Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/BiTSXKrozcX5zmvjMws0eyhB-7g.roa
File: BiTSXKrozcX5zmvjMws0eyhB-7g.roa (raw, json)
Hash identifier: ctH8ad0709HL5P9tJ3cRBNUmybvMzt6SoRxpeXCaVaA=
Subject key identifier: 06:24:D2:5C:AA:E8:CD:C5:F9:CE:6B:E3:33:0B:34:7B:28:41:FB:B8
Certificate issuer: /CN=57e2b86a33c9f97214536d8ca2919d7f3c3800ce
Certificate serial: 018A08716A1BAB821694D8BFF41A8048934C
Authority key identifier: 57:E2:B8:6A:33:C9:F9:72:14:53:6D:8C:A2:91:9D:7F:3C:38:00:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V-K4ajPJ-XIUU22MopGdfzw4AM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/BiTSXKrozcX5zmvjMws0eyhB-7g.roa
Signing time: Fri 18 Aug 2023 11:39:24 +0000
ROA not before: Fri 18 Aug 2023 11:39:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39700
IP address blocks: 185.42.72.0/22 maxlen: 24
2a01:5be0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:08:71:6a:1b:ab:82:16:94:d8:bf:f4:1a:80:48:93:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57e2b86a33c9f97214536d8ca2919d7f3c3800ce
Validity
Not Before: Aug 18 11:39:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0624d25caae8cdc5f9ce6be3330b347b2841fbb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:8b:80:0b:25:d1:53:94:7d:69:05:97:65:be:
25:36:c1:f1:c6:3d:83:02:23:d4:46:a1:4b:f1:a4:
c2:28:a2:6a:af:88:f4:b6:f0:9e:4b:9f:e3:2d:30:
17:a0:3a:ed:10:82:c6:26:75:b5:9b:3f:7f:47:41:
04:83:9c:78:71:9f:97:27:2f:61:0e:0e:41:38:dc:
1b:5a:44:85:e2:6d:67:ce:3c:97:23:56:7f:c9:5a:
fb:e0:e4:58:93:b5:60:8d:22:46:1b:35:c3:05:c1:
c8:2a:06:b0:e5:0b:f7:6d:54:c1:55:6e:12:14:a4:
8e:5b:c0:27:bd:91:58:e8:f7:f6:eb:27:a3:47:00:
d7:1f:0e:1c:71:28:ff:38:5f:22:ce:51:7c:b5:87:
d1:18:71:91:f2:50:00:b9:cb:f3:4e:96:2f:70:90:
24:bd:f5:78:6c:15:a2:1c:e9:fe:e8:11:b1:01:cc:
b5:cd:de:a2:f8:7f:41:e7:30:ce:d4:6a:81:73:8e:
e7:34:81:d8:3a:8b:94:0d:88:11:88:d8:45:70:86:
1d:07:b8:48:e1:46:2a:25:65:8b:15:47:d8:c3:64:
1a:df:81:51:9a:4a:3d:33:c2:dd:f4:dd:95:f6:a1:
34:27:04:a1:35:a1:d6:5f:e1:05:85:71:3f:de:3b:
de:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:24:D2:5C:AA:E8:CD:C5:F9:CE:6B:E3:33:0B:34:7B:28:41:FB:B8
X509v3 Authority Key Identifier:
keyid:57:E2:B8:6A:33:C9:F9:72:14:53:6D:8C:A2:91:9D:7F:3C:38:00:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V-K4ajPJ-XIUU22MopGdfzw4AM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/BiTSXKrozcX5zmvjMws0eyhB-7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/V-K4ajPJ-XIUU22MopGdfzw4AM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.72.0/22
IPv6:
2a01:5be0::/32
Signature Algorithm: sha256WithRSAEncryption
