Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/bJFfWW1oZY7gs8CISdhBDZQYW2g.roa
File: bJFfWW1oZY7gs8CISdhBDZQYW2g.roa (raw, json)
Hash identifier: 9r5aND7VZiIw9/mUUs4V661TIksTy8xEdgvW2zMwfFU=
Subject key identifier: 6C:91:5F:59:6D:68:65:8E:E0:B3:C0:88:49:D8:41:0D:94:18:5B:68
Certificate issuer: /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial: 018E819ABACC34E483F6CFB789055EB0C776
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/bJFfWW1oZY7gs8CISdhBDZQYW2g.roa
Signing time: Wed 27 Mar 2024 20:29:44 +0000
ROA not before: Wed 27 Mar 2024 20:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 80.246.226.0/24 maxlen: 24
80.246.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 19:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:81:9a:ba:cc:34:e4:83:f6:cf:b7:89:05:5e:b0:c7:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
Validity
Not Before: Mar 27 20:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c915f596d68658ee0b3c08849d8410d94185b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:eb:35:27:21:d8:07:53:d9:af:66:f5:aa:4d:
2f:05:52:9f:8a:be:90:0f:61:fb:69:98:29:86:38:
fe:b1:d0:67:de:9b:aa:dc:05:cc:96:0d:3e:6e:24:
4b:a7:c4:e6:d6:bf:72:53:96:7f:d9:02:3f:a3:07:
07:3a:ab:63:45:44:65:26:04:c2:57:1e:df:74:43:
8f:f2:18:37:a0:00:06:b4:93:8e:d2:b2:d0:84:2c:
55:d9:7b:aa:09:9d:59:92:5b:ce:27:8b:81:41:9d:
fa:7a:30:af:fe:d3:d3:00:e4:ff:19:a9:2f:bd:b6:
a9:92:e2:8a:28:24:01:cc:12:ed:2c:8c:d6:cd:d5:
57:83:60:0d:b6:a0:58:ad:18:31:9a:39:05:30:4b:
2f:c6:74:62:34:f4:15:b6:fe:ca:fe:0d:f6:db:21:
da:65:43:af:b7:96:97:25:06:61:0b:12:2d:33:af:
cb:67:75:9a:e4:8c:1a:a5:89:ca:6a:d5:18:2f:ce:
0a:a1:d4:10:a0:4d:5d:80:c7:78:ec:82:03:2a:90:
20:0f:82:13:5f:35:61:ba:b3:04:bc:aa:36:47:a0:
88:ee:37:b0:10:4c:29:de:36:82:c3:74:3a:f5:eb:
31:25:a4:af:eb:af:9c:01:92:48:75:4f:d8:23:d9:
2c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:91:5F:59:6D:68:65:8E:E0:B3:C0:88:49:D8:41:0D:94:18:5B:68
X509v3 Authority Key Identifier:
keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/bJFfWW1oZY7gs8CISdhBDZQYW2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.246.226.0/24
80.246.230.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:c3:66:fb:4e:f0:56:23:3d:d6:f5:5f:59:e6:bc:b8:28:65:
e3:82:e7:ad:6b:22:26:37:a2:4b:55:ee:78:e0:a1:a4:0e:78:
d9:04:b3:77:a7:5d:81:ab:db:cd:74:84:fe:a1:82:58:18:bf:
77:39:0c:ec:61:2f:6a:66:52:d3:50:83:fb:d9:0e:a2:80:7f:
c6:d4:09:05:6e:ec:88:ca:eb:d1:40:a2:64:b6:9b:01:53:db:
05:62:24:9f:aa:6c:87:60:61:b4:44:47:5c:c7:0c:12:4e:26:
c0:39:ae:ee:f5:a2:77:e7:8a:f9:48:bc:d9:5c:2d:df:b7:2a:
a5:92:d9:26:b5:26:db:f4:66:c6:89:f1:c0:30:2b:f4:99:91:
d0:4e:63:7c:f3:c7:0e:1d:7f:c9:fe:d4:33:01:bf:ea:80:d8:
7a:0e:76:43:ba:f1:ad:6d:6c:9f:a7:f4:2e:66:05:66:cc:8f:
56:27:a9:7c:ba:99:b7:74:ff:19:1b:b8:c0:9c:48:f0:c9:78:
55:c1:35:b6:d2:a9:45:97:73:a5:25:f4:4f:fb:37:07:e5:17:
42:62:09:6c:02:1a:36:2c:12:46:2c:10:03:0c:f5:91:39:3b:
f4:4e:45:9d:0d:ea:9c:47:24:72:32:f5:a9:09:a4:86:be:c3:
94:b3:f7:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6BmrrMNOSD9s+3iQVesMd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjQwMzI3MjAyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzkxNWY1OTZkNjg2NThlZTBiM2MwODg0OWQ4NDEwZDk0MTg1YjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmus1JyHYB1PZr2b1qk0vBVKfir6Q
D2H7aZgphjj+sdBn3puq3AXMlg0+biRLp8Tm1r9yU5Z/2QI/owcHOqtjRURlJgTC
Vx7fdEOP8hg3oAAGtJOO0rLQhCxV2XuqCZ1ZklvOJ4uBQZ36ejCv/tPTAOT/Gakv
vbapkuKKKCQBzBLtLIzWzdVXg2ANtqBYrRgxmjkFMEsvxnRiNPQVtv7K/g322yHa
ZUOvt5aXJQZhCxItM6/LZ3Wa5IwapYnKatUYL84KodQQoE1dgMd47IIDKpAgD4IT
XzVhurMEvKo2R6CI7jewEEwp3jaCw3Q69esxJaSv66+cAZJIdU/YI9ksawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGyRX1ltaGWO4LPAiEnYQQ2UGFtoMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvYkpGZldXMW9aWTdnczhDSVNkaEJEWlFZVzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUPbiAwQA
UPbmMA0GCSqGSIb3DQEBCwUAA4IBAQBsw2b7TvBWIz3W9V9Z5ry4KGXjguetayIm
N6JLVe544KGkDnjZBLN3p12Bq9vNdIT+oYJYGL93OQzsYS9qZlLTUIP72Q6igH/G
1AkFbuyIyuvRQKJktpsBU9sFYiSfqmyHYGG0REdcxwwSTibAOa7u9aJ354r5SLzZ
XC3ftyqlktkmtSbb9GbGifHAMCv0mZHQTmN888cOHX/J/tQzAb/qgNh6DnZDuvGt
bWyfp/QuZgVmzI9WJ6l8upm3dP8ZG7jAnEjwyXhVwTW20qlFl3OlJfRP+zcH5RdC
YglsAho2LBJGLBADDPWROTv0TkWdDeqcRyRyMvWpCaSGvsOUs/dO
-----END CERTIFICATE-----
Generated at Thu Mar 28 21:42:06 2024 by rpki-client on console-fra.rpki-client.org