Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/372079-8901-4526-8d5a-c1f0eaeed8ce/1/BGNkpNtqiWHvgHnWjIUiYGxg71k.roa
File: BGNkpNtqiWHvgHnWjIUiYGxg71k.roa (raw, json)
Hash identifier: DDkCXr2JyNFpPnrfyxW8ORN3QYAP2AZF5r5mo3qxdPk=
Subject key identifier: 04:63:64:A4:DB:6A:89:61:EF:80:79:D6:8C:85:22:60:6C:60:EF:59
Certificate issuer: /CN=02c37210ed8a56ce0edd4574bf736b63245e5823
Certificate serial: 01856BD34FE206424829EE7CEE65ECE22B53
Authority key identifier: 02:C3:72:10:ED:8A:56:CE:0E:DD:45:74:BF:73:6B:63:24:5E:58:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AsNyEO2KVs4O3UV0v3NrYyReWCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/372079-8901-4526-8d5a-c1f0eaeed8ce/1/BGNkpNtqiWHvgHnWjIUiYGxg71k.roa
Signing time: Sun 01 Jan 2023 05:34:48 +0000
ROA not before: Sun 01 Jan 2023 05:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207430
IP address blocks: 31.14.4.0/22 maxlen: 22
31.14.6.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:4f:e2:06:42:48:29:ee:7c:ee:65:ec:e2:2b:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02c37210ed8a56ce0edd4574bf736b63245e5823
Validity
Not Before: Jan 1 05:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=046364a4db6a8961ef8079d68c8522606c60ef59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e4:08:04:b6:7b:b1:97:24:18:6e:d8:d9:0c:
7e:f8:30:2e:a2:72:e6:2e:0d:1b:5b:32:fd:0f:8d:
4f:a5:b0:5b:40:b2:3a:1f:b1:08:e5:cb:32:20:38:
62:81:d7:3e:26:fe:ad:36:d0:f0:0a:f9:dc:a3:b2:
ec:0b:22:e1:4c:af:76:ef:99:8e:cb:7b:db:9c:54:
8d:d7:0a:dd:ca:83:17:49:f7:b0:29:2d:11:a0:ea:
f0:bc:62:e8:f0:ca:c9:f3:26:42:7f:92:fd:cf:97:
db:d6:cd:92:2a:fd:e6:18:2c:78:b5:4d:e9:f2:cd:
49:ca:5e:7f:5d:b8:e1:f6:70:9a:02:04:89:c6:74:
25:2c:fd:4d:30:61:a4:a6:3a:94:57:8f:72:30:e8:
1e:ff:b3:9e:89:35:44:91:53:a2:54:cf:d3:ca:1e:
f4:15:30:7e:24:7c:c0:aa:ed:f2:5b:9c:a0:71:d3:
0d:94:90:e8:b4:66:87:e1:cc:f1:cb:cc:4b:42:46:
9d:9b:ff:82:cf:08:fe:bd:e0:4f:5d:59:02:8a:ab:
4a:24:5d:1a:3c:03:bb:9d:72:6e:85:68:e2:44:28:
7f:d6:06:12:45:91:df:88:2f:4f:ea:81:19:c6:de:
12:99:97:5d:10:73:c4:8c:e2:57:e8:c6:9b:2d:d0:
02:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:63:64:A4:DB:6A:89:61:EF:80:79:D6:8C:85:22:60:6C:60:EF:59
X509v3 Authority Key Identifier:
keyid:02:C3:72:10:ED:8A:56:CE:0E:DD:45:74:BF:73:6B:63:24:5E:58:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AsNyEO2KVs4O3UV0v3NrYyReWCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/372079-8901-4526-8d5a-c1f0eaeed8ce/1/BGNkpNtqiWHvgHnWjIUiYGxg71k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/372079-8901-4526-8d5a-c1f0eaeed8ce/1/AsNyEO2KVs4O3UV0v3NrYyReWCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.4.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:47:a1:39:48:7b:09:4c:a3:2a:14:0d:ee:89:35:5f:0e:95:
b1:4b:2e:84:78:7b:48:d9:73:9c:5b:8c:0a:1c:ce:bb:d4:1e:
c0:51:9b:45:f5:1f:98:e6:24:5e:fc:2b:27:f1:ad:ec:4f:9a:
f3:7a:92:8b:68:13:39:ca:a2:d3:ce:cb:9a:47:d9:c4:42:4b:
49:be:1f:72:76:e7:93:df:50:00:b5:90:db:46:f5:d1:72:ac:
b5:b5:1d:12:12:b1:86:60:a3:da:82:c0:ea:5c:43:0f:42:84:
9a:89:94:a5:5d:34:4e:eb:7b:bb:cd:7b:30:f9:9a:d9:95:24:
d1:28:2c:64:6d:9f:66:85:11:9e:a7:de:fb:7e:2e:f8:66:6b:
6d:18:67:8b:69:3a:b1:fc:9d:c4:31:57:06:41:da:d9:08:47:
10:f4:64:c5:bb:bb:b3:1e:01:9d:5f:1b:18:3b:7b:7d:8a:a5:
90:a7:60:c3:d2:e3:45:fe:f1:02:27:0b:63:95:cf:91:81:9c:
6c:f7:ec:94:a5:a9:30:f1:22:33:c2:63:73:82:ef:26:c5:d0:
f1:2d:5d:80:e1:64:6f:9b:f2:43:56:4e:93:4c:7a:84:8e:a1:
05:8c:82:fd:a6:f6:f0:68:81:f8:54:87:c4:97:dc:af:f4:c1:
7a:5f:f8:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr00/iBkJIKe587mXs4itTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYzM3MjEwZWQ4YTU2Y2UwZWRkNDU3NGJmNzM2YjYzMjQ1
ZTU4MjMwHhcNMjMwMTAxMDUzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDYzNjRhNGRiNmE4OTYxZWY4MDc5ZDY4Yzg1MjI2MDZjNjBlZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeQIBLZ7sZckGG7Y2Qx++DAuonLm
Lg0bWzL9D41PpbBbQLI6H7EI5csyIDhigdc+Jv6tNtDwCvnco7LsCyLhTK9275mO
y3vbnFSN1wrdyoMXSfewKS0RoOrwvGLo8MrJ8yZCf5L9z5fb1s2SKv3mGCx4tU3p
8s1Jyl5/Xbjh9nCaAgSJxnQlLP1NMGGkpjqUV49yMOge/7OeiTVEkVOiVM/Tyh70
FTB+JHzAqu3yW5ygcdMNlJDotGaH4czxy8xLQkadm/+Czwj+veBPXVkCiqtKJF0a
PAO7nXJuhWjiRCh/1gYSRZHfiC9P6oEZxt4SmZddEHPEjOJX6MabLdAC6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFARjZKTbaolh74B51oyFImBsYO9ZMB8GA1UdIwQY
MBaAFALDchDtilbODt1FdL9za2MkXlgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXNOeUVPMktWczRPM1VWMHYzTnJZeVJlV0NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8zNzIwNzktODkwMS00NTI2LThkNWEt
YzFmMGVhZWVkOGNlLzEvQkdOa3BOdHFpV0h2Z0huV2pJVWlZR3hnNzFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8zNzIwNzktODkwMS00NTI2LThkNWEtYzFmMGVhZWVkOGNl
LzEvQXNOeUVPMktWczRPM1VWMHYzTnJZeVJlV0NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCHw4EMA0G
CSqGSIb3DQEBCwUAA4IBAQC3R6E5SHsJTKMqFA3uiTVfDpWxSy6EeHtI2XOcW4wK
HM671B7AUZtF9R+Y5iRe/Csn8a3sT5rzepKLaBM5yqLTzsuaR9nEQktJvh9ydueT
31AAtZDbRvXRcqy1tR0SErGGYKPagsDqXEMPQoSaiZSlXTRO63u7zXsw+ZrZlSTR
KCxkbZ9mhRGep977fi74ZmttGGeLaTqx/J3EMVcGQdrZCEcQ9GTFu7uzHgGdXxsY
O3t9iqWQp2DD0uNF/vECJwtjlc+RgZxs9+yUpakw8SIzwmNzgu8mxdDxLV2A4WRv
m/JDVk6TTHqEjqEFjIL9pvbwaIH4VIfEl9yv9MF6X/gI
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:05 2024 by rpki-client on console-fra.rpki-client.org