Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/dbf772-9396-4101-b3e8-43f9ab6734ec/1/bLbCVKHlVBq28rtKsqnZ-jT_qak.roa
File: bLbCVKHlVBq28rtKsqnZ-jT_qak.roa (raw, json)
Hash identifier: BIyY52aiukqkffVika9ct5Gz+AccNLIuevpWPYC0B38=
Subject key identifier: 6C:B6:C2:54:A1:E5:54:1A:B6:F2:BB:4A:B2:A9:D9:FA:34:FF:A9:A9
Certificate issuer: /CN=b538c7295bcd474b829e4e47eebcb0e093ce523a
Certificate serial: 0185709514813889FE411FAF32FEFA2CB401
Authority key identifier: B5:38:C7:29:5B:CD:47:4B:82:9E:4E:47:EE:BC:B0:E0:93:CE:52:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTjHKVvNR0uCnk5H7ryw4JPOUjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/dbf772-9396-4101-b3e8-43f9ab6734ec/1/bLbCVKHlVBq28rtKsqnZ-jT_qak.roa
Signing time: Mon 02 Jan 2023 03:44:56 +0000
ROA not before: Mon 02 Jan 2023 03:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210906
IP address blocks: 195.64.97.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:14:81:38:89:fe:41:1f:af:32:fe:fa:2c:b4:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b538c7295bcd474b829e4e47eebcb0e093ce523a
Validity
Not Before: Jan 2 03:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cb6c254a1e5541ab6f2bb4ab2a9d9fa34ffa9a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:0b:bb:ad:fa:7d:9c:a4:7b:3a:62:3c:70:92:
a6:06:23:64:ee:76:c6:2e:4f:52:61:1b:2a:b2:83:
19:05:88:dc:2a:43:9b:74:27:7e:41:67:04:1f:b3:
4a:64:24:04:42:f7:ed:91:c2:ad:75:0a:d0:91:6b:
6d:9d:90:2b:51:d3:98:b9:8d:97:b8:6d:eb:63:de:
22:de:97:fa:96:aa:da:c4:55:75:90:fa:3f:68:ed:
85:dd:68:b5:79:9d:0d:2f:35:b9:89:c0:07:bd:39:
93:a1:d7:bf:c7:e9:e6:e8:51:6c:f2:1b:a0:0e:49:
91:f5:04:e4:86:8f:25:72:40:f0:3c:1b:89:b7:fc:
01:c5:bb:f7:f4:f3:36:f7:31:c9:b8:6b:37:0b:81:
ca:b6:73:af:9c:e7:ac:b8:de:c1:be:7f:51:56:f0:
19:c2:56:b5:eb:79:5f:8b:fb:a8:52:81:b1:67:3a:
00:2c:63:1e:ee:47:fa:40:5d:a5:a0:1c:b1:c1:78:
9f:52:97:44:c1:8c:0f:98:d7:d5:d6:17:fa:56:39:
3d:4a:a6:81:8c:80:82:ff:27:86:6f:ef:7e:25:55:
11:29:45:50:4a:b7:15:25:3b:cd:f0:dc:c5:c5:b4:
ec:72:63:f7:5e:26:ae:47:ac:29:77:3d:22:00:f4:
2a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:B6:C2:54:A1:E5:54:1A:B6:F2:BB:4A:B2:A9:D9:FA:34:FF:A9:A9
X509v3 Authority Key Identifier:
keyid:B5:38:C7:29:5B:CD:47:4B:82:9E:4E:47:EE:BC:B0:E0:93:CE:52:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTjHKVvNR0uCnk5H7ryw4JPOUjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/dbf772-9396-4101-b3e8-43f9ab6734ec/1/bLbCVKHlVBq28rtKsqnZ-jT_qak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/dbf772-9396-4101-b3e8-43f9ab6734ec/1/tTjHKVvNR0uCnk5H7ryw4JPOUjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.97.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:80:58:1c:9c:16:d9:86:cd:ee:d6:a5:da:6c:c6:8c:5c:81:
