Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/bMJadsOBx-Gsw9lWvrb-_wV10tg.roa
File: bMJadsOBx-Gsw9lWvrb-_wV10tg.roa (raw, json)
Hash identifier: Vf7a15DIUS27//uQGzKzwyKz0cJHbzucXDtjsF7ssYU=
Subject key identifier: 6C:C2:5A:76:C3:81:C7:E1:AC:C3:D9:56:BE:B6:FE:FF:05:75:D2:D8
Certificate issuer: /CN=f8f19e224c73f83c4fdd196d06608aeb3a881804
Certificate serial: 018571D7D7D8C1B39186712C286E231F9E21
Authority key identifier: F8:F1:9E:22:4C:73:F8:3C:4F:DD:19:6D:06:60:8A:EB:3A:88:18:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/bMJadsOBx-Gsw9lWvrb-_wV10tg.roa
Signing time: Mon 02 Jan 2023 09:37:28 +0000
ROA not before: Mon 02 Jan 2023 09:37:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8267
IP address blocks: 149.156.0.0/16 maxlen: 16
193.193.64.0/21 maxlen: 21
195.150.224.0/19 maxlen: 19
2001:6d8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:d7:d8:c1:b3:91:86:71:2c:28:6e:23:1f:9e:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8f19e224c73f83c4fdd196d06608aeb3a881804
Validity
Not Before: Jan 2 09:37:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cc25a76c381c7e1acc3d956beb6feff0575d2d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ca:84:8c:b9:73:2c:bf:35:2b:42:b3:e2:72:
6a:b3:b1:ee:a8:db:94:96:35:3f:fb:18:cb:1a:1d:
75:1f:d9:1e:64:3d:01:a1:c5:00:6e:79:f8:54:21:
5b:41:63:db:42:32:3c:bb:55:fa:8e:a1:a3:6e:de:
73:51:81:a8:c9:95:3f:8a:88:02:32:21:f1:6f:51:
e5:8d:cd:2b:b0:30:65:e8:47:80:db:9f:21:86:dd:
25:57:cc:75:28:86:89:a0:cb:fc:3e:b3:b6:62:2d:
cf:d9:2b:b8:69:12:09:ea:38:f4:d3:69:7e:b9:9b:
bb:d5:4a:f4:43:b2:68:71:0d:f8:b1:1c:d9:43:4c:
78:f9:b2:7e:fa:05:c5:26:56:eb:a0:e2:ab:f5:ad:
8f:68:86:8c:57:d2:da:22:44:05:11:33:7e:6a:bf:
d0:57:7c:e0:8c:26:e4:af:a6:78:d4:42:2b:f4:58:
39:d2:24:11:b4:d9:dd:80:c4:03:77:7d:ae:b7:78:
f9:4f:7e:8a:28:7a:d7:85:40:60:81:82:b3:fe:97:
82:3c:50:94:00:9e:ac:f1:9f:25:34:e7:fe:22:08:
78:ed:e5:b2:cd:43:14:bd:5f:9f:53:32:4d:41:91:
fa:0a:1d:98:ad:fd:d5:ce:0e:4c:fe:47:88:4d:fb:
cd:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C2:5A:76:C3:81:C7:E1:AC:C3:D9:56:BE:B6:FE:FF:05:75:D2:D8
X509v3 Authority Key Identifier:
keyid:F8:F1:9E:22:4C:73:F8:3C:4F:DD:19:6D:06:60:8A:EB:3A:88:18:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/bMJadsOBx-Gsw9lWvrb-_wV10tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f40486-2cd9-475b-bbe1-16cd8f4fb4b9/1/1-PGeIkxz-DxP3RltBmCK6zqIGAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.156.0.0/16
193.193.64.0/21
195.150.224.0/19
IPv6:
2001:6d8::/32
Signature Algorithm: sha256WithRSAEncryption
7d:f3:17:a6:f9:82:26:89:80:fb:37:4a:f0:d7:34:02:98:3d:
f9:5d:d6:7e:2c:27:71:f5:71:a6:f6:5c:ba:91:59:5e:24:4e:
41:21:b9:07:f8:3d:5d:24:df:7c:8d:34:19:78:96:e5:b6:0c:
ae:04:18:63:ed:a8:da:7b:a1:7d:fd:e2:af:a3:f0:35:5a:50:
ce:61:9c:71:da:2c:79:69:2c:80:c4:80:93:3d:9d:63:7e:fe:
1d:d8:c8:70:38:9c:ab:67:9c:a7:9b:99:77:c3:f7:51:44:7c:
60:c7:a5:9d:1f:2d:c9:a3:12:4e:74:36:a1:7c:d9:ce:54:52:
7b:33:98:aa:15:b6:17:2e:50:33:87:71:9a:10:5b:f5:90:35:
ef:5e:1b:0d:a8:2d:89:9a:4b:b6:86:80:a6:83:2f:15:4f:fb:
32:a0:3d:a9:52:cb:fa:af:e0:ef:f8:4b:93:eb:60:cd:7c:59:
15:97:1d:4d:c0:4c:5b:fd:c7:e6:f6:f5:00:25:72:6c:e7:1c:
4f:ce:d6:cd:c2:d4:60:b5:1b:76:b3:c9:3c:1a:25:80:9a:23:
59:3b:cc:55:03:8b:11:9c:51:1f:79:d3:29:bc:05:9a:23:24:
31:71:46:04:a3:87:3e:ec:d9:bb:73:f8:89:8d:b2:f0:b0:f1:
77:b7:0f:d1
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVx19fYwbORhnEsKG4jH54hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZjE5ZTIyNGM3M2Y4M2M0ZmRkMTk2ZDA2NjA4YWViM2E4
ODE4MDQwHhcNMjMwMTAyMDkzNzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2MyNWE3NmMzODFjN2UxYWNjM2Q5NTZiZWI2ZmVmZjA1NzVkMmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMqEjLlzLL81K0Kz4nJqs7HuqNuU
ljU/+xjLGh11H9keZD0BocUAbnn4VCFbQWPbQjI8u1X6jqGjbt5zUYGoyZU/iogC
MiHxb1Hljc0rsDBl6EeA258hht0lV8x1KIaJoMv8PrO2Yi3P2Su4aRIJ6jj002l+
uZu71Ur0Q7JocQ34sRzZQ0x4+bJ++gXFJlbroOKr9a2PaIaMV9LaIkQFETN+ar/Q
V3zgjCbkr6Z41EIr9Fg50iQRtNndgMQDd32ut3j5T36KKHrXhUBggYKz/peCPFCU
AJ6s8Z8lNOf+Igh47eWyzUMUvV+fUzJNQZH6Ch2Yrf3Vzg5M/keITfvNSQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGzCWnbDgcfhrMPZVr62/v8FddLYMB8GA1UdIwQY
MBaAFPjxniJMc/g8T90ZbQZgius6iBgEMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1QR2VJa3h6LUR4UDNSbHRCbUNLNnpxSUdBUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcvZjQwNDg2LTJjZDktNDc1Yi1iYmUx
LTE2Y2Q4ZjRmYjRiOS8xL2JNSmFkc09CeC1Hc3c5bFd2cmItX3dWMTB0Zy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzcvZjQwNDg2LTJjZDktNDc1Yi1iYmUxLTE2Y2Q4ZjRmYjRi
OS8xLzEtUEdlSWt4ei1EeFAzUmx0Qm1DSzZ6cUlHQVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOQYIKwYBBQUHAQcBAf8EKjAoMBcEAgABMBEDAwCVnAME
A8HBQAMEBcOW4DANBAIAAjAHAwUAIAEG2DANBgkqhkiG9w0BAQsFAAOCAQEAffMX
pvmCJomA+zdK8Nc0Apg9+V3WfiwncfVxpvZcupFZXiROQSG5B/g9XSTffI00GXiW
5bYMrgQYY+2o2nuhff3ir6PwNVpQzmGccdoseWksgMSAkz2dY37+HdjIcDicq2ec
p5uZd8P3UUR8YMelnR8tyaMSTnQ2oXzZzlRSezOYqhW2Fy5QM4dxmhBb9ZA1714b
DagtiZpLtoaApoMvFU/7MqA9qVLL+q/g7/hLk+tgzXxZFZcdTcBMW/3H5vb1ACVy
bOccT87WzcLUYLUbdrPJPBolgJojWTvMVQOLEZxRH3nTKbwFmiMkMXFGBKOHPuzZ
u3P4iY2y8LDxd7cP0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:31 2024 by rpki-client on console-fra.rpki-client.org