Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/bHK0a3d2PNwLQgE2L3wLrLzqwDo.roa
File: bHK0a3d2PNwLQgE2L3wLrLzqwDo.roa (raw, json)
Hash identifier: wfwTgFYQwd27jIfiaIBRrNUE1eVXhB5pmyRmGMIAv1g=
Subject key identifier: 6C:72:B4:6B:77:76:3C:DC:0B:42:01:36:2F:7C:0B:AC:BC:EA:C0:3A
Certificate issuer: /CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
Certificate serial: 01865146F210A1E257E24EEDEFBFA09A0EA2
Authority key identifier: 81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/bHK0a3d2PNwLQgE2L3wLrLzqwDo.roa
Signing time: Tue 14 Feb 2023 18:54:09 +0000
ROA not before: Tue 14 Feb 2023 18:54:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50115
IP address blocks: 195.64.232.0/22 maxlen: 22
195.64.240.0/22 maxlen: 23
195.64.253.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:51:46:f2:10:a1:e2:57:e2:4e:ed:ef:bf:a0:9a:0e:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
Validity
Not Before: Feb 14 18:54:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c72b46b77763cdc0b4201362f7c0bacbceac03a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e9:cd:06:86:88:f8:0a:ab:66:81:86:b1:a8:
7f:1e:8a:fc:8f:9d:f6:9b:6c:f7:ef:0e:1c:bc:a4:
72:b9:fa:c7:14:8c:02:4b:ea:73:13:45:47:6f:c1:
15:0f:0f:e8:37:fd:54:47:15:69:b1:83:97:5b:6a:
39:16:d6:09:71:22:06:42:92:81:e3:97:53:66:4a:
42:a8:57:bb:92:7c:e0:e4:6b:2c:d5:c5:08:97:02:
99:9a:6e:2b:73:3f:6f:63:06:8c:00:06:68:05:fe:
70:0f:72:96:02:fb:28:8d:d5:35:5a:03:e0:33:37:
34:5a:4f:2e:0d:28:4a:82:22:82:09:1e:9a:43:a7:
03:cd:01:e2:e1:14:bf:57:30:5d:a0:8d:7c:b8:13:
5b:d3:f2:75:10:79:cd:c2:f7:7e:69:34:e7:6e:74:
5d:5e:6f:67:af:7e:02:82:9b:eb:04:c8:3b:39:bc:
f6:91:55:4f:1f:10:80:a3:a0:a3:61:da:e3:27:9d:
c0:e6:58:12:ca:d4:fb:16:86:df:8f:df:65:95:60:
06:d0:a3:a5:a2:e5:97:1e:54:29:74:aa:e4:ad:ce:
28:7c:24:b3:af:b9:30:92:7d:3b:e6:d7:0a:fd:20:
ee:12:1a:fe:d2:b7:69:ab:61:90:2e:67:6b:4e:73:
c9:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:72:B4:6B:77:76:3C:DC:0B:42:01:36:2F:7C:0B:AC:BC:EA:C0:3A
X509v3 Authority Key Identifier:
keyid:81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/bHK0a3d2PNwLQgE2L3wLrLzqwDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/gfpI9AvIRUDEa9I76bkIl6oYT00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.232.0/22
195.64.240.0/22
195.64.253.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:d2:b7:37:75:54:14:ae:21:87:f7:1d:94:d3:85:f1:fb:3e:
98:5e:56:99:f2:16:ce:36:7f:e5:f1:2d:80:0c:85:4c:4a:52:
