Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/81235b-2e04-471f-8689-69baafdd9a6e/1/bmmkGePZBU7xQgWXFgomGbOU77I.roa
File: bmmkGePZBU7xQgWXFgomGbOU77I.roa (raw, json)
Hash identifier: ogyB0lIpUnRsjeHrawkcA/hOfvdLPTa1S8sGdq5iJsc=
Subject key identifier: 6E:69:A4:19:E3:D9:05:4E:F1:42:05:97:16:0A:26:19:B3:94:EF:B2
Certificate issuer: /CN=666d97ceb84e9c616bfe6d93576cc33bbf4b63ef
Certificate serial: 01857230FBF93F6A131C482600A9FC0EE437
Authority key identifier: 66:6D:97:CE:B8:4E:9C:61:6B:FE:6D:93:57:6C:C3:3B:BF:4B:63:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zm2XzrhOnGFr_m2TV2zDO79LY-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/81235b-2e04-471f-8689-69baafdd9a6e/1/bmmkGePZBU7xQgWXFgomGbOU77I.roa
Signing time: Mon 02 Jan 2023 11:14:50 +0000
ROA not before: Mon 02 Jan 2023 11:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16141
IP address blocks: 212.70.244.0/22 maxlen: 22
212.70.248.0/22 maxlen: 22
212.70.224.0/19 maxlen: 24
212.70.226.0/24 maxlen: 24
212.70.228.0/22 maxlen: 22
212.70.232.0/21 maxlen: 21
212.70.240.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:30:fb:f9:3f:6a:13:1c:48:26:00:a9:fc:0e:e4:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=666d97ceb84e9c616bfe6d93576cc33bbf4b63ef
Validity
Not Before: Jan 2 11:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e69a419e3d9054ef1420597160a2619b394efb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:87:e3:3c:40:b5:e9:d7:1e:84:20:b9:1e:75:
63:1f:c5:80:a2:d4:27:f6:73:8f:48:19:74:b0:02:
e6:da:57:33:bb:d7:98:a9:56:c5:70:84:26:38:17:
8a:b0:87:d8:14:84:d1:bd:94:19:32:26:10:07:ee:
c3:d8:1f:08:05:94:40:36:4e:fe:e6:57:10:3e:4e:
73:74:7c:08:ee:0e:c5:50:9c:b5:c6:2b:0f:fc:0b:
43:5d:56:b2:58:54:f1:7f:29:ea:b6:c9:c2:c7:7d:
e8:f7:63:c2:c6:48:6b:87:0c:51:f3:50:b6:3c:0c:
6a:13:e9:e7:4c:2c:3c:a0:bf:50:8e:21:0f:38:ba:
b0:3f:9a:7d:07:2e:c8:99:52:14:a5:f9:17:e0:95:
de:b4:c3:a1:28:7a:51:42:40:f7:4f:26:b1:31:fc:
e2:33:48:d8:38:5d:76:3c:2c:26:fd:0e:92:ea:5a:
1f:df:ee:1b:7f:78:d2:eb:28:4d:23:3c:d1:6c:7b:
b8:38:16:87:f2:45:82:7b:b6:f8:f2:35:67:e5:dd:
40:21:c2:75:df:68:b5:c4:7f:49:58:8d:51:d9:90:
a2:87:00:76:36:d5:47:fc:08:a1:56:10:63:ea:ee:
53:32:38:aa:25:40:0b:4f:82:af:fe:6d:75:d5:3e:
cc:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:69:A4:19:E3:D9:05:4E:F1:42:05:97:16:0A:26:19:B3:94:EF:B2
X509v3 Authority Key Identifier:
keyid:66:6D:97:CE:B8:4E:9C:61:6B:FE:6D:93:57:6C:C3:3B:BF:4B:63:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zm2XzrhOnGFr_m2TV2zDO79LY-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/81235b-2e04-471f-8689-69baafdd9a6e/1/bmmkGePZBU7xQgWXFgomGbOU77I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/81235b-2e04-471f-8689-69baafdd9a6e/1/Zm2XzrhOnGFr_m2TV2zDO79LY-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.70.224.0/19