ad:5f:a1:04:99:88:ec:cd:1e:2d:1d:ef:a8:63:cc:fa:e7:70:
38:d0:04:83:60:5f:0e:47:f1:41:45:3d:62:18:b3:71:51:15:
db:9f:91:26:52:5c:ae:3e:5e:91:a3:6a:ea:73:4c:76:b7:e9:
73:07:f0:81:25:7c:5e:99:df:f8:21:89:ee:fe:ce:94:e5:fc:
3d:56:49:93:a8:c4:04:9a:05:fe:f6:af:36:ba:48:56:4c:da:
35:ef:40:a6:72:6f:da:be:0f:fc:d9:52:9b:c1:f6:df:66:b5:
fe:45:b2:16:66:d0:8d:07:b7:61:14:16:77:e0:fc:31:53:cf:
15:ca:0f:bf:9a:b5:c8:5c:cf:67:ba:cc:9e:c0:29:f1:b8:b1:
dc:e9:af:46:d4:b4:aa:42:36:c3:fa:18:db:a4:ed:9e:0a:eb:
fa:75:31:d1:89:18:ef:04:6e:1c:e0:7d:de:ea:61:9c:8a:00:
ca:1a:b7:e9:cb:0d:e6:21:50:59:db:f5:3e:77:21:2b:38:14:
6e:22:98:0d:07:28:c6:b5:3d:d8:4f:76:52:06:38:85:01:08:
30:e1:33:9a:f7:97:48:1b:78:22:ce:87:5f:f7:4e:48:7f:62:
66:7f:f0:f5:e0:4b:87:3a:e2:bf:48:44:df:8b:12:f5:28:d2:
56:47:7d:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYoIcWobq4IWlNi/9BqASJNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3ZTJiODZhMzNjOWY5NzIxNDUzNmQ4Y2EyOTE5ZDdmM2Mz
ODAwY2UwHhcNMjMwODE4MTEzOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjI0ZDI1Y2FhZThjZGM1ZjljZTZiZTMzMzBiMzQ3YjI4NDFmYmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IuACyXRU5R9aQWXZb4lNsHxxj2D
AiPURqFL8aTCKKJqr4j0tvCeS5/jLTAXoDrtEILGJnW1mz9/R0EEg5x4cZ+XJy9h
Dg5BONwbWkSF4m1nzjyXI1Z/yVr74ORYk7VgjSJGGzXDBcHIKgaw5Qv3bVTBVW4S
FKSOW8AnvZFY6Pf26yejRwDXHw4ccSj/OF8izlF8tYfRGHGR8lAAucvzTpYvcJAk
vfV4bBWiHOn+6BGxAcy1zd6i+H9B5zDO1GqBc47nNIHYOouUDYgRiNhFcIYdB7hI
4UYqJWWLFUfYw2Qa34FRmko9M8Ld9N2V9qE0JwShNaHWX+EFhXE/3jveKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAYk0lyq6M3F+c5r4zMLNHsoQfu4MB8GA1UdIwQY
MBaAFFfiuGozyflyFFNtjKKRnX88OADOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVi1LNGFqUEotWElVVTIyTW9wR2Rmenc0QU00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi82MTQ5YTUtYzhkZS00YzYxLWJlYjct
MjIwMTIwM2EwYmFiLzEvQmlUU1hLcm96Y1g1em12ak13czBleWhCLTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi82MTQ5YTUtYzhkZS00YzYxLWJlYjctMjIwMTIwM2EwYmFi
LzEvVi1LNGFqUEotWElVVTIyTW9wR2Rmenc0QU00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSpIMA0E
AgACMAcDBQAqAVvgMA0GCSqGSIb3DQEBCwUAA4IBAQCtX6EEmYjszR4tHe+oY8z6
53A40ASDYF8OR/FBRT1iGLNxURXbn5EmUlyuPl6Ro2rqc0x2t+lzB/CBJXxemd/4
IYnu/s6U5fw9VkmTqMQEmgX+9q82ukhWTNo170Cmcm/avg/82VKbwfbfZrX+RbIW
ZtCNB7dhFBZ34PwxU88Vyg+/mrXIXM9nusyewCnxuLHc6a9G1LSqQjbD+hjbpO2e
Cuv6dTHRiRjvBG4c4H3e6mGcigDKGrfpyw3mIVBZ2/U+dyErOBRuIpgNByjGtT3Y
T3ZSBjiFAQgw4TOa95dIG3gizodf905If2Jmf/D14EuHOuK/SETfixL1KNJWR33c
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:28 2024 by rpki-client on console-fra.rpki-client.org