Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/366746-c306-408a-ba7e-2b3c64f9f9ab/1/BB1Qxg5Pc3hTdpSmnchskgDC0ZQ.roa
File: BB1Qxg5Pc3hTdpSmnchskgDC0ZQ.roa (raw, json)
Hash identifier: JggWuSjVRf58pFEomJpdt3Gdt+xE3J0mALVxJ9LSWOg=
Subject key identifier: 04:1D:50:C6:0E:4F:73:78:53:76:94:A6:9D:C8:6C:92:00:C2:D1:94
Certificate issuer: /CN=c2838d1f3b231bf72e453dd78c4b50ac009ff7f1
Certificate serial: 018CC3494EE6AC04CD80B84C67C80A74AE27
Authority key identifier: C2:83:8D:1F:3B:23:1B:F7:2E:45:3D:D7:8C:4B:50:AC:00:9F:F7:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/woONHzsjG_cuRT3XjEtQrACf9_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/366746-c306-408a-ba7e-2b3c64f9f9ab/1/BB1Qxg5Pc3hTdpSmnchskgDC0ZQ.roa
Signing time: Mon 01 Jan 2024 04:30:10 +0000
ROA not before: Mon 01 Jan 2024 04:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203649
IP address blocks: 185.128.58.0/24 maxlen: 24
185.128.56.0/24 maxlen: 24
185.128.57.0/24 maxlen: 24
185.128.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Sep 2024 21:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:4e:e6:ac:04:cd:80:b8:4c:67:c8:0a:74:ae:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2838d1f3b231bf72e453dd78c4b50ac009ff7f1
Validity
Not Before: Jan 1 04:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=041d50c60e4f7378537694a69dc86c9200c2d194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:39:1a:28:30:90:4d:1b:be:68:34:e7:88:1a:
9b:ad:aa:c9:15:b3:2b:ac:cb:47:f8:53:80:da:6d:
53:eb:bb:bb:42:ef:84:2c:49:8c:d1:ee:91:cf:4b:
c8:e6:2b:4c:d2:81:0b:fe:4b:81:80:72:7b:95:e0:
e1:fd:13:f8:79:59:4f:70:15:0d:03:6d:37:03:18:
de:ca:19:b3:30:f8:f8:81:6f:92:2e:59:5e:13:4f:
3c:d1:86:87:b9:65:00:b7:0a:eb:5a:58:e7:36:b3:
65:6a:72:0c:ab:ed:ac:17:8d:13:37:b3:92:a5:5a:
19:1a:49:e4:83:d7:05:89:ed:f7:c5:cb:35:e6:38:
79:be:95:41:46:e5:c8:62:51:f6:95:a0:c4:20:bf:
a6:cb:79:de:b5:6c:27:db:50:c2:c4:6c:e0:a5:c4:
db:e3:c2:e6:5f:22:24:02:bb:60:03:a8:bd:88:b2:
27:54:50:92:61:54:1a:ad:f4:dc:f7:96:6b:54:6c:
00:da:a9:fe:0f:d8:35:9a:13:13:d0:21:81:12:42:
ef:6b:1a:c2:4d:c5:e8:30:e7:c6:e8:48:e7:80:b4:
2c:0a:2c:9b:15:24:04:9f:4b:ee:22:76:0c:0f:64:
a4:40:f8:ae:6f:ca:57:97:29:8f:11:f4:9d:ef:27:
16:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:1D:50:C6:0E:4F:73:78:53:76:94:A6:9D:C8:6C:92:00:C2:D1:94
X509v3 Authority Key Identifier:
keyid:C2:83:8D:1F:3B:23:1B:F7:2E:45:3D:D7:8C:4B:50:AC:00:9F:F7:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/woONHzsjG_cuRT3XjEtQrACf9_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/366746-c306-408a-ba7e-2b3c64f9f9ab/1/BB1Qxg5Pc3hTdpSmnchskgDC0ZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/366746-c306-408a-ba7e-2b3c64f9f9ab/1/woONHzsjG_cuRT3XjEtQrACf9_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.56.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:bb:a6:6b:03:a2:0c:d4:0b:9c:8a:3f:a4:22:a2:0b:ce:2e:
