Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/266e62-9498-46e0-a14c-5755b2f10418/1/1-_8oq1NMQqBcMeLe9vs-51CMUuw.roa
File: 1-_8oq1NMQqBcMeLe9vs-51CMUuw.roa (raw, json)
Hash identifier: kvb3TOlcGfZ7gGEv88/XXY+Jue3h0LlzvPDbXHrvcNo=
Subject key identifier: FB:FF:28:AB:53:4C:42:A0:5C:31:E2:DE:F6:FB:3E:E7:50:8C:52:EC
Certificate issuer: /CN=bf0dc1449316b6567c3e1e374b82ed892b5d0f63
Certificate serial: 0188960025B9CA22590DC3352BA1A8326B17
Authority key identifier: BF:0D:C1:44:93:16:B6:56:7C:3E:1E:37:4B:82:ED:89:2B:5D:0F:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vw3BRJMWtlZ8Ph43S4LtiStdD2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/266e62-9498-46e0-a14c-5755b2f10418/1/1-_8oq1NMQqBcMeLe9vs-51CMUuw.roa
Signing time: Wed 07 Jun 2023 13:16:11 +0000
ROA not before: Wed 07 Jun 2023 13:16:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213065
IP address blocks: 145.84.1.0/24 maxlen: 24
145.84.2.0/24 maxlen: 24
145.84.3.0/24 maxlen: 24
145.84.0.0/24 maxlen: 24
145.84.24.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:96:00:25:b9:ca:22:59:0d:c3:35:2b:a1:a8:32:6b:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf0dc1449316b6567c3e1e374b82ed892b5d0f63
Validity
Not Before: Jun 7 13:16:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbff28ab534c42a05c31e2def6fb3ee7508c52ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a4:82:61:d2:bf:79:ad:cc:74:d9:71:24:02:
1b:69:cb:21:ca:ed:b9:10:54:33:49:e7:2b:0a:80:
a3:18:6e:f1:37:27:7b:53:43:05:24:44:d8:c8:dd:
64:90:3a:83:77:9f:b8:8e:7c:3b:a2:4b:45:c4:9d:
1f:e4:70:b2:dc:3f:aa:59:ee:81:ab:b9:55:2b:82:
8b:b2:b8:0b:ed:5c:f9:a5:6a:d7:93:c9:37:8b:26:
ac:05:9f:39:74:0c:09:bf:17:42:69:86:6e:08:a8:
2d:da:aa:23:c6:fe:3e:b9:f9:b7:65:d1:b6:4e:12:
70:fe:a7:0b:c9:4b:7f:7e:4c:13:3e:da:d9:2b:0b:
7c:bf:32:99:f8:09:e8:4f:66:61:0b:a5:24:64:9d:
be:24:b5:23:61:9e:f4:63:f0:5d:71:05:e4:f6:bf:
a1:a1:ba:0a:a3:17:cc:47:bf:b1:37:e3:3e:ed:7c:
da:4e:91:ec:30:4d:20:09:8b:78:bb:7a:a4:64:bc:
aa:f3:b0:c6:fd:35:99:fe:d8:21:a7:33:25:34:12:
ef:dd:28:0c:4f:dd:b4:02:c7:e5:32:40:6b:c2:8c:
92:bd:d9:ec:aa:26:1e:e9:d1:33:6f:89:a9:bc:0c:
26:09:af:e3:d4:72:c2:01:73:95:e1:6e:d0:02:f2:
67:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:FF:28:AB:53:4C:42:A0:5C:31:E2:DE:F6:FB:3E:E7:50:8C:52:EC
X509v3 Authority Key Identifier:
keyid:BF:0D:C1:44:93:16:B6:56:7C:3E:1E:37:4B:82:ED:89:2B:5D:0F:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vw3BRJMWtlZ8Ph43S4LtiStdD2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/266e62-9498-46e0-a14c-5755b2f10418/1/1-_8oq1NMQqBcMeLe9vs-51CMUuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/266e62-9498-46e0-a14c-5755b2f10418/1/vw3BRJMWtlZ8Ph43S4LtiStdD2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.84.0.0/22
