Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/bgF-CC0PlDx1TdgsgQUCXGz0Oe0.roa
File: bgF-CC0PlDx1TdgsgQUCXGz0Oe0.roa (raw, json)
Hash identifier: YM3/YmPl1FO2ksatjva3j64122mub7nSgVOXfuapZ5Q=
Subject key identifier: 6E:01:7E:08:2D:0F:94:3C:75:4D:D8:2C:81:05:02:5C:6C:F4:39:ED
Certificate issuer: /CN=ad0b79e4b59c5fcda493a20ad18e9455859d031b
Certificate serial: 0187A3C70369BD9ECD1828AB79A13CD1A3B3
Authority key identifier: AD:0B:79:E4:B5:9C:5F:CD:A4:93:A2:0A:D1:8E:94:55:85:9D:03:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQt55LWcX82kk6IK0Y6UVYWdAxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/bgF-CC0PlDx1TdgsgQUCXGz0Oe0.roa
Signing time: Fri 21 Apr 2023 12:25:41 +0000
ROA not before: Fri 21 Apr 2023 12:25:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21119
IP address blocks: 193.169.42.0/23 maxlen: 24
185.36.28.0/22 maxlen: 24
193.201.74.0/23 maxlen: 24
5.226.160.0/21 maxlen: 24
89.233.96.0/21 maxlen: 24
2a03:6240::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 24 Apr 2023 14:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a3:c7:03:69:bd:9e:cd:18:28:ab:79:a1:3c:d1:a3:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0b79e4b59c5fcda493a20ad18e9455859d031b
Validity
Not Before: Apr 21 12:25:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e017e082d0f943c754dd82c8105025c6cf439ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:83:e4:bc:ab:50:fa:09:f7:fb:b2:93:fa:9a:
29:9f:cf:2c:87:36:4e:03:a7:18:98:58:93:ee:89:
44:d7:55:73:45:98:34:15:fd:03:f8:7a:39:c2:96:
63:70:66:b7:d0:c1:68:82:11:ce:fa:e6:4e:7b:36:
0c:b1:56:b2:fb:71:b5:11:e8:6d:f7:60:cb:7b:d9:
75:66:be:37:16:63:13:fd:99:9c:69:7b:90:16:65:
81:12:4a:8e:d7:0d:f1:1c:b1:83:70:14:2d:c1:b7:
70:f5:33:2d:fa:d0:00:de:35:b9:6e:ec:c1:f2:73:
40:85:bd:13:5c:bd:29:9c:0c:69:ef:00:e2:70:10:
c1:a7:93:c6:44:2b:65:3f:cd:d9:1c:58:a2:10:44:
90:2d:8f:61:46:0e:6c:60:d3:71:0b:45:35:77:8a:
c2:e1:8c:7b:05:9c:7a:e2:fd:52:22:7f:95:a6:3f:
aa:4b:0c:68:93:06:f8:91:be:5e:0f:c6:54:aa:f3:
1c:d0:ac:13:9f:5f:ae:70:30:4e:b1:d5:9d:47:25:
99:5a:fa:a3:50:dd:91:54:4c:84:82:45:f7:6a:5b:
e3:d9:46:7d:2b:c8:e3:62:51:a8:1e:3f:4a:17:e2:
84:ee:4e:ec:72:3b:28:7f:ab:11:c9:60:9e:4a:b9:
2b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:01:7E:08:2D:0F:94:3C:75:4D:D8:2C:81:05:02:5C:6C:F4:39:ED
X509v3 Authority Key Identifier:
keyid:AD:0B:79:E4:B5:9C:5F:CD:A4:93:A2:0A:D1:8E:94:55:85:9D:03:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQt55LWcX82kk6IK0Y6UVYWdAxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/bgF-CC0PlDx1TdgsgQUCXGz0Oe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/rQt55LWcX82kk6IK0Y6UVYWdAxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.160.0/21
