Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/bH-W9VoGhnpQM1ktK8OnTTrheSA.roa
File: bH-W9VoGhnpQM1ktK8OnTTrheSA.roa (raw, json)
Hash identifier: jzx3MEi+iOn+F43QNfx1dUnlPkwPB2EwO4IZe0phfZE=
Subject key identifier: 6C:7F:96:F5:5A:06:86:7A:50:33:59:2D:2B:C3:A7:4D:3A:E1:79:20
Certificate issuer: /CN=21bfb9e219e15feda6add29639b8d73f5c2cd802
Certificate serial: 018CC94E5B105211A20802B338CA91131491
Authority key identifier: 21:BF:B9:E2:19:E1:5F:ED:A6:AD:D2:96:39:B8:D7:3F:5C:2C:D8:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ib-54hnhX-2mrdKWObjXP1ws2AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/bH-W9VoGhnpQM1ktK8OnTTrheSA.roa
Signing time: Tue 02 Jan 2024 08:33:24 +0000
ROA not before: Tue 02 Jan 2024 08:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35378
IP address blocks: 95.171.96.0/19 maxlen: 19
37.123.200.0/21 maxlen: 21
176.241.72.0/21 maxlen: 21
77.91.0.0/18 maxlen: 18
185.14.112.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 22 Feb 2024 08:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:5b:10:52:11:a2:08:02:b3:38:ca:91:13:14:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bfb9e219e15feda6add29639b8d73f5c2cd802
Validity
Not Before: Jan 2 08:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c7f96f55a06867a5033592d2bc3a74d3ae17920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:56:72:b7:f7:fb:a3:7f:6d:39:b7:bc:7b:a1:
2d:5b:dc:f9:b6:d6:a2:c4:8f:c2:d4:6a:1d:00:17:
f0:f6:d1:5c:26:a7:c7:4d:00:33:2a:0e:a0:e4:e6:
b7:66:0b:4c:f8:6c:de:b3:8d:9b:e4:a9:f2:3f:35:
df:97:0e:30:5c:64:27:0f:b0:07:c9:46:c8:f6:0f:
12:29:71:cd:d1:fb:7a:f2:49:57:5c:f3:c3:e1:17:
0d:88:bb:31:22:e3:74:5d:3a:8d:3a:d4:3c:ee:0d:
96:de:a2:e9:21:8c:eb:5a:86:e5:ca:01:52:47:64:
59:60:4b:52:80:34:80:7a:24:f7:f3:c5:63:41:1b:
e9:f0:10:3c:b6:11:a2:66:47:74:ef:d5:64:07:99:
8a:ff:65:10:e4:7f:66:47:02:3e:84:de:d1:0e:20:
50:ca:fe:24:ea:42:c5:10:b2:6a:e1:99:ef:f2:82:
00:8d:66:23:50:27:09:42:f6:b9:41:06:86:4f:c5:
4d:a6:7b:40:02:7a:8e:c9:40:90:57:78:3e:e4:c4:
2b:f3:07:32:36:20:6e:92:d4:54:22:99:b1:76:64:
2f:6a:66:3a:8b:eb:d6:52:c7:91:23:bc:c7:f3:33:
2b:27:fd:59:20:18:ea:1c:4f:1d:51:e7:87:e3:a4:
c0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:7F:96:F5:5A:06:86:7A:50:33:59:2D:2B:C3:A7:4D:3A:E1:79:20
X509v3 Authority Key Identifier:
keyid:21:BF:B9:E2:19:E1:5F:ED:A6:AD:D2:96:39:B8:D7:3F:5C:2C:D8:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ib-54hnhX-2mrdKWObjXP1ws2AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/bH-W9VoGhnpQM1ktK8OnTTrheSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/Ib-54hnhX-2mrdKWObjXP1ws2AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.200.0/21
