Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/e89b06-9b24-46a1-8ecf-244c1776a7ad/1/BAi2jpLbPyZmnSYQ05rcahUTNnM.roa
File: BAi2jpLbPyZmnSYQ05rcahUTNnM.roa (raw, json)
Hash identifier: 7Jla8bUZpQAOeTuBVg4D1EfCwX/BtQgh252O5Zpn2OA=
Subject key identifier: 04:08:B6:8E:92:DB:3F:26:66:9D:26:10:D3:9A:DC:6A:15:13:36:73
Certificate issuer: /CN=1335738c6c13c2a092e4c4a21d5d55c10ee05c5a
Certificate serial: 0185718318AA962091956B462A8468EEF305
Authority key identifier: 13:35:73:8C:6C:13:C2:A0:92:E4:C4:A2:1D:5D:55:C1:0E:E0:5C:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EzVzjGwTwqCS5MSiHV1VwQ7gXFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/e89b06-9b24-46a1-8ecf-244c1776a7ad/1/BAi2jpLbPyZmnSYQ05rcahUTNnM.roa
Signing time: Mon 02 Jan 2023 08:04:54 +0000
ROA not before: Mon 02 Jan 2023 08:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59848
IP address blocks: 146.19.242.0/24 maxlen: 24
2a0c:e880::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:18:aa:96:20:91:95:6b:46:2a:84:68:ee:f3:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1335738c6c13c2a092e4c4a21d5d55c10ee05c5a
Validity
Not Before: Jan 2 08:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0408b68e92db3f26669d2610d39adc6a15133673
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6f:cf:8c:3a:83:96:b6:39:12:7a:e5:b5:11:
e7:d9:c1:5f:cd:af:1d:66:bc:da:d3:a2:fd:a9:84:
0d:83:e9:66:b0:55:e0:e9:32:28:dc:f7:7c:ae:21:
be:61:fe:76:b3:40:c4:36:47:cb:3a:c6:85:a2:7a:
b8:e7:3d:cd:10:54:7a:77:5c:7c:75:ed:90:63:bb:
d8:87:07:70:b7:63:01:6c:f0:d2:06:58:8f:71:e0:
b9:e6:dc:6c:55:fe:f8:aa:c4:f8:d6:f2:ce:2c:7f:
01:37:3f:8a:87:05:21:e1:47:dd:da:37:fb:75:bc:
02:3e:08:ff:18:3f:db:0a:64:0a:7f:47:84:df:66:
3b:9b:34:4a:34:ab:72:a2:85:e7:ca:73:c0:a7:1a:
4e:24:21:ff:e8:b8:e4:dd:c2:10:84:d9:96:8b:4f:
23:e7:6e:98:58:b9:ae:3e:fd:55:ef:a1:0e:64:a7:
32:12:bd:0f:1c:60:fb:93:79:59:f6:09:cd:b2:fd:
9d:b9:b9:33:48:1c:9c:0d:f4:1f:f2:fc:48:8b:a8:
68:b0:60:4e:60:c1:b0:63:dc:65:ee:50:01:52:aa:
50:2b:f0:0f:36:d3:48:cf:44:ef:86:bb:bd:cd:0e:
a9:94:ad:79:ec:08:b0:d8:fb:53:46:83:d4:c1:12:
15:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:08:B6:8E:92:DB:3F:26:66:9D:26:10:D3:9A:DC:6A:15:13:36:73
X509v3 Authority Key Identifier:
keyid:13:35:73:8C:6C:13:C2:A0:92:E4:C4:A2:1D:5D:55:C1:0E:E0:5C:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EzVzjGwTwqCS5MSiHV1VwQ7gXFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/e89b06-9b24-46a1-8ecf-244c1776a7ad/1/BAi2jpLbPyZmnSYQ05rcahUTNnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/e89b06-9b24-46a1-8ecf-244c1776a7ad/1/EzVzjGwTwqCS5MSiHV1VwQ7gXFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.242.0/24