ce:5a:a3:fb:f5:89:35:d6:51:e6:32:3a:26:43:c3:cf:92:a0:
b8:a9:de:a4:9c:fb:49:db:48:82:b0:0d:b6:cf:c6:db:2e:38:
9e:58:50:f8:14:74:91:77:5c:20:c0:ea:03:5a:ea:8c:30:85:
16:af:e2:6c:59:e4:2d:62:0a:37:e0:03:93:b5:54:6c:fb:63:
0c:97:8a:3b:99:d5:b2:ea:28:8d:da:06:01:ed:d8:35:ef:73:
ea:ec:18:94:02:28:e8:df:cd:18:e1:63:2e:d7:74:c0:0e:71:
fb:77:4c:8a:16:ac:ba:a5:0c:67:46:87:be:9e:ac:a6:dd:c1:
c7:da:8e:d4:db:c1:bc:f0:06:1f:d7:84:ad:e7:fa:63:33:d0:
95:9f:08:8b:90:2a:3f:fd:e0:b7:ef:80:43:e1:a0:9c:02:6f:
b4:ab:71:a6:8f:d6:d2:20:3b:7e:8e:99:31:05:99:0b:90:69:
b8:c4:37:85:7c:fc:c3:c8:c9:93:a3:ea:15:0a:0e:2f:c1:8e:
3c:1b:df:7d:f4:e5:49:1b:5e:88:fe:d1:29:ce:ad:ac:f2:99:
0e:ee:e6:bc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZRRvIQoeJX4k7t77+gmg6iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZmE0OGY0MGJjODQ1NDBjNDZiZDIzYmU5YjkwODk3YWEx
ODRmNGQwHhcNMjMwMjE0MTg1NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzcyYjQ2Yjc3NzYzY2RjMGI0MjAxMzYyZjdjMGJhY2JjZWFjMDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvenNBoaI+AqrZoGGsah/Hor8j532
m2z37w4cvKRyufrHFIwCS+pzE0VHb8EVDw/oN/1URxVpsYOXW2o5FtYJcSIGQpKB
45dTZkpCqFe7knzg5Gss1cUIlwKZmm4rcz9vYwaMAAZoBf5wD3KWAvsojdU1WgPg
Mzc0Wk8uDShKgiKCCR6aQ6cDzQHi4RS/VzBdoI18uBNb0/J1EHnNwvd+aTTnbnRd
Xm9nr34CgpvrBMg7Obz2kVVPHxCAo6CjYdrjJ53A5lgSytT7Fobfj99llWAG0KOl
ouWXHlQpdKrkrc4ofCSzr7kwkn075tcK/SDuEhr+0rdpq2GQLmdrTnPJhQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGxytGt3djzcC0IBNi98C6y86sA6MB8GA1UdIwQY
MBaAFIH6SPQLyEVAxGvSO+m5CJeqGE9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2ZwSTlBdklSVURFYTlJNzZia0lsNm9ZVDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8xNDYwNzgtZjliMi00MTYzLWFmMWEt
OGU5M2NiNWM1MzU1LzEvYkhLMGEzZDJQTndMUWdFMkwzd0xyTHpxd0RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8xNDYwNzgtZjliMi00MTYzLWFmMWEtOGU5M2NiNWM1MzU1
LzEvZ2ZwSTlBdklSVURFYTlJNzZia0lsNm9ZVDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCw0DoAwQC
w0DwAwQAw0D9MA0GCSqGSIb3DQEBCwUAA4IBAQBL0rc3dVQUriGH9x2U04Xx+z6Y
XlaZ8hbONn/l8S2ADIVMSlLOWqP79Yk11lHmMjomQ8PPkqC4qd6knPtJ20iCsA22
z8bbLjieWFD4FHSRd1wgwOoDWuqMMIUWr+JsWeQtYgo34AOTtVRs+2MMl4o7mdWy
6iiN2gYB7dg173Pq7BiUAijo380Y4WMu13TADnH7d0yKFqy6pQxnRoe+nqym3cHH
2o7U28G88AYf14St5/pjM9CVnwiLkCo//eC374BD4aCcAm+0q3Gmj9bSIDt+jpkx
BZkLkGm4xDeFfPzDyMmTo+oVCg4vwY48G9999OVJG16I/tEpzq2s8pkO7ua8
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:33 2024 by rpki-client on console-ams.rpki-client.org