Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/bsNeNq_b5Y92-ti2IpEjZU2IE0U.roa
File: bsNeNq_b5Y92-ti2IpEjZU2IE0U.roa (raw, json)
Hash identifier: C/Y1bsblP+iNmbp8ThRQPQylfWWIMQtTPnKQ2Nqvimg=
Subject key identifier: 6E:C3:5E:36:AF:DB:E5:8F:76:FA:D8:B6:22:91:23:65:4D:88:13:45
Certificate issuer: /CN=6d3ee1a52a5d65b9091de5a5b464fb97032d0e9b
Certificate serial: 01856D01B81D4C9E9F98C5E8CA46D09DCD8E
Authority key identifier: 6D:3E:E1:A5:2A:5D:65:B9:09:1D:E5:A5:B4:64:FB:97:03:2D:0E:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bT7hpSpdZbkJHeWltGT7lwMtDps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/bsNeNq_b5Y92-ti2IpEjZU2IE0U.roa
Signing time: Sun 01 Jan 2023 11:05:07 +0000
ROA not before: Sun 01 Jan 2023 11:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 27970
IP address blocks: 194.143.130.0/23 maxlen: 24
193.16.100.0/24 maxlen: 24
185.5.134.0/24 maxlen: 24
195.246.98.0/24 maxlen: 24
185.5.135.0/24 maxlen: 24
195.246.99.0/24 maxlen: 24
2a00:12f0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:b8:1d:4c:9e:9f:98:c5:e8:ca:46:d0:9d:cd:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d3ee1a52a5d65b9091de5a5b464fb97032d0e9b
Validity
Not Before: Jan 1 11:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ec35e36afdbe58f76fad8b6229123654d881345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:05:df:f3:59:63:93:69:a8:6c:5e:8e:52:3f:
ec:d9:fb:42:cd:10:82:ef:9c:38:de:a3:07:ac:5d:
d9:18:ee:ee:e6:a6:c1:21:4d:bd:ad:39:d7:40:be:
14:8f:61:11:4f:a4:a6:f7:6c:01:fb:75:99:48:20:
96:92:88:6f:17:ba:24:9f:00:4a:65:f8:f2:86:e1:
ce:8a:c8:81:34:00:a0:d6:46:e4:b6:2a:26:44:ab:
94:da:0b:4a:6f:16:6d:1f:3a:a7:13:57:72:fc:ef:
83:f3:64:63:a2:b9:ed:08:8a:e5:b0:54:51:3f:bf:
a0:07:1b:be:71:ad:51:d6:51:83:2c:dc:ca:b3:25:
42:b7:49:44:75:c0:06:cc:9b:70:71:ad:b2:65:f9:
ab:d8:df:88:9f:64:92:49:01:ff:f6:b9:62:67:07:
f9:5e:a0:b2:f4:d7:fb:d5:c9:dc:d2:8a:e7:15:a3:
a8:16:c3:5a:1b:59:9a:36:70:0c:dd:60:5c:31:5f:
a8:3a:ed:d0:31:c7:7e:5e:fe:ed:78:dd:89:9f:76:
c2:70:31:26:5b:2c:dc:db:f2:e5:e5:cf:52:ce:4f:
bb:20:ec:d8:b2:b9:7d:ff:a5:c2:ae:8e:94:73:d8:
d6:40:0a:ae:37:59:9c:d3:fb:32:3d:47:71:7a:1a:
99:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C3:5E:36:AF:DB:E5:8F:76:FA:D8:B6:22:91:23:65:4D:88:13:45
X509v3 Authority Key Identifier:
keyid:6D:3E:E1:A5:2A:5D:65:B9:09:1D:E5:A5:B4:64:FB:97:03:2D:0E:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bT7hpSpdZbkJHeWltGT7lwMtDps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/bsNeNq_b5Y92-ti2IpEjZU2IE0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/bT7hpSpdZbkJHeWltGT7lwMtDps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.134.0/23
193.16.100.0/24