Signature Algorithm: sha256WithRSAEncryption
4e:3d:c5:86:bf:14:31:85:9f:95:9e:01:13:36:68:81:9a:ac:
b4:67:f5:02:a7:71:e8:2d:11:8c:7d:b7:73:81:f8:a8:07:81:
7a:e2:1b:9f:62:e6:50:58:71:bd:b5:55:b9:b6:65:de:60:b6:
36:be:b7:37:7a:5f:9c:a9:0e:8e:8c:41:df:30:d3:e8:e5:ae:
fe:41:8d:51:18:b5:43:b9:a1:b0:75:77:e6:73:0f:9e:56:9f:
b8:cd:ce:6d:72:52:63:bf:14:b4:68:c2:c2:93:c7:21:93:d8:
55:49:c7:f8:63:55:2d:19:64:ff:89:6f:ac:ee:29:78:52:d8:
10:8f:49:8c:a1:a3:34:9c:9b:45:90:a4:68:18:c1:c9:94:fd:
c5:d1:d6:1d:68:02:ac:86:c9:95:85:f0:35:09:b7:f0:a6:88:
1e:0f:54:72:b1:92:c4:a4:9a:59:ae:c4:55:cd:cd:a8:90:f8:
30:84:73:e8:7d:03:e8:6c:f8:a2:12:36:8b:8a:0d:fc:60:77:
f4:05:3c:43:f9:78:61:91:e9:d2:da:8e:ee:59:37:35:87:c0:
0a:c0:e7:91:a8:57:cd:0f:0f:30:db:29:2a:04:9a:b9:57:dc:
bd:bc:e4:be:b2:4c:61:85:b6:f4:8b:10:5f:b8:c4:62:4c:d5:
82:11:db:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyMPv5P2oTHEgmAKn8DuQ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NmQ5N2NlYjg0ZTljNjE2YmZlNmQ5MzU3NmNjMzNiYmY0
YjYzZWYwHhcNMjMwMTAyMTExNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTY5YTQxOWUzZDkwNTRlZjE0MjA1OTcxNjBhMjYxOWIzOTRlZmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIfjPEC16dcehCC5HnVjH8WAotQn
9nOPSBl0sALm2lczu9eYqVbFcIQmOBeKsIfYFITRvZQZMiYQB+7D2B8IBZRANk7+
5lcQPk5zdHwI7g7FUJy1xisP/AtDXVayWFTxfynqtsnCx33o92PCxkhrhwxR81C2
PAxqE+nnTCw8oL9QjiEPOLqwP5p9By7ImVIUpfkX4JXetMOhKHpRQkD3TyaxMfzi
M0jYOF12PCwm/Q6S6lof3+4bf3jS6yhNIzzRbHu4OBaH8kWCe7b48jVn5d1AIcJ1
32i1xH9JWI1R2ZCihwB2NtVH/AihVhBj6u5TMjiqJUALT4Kv/m111T7M3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5ppBnj2QVO8UIFlxYKJhmzlO+yMB8GA1UdIwQY
MBaAFGZtl864Tpxha/5tk1dswzu/S2PvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm0yWHpyaE9uR0ZyX20yVFYyekRPNzlMWS04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84MTIzNWItMmUwNC00NzFmLTg2ODkt
NjliYWFmZGQ5YTZlLzEvYm1ta0dlUFpCVTd4UWdXWEZnb21HYk9VNzdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84MTIzNWItMmUwNC00NzFmLTg2ODktNjliYWFmZGQ5YTZl
LzEvWm0yWHpyaE9uR0ZyX20yVFYyekRPNzlMWS04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1EbgMA0G
CSqGSIb3DQEBCwUAA4IBAQBOPcWGvxQxhZ+VngETNmiBmqy0Z/UCp3HoLRGMfbdz
gfioB4F64hufYuZQWHG9tVW5tmXeYLY2vrc3el+cqQ6OjEHfMNPo5a7+QY1RGLVD
uaGwdXfmcw+eVp+4zc5tclJjvxS0aMLCk8chk9hVScf4Y1UtGWT/iW+s7il4UtgQ
j0mMoaM0nJtFkKRoGMHJlP3F0dYdaAKshsmVhfA1CbfwpogeD1RysZLEpJpZrsRV
zc2okPgwhHPofQPobPiiEjaLig38YHf0BTxD+XhhkenS2o7uWTc1h8AKwOeRqFfN
Dw8w2ykqBJq5V9y9vOS+skxhhbb0ixBfuMRiTNWCEdtV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:54 2024 by rpki-client on console-ams.rpki-client.org