Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/609976-1ace-444f-bcb5-4243e88bd76c/1/Bvt3yvB-rYs1v5FhuloLBV0X61A.roa
File: Bvt3yvB-rYs1v5FhuloLBV0X61A.roa (raw, json)
Hash identifier: f4VBOtw9XTivkKMWc3mn63Tw+aCO4/56/8PsF7l5IZ0=
Subject key identifier: 06:FB:77:CA:F0:7E:AD:8B:35:BF:91:61:BA:5A:0B:05:5D:17:EB:50
Certificate issuer: /CN=869b3600fd738e698d12fef20e106e6a94e3b674
Certificate serial: 01856DCAD6EAD6001DD3A380A9E0D7F7AEDC
Authority key identifier: 86:9B:36:00:FD:73:8E:69:8D:12:FE:F2:0E:10:6E:6A:94:E3:B6:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hps2AP1zjmmNEv7yDhBuapTjtnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/609976-1ace-444f-bcb5-4243e88bd76c/1/Bvt3yvB-rYs1v5FhuloLBV0X61A.roa
Signing time: Sun 01 Jan 2023 14:44:47 +0000
ROA not before: Sun 01 Jan 2023 14:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50635
IP address blocks: 195.191.186.0/24 maxlen: 24
195.191.187.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:d6:ea:d6:00:1d:d3:a3:80:a9:e0:d7:f7:ae:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869b3600fd738e698d12fef20e106e6a94e3b674
Validity
Not Before: Jan 1 14:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06fb77caf07ead8b35bf9161ba5a0b055d17eb50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:82:19:ea:18:ed:eb:d1:4c:95:17:23:12:bf:
09:db:9b:9a:12:20:55:42:2c:8f:40:1c:42:48:4c:
64:83:9e:ad:d6:04:46:61:ea:3c:53:f2:2d:0b:99:
97:f3:b3:38:f9:15:32:20:48:36:28:74:9a:88:bc:
8c:be:d1:6b:a0:d5:19:3a:96:75:ca:65:57:f9:23:
82:de:7a:a9:97:a7:8d:83:ff:fe:f4:6a:9d:99:99:
7a:56:23:9d:ee:a2:93:af:3c:3f:9a:e4:0c:e7:fc:
3f:9f:4e:29:b7:8b:b0:14:54:fd:1a:f1:75:d8:23:
0b:f7:a4:68:31:5b:24:c5:e2:86:fa:ff:af:00:e9:
84:85:8c:e1:44:fd:36:8f:77:09:e2:2e:be:88:b6:
eb:e2:67:98:0f:ba:04:52:f9:ff:f1:f4:03:04:c2:
0f:12:09:fe:e9:d7:43:f7:93:6b:6d:0c:55:90:8a:
1b:c3:c2:b7:e2:f6:d2:f5:f0:73:cf:f6:98:13:71:
e1:9d:6a:80:4d:7e:c8:aa:47:ce:5f:7a:65:6c:a0:
80:fe:04:dd:2e:b4:95:7d:8b:af:f8:54:bf:f2:5e:
31:18:e0:3c:f0:ca:0d:21:ad:c6:40:41:34:c2:e1:
a9:fb:80:c0:c9:91:24:09:3b:eb:1a:b0:ae:50:5c:
ac:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:FB:77:CA:F0:7E:AD:8B:35:BF:91:61:BA:5A:0B:05:5D:17:EB:50
X509v3 Authority Key Identifier:
keyid:86:9B:36:00:FD:73:8E:69:8D:12:FE:F2:0E:10:6E:6A:94:E3:B6:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hps2AP1zjmmNEv7yDhBuapTjtnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/609976-1ace-444f-bcb5-4243e88bd76c/1/Bvt3yvB-rYs1v5FhuloLBV0X61A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/609976-1ace-444f-bcb5-4243e88bd76c/1/hps2AP1zjmmNEv7yDhBuapTjtnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.186.0/23