194.143.130.0/23
195.246.98.0/23
IPv6:
2a00:12f0::/32
Signature Algorithm: sha256WithRSAEncryption
19:50:8e:e8:a3:6f:96:c5:38:7e:52:73:9e:5d:8d:e1:97:b3:
40:c7:0d:2c:5c:e2:40:c3:c8:3c:28:70:e8:57:82:be:c9:1d:
4d:0f:c8:da:3a:fd:38:de:7f:26:d8:14:0b:5d:ea:ae:d4:f6:
c5:96:55:51:ec:c1:86:b3:25:f9:6a:90:53:4b:01:94:37:a6:
b4:cf:03:43:b7:f9:32:87:47:07:36:ed:94:a6:f9:35:83:83:
b0:13:8d:7d:87:14:a4:5d:be:0a:d7:65:17:05:b2:75:98:38:
c5:f9:ae:d8:94:5f:c5:bf:41:05:5d:0a:2e:98:6d:69:e9:bc:
a5:5f:c2:c2:5e:e2:af:51:1c:62:38:7c:54:99:cb:1a:b8:51:
ef:14:f9:08:90:a1:40:0e:43:8d:bb:92:a9:03:3a:4d:a7:9e:
50:a0:1a:01:7c:14:ce:09:2c:59:d7:74:06:4e:38:84:24:bd:
2c:0f:9d:25:10:66:e5:cc:5d:24:7f:6a:29:83:99:c5:56:d9:
3e:0b:3d:25:40:86:e7:ca:1b:d6:86:54:e2:58:7b:79:73:9e:
6d:89:2b:19:66:16:46:00:4b:c0:b5:60:89:43:51:5e:28:a0:
35:3e:4d:33:23:6b:b9:b7:4e:71:a0:a6:09:bd:a1:e8:cf:a3:
3a:83:ab:17
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVtAbgdTJ6fmMXoykbQnc2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkM2VlMWE1MmE1ZDY1YjkwOTFkZTVhNWI0NjRmYjk3MDMy
ZDBlOWIwHhcNMjMwMTAxMTEwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWMzNWUzNmFmZGJlNThmNzZmYWQ4YjYyMjkxMjM2NTRkODgxMzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQXf81ljk2mobF6OUj/s2ftCzRCC
75w43qMHrF3ZGO7u5qbBIU29rTnXQL4Uj2ERT6Sm92wB+3WZSCCWkohvF7oknwBK
ZfjyhuHOisiBNACg1kbktiomRKuU2gtKbxZtHzqnE1dy/O+D82RjorntCIrlsFRR
P7+gBxu+ca1R1lGDLNzKsyVCt0lEdcAGzJtwca2yZfmr2N+In2SSSQH/9rliZwf5
XqCy9Nf71cnc0ornFaOoFsNaG1maNnAM3WBcMV+oOu3QMcd+Xv7teN2Jn3bCcDEm
Wyzc2/Ll5c9Szk+7IOzYsrl9/6XCro6Uc9jWQAquN1mc0/syPUdxehqZSwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFG7DXjav2+WPdvrYtiKRI2VNiBNFMB8GA1UdIwQY
MBaAFG0+4aUqXWW5CR3lpbRk+5cDLQ6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlQ3aHBTcGRaYmtKSGVXbHRHVDdsd010RHBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8xMmU3ZDUtM2EwZi00YmM2LTk2MTEt
MDU0MzVlZmQ4YmY2LzEvYnNOZU5xX2I1WTkyLXRpMklwRWpaVTJJRTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8xMmU3ZDUtM2EwZi00YmM2LTk2MTEtMDU0MzVlZmQ4YmY2
LzEvYlQ3aHBTcGRaYmtKSGVXbHRHVDdsd010RHBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBuQWGAwQA
wRBkAwQBwo+CAwQBw/ZiMA0EAgACMAcDBQAqABLwMA0GCSqGSIb3DQEBCwUAA4IB
AQAZUI7oo2+WxTh+UnOeXY3hl7NAxw0sXOJAw8g8KHDoV4K+yR1ND8jaOv043n8m
2BQLXequ1PbFllVR7MGGsyX5apBTSwGUN6a0zwNDt/kyh0cHNu2Upvk1g4OwE419
hxSkXb4K12UXBbJ1mDjF+a7YlF/Fv0EFXQoumG1p6bylX8LCXuKvURxiOHxUmcsa
uFHvFPkIkKFADkONu5KpAzpNp55QoBoBfBTOCSxZ13QGTjiEJL0sD50lEGblzF0k
f2opg5nFVtk+Cz0lQIbnyhvWhlTiWHt5c55tiSsZZhZGAEvAtWCJQ1FeKKA1Pk0z
I2u5t05xoKYJvaHoz6M6g6sX
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:00 2024 by rpki-client on console-ams.rpki-client.org