Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/f7fe9b-69ae-4206-8d66-f660a57e2dd5/1/Bjx-7sppVv3EkB_e8TOyfek2Gwg.roa
File: Bjx-7sppVv3EkB_e8TOyfek2Gwg.roa (raw, json)
Hash identifier: lXn42G3gYfkBq2xxJfg1WzeRVnte6mqnX7QFhcer7ks=
Subject key identifier: 06:3C:7E:EE:CA:69:56:FD:C4:90:1F:DE:F1:33:B2:7D:E9:36:1B:08
Certificate issuer: /CN=3ca1fabe9f0b3e977f8e0829c0bf5f0878384668
Certificate serial: 01857227EFD02FA4EF4117461E3D16275530
Authority key identifier: 3C:A1:FA:BE:9F:0B:3E:97:7F:8E:08:29:C0:BF:5F:08:78:38:46:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PKH6vp8LPpd_jggpwL9fCHg4Rmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/f7fe9b-69ae-4206-8d66-f660a57e2dd5/1/Bjx-7sppVv3EkB_e8TOyfek2Gwg.roa
Signing time: Mon 02 Jan 2023 11:04:57 +0000
ROA not before: Mon 02 Jan 2023 11:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201160
IP address blocks: 91.235.64.0/24 maxlen: 24
185.11.213.0/24 maxlen: 24
185.11.212.0/24 maxlen: 24
185.11.215.0/24 maxlen: 24
185.11.214.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:ef:d0:2f:a4:ef:41:17:46:1e:3d:16:27:55:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ca1fabe9f0b3e977f8e0829c0bf5f0878384668
Validity
Not Before: Jan 2 11:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=063c7eeeca6956fdc4901fdef133b27de9361b08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:82:53:0f:7b:38:4c:37:a3:57:6d:1d:97:82:
5d:0b:ac:92:98:3d:6a:db:21:04:90:36:c5:b5:48:
92:22:2e:81:8a:bc:bb:c7:a2:c1:2e:67:5a:04:b5:
85:a4:4e:1c:cf:a3:2a:f2:30:d7:1b:b4:2f:74:14:
f6:53:f0:58:38:2f:c6:21:b1:33:89:5d:2a:0c:8b:
8a:cd:9a:34:8d:aa:74:7e:d8:b4:ec:f4:ab:86:ba:
e7:4d:25:68:98:18:5c:82:c2:cf:d5:ae:67:20:8c:
b9:63:d1:3f:10:c3:9a:c0:b7:2b:26:d7:ac:79:ca:
06:34:91:de:a7:8e:9a:b4:09:93:7a:71:ba:63:ee:
a8:6b:9f:53:f1:94:48:ed:e9:f7:d4:fa:bd:67:57:
d2:5f:5f:d2:c4:14:79:df:6b:bc:d1:5e:3e:f4:7b:
0c:9b:30:03:f5:4f:d4:b0:c6:c2:aa:6c:30:75:c6:
6c:24:0b:ce:5f:e2:87:a0:e8:75:63:72:a3:f5:a6:
00:c1:0c:be:e8:5f:94:96:3d:e8:a5:3d:cb:52:a9:
4b:63:8a:9a:f8:0b:25:78:5c:23:e7:f1:cb:ae:8e:
1f:48:88:4a:5a:9d:46:6e:c5:47:6d:c6:90:16:f0:
3e:f3:89:77:f1:1e:89:19:6a:b4:b9:e1:1a:dd:9c:
49:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:3C:7E:EE:CA:69:56:FD:C4:90:1F:DE:F1:33:B2:7D:E9:36:1B:08
X509v3 Authority Key Identifier:
keyid:3C:A1:FA:BE:9F:0B:3E:97:7F:8E:08:29:C0:BF:5F:08:78:38:46:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PKH6vp8LPpd_jggpwL9fCHg4Rmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/f7fe9b-69ae-4206-8d66-f660a57e2dd5/1/Bjx-7sppVv3EkB_e8TOyfek2Gwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/f7fe9b-69ae-4206-8d66-f660a57e2dd5/1/PKH6vp8LPpd_jggpwL9fCHg4Rmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.64.0/24
