Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/BKAarw2h4aVNGOIyNamNpmOjriQ.roa
File: BKAarw2h4aVNGOIyNamNpmOjriQ.roa (raw, json)
Hash identifier: gZNTUJg5QfScdeKe6P7TAvveNQYSNYIjMnxR1ft4H2c=
Subject key identifier: 04:A0:1A:AF:0D:A1:E1:A5:4D:18:E2:32:35:A9:8D:A6:63:A3:AE:24
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01856F5DB37A73249D9BCD13F4FED00631E6
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/BKAarw2h4aVNGOIyNamNpmOjriQ.roa
Signing time: Sun 01 Jan 2023 22:04:49 +0000
ROA not before: Sun 01 Jan 2023 22:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43395
IP address blocks: 87.107.85.0/24 maxlen: 24
81.12.90.0/23 maxlen: 23
87.107.31.0/24 maxlen: 24
87.107.142.0/23 maxlen: 23
87.107.32.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:b3:7a:73:24:9d:9b:cd:13:f4:fe:d0:06:31:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 1 22:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04a01aaf0da1e1a54d18e23235a98da663a3ae24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9d:52:db:73:d0:86:f1:ff:bd:75:3a:e9:71:
f0:0c:64:1d:49:72:41:74:2a:2a:50:88:37:5f:f2:
0f:4c:ed:35:3a:72:0e:88:35:3f:d7:c7:07:c8:7c:
f6:3f:cc:c0:1a:d0:fe:a3:4e:28:f1:27:01:5c:52:
1d:ac:80:26:5e:e9:6c:df:36:21:f7:64:50:2f:76:
4d:11:83:f2:21:c1:ec:85:52:08:5c:16:c9:3d:0f:
d7:e7:8d:b9:fe:b9:cc:3c:bf:a6:90:3c:ed:61:74:
e9:0f:69:cc:4e:da:86:11:47:bd:b5:5f:e6:79:f6:
4c:46:7d:ce:95:a1:75:ee:a8:cd:98:c7:2b:9e:fa:
4c:74:90:43:a2:55:34:5c:f8:a0:25:15:df:ec:e8:
0e:52:96:51:9e:2d:09:10:04:fd:66:41:9a:db:ca:
4e:25:2b:ae:e6:83:f4:a8:fe:6a:03:35:bb:35:25:
a2:3d:43:60:b0:2f:49:fe:20:4b:1b:a1:7b:d9:5b:
e2:4f:f9:e6:ae:32:51:55:07:58:da:27:e7:d0:45:
db:09:5a:9f:c9:0e:bc:8e:db:f7:f0:1d:a9:f9:2e:
ae:ac:a4:81:7c:16:60:53:4f:ac:21:e9:1d:af:91:
3b:8c:0c:8d:0f:c9:2e:b3:36:cf:00:b1:c0:40:d7:
02:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:A0:1A:AF:0D:A1:E1:A5:4D:18:E2:32:35:A9:8D:A6:63:A3:AE:24
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/BKAarw2h4aVNGOIyNamNpmOjriQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.90.0/23
87.107.31.0-87.107.33.255
87.107.85.0/24
87.107.142.0/23
Signature Algorithm: sha256WithRSAEncryption
21:2f:13:b1:77:f0:84:c0:62:34:9a:be:2f:70:95:f0:e1:ee:
88:75:30:f3:76:89:17:8d:fe:ef:c1:cb:e7:91:45:2c:4e:5b:
e4:1b:8f:71:21:2a:ef:b8:50:b8:f2:02:c7:34:85:fd:87:82:
34:14:2f:a9:01:de:cd:5e:81:77:62:08:89:8f:c3:84:8e:90:
68:02:8f:5f:53:3f:88:ff:4e:cb:01:12:48:8b:8b:ff:0e:f8:
34:b8:69:66:93:d5:62:65:1e:f7:8e:2e:f4:32:0d:b9:44:85:
1a:73:e9:d1:77:37:0f:de:f0:26:61:c9:3a:61:f6:a8:9a:80:
26:1d:f2:9a:97:88:8f:2e:d3:f7:b6:db:0d:b3:f1:26:dc:d1:
29:96:28:00:b1:a8:71:41:b7:b3:9c:06:e7:2a:44:b7:f6:e6:
f4:65:27:93:ee:05:dc:5c:a4:ac:bd:26:6e:a5:79:4e:94:e5:
2b:d7:42:66:40:59:aa:d5:f7:02:f9:53:35:a7:62:ac:85:7a:
d4:7a:a6:89:5a:39:14:bf:9d:ee:75:53:dd:65:59:9a:35:74:
10:60:65:24:d6:7d:63:73:8b:d6:13:8d:5b:ec:f8:83:f1:9a:
ed:45:c4:95:50:80:a3:3b:76:b9:d1:25:88:ec:87:33:31:46:
fc:6d:58:8b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVvXbN6cySdm80T9P7QBjHmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwMTAxMjIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGEwMWFhZjBkYTFlMWE1NGQxOGUyMzIzNWE5OGRhNjYzYTNhZTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl51S23PQhvH/vXU66XHwDGQdSXJB
dCoqUIg3X/IPTO01OnIOiDU/18cHyHz2P8zAGtD+o04o8ScBXFIdrIAmXuls3zYh
92RQL3ZNEYPyIcHshVIIXBbJPQ/X5425/rnMPL+mkDztYXTpD2nMTtqGEUe9tV/m
efZMRn3OlaF17qjNmMcrnvpMdJBDolU0XPigJRXf7OgOUpZRni0JEAT9ZkGa28pO
JSuu5oP0qP5qAzW7NSWiPUNgsC9J/iBLG6F72VviT/nmrjJRVQdY2ifn0EXbCVqf
yQ68jtv38B2p+S6urKSBfBZgU0+sIekdr5E7jAyND8kuszbPALHAQNcCIwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFASgGq8NoeGlTRjiMjWpjaZjo64kMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvQktBYXJ3Mmg0YVZOR09JeU5hbU5wbU9qcmlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBUQxaMAwD
BABXax8DBAFXayADBABXa1UDBAFXa44wDQYJKoZIhvcNAQELBQADggEBACEvE7F3
8ITAYjSavi9wlfDh7oh1MPN2iReN/u/By+eRRSxOW+Qbj3EhKu+4ULjyAsc0hf2H
gjQUL6kB3s1egXdiCImPw4SOkGgCj19TP4j/TssBEkiLi/8O+DS4aWaT1WJlHveO
LvQyDblEhRpz6dF3Nw/e8CZhyTph9qiagCYd8pqXiI8u0/e22w2z8Sbc0SmWKACx
qHFBt7OcBucqRLf25vRlJ5PuBdxcpKy9Jm6leU6U5SvXQmZAWarV9wL5UzWnYqyF
etR6polaORS/ne51U91lWZo1dBBgZSTWfWNzi9YTjVvs+IPxmu1FxJVQgKM7drnR
JYjshzMxRvxtWIs=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:39 2023 by rpki-client on console-fra.rpki-client.org