Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/BJkHVEZMTpSnJBrek7gaQ21d-M4.roa
File: BJkHVEZMTpSnJBrek7gaQ21d-M4.roa (raw, json)
Hash identifier: +hPQMEcurpMJrDqp5hQVwKC4sRwRA3YhSmVyr/y/6vo=
Subject key identifier: 04:99:07:54:46:4C:4E:94:A7:24:1A:DE:93:B8:1A:43:6D:5D:F8:CE
Certificate issuer: /CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Certificate serial: 019196CA8EDB2AF11033455C70A03BDEE9C9
Authority key identifier: 1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/BJkHVEZMTpSnJBrek7gaQ21d-M4.roa
Signing time: Wed 28 Aug 2024 02:22:22 +0000
ROA not before: Wed 28 Aug 2024 02:22:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.138.234.0/24 maxlen: 24
185.138.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 01:44:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:96:ca:8e:db:2a:f1:10:33:45:5c:70:a0:3b:de:e9:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Validity
Not Before: Aug 28 02:22:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04990754464c4e94a7241ade93b81a436d5df8ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ae:04:47:d4:20:90:b3:83:b2:8b:29:33:30:
28:19:26:38:e1:9c:b8:ee:17:25:62:7a:30:eb:49:
cf:46:97:d3:fa:ab:64:bd:5e:0c:17:c3:dd:ee:6a:
65:33:51:70:22:1b:ae:de:27:33:17:3e:d8:4c:21:
cb:bc:9f:ec:b1:3d:62:4f:73:33:77:cc:cf:22:09:
f1:10:23:3d:39:1c:b2:a1:f4:82:6a:cd:98:44:6b:
a3:47:e7:c0:82:77:ab:59:4f:39:28:f9:93:ca:8e:
0e:c5:20:1a:d0:8f:5a:f8:a0:e2:cd:8b:21:6e:6a:
cb:40:2d:99:c4:ca:66:5f:92:7a:42:f0:5e:82:5d:
32:5c:43:8f:23:64:ef:be:1b:8c:96:08:b8:ff:84:
e5:e1:4d:45:81:20:d4:11:ec:80:9e:4b:94:e5:08:
a1:ee:b8:28:79:38:2f:0a:8d:91:ad:42:84:2c:0c:
d7:c7:b7:cc:6e:b1:ef:91:44:84:84:af:8b:93:71:
fd:d3:88:19:92:dc:00:46:72:91:72:a9:5d:fb:d6:
be:33:11:1f:47:40:01:05:30:46:f1:7c:38:da:9e:
d4:32:e9:b8:d3:89:a6:6e:fc:c3:c8:5a:9b:39:d1:
ff:ec:36:d3:90:60:b2:06:d5:bd:c5:8f:88:a8:ca:
cb:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:99:07:54:46:4C:4E:94:A7:24:1A:DE:93:B8:1A:43:6D:5D:F8:CE
X509v3 Authority Key Identifier:
keyid:1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/BJkHVEZMTpSnJBrek7gaQ21d-M4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.234.0/23
Signature Algorithm: sha256WithRSAEncryption
37:a4:b2:ea:8b:20:12:d9:7d:a4:4a:0d:bf:f9:f4:f3:e6:64:
36:d8:51:68:ae:58:44:6d:08:f4:4b:1a:11:19:c1:95:4b:5c:
a8:94:2b:67:11:1e:44:98:ee:73:27:15:23:c6:1f:c8:c5:3d:
5b:e0:b1:4d:1a:34:5c:51:53:86:1e:67:74:e5:a6:ae:48:9d:
e6:2d:5a:35:8c:f6:e6:9d:ee:92:ff:b8:12:dd:b0:f3:8e:05:
a5:70:dc:c0:ba:9f:7c:01:97:ba:43:92:56:a1:01:70:f4:2f:
82:99:84:a2:52:df:fc:52:10:6b:05:44:c7:c8:8f:94:c7:49:
eb:6b:bd:b1:6e:d7:81:20:a4:79:55:69:70:86:6d:a7:e6:23:
3e:62:e3:3b:a0:38:17:f1:36:18:f8:85:d6:96:8c:ba:14:7b:
dd:e6:e6:c0:4d:08:8c:71:3c:ea:9d:96:6a:dd:7a:1f:7a:18:
55:36:6f:b7:d1:25:82:be:84:9f:7e:a7:93:bf:d9:d7:64:4a:
64:eb:a2:68:c2:07:6a:82:f6:5f:0d:2e:a3:42:dc:c3:40:f3:
29:b2:3a:78:20:60:a2:c3:14:7a:8f:50:12:9a:10:51:5e:0f:
4c:83:3c:f9:6c:8e:30:05:18:55:0e:84:8b:5f:38:ed:06:15:
9e:16:40:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGWyo7bKvEQM0VccKA73unJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDZhODJiYjExNWQ3MzkzZTM5ZmQ1OGI3M2JiZjIwZjZj
ZDBiMWYwHhcNMjQwODI4MDIyMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDk5MDc1NDQ2NGM0ZTk0YTcyNDFhZGU5M2I4MWE0MzZkNWRmOGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAna4ER9QgkLODsospMzAoGSY44Zy4
7hclYnow60nPRpfT+qtkvV4MF8Pd7mplM1FwIhuu3iczFz7YTCHLvJ/ssT1iT3Mz
d8zPIgnxECM9ORyyofSCas2YRGujR+fAgnerWU85KPmTyo4OxSAa0I9a+KDizYsh
bmrLQC2ZxMpmX5J6QvBegl0yXEOPI2TvvhuMlgi4/4Tl4U1FgSDUEeyAnkuU5Qih
7rgoeTgvCo2RrUKELAzXx7fMbrHvkUSEhK+Lk3H904gZktwARnKRcqld+9a+MxEf
R0ABBTBG8Xw42p7UMum404mmbvzDyFqbOdH/7DbTkGCyBtW9xY+IqMrL2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFASZB1RGTE6UpyQa3pO4GkNtXfjOMB8GA1UdIwQY
MBaAFBwGqCuxFdc5Pjn9WLc7vyD2zQsfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUt
NzI2MDU3YTFmMmE0LzEvQkprSFZFWk1UcFNuSkJyZWs3Z2FRMjFkLU00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUtNzI2MDU3YTFmMmE0
LzEvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYrqMA0G
CSqGSIb3DQEBCwUAA4IBAQA3pLLqiyAS2X2kSg2/+fTz5mQ22FForlhEbQj0SxoR
GcGVS1yolCtnER5EmO5zJxUjxh/IxT1b4LFNGjRcUVOGHmd05aauSJ3mLVo1jPbm
ne6S/7gS3bDzjgWlcNzAup98AZe6Q5JWoQFw9C+CmYSiUt/8UhBrBUTHyI+Ux0nr
a72xbteBIKR5VWlwhm2n5iM+YuM7oDgX8TYY+IXWloy6FHvd5ubATQiMcTzqnZZq
3XofehhVNm+30SWCvoSffqeTv9nXZEpk66JowgdqgvZfDS6jQtzDQPMpsjp4IGCi
wxR6j1ASmhBRXg9Mgzz5bI4wBRhVDoSLXzjtBhWeFkBQ
-----END CERTIFICATE-----
Generated at Tue Sep 17 06:37:42 2024 by rpki-client on console-ams.rpki-client.org