77.91.0.0/18
95.171.96.0/19
176.241.72.0/21
185.14.112.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:94:dd:02:84:ee:96:e5:be:1b:9c:35:57:31:87:ad:c3:06:
e2:74:fc:6a:2d:37:e0:a2:a2:3f:c7:89:37:26:00:ed:09:ac:
2d:b0:4c:d5:61:57:22:f0:2e:b8:1f:a3:9c:29:05:11:11:3a:
b0:33:57:15:28:70:ef:e0:0e:96:42:86:3a:9c:ff:9a:eb:8b:
46:f6:a8:28:0d:69:dd:95:45:3e:02:ac:36:eb:06:0c:11:f6:
09:46:6e:0c:f2:88:dd:e4:e3:f7:82:80:b4:fd:59:ca:ad:7e:
11:28:b7:b8:c9:c5:3a:2d:95:1e:5d:c8:d8:98:7e:39:10:ce:
a9:97:47:9f:a3:cc:89:ed:5d:39:83:a0:16:5f:8a:a1:43:13:
1e:b3:e3:5d:a6:3c:23:f7:c0:e7:86:15:a3:e8:ed:d3:98:60:
c1:7d:56:02:3d:fb:75:aa:32:8a:40:33:7f:9c:76:ec:74:80:
c7:96:de:33:df:09:ad:c9:f8:dc:4a:16:ad:67:36:c3:84:85:
91:b9:d7:90:29:b1:20:6c:b6:e5:73:65:e9:ba:7b:13:ef:36:
dc:b8:2b:92:72:87:0d:3d:dc:50:fc:8c:ee:e1:00:d6:1c:47:
b9:c2:4a:3e:09:04:91:bf:5f:75:d7:d0:ae:9c:d9:d9:da:16:
30:7f:b9:21
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJTlsQUhGiCAKzOMqRExSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmZiOWUyMTllMTVmZWRhNmFkZDI5NjM5YjhkNzNmNWMy
Y2Q4MDIwHhcNMjQwMTAyMDgzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzdmOTZmNTVhMDY4NjdhNTAzMzU5MmQyYmMzYTc0ZDNhZTE3OTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVZyt/f7o39tObe8e6EtW9z5ttai
xI/C1GodABfw9tFcJqfHTQAzKg6g5Oa3ZgtM+Gzes42b5KnyPzXflw4wXGQnD7AH
yUbI9g8SKXHN0ft68klXXPPD4RcNiLsxIuN0XTqNOtQ87g2W3qLpIYzrWoblygFS
R2RZYEtSgDSAeiT388VjQRvp8BA8thGiZkd079VkB5mK/2UQ5H9mRwI+hN7RDiBQ
yv4k6kLFELJq4Znv8oIAjWYjUCcJQva5QQaGT8VNpntAAnqOyUCQV3g+5MQr8wcy
NiBuktRUIpmxdmQvamY6i+vWUseRI7zH8zMrJ/1ZIBjqHE8dUeeH46TAxwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGx/lvVaBoZ6UDNZLSvDp0064XkgMB8GA1UdIwQY
MBaAFCG/ueIZ4V/tpq3Sljm41z9cLNgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWItNTRobmhYLTJtcmRLV09ialhQMXdzMkFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hYWFlMzgtMWIyOC00NDlkLWJlODIt
NzNmZDJjMDM1ZWI1LzEvYkgtVzlWb0dobnBRTTFrdEs4T25UVHJoZVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hYWFlMzgtMWIyOC00NDlkLWJlODItNzNmZDJjMDM1ZWI1
LzEvSWItNTRobmhYLTJtcmRLV09ialhQMXdzMkFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDJXvIAwQG
TVsAAwQFX6tgAwQDsPFIAwQCuQ5wMA0GCSqGSIb3DQEBCwUAA4IBAQBvlN0ChO6W
5b4bnDVXMYetwwbidPxqLTfgoqI/x4k3JgDtCawtsEzVYVci8C64H6OcKQURETqw
M1cVKHDv4A6WQoY6nP+a64tG9qgoDWndlUU+Aqw26wYMEfYJRm4M8ojd5OP3goC0
/VnKrX4RKLe4ycU6LZUeXcjYmH45EM6pl0efo8yJ7V05g6AWX4qhQxMes+Ndpjwj
98DnhhWj6O3TmGDBfVYCPft1qjKKQDN/nHbsdIDHlt4z3wmtyfjcShatZzbDhIWR
udeQKbEgbLblc2XpunsT7zbcuCuScocNPdxQ/Izu4QDWHEe5wko+CQSRv19119Cu
nNnZ2hYwf7kh
-----END CERTIFICATE-----
Generated at Thu Feb 22 13:04:12 2024 by rpki-client on console-ams.rpki-client.org