145.84.24.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:a1:83:59:22:0f:7e:eb:b3:48:83:c6:84:5d:f2:a0:2b:ae:
43:5f:84:a6:9e:81:26:8f:c3:fc:f9:4a:4e:11:6f:2b:ec:e0:
53:67:fd:5f:01:d5:91:41:e1:24:65:4c:d7:9b:c5:9a:ac:a8:
1d:71:31:81:cb:2f:2e:35:76:9f:ee:ae:c6:b2:c5:dd:31:ac:
aa:52:3c:d0:1d:9a:ba:fc:43:90:2a:a7:b8:55:9d:fe:bd:12:
c1:80:bf:76:51:fd:20:e3:b8:24:d8:45:76:86:73:fc:5e:05:
0d:69:d1:66:bd:88:09:70:57:44:19:f2:14:82:41:b4:e6:c1:
2c:27:6b:a8:ad:15:9a:60:af:32:14:71:06:f6:79:81:9b:c0:
cf:f5:bb:46:cf:55:8b:fd:df:92:63:31:06:af:6e:40:57:b3:
f1:12:c5:17:fb:21:95:73:41:ba:27:2e:61:98:a7:9e:7c:75:
c6:95:41:83:26:88:1c:9d:5b:54:4b:0d:68:44:5d:96:2c:dd:
d4:0d:b0:c6:0e:c4:bc:1d:14:d5:65:b7:f9:a1:da:42:ad:69:
8f:52:85:8d:89:95:5c:d3:f3:07:4b:57:c8:ba:5c:56:3a:63:
ff:f4:79:af:86:08:3f:b0:e2:e0:08:55:10:71:4f:9a:8d:42:
8e:b8:b1:b5
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYiWACW5yiJZDcM1K6GoMmsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMGRjMTQ0OTMxNmI2NTY3YzNlMWUzNzRiODJlZDg5MmI1
ZDBmNjMwHhcNMjMwNjA3MTMxNjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmZmMjhhYjUzNGM0MmEwNWMzMWUyZGVmNmZiM2VlNzUwOGM1MmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6SCYdK/ea3MdNlxJAIbacshyu25
EFQzSecrCoCjGG7xNyd7U0MFJETYyN1kkDqDd5+4jnw7oktFxJ0f5HCy3D+qWe6B
q7lVK4KLsrgL7Vz5pWrXk8k3iyasBZ85dAwJvxdCaYZuCKgt2qojxv4+ufm3ZdG2
ThJw/qcLyUt/fkwTPtrZKwt8vzKZ+AnoT2ZhC6UkZJ2+JLUjYZ70Y/BdcQXk9r+h
oboKoxfMR7+xN+M+7XzaTpHsME0gCYt4u3qkZLyq87DG/TWZ/tghpzMlNBLv3SgM
T920AsflMkBrwoySvdnsqiYe6dEzb4mpvAwmCa/j1HLCAXOV4W7QAvJnLQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPv/KKtTTEKgXDHi3vb7PudQjFLsMB8GA1UdIwQY
MBaAFL8NwUSTFrZWfD4eN0uC7YkrXQ9jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnczQlJKTVd0bFo4UGg0M1M0THRpU3RkRDJNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8yNjZlNjItOTQ5OC00NmUwLWExNGMt
NTc1NWIyZjEwNDE4LzEvMS1fOG9xMU5NUXFCY01lTGU5dnMtNTFDTVV1dy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWYvMjY2ZTYyLTk0OTgtNDZlMC1hMTRjLTU3NTViMmYxMDQx
OC8xL3Z3M0JSSk1XdGxaOFBoNDNTNEx0aVN0ZEQyTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEApFUAAME
AZFUGDANBgkqhkiG9w0BAQsFAAOCAQEAi6GDWSIPfuuzSIPGhF3yoCuuQ1+Epp6B
Jo/D/PlKThFvK+zgU2f9XwHVkUHhJGVM15vFmqyoHXExgcsvLjV2n+6uxrLF3TGs
qlI80B2auvxDkCqnuFWd/r0SwYC/dlH9IOO4JNhFdoZz/F4FDWnRZr2ICXBXRBny
FIJBtObBLCdrqK0VmmCvMhRxBvZ5gZvAz/W7Rs9Vi/3fkmMxBq9uQFez8RLFF/sh
lXNBuicuYZinnnx1xpVBgyaIHJ1bVEsNaERdlizd1A2wxg7EvB0U1WW3+aHaQq1p
j1KFjYmVXNPzB0tXyLpcVjpj//R5r4YIP7Di4AhVEHFPmo1CjrixtQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:59 2024 by rpki-client on console-fra.rpki-client.org