Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/BJd9Oaqn-HrIlZJzSZcovz59qJk.roa
File: BJd9Oaqn-HrIlZJzSZcovz59qJk.roa (raw, json)
Hash identifier: /rB7FW6+pJ8grD5gyXwzSavqeNJknC4srleI0BwFhcs=
Subject key identifier: 04:97:7D:39:AA:A7:F8:7A:C8:95:92:73:49:97:28:BF:3E:7D:A8:99
Certificate issuer: /CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Certificate serial: 0186351B52125D78998497BD2455464044F1
Authority key identifier: F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/BJd9Oaqn-HrIlZJzSZcovz59qJk.roa
Signing time: Thu 09 Feb 2023 07:37:08 +0000
ROA not before: Thu 09 Feb 2023 07:37:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39342
IP address blocks: 91.245.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:35:1b:52:12:5d:78:99:84:97:bd:24:55:46:40:44:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Validity
Not Before: Feb 9 07:37:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04977d39aaa7f87ac8959273499728bf3e7da899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d7:6c:86:3d:e1:e0:54:e6:33:05:3a:93:38:
77:0b:d5:fb:a9:08:6f:7a:1d:d6:1a:65:ce:1c:c9:
a9:06:70:53:48:8b:e9:75:5a:80:e7:b5:a5:08:1a:
a5:c1:b6:5d:7a:cc:a1:4d:b9:73:16:8c:2e:57:10:
64:a7:c6:d8:a9:7a:00:c9:60:6a:d2:61:fc:68:a0:
4a:77:5e:71:93:36:eb:88:b7:9e:49:60:f2:f1:94:
00:93:9a:b6:63:bf:20:7a:ac:0b:28:15:ed:37:af:
47:b2:c7:5d:eb:10:53:09:f8:69:e2:bb:ee:da:f8:
ea:7d:71:50:52:40:07:44:fa:b5:f9:70:b5:dc:e9:
d5:a8:8d:06:a8:0c:8f:75:d8:f5:f9:14:34:62:2e:
1c:4e:70:e2:c1:d9:78:0d:0e:7b:f8:3d:10:37:96:
f1:85:0e:8d:c7:2a:38:81:a0:67:d9:dd:f9:e5:08:
b9:5e:ef:b1:86:48:e4:d1:47:fe:83:b2:09:34:74:
27:ed:ea:1e:72:62:3a:34:25:86:1f:6d:ce:6f:40:
d3:0b:91:8a:94:d7:77:b9:fa:90:a2:74:e9:32:32:
f4:bc:d3:e2:78:b0:af:2a:de:ef:17:ab:1b:2f:be:
ea:e0:dd:df:1a:ca:81:10:17:ba:51:33:30:e6:2b:
5e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:97:7D:39:AA:A7:F8:7A:C8:95:92:73:49:97:28:BF:3E:7D:A8:99
X509v3 Authority Key Identifier:
keyid:F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/BJd9Oaqn-HrIlZJzSZcovz59qJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.232.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:6d:fb:9a:a0:1d:08:11:61:dc:8a:1e:d0:c4:40:57:c1:66:
41:fc:33:ea:33:4a:5b:67:37:40:40:60:3d:0a:5f:e0:41:4c:
0b:00:a4:4a:0e:b4:26:14:4b:2b:f3:bd:b6:40:6d:de:95:4c:
be:7a:c7:f0:fe:30:30:80:4c:65:b4:b7:66:c5:94:d2:12:87:
2c:d3:e5:25:f8:de:e9:6d:10:8a:54:c8:ea:d1:2c:bd:9a:ad:
9f:9e:71:1d:0d:6e:3f:89:6f:db:dd:1c:6c:bd:ae:30:33:4a:
dc:82:e2:92:52:ac:62:7f:20:ff:bb:23:7d:26:06:f1:d3:ac:
61:98:9b:94:de:8c:f9:b3:50:02:bc:35:4e:25:f0:25:6f:16:
d1:f6:a7:7b:11:36:35:35:74:d6:d0:5d:c8:c4:52:bc:bd:e0:
2c:5c:45:0d:ff:07:31:e7:fa:86:41:f2:f7:98:60:9c:c2:fb:
c7:f8:21:77:10:00:9a:b6:30:14:e3:42:91:f2:c2:1f:69:2c:
56:60:b4:b1:cd:37:50:42:3e:01:ce:7c:c8:ec:b0:41:9b:36:
ea:4a:49:2a:04:d1:c5:f6:f0:5f:d5:e2:10:93:ff:56:bb:f7:
92:fd:76:0f:e6:a8:7d:92:b0:ba:c8:5c:64:07:6c:5a:b9:f8:
69:12:d2:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYY1G1ISXXiZhJe9JFVGQETxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNTIxMTI4Y2Y2MzRhYTZhZmE3ZWY1MmQ1MzFmM2ZjZDU1
NjI4ZjkwHhcNMjMwMjA5MDczNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDk3N2QzOWFhYTdmODdhYzg5NTkyNzM0OTk3MjhiZjNlN2RhODk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNdshj3h4FTmMwU6kzh3C9X7qQhv
eh3WGmXOHMmpBnBTSIvpdVqA57WlCBqlwbZdesyhTblzFowuVxBkp8bYqXoAyWBq
0mH8aKBKd15xkzbriLeeSWDy8ZQAk5q2Y78geqwLKBXtN69Hssdd6xBTCfhp4rvu
2vjqfXFQUkAHRPq1+XC13OnVqI0GqAyPddj1+RQ0Yi4cTnDiwdl4DQ57+D0QN5bx
hQ6Nxyo4gaBn2d355Qi5Xu+xhkjk0Uf+g7IJNHQn7eoecmI6NCWGH23Ob0DTC5GK
lNd3ufqQonTpMjL0vNPieLCvKt7vF6sbL77q4N3fGsqBEBe6UTMw5iteJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFASXfTmqp/h6yJWSc0mXKL8+faiZMB8GA1UdIwQY
MBaAFPBSESjPY0qmr6fvUtUx8/zVVij5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUt
ZTQ0MTliNjQyMTJlLzEvQkpkOU9hcW4tSHJJbFpKelNaY292ejU5cUprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUtZTQ0MTliNjQyMTJl
LzEvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/XoMA0G
CSqGSIb3DQEBCwUAA4IBAQCKbfuaoB0IEWHcih7QxEBXwWZB/DPqM0pbZzdAQGA9
Cl/gQUwLAKRKDrQmFEsr8722QG3elUy+esfw/jAwgExltLdmxZTSEocs0+Ul+N7p
bRCKVMjq0Sy9mq2fnnEdDW4/iW/b3Rxsva4wM0rcguKSUqxifyD/uyN9Jgbx06xh
mJuU3oz5s1ACvDVOJfAlbxbR9qd7ETY1NXTW0F3IxFK8veAsXEUN/wcx5/qGQfL3
mGCcwvvH+CF3EACatjAU40KR8sIfaSxWYLSxzTdQQj4BznzI7LBBmzbqSkkqBNHF
9vBf1eIQk/9Wu/eS/XYP5qh9krC6yFxkB2xaufhpEtKG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:37 2024 by rpki-client on console-fra.rpki-client.org