bc4-b127-42262161e940/1/bC7GcIJBi8OwCFAfjbV6kkqrKiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/9e86ab-bc7f-4bc4-b127-42262161e940/1/w4w6HAXImev-FdI2GQmmNZfGgHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.148.0/24
185.202.4.0-185.202.6.255
IPv6:
2a0a:cdc0::/32
Signature Algorithm: sha256WithRSAEncryption
07:4e:6b:83:67:18:5f:8e:02:09:bf:8c:dc:65:31:c7:4d:0e:
4b:4e:2e:12:c9:fd:ce:c4:de:95:0d:ac:ee:63:fd:e1:17:95:
7b:6a:9d:51:cf:41:6d:4e:06:8a:d4:a6:6a:96:eb:16:56:af:
27:44:f1:ee:11:67:05:1d:4c:ab:b2:fb:39:ee:86:a6:dd:b8:
b2:26:36:75:ec:ab:e3:8d:f8:b9:e7:f6:86:fd:40:db:8d:2f:
ac:cd:ab:a3:65:bc:4d:11:c6:5c:d8:2e:80:cf:80:ee:67:da:
d4:5a:fa:d5:4f:e2:bc:36:29:c3:1c:3d:f6:73:36:9b:14:d7:
a3:47:cf:af:ba:b7:dd:e3:10:01:ca:0b:87:14:90:c6:bb:76:
9a:f2:92:28:44:93:c2:1c:58:75:83:83:e1:d5:58:67:39:bb:
25:f1:46:2a:e3:f7:a1:ac:16:5e:df:ba:d9:09:e0:f9:05:40:
37:50:00:56:49:23:2e:96:cf:9c:11:65:fa:81:d1:f9:3f:85:
bf:4a:64:8b:5f:9c:5b:dd:96:fd:4d:f6:44:be:52:78:d9:5e:
1b:27:90:ab:bd:2f:5a:66:c8:56:3c:53:64:12:3f:d9:9a:d9:
91:94:71:1f:ce:d3:b7:4c:df:bf:5d:a8:ec:08:ab:69:27:20:
b5:12:73:17
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVvS2bKZ5w+UDyP77PguNRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOGMzYTFjMDVjODk5ZWJmZTE1ZDIzNjE5MDlhNjM1OTdj
NjgwNzgwHhcNMjMwMTAxMjE0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzJlYzY3MDgyNDE4YmMzYjAwODUwMWY4ZGI1N2E5MjRhYWIyYTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1iWFW1HzVsmosSDB9K27JHcVAr/
wYU4KIFMBfK7875NV/0JuYTPO44MvpEupMv5AQ0fmo9KOtAy3qGQ5MqhdKyqS4QA
M7g2pJK0j6lrTvCWChsYXBFgbG//rlW9Oj1vpW7Nr0045k0KFzFKXCr5wE8e95kz
nLs37l0MCFd89hYfA7cKgqV5k9gzcPPUPWUKp6n9CVOeR8qsAGpmEZ9AgCiny6KA
6hrLXTDaYL66kqRtGmYSWomyPr8MO4eTE9c7wpZMQR7hjmb4vlf7HeSAGU2Af3/L
z8rzAIBfGEcghOmjVUY+RxWPSISv4rfVBeF8kkjFeAkw49SyiIjFW92P8wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGwuxnCCQYvDsAhQH421epJKqyosMB8GA1UdIwQY
MBaAFMOMOhwFyJnr/hXSNhkJpjWXxoB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzR3NkhBWEltZXYtRmRJMkdRbW1OWmZHZ0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS85ZTg2YWItYmM3Zi00YmM0LWIxMjct
NDIyNjIxNjFlOTQwLzEvYkM3R2NJSkJpOE93Q0ZBZmpiVjZra3FyS2l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS85ZTg2YWItYmM3Zi00YmM0LWIxMjctNDIyNjIxNjFlOTQw
LzEvdzR3NkhBWEltZXYtRmRJMkdRbW1OWmZHZ0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQAW8aUMAwD
BAK5ygQDBAC5ygYwDQQCAAIwBwMFACoKzcAwDQYJKoZIhvcNAQELBQADggEBAAdO
a4NnGF+OAgm/jNxlMcdNDktOLhLJ/c7E3pUNrO5j/eEXlXtqnVHPQW1OBorUpmqW
6xZWrydE8e4RZwUdTKuy+znuhqbduLImNnXsq+ON+Lnn9ob9QNuNL6zNq6NlvE0R
xlzYLoDPgO5n2tRa+tVP4rw2KcMcPfZzNpsU16NHz6+6t93jEAHKC4cUkMa7dpry
kihEk8IcWHWDg+HVWGc5uyXxRirj96GsFl7futkJ4PkFQDdQAFZJIy6Wz5wRZfqB
0fk/hb9KZItfnFvdlv1N9kS+UnjZXhsnkKu9L1pmyFY8U2QSP9ma2ZGUcR/O07dM
379dqOwIq2knILUScxc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:26 2024 by rpki-client on console-ams.rpki-client.org