Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/BRJNvBJZkyQgGX87nkz6V5xpfec.roa
File: BRJNvBJZkyQgGX87nkz6V5xpfec.roa (raw, json)
Hash identifier: /2g7NvtFTukp44oHaZ35QLjOWYkSzsCiMz9ogT/+Uv0=
Subject key identifier: 05:12:4D:BC:12:59:93:24:20:19:7F:3B:9E:4C:FA:57:9C:69:7D:E7
Certificate issuer: /CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Certificate serial: 018EBDEDA7622EF9A5EF4523C378DC1F6258
Authority key identifier: C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/BRJNvBJZkyQgGX87nkz6V5xpfec.roa
Signing time: Mon 08 Apr 2024 13:37:32 +0000
ROA not before: Mon 08 Apr 2024 13:37:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7155
IP address blocks: 81.88.79.0/24 maxlen: 24
185.77.116.0/24 maxlen: 24
185.77.117.0/24 maxlen: 24
185.77.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Apr 2024 07:58:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:ed:a7:62:2e:f9:a5:ef:45:23:c3:78:dc:1f:62:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Validity
Not Before: Apr 8 13:37:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05124dbc1259932420197f3b9e4cfa579c697de7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:90:61:27:34:8e:9a:ae:f7:e1:ea:b2:88:ab:
c3:ce:b1:b3:24:73:8a:dc:d6:7e:19:50:d8:92:ca:
54:80:ad:f7:e7:9f:8e:c0:11:5e:70:9f:78:b5:93:
8e:c7:1d:cd:40:c6:3a:b5:86:99:d1:0a:1a:42:a5:
88:68:b4:ea:ea:ff:59:9f:ff:7f:19:15:94:d3:02:
48:66:54:45:05:24:e3:cc:76:51:0d:0a:23:b9:ed:
48:f7:27:ce:e3:ca:de:b4:0f:d2:f0:0f:1e:9f:d2:
18:97:3e:03:99:20:ae:61:90:dc:9c:53:2b:55:55:
0a:bb:c8:d8:7c:f8:55:71:a3:15:41:df:9c:ab:75:
66:06:2a:48:29:7d:f7:af:68:c0:32:a1:a4:92:ed:
b9:ef:83:b7:aa:ea:eb:2b:cb:77:7a:d6:e5:a3:31:
41:8c:31:aa:47:24:2c:93:d2:a9:48:f1:53:7a:20:
24:6f:19:df:3a:9b:be:c6:cf:fd:6c:58:c6:62:5f:
57:d5:dc:7c:c5:d5:3f:5b:b3:23:63:33:48:b5:76:
b4:23:2b:3f:a3:b7:81:a7:5b:dc:92:50:ac:f2:75:
f3:ed:3a:3a:c3:d4:a0:2a:e0:8e:e7:b8:18:5b:d7:
35:83:48:3b:68:9f:6c:b1:12:6e:5b:fa:41:aa:39:
75:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:12:4D:BC:12:59:93:24:20:19:7F:3B:9E:4C:FA:57:9C:69:7D:E7
X509v3 Authority Key Identifier:
keyid:C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/BRJNvBJZkyQgGX87nkz6V5xpfec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/xZJ4bO1s5ZdYVGi7TzazHPas7G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.79.0/24
185.77.116.0-185.77.118.255
Signature Algorithm: sha256WithRSAEncryption
64:a9:0a:60:17:cb:7d:a3:c6:c2:46:ce:81:6e:cd:9e:73:d4:
04:13:45:17:ea:ef:c9:b1:82:89:89:fa:32:08:f5:ef:e9:f8:
85:a6:dd:35:9d:db:70:ea:b3:bb:a5:34:72:4a:68:d7:aa:8f:
0b:c1:f0:b6:77:bf:2f:da:ae:07:eb:ba:dd:70:5a:fb:c2:94:
02:3f:ab:45:7f:dd:61:38:4c:f1:4f:79:22:1e:35:4a:99:03:
9d:14:95:3f:a9:99:c1:e4:e4:85:5c:75:fd:4c:63:45:70:c2:
e7:f3:4b:ca:69:6c:43:a5:05:1a:16:ee:42:35:8f:e3:76:ff:
05:c1:11:a4:28:ef:61:5b:cd:f1:0b:1e:32:47:5a:74:a5:c7:
f8:a8:47:65:2c:2a:cb:26:7e:d5:2e:7a:fe:d7:c7:ec:ef:6d:
5d:ab:93:26:25:b5:9d:9b:02:ae:23:c4:e3:34:6e:13:d4:7d:
ed:85:cc:7f:70:d0:64:28:0e:91:42:3b:de:1e:97:17:e0:95:
5f:58:be:d9:f5:e0:10:7b:94:73:1a:48:64:33:75:63:56:d2:
6d:f6:7d:64:ad:75:58:0b:de:6d:a4:ed:a2:3c:cd:ce:50:f1:
64:d1:fb:29:a2:70:56:a1:32:68:a7:92:17:d7:8c:18:4d:9c:
bd:33:c5:b0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY697adiLvml70Ujw3jcH2JYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTI3ODZjZWQ2Y2U1OTc1ODU0NjhiYjRmMzZiMzFjZjZh
Y2VjNmUwHhcNMjQwNDA4MTMzNzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTEyNGRiYzEyNTk5MzI0MjAxOTdmM2I5ZTRjZmE1NzljNjk3ZGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJBhJzSOmq734eqyiKvDzrGzJHOK
3NZ+GVDYkspUgK3355+OwBFecJ94tZOOxx3NQMY6tYaZ0QoaQqWIaLTq6v9Zn/9/
GRWU0wJIZlRFBSTjzHZRDQojue1I9yfO48retA/S8A8en9IYlz4DmSCuYZDcnFMr
VVUKu8jYfPhVcaMVQd+cq3VmBipIKX33r2jAMqGkku2574O3qurrK8t3etblozFB
jDGqRyQsk9KpSPFTeiAkbxnfOpu+xs/9bFjGYl9X1dx8xdU/W7MjYzNItXa0Iys/
o7eBp1vcklCs8nXz7To6w9SgKuCO57gYW9c1g0g7aJ9ssRJuW/pBqjl16wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAUSTbwSWZMkIBl/O55M+lecaX3nMB8GA1UdIwQY
MBaAFMWSeGztbOWXWFRou082sxz2rOxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQt
YmEzNzUxMTQwNGMyLzEvQlJKTnZCSlpreVFnR1g4N25rejZWNXhwZmVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQtYmEzNzUxMTQwNGMy
LzEveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAUVhPMAwD
BAK5TXQDBAC5TXYwDQYJKoZIhvcNAQELBQADggEBAGSpCmAXy32jxsJGzoFuzZ5z
1AQTRRfq78mxgomJ+jII9e/p+IWm3TWd23Dqs7ulNHJKaNeqjwvB8LZ3vy/argfr
ut1wWvvClAI/q0V/3WE4TPFPeSIeNUqZA50UlT+pmcHk5IVcdf1MY0VwwufzS8pp
bEOlBRoW7kI1j+N2/wXBEaQo72FbzfELHjJHWnSlx/ioR2UsKssmftUuev7Xx+zv
bV2rkyYltZ2bAq4jxOM0bhPUfe2FzH9w0GQoDpFCO94elxfglV9Yvtn14BB7lHMa
SGQzdWNW0m32fWStdVgL3m2k7aI8zc5Q8WTR+ymicFahMminkhfXjBhNnL0zxbA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:46 2024 by rpki-client on console-fra.rpki-client.org