IPv6:
2a0c:e880::/29
Signature Algorithm: sha256WithRSAEncryption
4e:2c:91:f8:ad:09:80:2f:39:e0:7f:b3:8d:a2:a8:60:9a:1d:
a2:66:33:b6:63:32:cb:83:d1:b0:fd:a1:17:e6:ef:c1:e8:d6:
2f:4e:c8:60:e1:08:70:79:74:c4:95:d7:6b:59:fc:6c:25:a8:
00:49:48:49:67:f5:63:d5:de:62:2d:e0:a1:b2:b5:3b:5b:0b:
3f:36:36:eb:29:a5:da:7c:14:10:09:dc:d3:40:23:41:9e:cd:
a0:f9:35:7d:9c:69:b2:f3:ce:b6:49:ea:07:ac:22:03:b3:0b:
fa:a0:d4:23:93:63:aa:70:79:f3:e5:d3:b1:f8:d3:d8:75:a6:
f2:0d:6b:93:15:52:24:d1:08:2f:75:62:ec:10:99:56:23:a9:
a0:5f:f9:97:00:f8:e6:f0:25:ad:44:a2:bd:d7:22:9e:d0:5e:
95:77:de:22:45:3c:f1:8e:cb:b2:57:f4:8a:0e:36:dc:c8:b5:
8c:f4:07:6b:f5:4a:16:12:ae:c9:ef:7a:b9:65:32:8a:e6:72:
3d:66:93:91:17:81:06:57:5e:5d:90:1f:34:4b:66:a3:23:20:
9d:21:6f:08:22:c5:28:aa:54:70:ba:04:28:4b:4b:85:d7:be:
bf:24:3d:44:9e:bb:06:35:e8:80:ac:0e:48:0a:f9:b1:fd:f0:
14:70:55:6e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxgxiqliCRlWtGKoRo7vMFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMzU3MzhjNmMxM2MyYTA5MmU0YzRhMjFkNWQ1NWMxMGVl
MDVjNWEwHhcNMjMwMTAyMDgwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDA4YjY4ZTkyZGIzZjI2NjY5ZDI2MTBkMzlhZGM2YTE1MTMzNjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxW/PjDqDlrY5EnrltRHn2cFfza8d
Zrza06L9qYQNg+lmsFXg6TIo3Pd8riG+Yf52s0DENkfLOsaFonq45z3NEFR6d1x8
de2QY7vYhwdwt2MBbPDSBliPceC55txsVf74qsT41vLOLH8BNz+KhwUh4Ufd2jf7
dbwCPgj/GD/bCmQKf0eE32Y7mzRKNKtyooXnynPApxpOJCH/6Ljk3cIQhNmWi08j
526YWLmuPv1V76EOZKcyEr0PHGD7k3lZ9gnNsv2dubkzSBycDfQf8vxIi6hosGBO
YMGwY9xl7lABUqpQK/APNtNIz0Tvhru9zQ6plK157Aiw2PtTRoPUwRIV3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAQIto6S2z8mZp0mENOa3GoVEzZzMB8GA1UdIwQY
MBaAFBM1c4xsE8KgkuTEoh1dVcEO4FxaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXpWempHd1R3cUNTNU1TaUhWMVZ3UTdnWEZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9lODliMDYtOWIyNC00NmExLThlY2Yt
MjQ0YzE3NzZhN2FkLzEvQkFpMmpwTGJQeVptblNZUTA1cmNhaFVUTm5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9lODliMDYtOWIyNC00NmExLThlY2YtMjQ0YzE3NzZhN2Fk
LzEvRXpWempHd1R3cUNTNU1TaUhWMVZ3UTdnWEZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAkhPyMA0E
AgACMAcDBQMqDOiAMA0GCSqGSIb3DQEBCwUAA4IBAQBOLJH4rQmALzngf7ONoqhg
mh2iZjO2YzLLg9Gw/aEX5u/B6NYvTshg4QhweXTElddrWfxsJagASUhJZ/Vj1d5i
LeChsrU7Wws/NjbrKaXafBQQCdzTQCNBns2g+TV9nGmy8862SeoHrCIDswv6oNQj
k2OqcHnz5dOx+NPYdabyDWuTFVIk0QgvdWLsEJlWI6mgX/mXAPjm8CWtRKK91yKe
0F6Vd94iRTzxjsuyV/SKDjbcyLWM9Adr9UoWEq7J73q5ZTKK5nI9ZpORF4EGV15d
kB80S2ajIyCdIW8IIsUoqlRwugQoS0uF176/JD1EnrsGNeiArA5ICvmx/fAUcFVu
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:28 2024 by rpki-client on console-ams.rpki-client.org