43:6f:15:09:62:c4:9d:8d:73:da:f4:e7:b1:98:a4:8b:b7:29:
b6:c2:fc:70:a3:32:c0:e4:59:3b:fd:3b:8d:42:e1:a9:51:23:
da:ed:27:eb:1e:40:68:fe:02:c1:52:57:30:f3:97:f7:cb:c6:
3d:81:90:d6:af:a8:11:72:ef:23:7f:06:4b:67:c4:5f:ec:99:
f0:a9:65:9e:40:5a:ae:1a:df:72:25:72:c1:45:ed:55:88:4c:
77:87:c7:37:ea:f3:f2:a3:68:fd:04:57:44:1a:6c:72:10:81:
ed:0c:de:66:3f:91:ae:cb:ec:cb:98:60:3e:9e:09:7d:50:d0:
d9:1d:9f:b3:5e:7e:b6:f6:9a:73:75:c9:3c:25:ab:03:d9:9f:
26:50:24:b1:22:59:61:04:96:b0:c0:90:e8:ec:92:4c:0f:10:
1b:17:43:eb:e7:e3:d0:99:9e:65:14:50:5b:28:79:ea:43:6d:
bb:1a:ed:cd:57:2b:c7:e0:29:f4:ea:a5:3a:0e:3e:05:59:46:
e5:6b:ae:e5:aa:ec:0e:02:10:b6:33:98:ba:8b:b6:7d:1a:ab:
21:85:18:e3:73:0b:58:4e:dc:23:ac:da:08:8e:f1:5a:bf:76:
d8:95:6a:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlRSBOIn+QR+vMv76LLQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MzhjNzI5NWJjZDQ3NGI4MjllNGU0N2VlYmNiMGUwOTNj
ZTUyM2EwHhcNMjMwMTAyMDM0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2I2YzI1NGExZTU1NDFhYjZmMmJiNGFiMmE5ZDlmYTM0ZmZhOWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngu7rfp9nKR7OmI8cJKmBiNk7nbG
Lk9SYRsqsoMZBYjcKkObdCd+QWcEH7NKZCQEQvftkcKtdQrQkWttnZArUdOYuY2X
uG3rY94i3pf6lqraxFV1kPo/aO2F3Wi1eZ0NLzW5icAHvTmTode/x+nm6FFs8hug
DkmR9QTkho8lckDwPBuJt/wBxbv39PM29zHJuGs3C4HKtnOvnOesuN7Bvn9RVvAZ
wla163lfi/uoUoGxZzoALGMe7kf6QF2loByxwXifUpdEwYwPmNfV1hf6Vjk9SqaB
jICC/yeGb+9+JVURKUVQSrcVJTvN8NzFxbTscmP3XiauR6wpdz0iAPQqBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGy2wlSh5VQatvK7SrKp2fo0/6mpMB8GA1UdIwQY
MBaAFLU4xylbzUdLgp5OR+68sOCTzlI6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRqSEtWdk5SMHVDbms1SDdyeXc0SlBPVWpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYmY3NzItOTM5Ni00MTAxLWIzZTgt
NDNmOWFiNjczNGVjLzEvYkxiQ1ZLSGxWQnEyOHJ0S3NxblotalRfcWFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYmY3NzItOTM5Ni00MTAxLWIzZTgtNDNmOWFiNjczNGVj
LzEvdFRqSEtWdk5SMHVDbms1SDdyeXc0SlBPVWpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0BhMA0G
CSqGSIb3DQEBCwUAA4IBAQCtgFgcnBbZhs3u1qXabMaMXIFDbxUJYsSdjXPa9Oex
mKSLtym2wvxwozLA5Fk7/TuNQuGpUSPa7SfrHkBo/gLBUlcw85f3y8Y9gZDWr6gR
cu8jfwZLZ8Rf7JnwqWWeQFquGt9yJXLBRe1ViEx3h8c36vPyo2j9BFdEGmxyEIHt
DN5mP5Guy+zLmGA+ngl9UNDZHZ+zXn629ppzdck8JasD2Z8mUCSxIllhBJawwJDo
7JJMDxAbF0Pr5+PQmZ5lFFBbKHnqQ227Gu3NVyvH4Cn06qU6Dj4FWUbla67lquwO
AhC2M5i6i7Z9GqshhRjjcwtYTtwjrNoIjvFav3bYlWoT
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:57 2024 by rpki-client on console-fra.rpki-client.org