185.11.212.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:67:30:f6:f3:11:10:3e:e5:7d:fe:9d:23:f0:ab:8c:f4:8e:
6f:9f:d8:f3:0f:51:89:4c:73:0c:cc:88:c2:18:8e:df:cf:9b:
db:cf:f6:be:fc:3a:99:9c:bb:fd:cf:9c:4d:6e:ee:7b:f1:5a:
a2:f8:db:20:41:24:16:10:ff:5f:9b:cd:a6:51:9b:06:1d:62:
dd:f6:56:11:97:f0:79:9e:25:c1:38:68:4d:c7:80:5a:59:13:
6a:10:fe:6c:e2:0e:1b:6d:dc:89:d9:bb:d0:c5:4d:69:83:4e:
ba:56:45:e9:59:4b:ab:c1:07:14:73:3f:4f:40:ce:f5:7a:65:
b9:5b:a3:3c:4d:33:63:87:80:d1:fd:9c:26:b9:79:95:2b:db:
96:95:e2:74:dc:39:5c:43:7f:7e:00:0e:27:41:fd:bc:0d:de:
cf:4f:57:8a:92:df:79:a0:de:96:c1:52:fc:76:86:1c:fd:47:
b9:74:0d:23:20:02:d7:0a:77:c2:92:60:21:08:c9:a5:c0:b3:
c3:2f:a7:b8:6b:9d:f4:0c:8f:c1:2b:03:f6:61:58:e4:f4:29:
03:b3:40:5f:d2:f7:39:7c:ee:92:8e:ef:65:1e:20:f6:1d:08:
3f:44:5a:6c:4f:3a:57:27:ef:c6:91:6e:83:59:26:d6:62:4c:
85:ed:fe:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyJ+/QL6TvQRdGHj0WJ1UwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjYTFmYWJlOWYwYjNlOTc3ZjhlMDgyOWMwYmY1ZjA4Nzgz
ODQ2NjgwHhcNMjMwMTAyMTEwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjNjN2VlZWNhNjk1NmZkYzQ5MDFmZGVmMTMzYjI3ZGU5MzYxYjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYJTD3s4TDejV20dl4JdC6ySmD1q
2yEEkDbFtUiSIi6Biry7x6LBLmdaBLWFpE4cz6Mq8jDXG7QvdBT2U/BYOC/GIbEz
iV0qDIuKzZo0jap0fti07PSrhrrnTSVomBhcgsLP1a5nIIy5Y9E/EMOawLcrJtes
ecoGNJHep46atAmTenG6Y+6oa59T8ZRI7en31Pq9Z1fSX1/SxBR532u80V4+9HsM
mzAD9U/UsMbCqmwwdcZsJAvOX+KHoOh1Y3Kj9aYAwQy+6F+Ulj3opT3LUqlLY4qa
+AsleFwj5/HLro4fSIhKWp1GbsVHbcaQFvA+84l38R6JGWq0ueEa3ZxJSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAY8fu7KaVb9xJAf3vEzsn3pNhsIMB8GA1UdIwQY
MBaAFDyh+r6fCz6Xf44IKcC/Xwh4OEZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEtINnZwOExQcGRfamdncHdMOWZDSGc0Um1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9mN2ZlOWItNjlhZS00MjA2LThkNjYt
ZjY2MGE1N2UyZGQ1LzEvQmp4LTdzcHBWdjNFa0JfZThUT3lmZWsyR3dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9mN2ZlOWItNjlhZS00MjA2LThkNjYtZjY2MGE1N2UyZGQ1
LzEvUEtINnZwOExQcGRfamdncHdMOWZDSGc0Um1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+tAAwQC
uQvUMA0GCSqGSIb3DQEBCwUAA4IBAQCsZzD28xEQPuV9/p0j8KuM9I5vn9jzD1GJ
THMMzIjCGI7fz5vbz/a+/DqZnLv9z5xNbu578Vqi+NsgQSQWEP9fm82mUZsGHWLd
9lYRl/B5niXBOGhNx4BaWRNqEP5s4g4bbdyJ2bvQxU1pg066VkXpWUurwQcUcz9P
QM71emW5W6M8TTNjh4DR/ZwmuXmVK9uWleJ03DlcQ39+AA4nQf28Dd7PT1eKkt95
oN6WwVL8doYc/Ue5dA0jIALXCnfCkmAhCMmlwLPDL6e4a530DI/BKwP2YVjk9CkD
s0Bf0vc5fO6Sju9lHiD2HQg/RFpsTzpXJ+/GkW6DWSbWYkyF7f4A
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:28 2024 by rpki-client on console-ams.rpki-client.org