Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BbxAEgCqbNShjYF5RKST4_w_rZs.roa
File: BbxAEgCqbNShjYF5RKST4_w_rZs.roa (raw, json)
Hash identifier: F7ncmgSLV+qQTH7ibbbQOnwSb2XhMXPN8k7W3NNnefA=
Subject key identifier: 05:BC:40:12:00:AA:6C:D4:A1:8D:81:79:44:A4:93:E3:FC:3F:AD:9B
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01856ECB79A879E84C14A92B5C7583E59E54
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BbxAEgCqbNShjYF5RKST4_w_rZs.roa
Signing time: Sun 01 Jan 2023 19:25:06 +0000
ROA not before: Sun 01 Jan 2023 19:25:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47427
IP address blocks: 86.105.32.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:79:a8:79:e8:4c:14:a9:2b:5c:75:83:e5:9e:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 19:25:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05bc401200aa6cd4a18d817944a493e3fc3fad9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:64:8d:e6:e1:bf:c2:ee:61:27:f0:94:18:f2:
2c:be:f5:c6:ad:b9:3f:05:88:54:b8:cf:97:f9:f4:
07:f0:51:a3:53:f2:56:09:c6:99:12:00:04:3e:b6:
08:7c:2c:06:d3:95:cc:17:67:f7:da:6a:57:8d:24:
7e:6a:de:bc:9e:18:5e:e3:1c:b5:6f:10:97:72:74:
8e:93:ac:7a:d0:12:2c:ee:94:b1:f7:61:90:29:85:
b0:b8:1c:08:dd:93:f1:eb:62:4f:d1:cb:81:26:81:
75:b9:98:f6:43:fe:7f:5e:07:67:81:cb:90:f5:75:
62:6e:6e:6b:a7:ff:f4:5f:91:32:71:7b:79:ce:c1:
dc:0b:c1:bf:dd:73:86:e5:60:32:d7:1b:a2:d1:53:
51:fb:77:fe:64:e3:f8:39:a1:2e:7a:e3:c6:81:8b:
c9:2d:39:d0:9c:1f:a8:6a:34:88:c3:be:c8:fb:f2:
a2:a6:00:85:65:41:aa:98:ad:5e:dd:da:25:30:76:
d7:9e:0b:90:df:d1:fd:05:41:92:1c:00:78:67:c2:
27:13:d3:57:1c:7b:1c:47:d2:c0:00:fb:7d:a2:a0:
99:c6:3f:5f:3a:c2:c6:f7:a9:98:b5:bc:2d:1b:26:
22:d5:97:6f:29:e9:63:7b:00:f7:fc:ee:ba:3f:8c:
0b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:BC:40:12:00:AA:6C:D4:A1:8D:81:79:44:A4:93:E3:FC:3F:AD:9B
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BbxAEgCqbNShjYF5RKST4_w_rZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.32.0/21
Signature Algorithm: sha256WithRSAEncryption
79:ba:da:19:b3:0f:f1:88:80:03:fa:1a:f4:0f:2b:e4:17:0d:
6f:ce:a5:a5:bc:82:0b:6f:2b:fb:7a:b6:3a:cf:03:83:6b:76:
58:87:53:cc:eb:5b:58:be:cb:d1:67:89:e8:f1:b9:e4:d2:ec:
03:31:52:54:38:4d:d3:f2:c7:b4:f9:df:04:7e:c1:b3:be:fb:
5a:32:0c:88:51:6d:43:10:d7:8b:9b:5f:bd:0c:f5:ac:80:4b:
2d:e1:cd:28:4f:03:7b:15:9a:03:1e:8b:af:a9:cc:d0:ae:91:
1b:f2:a6:50:b3:25:34:85:31:24:50:7b:f5:08:04:71:27:a7:
27:45:5f:95:49:32:7e:35:41:4b:7f:0a:92:d9:b6:01:94:76:
c5:b2:78:f5:77:4c:93:cc:db:f3:61:d9:ea:50:f2:55:87:41:
a1:66:94:f9:c8:b1:4b:ab:07:09:63:71:56:b4:5c:ae:87:5d:
6e:48:0c:03:98:1b:f1:13:33:fe:f3:52:65:1c:b9:43:a2:f8:
2e:41:7f:3f:f6:cc:f1:36:a7:5a:92:0d:8c:9c:83:b2:db:01:
ce:c6:68:54:df:42:12:9d:c5:d5:d1:e5:c7:3d:aa:72:12:9c:
07:ed:8f:ae:e9:69:cb:2b:b6:68:9b:34:34:5d:71:c0:3f:6e:
99:5b:13:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy3moeehMFKkrXHWD5Z5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwMTAxMTkyNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWJjNDAxMjAwYWE2Y2Q0YTE4ZDgxNzk0NGE0OTNlM2ZjM2ZhZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGSN5uG/wu5hJ/CUGPIsvvXGrbk/
BYhUuM+X+fQH8FGjU/JWCcaZEgAEPrYIfCwG05XMF2f32mpXjSR+at68nhhe4xy1
bxCXcnSOk6x60BIs7pSx92GQKYWwuBwI3ZPx62JP0cuBJoF1uZj2Q/5/XgdngcuQ
9XVibm5rp//0X5EycXt5zsHcC8G/3XOG5WAy1xui0VNR+3f+ZOP4OaEueuPGgYvJ
LTnQnB+oajSIw77I+/KipgCFZUGqmK1e3dolMHbXnguQ39H9BUGSHAB4Z8InE9NX
HHscR9LAAPt9oqCZxj9fOsLG96mYtbwtGyYi1ZdvKeljewD3/O66P4wL5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAW8QBIAqmzUoY2BeUSkk+P8P62bMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvQmJ4QUVnQ3FiTlNoallGNVJLU1Q0X3dfclpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVmkgMA0G
CSqGSIb3DQEBCwUAA4IBAQB5utoZsw/xiIAD+hr0DyvkFw1vzqWlvIILbyv7erY6
zwODa3ZYh1PM61tYvsvRZ4no8bnk0uwDMVJUOE3T8se0+d8EfsGzvvtaMgyIUW1D
ENeLm1+9DPWsgEst4c0oTwN7FZoDHouvqczQrpEb8qZQsyU0hTEkUHv1CARxJ6cn
RV+VSTJ+NUFLfwqS2bYBlHbFsnj1d0yTzNvzYdnqUPJVh0GhZpT5yLFLqwcJY3FW
tFyuh11uSAwDmBvxEzP+81JlHLlDovguQX8/9szxNqdakg2MnIOy2wHOxmhU30IS
ncXV0eXHPapyEpwH7Y+u6WnLK7ZomzQ0XXHAP26ZWxN6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org