89.233.96.0/21
185.36.28.0/22
193.169.42.0/23
193.201.74.0/23
IPv6:
2a03:6240::/32
Signature Algorithm: sha256WithRSAEncryption
44:75:7a:23:91:06:2b:d2:b8:95:87:01:6b:2f:79:8a:8f:c9:
c9:a6:b8:90:0e:62:2d:d9:00:0a:b2:f8:4e:aa:87:11:39:2f:
a3:c2:22:df:03:2d:b2:6f:10:68:f7:1c:b6:7b:77:3d:54:58:
8d:0d:30:72:55:f5:7b:63:8a:60:62:01:bb:f4:84:86:8a:e9:
84:8f:f0:52:2b:e5:65:32:3a:1d:f1:bd:1b:f4:32:e7:89:5b:
cc:a2:cc:a2:1d:05:62:13:80:9f:d4:2a:3e:26:7c:7e:64:a9:
b9:aa:ae:51:7b:cb:03:e6:f3:ae:59:44:b4:a8:fa:7c:57:87:
53:07:4a:3a:b1:22:d7:0c:35:f5:1c:3b:61:b9:e4:b0:e0:9f:
77:bb:b3:5e:1a:94:f8:bc:9b:0c:72:98:53:f8:05:42:e3:4b:
c6:a5:af:e2:8d:9b:48:95:c3:8d:3d:c2:f5:1c:14:67:e8:c4:
03:d0:c3:b8:9b:02:3c:31:17:dd:ad:e6:e7:cb:96:90:05:98:
0d:dc:53:9a:33:09:85:a9:05:97:3e:fd:9e:55:e1:50:9a:e8:
a0:6f:fa:7c:f3:b6:75:b5:48:56:b0:db:5f:6b:c7:00:91:9f:
37:80:c8:86:6f:75:ce:ae:30:bb:b2:0c:0e:04:53:08:2f:98:
0b:48:97:a7
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYejxwNpvZ7NGCireaE80aOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGI3OWU0YjU5YzVmY2RhNDkzYTIwYWQxOGU5NDU1ODU5
ZDAzMWIwHhcNMjMwNDIxMTIyNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTAxN2UwODJkMGY5NDNjNzU0ZGQ4MmM4MTA1MDI1YzZjZjQzOWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYPkvKtQ+gn3+7KT+popn88shzZO
A6cYmFiT7olE11VzRZg0Ff0D+Ho5wpZjcGa30MFoghHO+uZOezYMsVay+3G1Eeht
92DLe9l1Zr43FmMT/ZmcaXuQFmWBEkqO1w3xHLGDcBQtwbdw9TMt+tAA3jW5buzB
8nNAhb0TXL0pnAxp7wDicBDBp5PGRCtlP83ZHFiiEESQLY9hRg5sYNNxC0U1d4rC
4Yx7BZx64v1SIn+Vpj+qSwxokwb4kb5eD8ZUqvMc0KwTn1+ucDBOsdWdRyWZWvqj
UN2RVEyEgkX3alvj2UZ9K8jjYlGoHj9KF+KE7k7scjsof6sRyWCeSrkrvwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFG4BfggtD5Q8dU3YLIEFAlxs9DntMB8GA1UdIwQY
MBaAFK0LeeS1nF/NpJOiCtGOlFWFnQMbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclF0NTVMV2NYODJrazZJSzBZNlVWWVdkQXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9jZDU1NWItZjczZS00OGFkLWI1NDQt
ZTNlYjRlOGEzOGRiLzEvYmdGLUNDMFBsRHgxVGRnc2dRVUNYR3owT2UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9jZDU1NWItZjczZS00OGFkLWI1NDQtZTNlYjRlOGEzOGRi
LzEvclF0NTVMV2NYODJrazZJSzBZNlVWWVdkQXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBeKgAwQD
WelgAwQCuSQcAwQBwakqAwQBwclKMA0EAgACMAcDBQAqA2JAMA0GCSqGSIb3DQEB
CwUAA4IBAQBEdXojkQYr0riVhwFrL3mKj8nJpriQDmIt2QAKsvhOqocROS+jwiLf
Ay2ybxBo9xy2e3c9VFiNDTByVfV7Y4pgYgG79ISGiumEj/BSK+VlMjod8b0b9DLn
iVvMosyiHQViE4Cf1Co+Jnx+ZKm5qq5Re8sD5vOuWUS0qPp8V4dTB0o6sSLXDDX1
HDthueSw4J93u7NeGpT4vJsMcphT+AVC40vGpa/ijZtIlcONPcL1HBRn6MQD0MO4
mwI8MRfdrebny5aQBZgN3FOaMwmFqQWXPv2eVeFQmuigb/p887Z1tUhWsNtfa8cA
kZ83gMiGb3XOrjC7sgwOBFMIL5gLSJen
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:29 2024 by rpki-client on console-ams.rpki-client.org