Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BLa-3kB36KrMBmc_9lwDDNDkJV8.roa
File: BLa-3kB36KrMBmc_9lwDDNDkJV8.roa (raw, json)
Hash identifier: gqlJIKiJSLajarKMnRbOn89xLmJniFhlCOBDp6azxXQ=
Subject key identifier: 04:B6:BE:DE:40:77:E8:AA:CC:06:67:3F:F6:5C:03:0C:D0:E4:25:5F
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018CC26D1F0DC5D2E8DD1146DC45E0046637
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BLa-3kB36KrMBmc_9lwDDNDkJV8.roa
Signing time: Mon 01 Jan 2024 00:29:40 +0000
ROA not before: Mon 01 Jan 2024 00:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 89.47.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 06:44:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:1f:0d:c5:d2:e8:dd:11:46:dc:45:e0:04:66:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 00:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04b6bede4077e8aacc06673ff65c030cd0e4255f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:aa:5e:bb:12:c4:29:38:d9:a6:6c:e4:d6:b1:
30:ca:67:bb:28:94:88:8c:16:13:4c:b7:ea:db:eb:
24:75:5b:83:fd:c5:2c:19:27:1a:0d:30:77:8e:8d:
6b:36:25:07:7c:f8:56:2c:fc:fa:7d:a6:1a:a6:b1:
a3:ae:08:b5:f4:5d:ba:2d:54:10:9d:d9:f6:77:48:
79:50:be:18:bb:13:56:e4:9f:86:0c:2e:34:85:df:
2a:1e:dd:a3:3a:ec:50:b8:48:50:8b:44:d9:7b:6e:
c8:08:f3:37:d8:25:eb:21:7e:4c:aa:32:d8:89:91:
1d:36:b0:76:76:65:bf:62:4e:e3:7a:4b:83:63:84:
f1:12:cc:77:e5:eb:96:ee:49:f9:e4:38:15:41:e6:
56:3a:4f:be:7c:5e:ed:eb:50:99:e0:f7:d3:34:ed:
4c:8f:c2:58:36:ca:65:c8:5e:84:e4:83:00:ba:0d:
e3:4e:02:12:7f:42:21:32:c2:c6:95:eb:49:4e:66:
35:d6:bc:ad:cd:28:9a:71:aa:5a:8f:a6:68:47:19:
95:12:20:c8:82:e0:cf:88:96:a7:39:08:0e:7a:84:
5b:67:bc:5b:23:c8:f3:39:29:9a:e7:ca:56:e4:35:
dc:89:22:1a:49:dc:72:5a:28:2f:78:fb:65:14:22:
6d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B6:BE:DE:40:77:E8:AA:CC:06:67:3F:F6:5C:03:0C:D0:E4:25:5F
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BLa-3kB36KrMBmc_9lwDDNDkJV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.121.0/24
Signature Algorithm: sha256WithRSAEncryption
23:c9:48:78:49:a2:3a:1c:7f:64:6d:1b:5d:af:f4:17:c0:fb:
a2:43:69:15:69:4d:70:13:c2:14:2c:ed:69:ac:98:85:98:b7:
07:5c:4e:cb:4e:b6:82:9a:c8:55:24:6a:c0:00:b5:01:9e:41:
c1:30:57:2f:8f:a7:b0:03:87:06:d6:44:01:63:55:f2:a0:f0:
d9:94:2b:82:4f:8d:51:08:9f:e5:a3:a4:37:30:5a:19:2c:b3:
40:bc:f0:64:bf:b2:21:5d:7e:a0:70:a3:cc:29:29:c3:db:0b:
a5:fa:c6:d0:9d:70:0b:e1:e1:ee:ef:fb:ac:b7:6d:be:3a:49:
f4:a0:0c:98:90:0b:5c:d2:04:d5:e2:5d:95:68:09:1d:a8:4c:
c9:28:9b:e1:13:b2:d5:ec:6e:8a:9f:8a:2c:d4:50:f3:a1:c8:
01:8a:b7:6e:ad:c0:7b:1e:f0:42:2b:03:73:37:5c:e4:ad:59:
59:5d:29:da:0e:42:12:3e:c1:5c:34:22:41:cf:f6:89:34:dc:
51:5a:56:8d:2f:ef:17:a7:6d:e7:bf:cd:ad:a4:5b:5b:9b:3d:
dc:dc:82:28:e6:16:e0:d5:11:0c:c9:3f:c4:15:15:95:88:33:
a0:1c:e5:1c:c4:c4:89:6a:ad:66:35:b4:e1:2a:c7:be:9a:ca:
5f:ee:4d:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbR8NxdLo3RFG3EXgBGY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTAxMDAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGI2YmVkZTQwNzdlOGFhY2MwNjY3M2ZmNjVjMDMwY2QwZTQyNTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3apeuxLEKTjZpmzk1rEwyme7KJSI
jBYTTLfq2+skdVuD/cUsGScaDTB3jo1rNiUHfPhWLPz6faYaprGjrgi19F26LVQQ
ndn2d0h5UL4YuxNW5J+GDC40hd8qHt2jOuxQuEhQi0TZe27ICPM32CXrIX5MqjLY
iZEdNrB2dmW/Yk7jekuDY4TxEsx35euW7kn55DgVQeZWOk++fF7t61CZ4PfTNO1M
j8JYNsplyF6E5IMAug3jTgISf0IhMsLGletJTmY11rytzSiacapaj6ZoRxmVEiDI
guDPiJanOQgOeoRbZ7xbI8jzOSma58pW5DXciSIaSdxyWigvePtlFCJtCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAS2vt5Ad+iqzAZnP/ZcAwzQ5CVfMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvQkxhLTNrQjM2S3JNQm1jXzlsd0RETkRrSlY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS95MA0G
CSqGSIb3DQEBCwUAA4IBAQAjyUh4SaI6HH9kbRtdr/QXwPuiQ2kVaU1wE8IULO1p
rJiFmLcHXE7LTraCmshVJGrAALUBnkHBMFcvj6ewA4cG1kQBY1XyoPDZlCuCT41R
CJ/lo6Q3MFoZLLNAvPBkv7IhXX6gcKPMKSnD2wul+sbQnXAL4eHu7/ust22+Okn0
oAyYkAtc0gTV4l2VaAkdqEzJKJvhE7LV7G6Kn4os1FDzocgBirdurcB7HvBCKwNz
N1zkrVlZXSnaDkISPsFcNCJBz/aJNNxRWlaNL+8Xp23nv82tpFtbmz3c3IIo5hbg
1REMyT/EFRWViDOgHOUcxMSJaq1mNbThKse+mspf7k2e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:18 2024 by rpki-client on console-fra.rpki-client.org