85:37:f8:b4:bc:cc:29:31:0d:13:81:39:dc:2a:af:17:b3:86:
7c:bd:10:a9:3d:ff:29:b1:51:b1:34:9d:c4:5d:37:26:eb:28:
48:bf:f8:c5:b2:51:b5:5e:fe:d6:80:6c:9e:d0:cd:be:f5:c8:
e8:80:0a:20:60:cd:83:5d:2b:ff:55:06:68:df:f6:ca:91:59:
58:5c:27:19:47:04:e9:b9:7b:f5:8d:76:dc:f8:64:45:f5:6c:
49:8c:1a:95:c4:f2:2b:7d:17:c3:45:32:73:e0:6d:45:44:2b:
7a:30:d4:e6:b6:47:75:71:4c:81:1a:ef:3c:ab:62:c7:6f:d2:
f9:50:17:35:ad:c5:cb:67:fd:bf:a5:09:fe:09:98:38:f6:8e:
a7:5e:66:24:f2:a2:32:c3:6f:01:9e:dc:42:88:2c:16:19:50:
18:f3:7a:3e:1b:26:c4:52:40:88:78:6e:bf:42:d6:a6:fe:8c:
31:9d:aa:b1:f4:12:3d:60:c5:44:11:a8:ef:8f:4d:ec:68:65:
95:c1:3b:4a:45:7c:ff:90:96:b8:0a:c2:7f:c4:52:fe:74:e5:
12:7e:69:41:84:9e:29:18:4c:19:a8:76:57:7d:2d:e2:9b:e9:
1f:d3:bd:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSU7mrATNgLhMZ8gKdK4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyODM4ZDFmM2IyMzFiZjcyZTQ1M2RkNzhjNGI1MGFjMDA5
ZmY3ZjEwHhcNMjQwMTAxMDQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDFkNTBjNjBlNGY3Mzc4NTM3Njk0YTY5ZGM4NmM5MjAwYzJkMTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjkaKDCQTRu+aDTniBqbrarJFbMr
rMtH+FOA2m1T67u7Qu+ELEmM0e6Rz0vI5itM0oEL/kuBgHJ7leDh/RP4eVlPcBUN
A203AxjeyhmzMPj4gW+SLlleE0880YaHuWUAtwrrWljnNrNlanIMq+2sF40TN7OS
pVoZGknkg9cFie33xcs15jh5vpVBRuXIYlH2laDEIL+my3netWwn21DCxGzgpcTb
48LmXyIkArtgA6i9iLInVFCSYVQarfTc95ZrVGwA2qn+D9g1mhMT0CGBEkLvaxrC
TcXoMOfG6EjngLQsCiybFSQEn0vuInYMD2SkQPiub8pXlymPEfSd7ycWWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAQdUMYOT3N4U3aUpp3IbJIAwtGUMB8GA1UdIwQY
MBaAFMKDjR87Ixv3LkU914xLUKwAn/fxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd29PTkh6c2pHX2N1UlQzWGpFdFFyQUNmOV9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zNjY3NDYtYzMwNi00MDhhLWJhN2Ut
MmIzYzY0ZjlmOWFiLzEvQkIxUXhnNVBjM2hUZHBTbW5jaHNrZ0RDMFpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zNjY3NDYtYzMwNi00MDhhLWJhN2UtMmIzYzY0ZjlmOWFi
LzEvd29PTkh6c2pHX2N1UlQzWGpFdFFyQUNmOV9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYA4MA0G
CSqGSIb3DQEBCwUAA4IBAQB+u6ZrA6IM1Aucij+kIqILzi6FN/i0vMwpMQ0TgTnc
Kq8Xs4Z8vRCpPf8psVGxNJ3EXTcm6yhIv/jFslG1Xv7WgGye0M2+9cjogAogYM2D
XSv/VQZo3/bKkVlYXCcZRwTpuXv1jXbc+GRF9WxJjBqVxPIrfRfDRTJz4G1FRCt6
MNTmtkd1cUyBGu88q2LHb9L5UBc1rcXLZ/2/pQn+CZg49o6nXmYk8qIyw28BntxC
iCwWGVAY83o+GybEUkCIeG6/Qtam/owxnaqx9BI9YMVEEajvj03saGWVwTtKRXz/
kJa4CsJ/xFL+dOUSfmlBhJ4pGEwZqHZXfS3im+kf073j
Generated at Wed Sep 25 23:37:07 2024 by rpki-client on console-fra.rpki-client.org