Signature Algorithm: sha256WithRSAEncryption
69:df:cf:b2:38:8d:e4:75:92:87:94:02:98:f5:22:2c:88:ee:
af:ba:ab:44:29:b1:4f:25:85:c2:25:34:7e:8f:0c:22:ea:bc:
74:8a:12:4b:f6:c4:24:c8:86:7d:00:7f:04:4b:97:d6:90:e9:
7b:e2:3c:0c:9a:61:09:a8:77:d9:f1:8a:ee:89:55:b7:bb:c7:
aa:a5:d5:61:21:e3:e8:ba:81:d9:0a:d5:e9:46:c8:da:06:41:
c4:4f:5a:b4:6e:3d:ce:f0:47:d6:09:29:61:3d:6c:bb:e6:2b:
88:87:bc:ad:68:aa:dc:1a:7f:5f:d1:6f:1d:6c:ef:27:7a:c1:
4e:b4:30:d6:2a:18:12:19:f8:2f:61:0c:b7:0e:6f:11:29:71:
31:49:57:69:de:78:92:12:43:de:a6:18:87:d7:71:91:b8:d9:
1f:7b:d3:6f:cc:83:4e:63:29:1e:97:17:46:c3:92:b4:b9:62:
2c:c6:33:a1:2a:d5:8e:94:02:70:d8:3d:31:08:6c:ac:39:b5:
3b:48:a4:e3:e9:2f:08:e3:4d:2c:44:f9:8e:b9:10:bb:7d:56:
5e:f3:b1:d1:af:8d:fa:61:c7:e8:57:ef:91:ba:33:3a:02:24:
c2:8e:eb:15:0b:e1:89:05:5b:31:73:b5:9f:c4:99:16:7e:43:
51:a6:ac:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtytbq1gAd06OAqeDX967cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OWIzNjAwZmQ3MzhlNjk4ZDEyZmVmMjBlMTA2ZTZhOTRl
M2I2NzQwHhcNMjMwMTAxMTQ0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmZiNzdjYWYwN2VhZDhiMzViZjkxNjFiYTVhMGIwNTVkMTdlYjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2oIZ6hjt69FMlRcjEr8J25uaEiBV
QiyPQBxCSExkg56t1gRGYeo8U/ItC5mX87M4+RUyIEg2KHSaiLyMvtFroNUZOpZ1
ymVX+SOC3nqpl6eNg//+9GqdmZl6ViOd7qKTrzw/muQM5/w/n04pt4uwFFT9GvF1
2CML96RoMVskxeKG+v+vAOmEhYzhRP02j3cJ4i6+iLbr4meYD7oEUvn/8fQDBMIP
Egn+6ddD95NrbQxVkIobw8K34vbS9fBzz/aYE3HhnWqATX7IqkfOX3plbKCA/gTd
LrSVfYuv+FS/8l4xGOA88MoNIa3GQEE0wuGp+4DAyZEkCTvrGrCuUFys5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAb7d8rwfq2LNb+RYbpaCwVdF+tQMB8GA1UdIwQY
MBaAFIabNgD9c45pjRL+8g4QbmqU47Z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBzMkFQMXpqbW1ORXY3eURoQnVhcFRqdG5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy82MDk5NzYtMWFjZS00NDRmLWJjYjUt
NDI0M2U4OGJkNzZjLzEvQnZ0M3l2Qi1yWXMxdjVGaHVsb0xCVjBYNjFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy82MDk5NzYtMWFjZS00NDRmLWJjYjUtNDI0M2U4OGJkNzZj
LzEvaHBzMkFQMXpqbW1ORXY3eURoQnVhcFRqdG5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw7+6MA0G
CSqGSIb3DQEBCwUAA4IBAQBp38+yOI3kdZKHlAKY9SIsiO6vuqtEKbFPJYXCJTR+
jwwi6rx0ihJL9sQkyIZ9AH8ES5fWkOl74jwMmmEJqHfZ8YruiVW3u8eqpdVhIePo
uoHZCtXpRsjaBkHET1q0bj3O8EfWCSlhPWy75iuIh7ytaKrcGn9f0W8dbO8nesFO
tDDWKhgSGfgvYQy3Dm8RKXExSVdp3niSEkPephiH13GRuNkfe9NvzINOYykelxdG
w5K0uWIsxjOhKtWOlAJw2D0xCGysObU7SKTj6S8I400sRPmOuRC7fVZe87HRr436
YcfoV++RujM6AiTCjusVC+GJBVsxc7WfxJkWfkNRpqya
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:14 2024 by rpki-client on console-ams.rpki-client.org