Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/BP--iZCCF-TBwPO71lXcUdLt0o4.roa
File: BP--iZCCF-TBwPO71lXcUdLt0o4.roa (raw, json)
Hash identifier: G5DtH2X7uUcynlsmTW95eH4zwscZLP1kc9a4BtVTKbU=
Subject key identifier: 04:FF:BE:89:90:82:17:E4:C1:C0:F3:BB:D6:55:DC:51:D2:ED:D2:8E
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 018D1105AB661FE5EEDFECB4FC899ED6C963
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/BP--iZCCF-TBwPO71lXcUdLt0o4.roa
Signing time: Tue 16 Jan 2024 06:46:40 +0000
ROA not before: Tue 16 Jan 2024 06:46:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.80.136.0/24 maxlen: 24
77.246.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 10:58:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:11:05:ab:66:1f:e5:ee:df:ec:b4:fc:89:9e:d6:c9:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Jan 16 06:46:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04ffbe89908217e4c1c0f3bbd655dc51d2edd28e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b8:10:65:89:5e:9c:79:e9:bf:74:0a:0f:e8:
3e:d5:88:21:e7:82:71:ca:de:a3:d9:18:64:3c:56:
1a:e5:8b:62:ec:42:64:8b:19:9b:4d:8e:69:76:d4:
0d:83:0c:42:1b:a2:bf:9c:51:9b:4b:7a:99:ba:d4:
39:af:1a:ea:3c:79:7c:e3:19:ee:14:76:58:00:45:
83:1c:81:16:67:29:e5:a4:ca:71:59:43:da:ec:62:
3c:6b:a9:bd:61:c3:bf:36:43:ed:9b:3a:4b:b5:ba:
34:86:60:41:9e:cb:cf:f2:52:75:60:c2:b2:26:45:
de:a7:c0:f0:9b:1c:7c:15:b9:ca:9d:a5:75:0e:fb:
8f:5b:83:f1:48:85:9a:70:9a:28:c6:f3:54:68:77:
f1:7a:67:48:ab:37:55:9a:96:8b:49:03:e1:73:fd:
1f:99:df:ec:67:ef:8c:4f:27:3a:f4:23:01:f8:01:
a9:f9:41:ec:bb:2c:90:a6:a2:a9:90:1c:11:10:26:
01:09:c0:f5:ab:e1:f7:60:13:83:e0:fb:fb:d9:67:
56:0d:90:a2:4d:e6:70:87:88:b2:d0:e6:cb:3a:27:
17:de:13:fc:f5:ad:10:c6:4c:87:3d:aa:47:0e:9f:
5e:ad:d9:91:cc:dc:c0:8f:d6:7a:b0:e1:16:3a:dd:
85:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:FF:BE:89:90:82:17:E4:C1:C0:F3:BB:D6:55:DC:51:D2:ED:D2:8E
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/BP--iZCCF-TBwPO71lXcUdLt0o4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.220.0/24
88.80.136.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:14:7f:db:7c:47:48:fb:03:c0:b1:ca:84:f9:e1:e6:5e:98:
46:cd:ef:80:0d:1c:3c:ff:85:42:3d:85:b4:44:58:bf:43:b6:
12:0a:1e:8d:34:04:1a:e0:19:1a:bc:29:90:a1:eb:eb:08:f0:
3b:01:7e:12:0e:a9:6b:8f:94:69:55:0e:24:f0:a9:0f:a6:40:
e6:80:b0:4f:09:86:fd:36:3d:9d:e5:c2:eb:0c:1c:b2:e7:64:
1a:42:24:1e:00:2a:8b:2e:c6:8a:20:c9:e3:6a:67:46:57:15:
7b:ac:57:8c:7a:97:29:e3:de:3e:42:2d:23:cf:f6:5d:4e:2c:
d2:cb:55:b4:08:e6:c3:5c:c0:17:a0:2f:8f:d4:c7:13:96:d7:
7b:37:3c:fb:07:ae:39:67:2d:0e:46:14:a4:07:d3:fa:07:16:
1f:7c:3c:94:b6:8a:ca:e6:ac:12:2e:54:ce:e1:c4:60:78:bb:
70:04:2b:d9:d4:a6:ae:b0:27:e0:01:51:a8:b0:26:34:53:d1:
2b:ff:90:4a:b5:db:f7:50:12:a9:10:0e:90:8f:c4:45:54:f1:
8d:a3:12:27:65:11:a1:e2:b5:12:3e:3a:2d:5b:53:0e:11:8c:
36:9c:d7:c4:8a:5c:73:11:d3:4f:a7:27:cd:7f:41:af:7a:65:
ba:e2:26:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0RBatmH+Xu3+y0/Ime1sljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwMTE2MDY0NjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGZmYmU4OTkwODIxN2U0YzFjMGYzYmJkNjU1ZGM1MWQyZWRkMjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrgQZYlenHnpv3QKD+g+1Ygh54Jx
yt6j2RhkPFYa5Yti7EJkixmbTY5pdtQNgwxCG6K/nFGbS3qZutQ5rxrqPHl84xnu
FHZYAEWDHIEWZynlpMpxWUPa7GI8a6m9YcO/NkPtmzpLtbo0hmBBnsvP8lJ1YMKy
JkXep8Dwmxx8FbnKnaV1DvuPW4PxSIWacJooxvNUaHfxemdIqzdVmpaLSQPhc/0f
md/sZ++MTyc69CMB+AGp+UHsuyyQpqKpkBwRECYBCcD1q+H3YBOD4Pv72WdWDZCi
TeZwh4iy0ObLOicX3hP89a0QxkyHPapHDp9erdmRzNzAj9Z6sOEWOt2FMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAT/vomQghfkwcDzu9ZV3FHS7dKOMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvQlAtLWlaQ0NGLVRCd1BPNzFsWGNVZEx0MG80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATfbcAwQA
WFCIMA0GCSqGSIb3DQEBCwUAA4IBAQBMFH/bfEdI+wPAscqE+eHmXphGze+ADRw8
/4VCPYW0RFi/Q7YSCh6NNAQa4BkavCmQoevrCPA7AX4SDqlrj5RpVQ4k8KkPpkDm
gLBPCYb9Nj2d5cLrDByy52QaQiQeACqLLsaKIMnjamdGVxV7rFeMepcp494+Qi0j
z/ZdTizSy1W0CObDXMAXoC+P1McTltd7Nzz7B645Zy0ORhSkB9P6BxYffDyUtorK
5qwSLlTO4cRgeLtwBCvZ1KausCfgAVGosCY0U9Er/5BKtdv3UBKpEA6Qj8RFVPGN
oxInZRGh4rUSPjotW1MOEYw2nNfEilxzEdNPpyfNf0GvemW64iYu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:13 2024 by rpki-client on console-fra.rpki-client.org