Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BVWDZFa7oPRZxRx_P7AmGTZXFFg.roa
File: BVWDZFa7oPRZxRx_P7AmGTZXFFg.roa (raw, json)
Hash identifier: CH5D3jCc9qf36oSD8JuljP/DW9FKZbadbbN4042BGXo=
Subject key identifier: 05:55:83:64:56:BB:A0:F4:59:C5:1C:7F:3F:B0:26:19:36:57:14:58
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01856ECB6D030339DD88116D4E482625E644
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BVWDZFa7oPRZxRx_P7AmGTZXFFg.roa
Signing time: Sun 01 Jan 2023 19:25:03 +0000
ROA not before: Sun 01 Jan 2023 19:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3223
IP address blocks: 89.47.233.0/24 maxlen: 24
89.34.26.0/24 maxlen: 24
89.41.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Apr 2023 08:32:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:6d:03:03:39:dd:88:11:6d:4e:48:26:25:e6:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 19:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0555836456bba0f459c51c7f3fb0261936571458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a0:43:8e:9a:49:07:17:06:06:e8:f3:4c:5e:
d9:26:69:0e:31:a3:af:bb:f2:de:6c:10:4a:a6:0e:
92:6d:82:9c:b3:ba:28:f6:fc:2a:d5:e9:ae:d1:fa:
3d:d7:2e:3b:30:c8:97:0a:0f:ac:95:a3:b8:8c:4b:
46:b1:b9:90:2f:4e:6d:cc:70:ec:61:95:16:44:cd:
dd:8f:a5:34:6b:be:9c:46:c5:74:f7:49:03:02:29:
05:ee:0b:4a:a9:13:8e:f1:b5:78:dd:db:18:6e:6e:
4e:2c:17:3f:69:53:02:3d:67:e1:55:7c:c6:c6:4f:
c9:74:8a:43:db:2a:c2:98:3b:72:12:57:cf:41:5c:
52:a8:90:f8:62:37:39:62:56:84:b9:02:51:a7:62:
e4:ad:06:b5:42:d7:21:3f:2c:57:b0:e2:69:84:8f:
c6:22:57:65:99:35:cc:0c:b7:a5:98:3f:3f:ba:0d:
de:c4:8e:bf:a9:13:72:44:32:d2:9d:1e:92:bc:c8:
f1:33:f9:e5:01:09:a0:4d:e0:8a:90:11:1b:bd:a6:
34:e5:10:ec:a4:6d:b2:6a:8f:79:53:8a:6f:10:92:
90:68:f7:e3:a9:5a:07:51:50:15:cb:cb:c0:01:d5:
a4:f8:6f:5d:4f:dc:17:58:76:67:c2:69:5d:b9:7c:
68:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:55:83:64:56:BB:A0:F4:59:C5:1C:7F:3F:B0:26:19:36:57:14:58
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BVWDZFa7oPRZxRx_P7AmGTZXFFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.26.0/24
89.41.179.0/24
89.47.233.0/24
Signature Algorithm: sha256WithRSAEncryption
39:5d:5b:29:d6:6f:11:4f:81:95:4f:9e:76:8c:bb:1b:46:b7:
96:33:44:39:2f:67:5f:51:c9:58:d6:10:73:cb:51:1a:1e:ab:
8c:07:e4:8b:c3:c5:8e:90:ba:70:86:77:9a:e3:0a:43:e2:00:
01:b0:18:c1:63:cb:ee:51:ca:a8:82:3b:e8:b4:56:68:51:be:
46:08:39:dc:df:3d:ff:81:5a:36:ef:1b:24:33:df:53:90:84:
3b:ef:c5:07:66:85:7d:58:2f:6d:2e:bc:b9:f9:54:da:61:5f:
27:3a:8f:50:c4:da:f7:c4:8d:f1:a5:e0:d3:89:8c:c0:fe:d0:
02:3d:1f:16:01:bb:ef:fb:b4:00:e6:b9:4e:01:ee:f5:46:fd:
da:d1:ea:dd:d6:cf:df:8a:18:89:95:f3:b6:cd:8d:36:c1:d6:
47:4e:51:54:1d:e7:95:f1:d3:1d:99:7a:e4:76:34:ff:1d:77:
13:52:6a:0c:d0:08:70:88:c0:5e:91:ce:63:2e:3c:b8:30:37:
c9:a2:a7:44:b1:2b:24:8c:34:93:b2:f5:4e:01:07:01:02:57:
12:87:ea:2e:19:d0:46:c3:a7:d7:b1:0b:88:0b:2c:ac:f2:c4:
d2:a3:2c:a3:7d:83:15:74:0e:9c:1a:e2:11:d0:72:15:81:ca:
a0:49:69:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuy20DAzndiBFtTkgmJeZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwMTAxMTkyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTU1ODM2NDU2YmJhMGY0NTljNTFjN2YzZmIwMjYxOTM2NTcxNDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKBDjppJBxcGBujzTF7ZJmkOMaOv
u/LebBBKpg6SbYKcs7oo9vwq1emu0fo91y47MMiXCg+slaO4jEtGsbmQL05tzHDs
YZUWRM3dj6U0a76cRsV090kDAikF7gtKqROO8bV43dsYbm5OLBc/aVMCPWfhVXzG
xk/JdIpD2yrCmDtyElfPQVxSqJD4Yjc5YlaEuQJRp2LkrQa1QtchPyxXsOJphI/G
IldlmTXMDLelmD8/ug3exI6/qRNyRDLSnR6SvMjxM/nlAQmgTeCKkBEbvaY05RDs
pG2yao95U4pvEJKQaPfjqVoHUVAVy8vAAdWk+G9dT9wXWHZnwmlduXxoPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAVVg2RWu6D0WcUcfz+wJhk2VxRYMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvQlZXRFpGYTdvUFJaeFJ4X1A3QW1HVFpYRkZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSIaAwQA
WSmzAwQAWS/pMA0GCSqGSIb3DQEBCwUAA4IBAQA5XVsp1m8RT4GVT552jLsbRreW
M0Q5L2dfUclY1hBzy1EaHquMB+SLw8WOkLpwhnea4wpD4gABsBjBY8vuUcqogjvo
tFZoUb5GCDnc3z3/gVo27xskM99TkIQ778UHZoV9WC9tLry5+VTaYV8nOo9QxNr3
xI3xpeDTiYzA/tACPR8WAbvv+7QA5rlOAe71Rv3a0erd1s/fihiJlfO2zY02wdZH
TlFUHeeV8dMdmXrkdjT/HXcTUmoM0AhwiMBekc5jLjy4MDfJoqdEsSskjDSTsvVO
AQcBAlcSh+ouGdBGw6fXsQuICyys8sTSoyyjfYMVdA6cGuIR0HIVgcqgSWml
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org