Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/9f61be-8c31-49ba-b424-ca3d4aae6f09/1/BYcXiZrjzG__BkhGlBcCTScJppE.roa
File: BYcXiZrjzG__BkhGlBcCTScJppE.roa (raw, json)
Hash identifier: 7GkrEnFJasBzKBr+bjcwhdggJJwFirEcV2yERkMA96w=
Subject key identifier: 05:87:17:89:9A:E3:CC:6F:FF:06:48:46:94:17:02:4D:27:09:A6:91
Certificate issuer: /CN=01838307f79acdc59ad6eb82e8c8aaefa3d88289
Certificate serial: 01856D5CFE69AE60C181E770097D53081BAB
Authority key identifier: 01:83:83:07:F7:9A:CD:C5:9A:D6:EB:82:E8:C8:AA:EF:A3:D8:82:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AYODB_eazcWa1uuC6Miq76PYgok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/9f61be-8c31-49ba-b424-ca3d4aae6f09/1/BYcXiZrjzG__BkhGlBcCTScJppE.roa
Signing time: Sun 01 Jan 2023 12:44:48 +0000
ROA not before: Sun 01 Jan 2023 12:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13189
IP address blocks: 185.199.136.0/22 maxlen: 22
82.100.64.0/18 maxlen: 18
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:fe:69:ae:60:c1:81:e7:70:09:7d:53:08:1b:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01838307f79acdc59ad6eb82e8c8aaefa3d88289
Validity
Not Before: Jan 1 12:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=058717899ae3cc6fff0648469417024d2709a691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:28:c4:d2:b7:0e:6f:ca:c4:dc:75:e4:e2:83:
3c:c1:e3:20:e2:d9:9f:72:7b:a7:b1:29:b3:1c:74:
8b:45:a6:39:c3:df:cf:66:ff:37:b0:22:de:bb:d3:
af:06:d2:90:46:e0:73:bb:bf:df:48:db:e2:3b:3d:
bd:67:32:dd:e6:4d:82:a9:8c:d7:7c:5a:75:ce:f1:
ae:85:71:51:9a:0f:68:3f:bd:ad:f3:fd:df:63:f0:
7e:c4:79:1c:76:62:5d:c1:ab:26:88:f9:aa:bb:21:
e0:0f:e8:cb:54:37:46:78:7e:e3:fa:6d:9a:c8:ea:
dc:8b:97:c1:b6:fe:d6:57:73:f1:e7:cf:aa:65:af:
0d:69:84:d9:10:c5:a4:ec:cf:20:fc:6b:08:3a:be:
a6:0b:95:db:f9:17:0e:02:5c:a5:35:45:07:eb:e7:
98:cd:22:f5:66:c0:4b:b4:09:81:33:fc:25:54:1a:
0f:41:f0:28:55:c3:95:82:74:d6:f5:8f:0a:78:2a:
c5:14:a9:26:bc:a2:d0:22:f7:be:b6:48:18:1b:d9:
fe:81:6c:16:83:24:13:ea:a2:05:c0:98:82:4b:22:
ac:db:5f:9c:7c:ab:00:1c:a7:72:4a:85:9e:d1:ef:
62:83:ee:00:57:e1:08:be:49:3b:b7:48:79:35:3b:
29:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:87:17:89:9A:E3:CC:6F:FF:06:48:46:94:17:02:4D:27:09:A6:91
X509v3 Authority Key Identifier:
keyid:01:83:83:07:F7:9A:CD:C5:9A:D6:EB:82:E8:C8:AA:EF:A3:D8:82:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AYODB_eazcWa1uuC6Miq76PYgok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/9f61be-8c31-49ba-b424-ca3d4aae6f09/1/BYcXiZrjzG__BkhGlBcCTScJppE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/9f61be-8c31-49ba-b424-ca3d4aae6f09/1/AYODB_eazcWa1uuC6Miq76PYgok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.100.64.0/18
