Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/436aa1-f47a-4cd5-87a2-1f34efb5b7d1/1/BF5rJmi0_7UrLax37GzogI-A3tw.roa
File: BF5rJmi0_7UrLax37GzogI-A3tw.roa (raw, json)
Hash identifier: BiQ+VvFe1OY45uW+LLGEA2fUnGcsiLyM6S9rnoR1DA4=
Subject key identifier: 04:5E:6B:26:68:B4:FF:B5:2B:2D:AC:77:EC:6C:E8:80:8F:80:DE:DC
Certificate issuer: /CN=12868f5e34eefefce655c1bb8383299fa56c5c82
Certificate serial: 01856D4A959B6EEDE4CF47F845433D04DE9A
Authority key identifier: 12:86:8F:5E:34:EE:FE:FC:E6:55:C1:BB:83:83:29:9F:A5:6C:5C:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EoaPXjTu_vzmVcG7g4Mpn6VsXII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/436aa1-f47a-4cd5-87a2-1f34efb5b7d1/1/BF5rJmi0_7UrLax37GzogI-A3tw.roa
Signing time: Sun 01 Jan 2023 12:24:42 +0000
ROA not before: Sun 01 Jan 2023 12:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 185.151.152.0/22 maxlen: 22
128.176.0.0/16 maxlen: 16
2001:4cf0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:95:9b:6e:ed:e4:cf:47:f8:45:43:3d:04:de:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12868f5e34eefefce655c1bb8383299fa56c5c82
Validity
Not Before: Jan 1 12:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=045e6b2668b4ffb52b2dac77ec6ce8808f80dedc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fb:3a:a3:de:bc:ad:c0:b6:95:96:64:4d:a8:
19:c8:fd:6c:fb:39:0b:9f:ce:d0:44:ed:cc:dc:fb:
f1:27:55:1b:8f:cd:70:86:5b:9a:32:12:b2:26:8b:
10:5d:d8:4f:1d:2b:9f:9c:89:ea:26:3e:f8:7b:46:
b7:ea:d8:56:de:a2:6a:0b:86:b5:47:0f:56:78:6d:
a3:87:76:cf:7c:5e:83:ed:6a:c0:19:28:9f:81:54:
f6:6f:fa:3f:8e:32:71:17:b4:7e:69:92:0b:f7:00:
84:bf:f2:0a:f5:cf:70:d7:b4:2c:10:22:db:1a:f0:
f8:be:69:5f:25:ee:eb:20:3c:e7:3a:ea:c2:8c:b9:
f8:cd:f2:2a:4e:85:0f:e9:d0:13:1b:15:c2:d4:e7:
01:b6:7e:2d:d8:46:f8:2f:63:87:e4:eb:fa:38:13:
6e:b6:c7:81:50:78:09:2d:9f:ae:e0:28:0c:eb:57:
98:68:02:93:0c:9e:02:32:c7:2e:53:e6:e8:4d:f9:
87:3d:a0:a4:25:d0:6c:68:3e:5c:2e:6c:a1:18:12:
07:72:30:b2:1b:88:80:aa:c5:29:c8:8f:c8:aa:ff:
f5:70:87:f5:0d:d0:66:b5:2b:fa:e1:ec:72:5f:86:
2c:c2:80:77:2a:d5:4b:4a:d1:6a:60:5a:e5:56:8c:
30:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:5E:6B:26:68:B4:FF:B5:2B:2D:AC:77:EC:6C:E8:80:8F:80:DE:DC
X509v3 Authority Key Identifier:
keyid:12:86:8F:5E:34:EE:FE:FC:E6:55:C1:BB:83:83:29:9F:A5:6C:5C:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EoaPXjTu_vzmVcG7g4Mpn6VsXII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/436aa1-f47a-4cd5-87a2-1f34efb5b7d1/1/BF5rJmi0_7UrLax37GzogI-A3tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/436aa1-f47a-4cd5-87a2-1f34efb5b7d1/1/EoaPXjTu_vzmVcG7g4Mpn6VsXII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.176.0.0/16
