Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/BmXrhgkZRe2AWYvoM8wUL7t6e4M.roa
File: BmXrhgkZRe2AWYvoM8wUL7t6e4M.roa (raw, json)
Hash identifier: k4Az9I7TbH0epXbExPf4z/idnSg0LCg4rwr5RM0EfX4=
Subject key identifier: 06:65:EB:86:09:19:45:ED:80:59:8B:E8:33:CC:14:2F:BB:7A:7B:83
Certificate issuer: /CN=f563da6eb3b7a07fdc4525883004970d640b036b
Certificate serial: 01856C6EEFBD268EF0A220964702AF0DEC7A
Authority key identifier: F5:63:DA:6E:B3:B7:A0:7F:DC:45:25:88:30:04:97:0D:64:0B:03:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9WPabrO3oH_cRSWIMASXDWQLA2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/BmXrhgkZRe2AWYvoM8wUL7t6e4M.roa
Signing time: Sun 01 Jan 2023 08:24:47 +0000
ROA not before: Sun 01 Jan 2023 08:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25094
IP address blocks: 194.154.205.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:ef:bd:26:8e:f0:a2:20:96:47:02:af:0d:ec:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f563da6eb3b7a07fdc4525883004970d640b036b
Validity
Not Before: Jan 1 08:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0665eb86091945ed80598be833cc142fbb7a7b83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:75:26:8e:fd:87:c5:97:3b:16:c9:43:b4:2c:
d7:af:d0:60:b5:f4:02:48:a2:70:85:0f:b3:7c:c1:
3e:e4:cc:89:80:4b:54:10:6a:67:c9:b2:ae:79:2c:
3d:7e:f3:df:29:5c:05:b8:8a:34:15:87:2e:d3:c1:
3a:38:2e:b8:c4:23:aa:15:30:f6:e0:48:c4:3f:bf:
5d:47:1f:02:80:68:fb:08:74:46:88:80:ee:46:ee:
06:5b:3e:da:55:3f:e5:37:95:fb:74:75:85:6e:ce:
30:2b:c1:bc:50:6c:9b:e6:c5:9d:f6:60:51:82:29:
b1:18:e0:6f:5a:69:40:71:30:47:14:3a:e1:01:fa:
6b:5e:e0:4e:dd:d5:a3:66:5e:ec:4a:b3:ef:b7:1b:
cd:d4:20:26:af:73:73:fd:02:e3:92:28:7a:e0:62:
f5:d1:db:d3:62:5a:33:6f:01:55:74:71:da:43:b8:
89:1a:e5:d3:23:19:e8:c5:f4:60:7e:34:6d:30:6a:
38:ce:24:44:f3:ca:32:a1:4f:58:ca:10:dd:e6:cd:
58:ef:08:5e:19:00:bd:e1:f4:88:28:c9:55:b4:1e:
ca:d4:47:c5:a9:27:67:cb:fc:95:1b:ee:bd:8f:cc:
b7:9c:ad:cc:e7:80:14:c5:08:c9:74:0d:a3:18:f2:
e1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:65:EB:86:09:19:45:ED:80:59:8B:E8:33:CC:14:2F:BB:7A:7B:83
X509v3 Authority Key Identifier:
keyid:F5:63:DA:6E:B3:B7:A0:7F:DC:45:25:88:30:04:97:0D:64:0B:03:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9WPabrO3oH_cRSWIMASXDWQLA2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/BmXrhgkZRe2AWYvoM8wUL7t6e4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/9WPabrO3oH_cRSWIMASXDWQLA2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.154.205.0/24
Signature Algorithm: sha256WithRSAEncryption
