Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/bfNPMvdCxgii3zt8colxL6TgnOQ.roa
File: bfNPMvdCxgii3zt8colxL6TgnOQ.roa (raw, json)
Hash identifier: LpsX5DQ+hO7mEyn93T7j9KW4whydKr3/cyFgiWZBybQ=
Subject key identifier: 6D:F3:4F:32:F7:42:C6:08:A2:DF:3B:7C:72:89:71:2F:A4:E0:9C:E4
Certificate issuer: /CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Certificate serial: 01920A2817A904C5D1892335FC49B4623A34
Authority key identifier: 9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/bfNPMvdCxgii3zt8colxL6TgnOQ.roa
Signing time: Thu 19 Sep 2024 12:00:52 +0000
ROA not before: Thu 19 Sep 2024 12:00:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 84.247.105.0/24 maxlen: 24
89.149.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0a:28:17:a9:04:c5:d1:89:23:35:fc:49:b4:62:3a:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Validity
Not Before: Sep 19 12:00:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6df34f32f742c608a2df3b7c7289712fa4e09ce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d0:15:91:69:a2:ba:8e:8d:b4:a6:2b:f3:31:
e3:e7:84:b9:4c:45:ac:d3:9f:cf:e3:ae:83:94:7d:
db:f5:27:0a:0f:a7:04:e6:c9:90:9a:2b:76:77:0c:
c6:3a:7f:d5:d6:60:c9:d8:11:dc:5e:83:53:39:e2:
7a:00:f9:2e:84:82:74:50:54:0d:02:ec:e6:e5:36:
ce:c2:65:e9:7b:28:46:9d:8f:84:cb:6f:54:f9:46:
49:6e:b5:ca:1b:de:61:b3:32:c1:3f:9a:77:48:96:
bf:ed:92:af:a1:f2:24:80:a2:36:11:22:66:cf:55:
6c:80:55:2c:68:db:66:f5:de:db:d5:39:f0:c9:10:
0b:ad:fc:80:9a:90:e5:f3:8a:d4:08:08:9c:26:69:
a8:75:da:a7:1d:2d:d6:7a:5d:0b:1d:80:48:49:81:
ad:eb:4a:2a:c2:6c:85:9d:55:5f:e5:6e:7f:c3:f0:
de:fe:63:45:83:14:c0:b4:f2:f7:24:60:12:f7:f8:
70:ea:9d:89:16:e8:92:a7:df:51:c7:3e:06:d9:7d:
29:23:55:e2:06:73:42:98:d2:91:ab:89:28:c3:ba:
53:2c:c4:40:fa:de:b2:4e:0b:ff:a3:7a:00:ea:53:
17:3d:4e:c5:99:f1:ef:68:54:c7:2d:44:54:fe:25:
1a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F3:4F:32:F7:42:C6:08:A2:DF:3B:7C:72:89:71:2F:A4:E0:9C:E4
X509v3 Authority Key Identifier:
keyid:9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/bfNPMvdCxgii3zt8colxL6TgnOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.105.0/24
89.149.52.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:06:12:cb:79:ff:30:cf:bf:6c:36:24:49:67:dd:66:8a:5f:
49:2f:e1:24:e3:7a:64:66:92:26:0a:5c:ea:ec:04:71:2e:94:
5d:13:71:ae:01:40:41:68:62:37:50:be:c6:ca:16:fb:58:2d:
97:28:80:d0:13:c4:4d:76:a8:f1:74:6f:8b:ff:ce:25:8a:1b:
68:26:f3:d9:3d:f0:7d:11:49:af:f9:81:92:f3:4c:5c:57:b6:
14:8d:61:ac:27:5f:9f:21:2b:9a:a0:82:72:da:5d:cb:d0:cd:
09:82:ce:fe:85:ce:65:6c:ce:8a:26:9e:79:6a:bb:23:87:dc:
80:9d:34:a3:a9:50:8a:2f:cf:52:a4:60:47:d5:37:93:ab:f2:
57:ad:75:0a:0f:e8:9d:d8:19:77:51:50:fb:40:9f:b8:f4:ee:
b2:b3:2b:ed:66:37:08:c0:08:dc:27:2a:ae:86:88:c5:47:1c:
0f:aa:67:a9:07:2d:4d:c8:b2:4a:38:ed:00:85:82:99:9e:e2:
2a:73:82:4b:de:0d:a6:7d:d6:3a:ce:38:47:09:65:d5:87:d5:
71:84:d2:4c:57:b4:63:26:c7:f0:0b:58:57:b7:7e:ae:b5:00:
8a:ea:69:cc:3c:fd:01:80:b0:13:29:1d:f1:26:aa:a2:75:c4:
b2:bf:c5:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIKKBepBMXRiSM1/Em0Yjo0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDU5YWE0NjAyYmZmYTJkMjY1MGJhNjY4MTg0NThjODlm
YzQ1ODIwHhcNMjQwOTE5MTIwMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGYzNGYzMmY3NDJjNjA4YTJkZjNiN2M3Mjg5NzEyZmE0ZTA5Y2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdAVkWmiuo6NtKYr8zHj54S5TEWs
05/P466DlH3b9ScKD6cE5smQmit2dwzGOn/V1mDJ2BHcXoNTOeJ6APkuhIJ0UFQN
Auzm5TbOwmXpeyhGnY+Ey29U+UZJbrXKG95hszLBP5p3SJa/7ZKvofIkgKI2ESJm
z1VsgFUsaNtm9d7b1TnwyRALrfyAmpDl84rUCAicJmmoddqnHS3Wel0LHYBISYGt
60oqwmyFnVVf5W5/w/De/mNFgxTAtPL3JGAS9/hw6p2JFuiSp99Rxz4G2X0pI1Xi
BnNCmNKRq4kow7pTLMRA+t6yTgv/o3oA6lMXPU7FmfHvaFTHLURU/iUaKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG3zTzL3QsYIot87fHKJcS+k4JzkMB8GA1UdIwQY
MBaAFJ5FmqRgK/+i0mULpmgYRYyJ/EWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWIt
MjhhODQxZGEwYmZkLzEvYmZOUE12ZEN4Z2lpM3p0OGNvbHhMNlRnbk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWItMjhhODQxZGEwYmZk
LzEvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVPdpAwQA
WZU0MA0GCSqGSIb3DQEBCwUAA4IBAQC4BhLLef8wz79sNiRJZ91mil9JL+Ek43pk
ZpImClzq7ARxLpRdE3GuAUBBaGI3UL7Gyhb7WC2XKIDQE8RNdqjxdG+L/84lihto
JvPZPfB9EUmv+YGS80xcV7YUjWGsJ1+fISuaoIJy2l3L0M0Jgs7+hc5lbM6KJp55
arsjh9yAnTSjqVCKL89SpGBH1TeTq/JXrXUKD+id2Bl3UVD7QJ+49O6ysyvtZjcI
wAjcJyquhojFRxwPqmepBy1NyLJKOO0AhYKZnuIqc4JL3g2mfdY6zjhHCWXVh9Vx
hNJMV7RjJsfwC1hXt36utQCK6mnMPP0BgLATKR3xJqqidcSyv8Xp
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:51:21 2025 by rpki-client