185.151.152.0/22
IPv6:
2001:4cf0::/29
Signature Algorithm: sha256WithRSAEncryption
14:14:f5:a1:0c:c5:c6:2a:8f:70:8a:41:5e:9b:f1:1a:0f:e6:
a4:17:df:ab:ec:66:9f:88:a8:aa:f8:2f:e3:c4:b0:8a:a8:37:
0b:dd:60:52:2b:b6:a4:a3:77:2c:02:35:19:78:5b:45:94:22:
3b:ee:ba:91:ab:c4:05:6c:bf:41:41:d9:89:72:d8:85:e2:25:
73:03:69:28:79:d8:ae:f0:5d:7f:9a:99:5c:b5:3d:39:ca:d2:
60:91:a5:cc:cc:e5:a3:95:3c:c0:dd:d1:c2:b7:d9:d3:93:d8:
71:33:4b:de:2b:cb:7e:d5:1d:2d:6b:d1:cc:62:43:fd:75:49:
b2:f6:c6:89:bc:72:6e:c0:49:71:6b:a1:a5:bc:6f:ed:05:96:
de:ca:38:f9:d1:9a:4a:dd:8e:25:2e:82:32:25:f6:97:a2:9f:
49:a5:b4:01:43:e5:c8:93:a0:80:f4:a3:ba:b2:1e:c0:da:bc:
33:6a:09:21:12:fa:64:06:d7:21:a3:f2:dc:7d:b0:65:38:36:
a8:fc:48:e8:25:c2:ae:46:74:13:66:c2:16:2f:b5:42:11:ce:
2f:87:55:4d:a4:1f:7b:5d:30:62:ba:6d:75:4a:1a:47:c0:0e:
15:c9:f0:08:d4:68:0c:20:66:e7:7a:8d:25:59:78:d8:21:fe:
6e:fe:b3:77
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVtSpWbbu3kz0f4RUM9BN6aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyODY4ZjVlMzRlZWZlZmNlNjU1YzFiYjgzODMyOTlmYTU2
YzVjODIwHhcNMjMwMTAxMTIyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDVlNmIyNjY4YjRmZmI1MmIyZGFjNzdlYzZjZTg4MDhmODBkZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPs6o968rcC2lZZkTagZyP1s+zkL
n87QRO3M3PvxJ1Ubj81whluaMhKyJosQXdhPHSufnInqJj74e0a36thW3qJqC4a1
Rw9WeG2jh3bPfF6D7WrAGSifgVT2b/o/jjJxF7R+aZIL9wCEv/IK9c9w17QsECLb
GvD4vmlfJe7rIDznOurCjLn4zfIqToUP6dATGxXC1OcBtn4t2Eb4L2OH5Ov6OBNu
tseBUHgJLZ+u4CgM61eYaAKTDJ4CMscuU+boTfmHPaCkJdBsaD5cLmyhGBIHcjCy
G4iAqsUpyI/Iqv/1cIf1DdBmtSv64exyX4YswoB3KtVLStFqYFrlVoww4wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAReayZotP+1Ky2sd+xs6ICPgN7cMB8GA1UdIwQY
MBaAFBKGj1407v785lXBu4ODKZ+lbFyCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW9hUFhqVHVfdnptVmNHN2c0TXBuNlZzWElJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi80MzZhYTEtZjQ3YS00Y2Q1LTg3YTIt
MWYzNGVmYjViN2QxLzEvQkY1ckptaTBfN1VyTGF4MzdHem9nSS1BM3R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi80MzZhYTEtZjQ3YS00Y2Q1LTg3YTItMWYzNGVmYjViN2Qx
LzEvRW9hUFhqVHVfdnptVmNHN2c0TXBuNlZzWElJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAgLADBAK5
l5gwDQQCAAIwBwMFAyABTPAwDQYJKoZIhvcNAQELBQADggEBABQU9aEMxcYqj3CK
QV6b8RoP5qQX36vsZp+IqKr4L+PEsIqoNwvdYFIrtqSjdywCNRl4W0WUIjvuupGr
xAVsv0FB2Yly2IXiJXMDaSh52K7wXX+amVy1PTnK0mCRpczM5aOVPMDd0cK32dOT
2HEzS94ry37VHS1r0cxiQ/11SbL2xom8cm7ASXFroaW8b+0Flt7KOPnRmkrdjiUu
gjIl9pein0mltAFD5ciToID0o7qyHsDavDNqCSES+mQG1yGj8tx9sGU4Nqj8SOgl
wq5GdBNmwhYvtUIRzi+HVU2kH3tdMGK6bXVKGkfADhXJ8AjUaAwgZud6jSVZeNgh
/m7+s3c=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:49:58 2024 by rpki-client on console-fra.rpki-client.org