Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/bHNr9-roaaEiecL8JQk-yL3K6ZE.roa
File: bHNr9-roaaEiecL8JQk-yL3K6ZE.roa (raw, json)
Hash identifier: ltlTLCAAqOk8LbB0gYFs+XPB4IJwPJBk+qUClWwfs5k=
Subject key identifier: 6C:73:6B:F7:EA:E8:69:A1:22:79:C2:FC:25:09:3E:C8:BD:CA:E9:91
Certificate issuer: /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial: 018BF78664AF22887ACB388941EABD4B87E0
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/bHNr9-roaaEiecL8JQk-yL3K6ZE.roa
Signing time: Wed 22 Nov 2023 14:54:21 +0000
ROA not before: Wed 22 Nov 2023 14:54:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 146.19.162.0/24 maxlen: 24
45.94.220.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f7:86:64:af:22:88:7a:cb:38:89:41:ea:bd:4b:87:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Validity
Not Before: Nov 22 14:54:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c736bf7eae869a12279c2fc25093ec8bdcae991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b8:9d:37:53:59:d4:8e:b7:3d:ac:e4:8f:7d:
29:7b:50:a7:f9:74:40:1a:06:3d:dd:d0:14:8b:7f:
f4:04:bf:c8:8a:09:dc:09:7b:70:65:33:ce:34:52:
8d:4d:43:89:f3:fa:d1:a4:d9:e4:d7:6b:ac:d9:5a:
84:c2:8e:50:bd:c1:c2:55:56:9f:36:69:e2:34:fc:
e6:21:c4:f8:27:5e:3d:2e:6d:d6:8d:5a:e9:21:69:
c3:78:e4:b7:93:f5:65:e4:fd:4d:cc:ca:f2:21:25:
96:9e:4d:1c:0d:7b:d6:d8:cb:49:19:47:57:43:f0:
c1:5e:72:6c:8c:af:0e:e6:1d:1d:de:2d:fe:7c:2b:
16:1b:a2:0a:ba:ff:e9:5b:23:9d:98:08:90:95:30:
24:85:4b:48:e4:29:f1:c3:e2:e4:a3:5f:a4:59:f0:
aa:63:ee:f7:47:21:9a:ea:44:2c:b9:49:b7:a5:e9:
2c:ad:30:aa:20:23:74:8a:2f:79:ce:96:f2:7e:3f:
b9:01:28:8e:af:d8:93:bb:c3:d7:af:eb:61:6e:19:
06:99:58:c2:81:75:42:3d:3c:e9:0f:26:9b:6d:e2:
21:a3:f1:f8:5c:34:ed:35:7b:f8:16:44:c0:d9:e3:
dc:30:88:ea:a2:8c:f8:74:29:0d:5a:5c:8a:9b:a2:
7d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:73:6B:F7:EA:E8:69:A1:22:79:C2:FC:25:09:3E:C8:BD:CA:E9:91
X509v3 Authority Key Identifier:
keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/bHNr9-roaaEiecL8JQk-yL3K6ZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.220.0/22
146.19.162.0/24
Signature Algorithm: sha256WithRSAEncryption
73:99:5a:b4:ef:6e:91:cf:72:15:ff:8d:3a:6a:fe:f6:8d:7e:
76:d4:11:17:89:11:fc:1f:cc:ee:a4:06:9f:57:bf:83:92:ee:
5c:89:ad:81:9f:d9:6a:19:5a:3c:9b:b8:57:0c:d1:4e:9d:cc:
35:ba:6d:6b:c6:bc:e7:ac:b2:25:52:bf:e4:e3:7d:f0:a0:ec:
ed:a7:a9:7d:76:98:a7:e3:20:9d:b9:f3:01:b7:00:97:e5:5e:
6a:19:0a:3e:80:87:94:d2:fc:04:6b:71:1c:a4:21:ed:e3:13:
bd:72:7d:06:40:7a:21:9b:a6:ef:5f:d1:0f:6f:50:74:e0:75:
e2:0e:c4:6b:5f:6a:79:66:aa:35:bf:78:17:96:0b:0a:21:f2:
8f:66:31:0f:7e:c5:cb:5a:e5:59:ac:34:54:17:f4:af:c8:5b:
0f:32:a6:c5:32:7f:27:9a:c9:05:8d:4c:1e:19:fc:41:7b:09:
7a:6e:ba:15:32:7d:39:f0:65:6f:e0:50:fb:c1:78:fe:f6:b7:
d6:b2:5a:13:33:f7:82:47:4b:0f:55:c3:f6:d6:2d:56:1d:69:
d4:c0:ca:5e:2f:bf:74:52:41:39:bc:1d:2c:ac:c2:74:39:5e:
6e:a0:d4:b2:4a:76:74:ad:e3:25:03:c4:14:eb:a9:70:e9:50:
de:91:94:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYv3hmSvIoh6yziJQeq9S4fgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjMxMTIyMTQ1NDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzczNmJmN2VhZTg2OWExMjI3OWMyZmMyNTA5M2VjOGJkY2FlOTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmridN1NZ1I63Pazkj30pe1Cn+XRA
GgY93dAUi3/0BL/IigncCXtwZTPONFKNTUOJ8/rRpNnk12us2VqEwo5QvcHCVVaf
NmniNPzmIcT4J149Lm3WjVrpIWnDeOS3k/Vl5P1NzMryISWWnk0cDXvW2MtJGUdX
Q/DBXnJsjK8O5h0d3i3+fCsWG6IKuv/pWyOdmAiQlTAkhUtI5Cnxw+Lko1+kWfCq
Y+73RyGa6kQsuUm3peksrTCqICN0ii95zpbyfj+5ASiOr9iTu8PXr+thbhkGmVjC
gXVCPTzpDyabbeIho/H4XDTtNXv4FkTA2ePcMIjqooz4dCkNWlyKm6J9bwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGxza/fq6GmhInnC/CUJPsi9yumRMB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEvYkhOcjktcm9hYUVpZWNMOEpRay15TDNLNlpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLV7cAwQA
khOiMA0GCSqGSIb3DQEBCwUAA4IBAQBzmVq0726Rz3IV/406av72jX521BEXiRH8
H8zupAafV7+Dku5cia2Bn9lqGVo8m7hXDNFOncw1um1rxrznrLIlUr/k433woOzt
p6l9dpin4yCdufMBtwCX5V5qGQo+gIeU0vwEa3EcpCHt4xO9cn0GQHohm6bvX9EP
b1B04HXiDsRrX2p5Zqo1v3gXlgsKIfKPZjEPfsXLWuVZrDRUF/SvyFsPMqbFMn8n
mskFjUweGfxBewl6broVMn058GVv4FD7wXj+9rfWsloTM/eCR0sPVcP21i1WHWnU
wMpeL790UkE5vB0srMJ0OV5uoNSySnZ0reMlA8QU66lw6VDekZSI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:14 2024 by rpki-client on console-ams.rpki-client.org