185.199.136.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:80:b2:5c:90:4f:92:30:b3:16:52:87:ae:92:33:45:b3:40:
c2:86:c9:9f:f0:6e:e1:44:db:4a:99:51:a8:24:2e:23:a7:10:
17:cb:4e:60:27:bf:aa:60:19:7c:02:ed:b7:b6:6c:76:c4:65:
90:ae:52:44:95:e5:d2:6d:b6:39:31:46:aa:89:ec:91:17:93:
06:90:41:e8:f5:99:f9:72:60:4d:07:c0:f1:b6:70:50:fa:46:
7d:61:69:27:46:95:62:6d:b0:9c:ae:69:f9:5c:95:37:b9:26:
63:c1:16:d6:ac:e5:8d:09:db:81:a3:b2:0d:14:ea:24:f4:7d:
02:fe:7a:44:20:1a:81:4d:66:9a:ce:be:4d:35:16:a5:4a:55:
1b:ab:50:bb:a3:03:5b:ef:cc:dc:c8:9a:e4:a1:bc:cb:68:06:
3e:2c:d9:58:5a:7f:73:6c:98:7a:95:da:b0:bd:0c:2c:ae:ef:
9e:33:18:2e:7c:25:a3:66:90:15:64:4b:15:b2:58:a4:1e:8f:
67:95:da:24:e0:39:b9:7d:a3:66:20:4c:37:21:21:1c:cb:4e:
33:8c:f8:0f:fb:aa:ef:79:81:e2:16:e7:af:44:08:f1:ac:81:
1a:15:2c:cb:05:6b:b3:8e:96:f2:3d:80:04:8e:fe:53:74:82:
e1:fa:bc:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtXP5prmDBgedwCX1TCBurMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxODM4MzA3Zjc5YWNkYzU5YWQ2ZWI4MmU4YzhhYWVmYTNk
ODgyODkwHhcNMjMwMTAxMTI0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTg3MTc4OTlhZTNjYzZmZmYwNjQ4NDY5NDE3MDI0ZDI3MDlhNjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ijE0rcOb8rE3HXk4oM8weMg4tmf
cnunsSmzHHSLRaY5w9/PZv83sCLeu9OvBtKQRuBzu7/fSNviOz29ZzLd5k2CqYzX
fFp1zvGuhXFRmg9oP72t8/3fY/B+xHkcdmJdwasmiPmquyHgD+jLVDdGeH7j+m2a
yOrci5fBtv7WV3Px58+qZa8NaYTZEMWk7M8g/GsIOr6mC5Xb+RcOAlylNUUH6+eY
zSL1ZsBLtAmBM/wlVBoPQfAoVcOVgnTW9Y8KeCrFFKkmvKLQIve+tkgYG9n+gWwW
gyQT6qIFwJiCSyKs21+cfKsAHKdySoWe0e9ig+4AV+EIvkk7t0h5NTspdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAWHF4ma48xv/wZIRpQXAk0nCaaRMB8GA1UdIwQY
MBaAFAGDgwf3ms3FmtbrgujIqu+j2IKJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVlPREJfZWF6Y1dhMXV1QzZNaXE3NlBZZ29rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS85ZjYxYmUtOGMzMS00OWJhLWI0MjQt
Y2EzZDRhYWU2ZjA5LzEvQlljWGlacmp6R19fQmtoR2xCY0NUU2NKcHBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS85ZjYxYmUtOGMzMS00OWJhLWI0MjQtY2EzZDRhYWU2ZjA5
LzEvQVlPREJfZWF6Y1dhMXV1QzZNaXE3NlBZZ29rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGUmRAAwQC
uceIMA0GCSqGSIb3DQEBCwUAA4IBAQAsgLJckE+SMLMWUoeukjNFs0DChsmf8G7h
RNtKmVGoJC4jpxAXy05gJ7+qYBl8Au23tmx2xGWQrlJEleXSbbY5MUaqieyRF5MG
kEHo9Zn5cmBNB8DxtnBQ+kZ9YWknRpVibbCcrmn5XJU3uSZjwRbWrOWNCduBo7IN
FOok9H0C/npEIBqBTWaazr5NNRalSlUbq1C7owNb78zcyJrkobzLaAY+LNlYWn9z
bJh6ldqwvQwsru+eMxgufCWjZpAVZEsVslikHo9nldok4Dm5faNmIEw3ISEcy04z
jPgP+6rveYHiFuevRAjxrIEaFSzLBWuzjpbyPYAEjv5TdILh+rw2
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:49 2024 by rpki-client on console-ams.rpki-client.org