Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/BajVO0sGb3WTea1LjrmbxwbKKZM.roa
File: BajVO0sGb3WTea1LjrmbxwbKKZM.roa (raw, json)
Hash identifier: 8i1nUHPdjuZPSAxWT0l9i4UpzvmpfNqQ2cIe0o7CE2I=
Subject key identifier: 05:A8:D5:3B:4B:06:6F:75:93:79:AD:4B:8E:B9:9B:C7:06:CA:29:93
Certificate issuer: /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial: 0187BC8BF599EFFEAE92972A09B5E8A3D841
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/BajVO0sGb3WTea1LjrmbxwbKKZM.roa
Signing time: Wed 26 Apr 2023 07:51:41 +0000
ROA not before: Wed 26 Apr 2023 07:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 195.182.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bc:8b:f5:99:ef:fe:ae:92:97:2a:09:b5:e8:a3:d8:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Validity
Not Before: Apr 26 07:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05a8d53b4b066f759379ad4b8eb99bc706ca2993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:32:9b:07:61:fe:ce:8d:cd:2f:f2:23:fd:c1:
dc:7e:37:d5:c5:45:f7:f1:45:85:a3:c0:dd:78:10:
38:90:b7:33:ad:f1:77:e4:8b:2d:03:cc:62:0e:80:
77:05:53:20:fc:50:18:74:4b:3e:bb:db:68:87:a6:
33:f5:ae:38:62:e0:70:dc:f8:b3:11:e2:bb:90:4d:
2c:20:2f:ac:cd:59:42:b3:0e:38:3e:d5:e0:0e:f2:
f2:b1:8c:ad:76:01:e0:e1:22:9f:a0:57:12:30:8f:
b5:d0:18:95:c3:f9:83:db:4e:5c:79:84:1f:e2:c8:
ab:64:ce:b1:c2:f4:a1:36:ff:61:59:95:da:9f:a5:
93:3e:31:a8:d1:d2:bf:a0:e5:52:1a:cb:f9:a5:8b:
92:23:96:d1:91:ce:38:1a:3f:48:24:5a:ad:72:14:
b1:13:e4:fe:cc:f1:18:30:63:a1:0c:37:a6:d0:44:
36:34:c3:9a:00:eb:08:a2:ed:a2:d4:f9:74:0f:82:
c1:94:98:ca:f9:b9:75:aa:80:13:6a:64:20:e6:d8:
2b:8f:c1:2d:7c:c4:9b:61:3a:46:7d:83:50:e6:60:
dc:d0:44:5d:42:cb:4e:e1:26:ec:50:bf:bf:4a:ea:
14:2f:6d:21:5b:03:e3:b0:8e:28:8c:0d:d2:6c:37:
3a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A8:D5:3B:4B:06:6F:75:93:79:AD:4B:8E:B9:9B:C7:06:CA:29:93
X509v3 Authority Key Identifier:
keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/BajVO0sGb3WTea1LjrmbxwbKKZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.182.198.0/24
Signature Algorithm: sha256WithRSAEncryption
21:76:a2:c6:c0:e4:ec:45:87:1f:f8:63:cb:f1:6f:3e:c3:5c:
e3:1c:9f:27:73:41:29:ad:fa:5b:2b:5f:4b:e2:ff:85:45:e6:
16:cb:51:d1:fd:4e:ee:61:c3:a9:9f:2a:fa:6a:e0:c6:43:93:
e6:15:ed:18:2e:2b:13:3a:f1:3b:be:e1:1c:d1:c8:93:0b:4f:
8a:d3:00:de:43:d3:de:34:e8:68:17:d2:e5:3a:22:cd:ce:f9:
5d:11:29:91:54:17:92:92:17:9e:07:ad:48:26:c8:cb:0c:62:
48:e1:0f:dc:6c:ce:35:c4:02:15:a1:a5:70:2d:1a:6a:92:c1:
4c:b8:92:a6:6a:e8:bf:4a:1f:03:ef:06:56:fc:b4:6d:93:33:
d2:cb:44:5f:49:6d:45:08:01:85:78:91:79:97:fb:5d:33:92:
b6:d1:af:b5:07:6d:81:4b:b8:7f:49:57:82:d5:59:9f:97:05:
9d:f4:6c:85:1a:7c:b0:cc:b5:d6:eb:3b:8d:71:a9:36:2a:a2:
ae:77:db:bc:c7:e7:6e:ed:44:46:fa:15:0c:df:56:d2:fd:e5:
33:7e:bf:16:eb:64:65:8c:78:5e:4a:6e:17:34:ce:88:97:28:
28:1e:ba:dc:fb:8d:45:a3:7f:78:5a:2a:c6:c7:33:35:6f:76:
6a:5c:4d:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe8i/WZ7/6ukpcqCbXoo9hBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjMwNDI2MDc1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWE4ZDUzYjRiMDY2Zjc1OTM3OWFkNGI4ZWI5OWJjNzA2Y2EyOTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jKbB2H+zo3NL/Ij/cHcfjfVxUX3
8UWFo8DdeBA4kLczrfF35IstA8xiDoB3BVMg/FAYdEs+u9toh6Yz9a44YuBw3Piz
EeK7kE0sIC+szVlCsw44PtXgDvLysYytdgHg4SKfoFcSMI+10BiVw/mD205ceYQf
4sirZM6xwvShNv9hWZXan6WTPjGo0dK/oOVSGsv5pYuSI5bRkc44Gj9IJFqtchSx
E+T+zPEYMGOhDDem0EQ2NMOaAOsIou2i1Pl0D4LBlJjK+bl1qoATamQg5tgrj8Et
fMSbYTpGfYNQ5mDc0ERdQstO4SbsUL+/SuoUL20hWwPjsI4ojA3SbDc6kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAWo1TtLBm91k3mtS465m8cGyimTMB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEvQmFqVk8wc0diM1dUZWExTGpybWJ4d2JLS1pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7bGMA0G
CSqGSIb3DQEBCwUAA4IBAQAhdqLGwOTsRYcf+GPL8W8+w1zjHJ8nc0EprfpbK19L
4v+FReYWy1HR/U7uYcOpnyr6auDGQ5PmFe0YLisTOvE7vuEc0ciTC0+K0wDeQ9Pe
NOhoF9LlOiLNzvldESmRVBeSkheeB61IJsjLDGJI4Q/cbM41xAIVoaVwLRpqksFM
uJKmaui/Sh8D7wZW/LRtkzPSy0RfSW1FCAGFeJF5l/tdM5K20a+1B22BS7h/SVeC
1VmflwWd9GyFGnywzLXW6zuNcak2KqKud9u8x+du7URG+hUM31bS/eUzfr8W62Rl
jHheSm4XNM6IlygoHrrc+41Fo394WirGxzM1b3ZqXE3e
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:24 2024 by rpki-client on console-ams.rpki-client.org