43:88:c1:cd:3c:6d:9d:a8:71:43:23:da:77:af:3b:1b:99:32:
5f:76:96:af:b5:27:9c:50:77:f8:55:c3:26:38:8e:29:5a:a8:
72:2c:db:f5:f8:36:c0:42:ec:57:ac:9a:5a:ab:9d:ce:69:bc:
f7:f8:92:03:60:66:aa:48:fd:57:9b:cd:ae:b8:f4:0d:b6:d4:
eb:71:c1:87:65:55:cd:52:c0:48:14:1b:2e:89:53:84:5f:ff:
72:2c:c7:86:f6:01:3e:5b:e6:67:53:6f:75:b3:7b:33:20:e5:
69:90:fb:05:28:a0:cd:5a:44:34:a2:94:b2:37:d5:68:05:7f:
32:41:ad:f2:9b:44:a9:3b:30:20:1f:bf:a9:b2:a8:5a:38:64:
2f:4c:74:60:04:a9:ca:39:37:b4:3a:16:47:b9:6f:29:54:26:
c8:b6:3a:b4:32:e3:22:47:88:d5:b8:9a:fe:79:94:af:e7:db:
95:35:09:79:3c:de:0f:0f:6c:d2:2f:c7:da:d7:26:b4:80:69:
91:5b:f5:39:51:f4:ec:0a:55:81:29:34:54:b7:4a:6a:6e:b8:
a1:0e:2c:9b:aa:b8:f0:93:20:f1:fd:b7:89:d6:bf:9a:3f:eb:
ad:76:2b:c2:74:69:77:d9:26:e9:64:32:2d:e3:89:e2:7c:78:
61:4b:d4:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbu+9Jo7woiCWRwKvDex6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NjNkYTZlYjNiN2EwN2ZkYzQ1MjU4ODMwMDQ5NzBkNjQw
YjAzNmIwHhcNMjMwMTAxMDgyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjY1ZWI4NjA5MTk0NWVkODA1OThiZTgzM2NjMTQyZmJiN2E3YjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHUmjv2HxZc7FslDtCzXr9BgtfQC
SKJwhQ+zfME+5MyJgEtUEGpnybKueSw9fvPfKVwFuIo0FYcu08E6OC64xCOqFTD2
4EjEP79dRx8CgGj7CHRGiIDuRu4GWz7aVT/lN5X7dHWFbs4wK8G8UGyb5sWd9mBR
gimxGOBvWmlAcTBHFDrhAfprXuBO3dWjZl7sSrPvtxvN1CAmr3Nz/QLjkih64GL1
0dvTYlozbwFVdHHaQ7iJGuXTIxnoxfRgfjRtMGo4ziRE88oyoU9YyhDd5s1Y7whe
GQC94fSIKMlVtB7K1EfFqSdny/yVG+69j8y3nK3M54AUxQjJdA2jGPLhbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAZl64YJGUXtgFmL6DPMFC+7enuDMB8GA1UdIwQY
MBaAFPVj2m6zt6B/3EUliDAElw1kCwNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVdQYWJyTzNvSF9jUlNXSU1BU1hEV1FMQTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy82MzU2NGYtYWNhMS00NjNkLWJlMWUt
ZTU1MjBhYTdiYTM3LzEvQm1Ycmhna1pSZTJBV1l2b004d1VMN3Q2ZTRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy82MzU2NGYtYWNhMS00NjNkLWJlMWUtZTU1MjBhYTdiYTM3
LzEvOVdQYWJyTzNvSF9jUlNXSU1BU1hEV1FMQTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwprNMA0G
CSqGSIb3DQEBCwUAA4IBAQBDiMHNPG2dqHFDI9p3rzsbmTJfdpavtSecUHf4VcMm
OI4pWqhyLNv1+DbAQuxXrJpaq53Oabz3+JIDYGaqSP1Xm82uuPQNttTrccGHZVXN
UsBIFBsuiVOEX/9yLMeG9gE+W+ZnU291s3szIOVpkPsFKKDNWkQ0opSyN9VoBX8y
Qa3ym0SpOzAgH7+psqhaOGQvTHRgBKnKOTe0OhZHuW8pVCbItjq0MuMiR4jVuJr+
eZSv59uVNQl5PN4PD2zSL8fa1ya0gGmRW/U5UfTsClWBKTRUt0pqbrihDiybqrjw
kyDx/beJ1r+aP+utdivCdGl32SbpZDIt44nifHhhS9Rs
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:09 2024 by rpki-client on console-fra.rpki-client.org