Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/btHJmQA_g8hNknw2bomj6E3YIGY.roa
File: btHJmQA_g8hNknw2bomj6E3YIGY.roa (raw, json)
Hash identifier: qHK/NeKGMDE5gZgOSCTxWotDwXfSL1uwZXN5vblwLkM=
Subject key identifier: 6E:D1:C9:99:00:3F:83:C8:4D:92:7C:36:6E:89:A3:E8:4D:D8:20:66
Certificate issuer: /CN=994b7d30c1c4f6243182d3ecd3d0539f42faacfd
Certificate serial: 018CC8DEF0B52123585A60B60175F81CE7B8
Authority key identifier: 99:4B:7D:30:C1:C4:F6:24:31:82:D3:EC:D3:D0:53:9F:42:FA:AC:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mUt9MMHE9iQxgtPs09BTn0L6rP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/btHJmQA_g8hNknw2bomj6E3YIGY.roa
Signing time: Tue 02 Jan 2024 06:31:42 +0000
ROA not before: Tue 02 Jan 2024 06:31:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51178
IP address blocks: 91.197.192.0/22 maxlen: 22
185.132.196.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 21 Mar 2024 11:35:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:f0:b5:21:23:58:5a:60:b6:01:75:f8:1c:e7:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=994b7d30c1c4f6243182d3ecd3d0539f42faacfd
Validity
Not Before: Jan 2 06:31:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ed1c999003f83c84d927c366e89a3e84dd82066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5a:33:06:4b:49:d6:53:4d:69:c0:b9:fd:c4:
e3:02:c4:49:a4:98:54:31:48:4e:cc:65:0b:d0:44:
eb:94:a3:02:5c:4f:40:f2:3c:c7:79:d9:65:b7:31:
8d:6d:d1:ae:b8:35:da:a6:bc:d3:af:84:b1:c2:40:
6f:c7:d5:d3:ac:33:86:70:0a:2f:b0:da:ac:ff:a7:
9f:f6:34:2c:02:44:a8:a9:83:9a:d4:d5:a9:e9:ea:
7c:4c:8d:d8:05:ed:b1:ee:d5:32:74:a6:32:37:40:
cf:99:27:85:4f:7d:f4:7c:df:fb:e9:09:9d:05:75:
5c:f9:21:c2:4e:c1:b1:f3:7f:53:bd:16:d3:0b:6a:
4f:a7:91:80:c4:a9:8d:91:91:16:d3:0a:5d:e3:6a:
92:dc:d2:07:e0:37:3a:74:b1:af:ea:45:72:1e:66:
d7:8d:b0:17:9d:f1:7d:27:04:dd:eb:05:64:53:80:
ff:fa:e5:ed:6d:1c:01:57:dd:c3:73:53:fb:ae:5f:
aa:2b:71:cf:96:c7:e3:83:09:98:fd:89:55:f4:10:
c3:3e:70:37:d2:8f:9e:a4:a6:77:cd:5f:ec:63:6e:
4b:dc:da:f3:7b:53:44:ab:40:f9:71:32:0b:ef:e5:
f8:1b:90:96:b5:d1:35:d6:1e:d0:8f:b9:83:08:07:
83:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:D1:C9:99:00:3F:83:C8:4D:92:7C:36:6E:89:A3:E8:4D:D8:20:66
X509v3 Authority Key Identifier:
keyid:99:4B:7D:30:C1:C4:F6:24:31:82:D3:EC:D3:D0:53:9F:42:FA:AC:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mUt9MMHE9iQxgtPs09BTn0L6rP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/btHJmQA_g8hNknw2bomj6E3YIGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/mUt9MMHE9iQxgtPs09BTn0L6rP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.192.0/22
185.132.196.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:6f:2a:5c:db:99:63:97:1c:b2:0a:54:f5:c5:04:2f:8f:dd:
fd:bb:08:94:65:97:b1:02:fd:cf:71:70:4b:f9:87:c4:01:73:
67:3e:f5:b5:75:72:b9:8d:bc:85:32:0f:0b:99:35:8e:32:0e:
bd:ae:fb:f0:e3:52:b9:2a:15:85:f5:48:12:b3:7a:68:4e:a2:
63:16:ae:a1:d3:e8:de:22:07:d2:8d:58:20:c5:9e:06:1d:38:
27:5b:24:1b:7f:2e:7f:f5:83:ad:04:77:bc:24:1d:f5:67:af:
35:03:59:91:fe:36:42:71:23:53:fa:7f:44:88:0c:3f:75:62:
ef:20:12:8c:ba:e5:37:4a:58:80:64:79:41:30:02:2e:9b:e3:
1b:5e:c3:79:d7:ae:37:d1:de:e3:4a:7c:01:e1:20:15:be:b3:
61:0e:31:ab:f3:1f:c5:72:c6:54:08:16:7b:b7:03:e0:43:d4:
b9:44:42:74:5f:b3:4e:78:f8:b4:32:42:c2:f2:5b:c3:6a:18:
60:35:9e:54:ab:63:5f:43:41:df:8b:cb:be:02:8b:06:1c:32:
03:0a:90:94:5e:f4:ff:c0:9c:a5:e8:b7:b8:e7:7f:9a:7a:55:
91:53:a6:05:ba:e8:7a:d9:eb:c2:6d:dc:4e:12:a7:92:15:32:
7f:a4:3c:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3vC1ISNYWmC2AXX4HOe4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NGI3ZDMwYzFjNGY2MjQzMTgyZDNlY2QzZDA1MzlmNDJm
YWFjZmQwHhcNMjQwMTAyMDYzMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWQxYzk5OTAwM2Y4M2M4NGQ5MjdjMzY2ZTg5YTNlODRkZDgyMDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVozBktJ1lNNacC5/cTjAsRJpJhU
MUhOzGUL0ETrlKMCXE9A8jzHedlltzGNbdGuuDXaprzTr4SxwkBvx9XTrDOGcAov
sNqs/6ef9jQsAkSoqYOa1NWp6ep8TI3YBe2x7tUydKYyN0DPmSeFT330fN/76Qmd
BXVc+SHCTsGx839TvRbTC2pPp5GAxKmNkZEW0wpd42qS3NIH4Dc6dLGv6kVyHmbX
jbAXnfF9JwTd6wVkU4D/+uXtbRwBV93Dc1P7rl+qK3HPlsfjgwmY/YlV9BDDPnA3
0o+epKZ3zV/sY25L3Nrze1NEq0D5cTIL7+X4G5CWtdE11h7Qj7mDCAeDJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG7RyZkAP4PITZJ8Nm6Jo+hN2CBmMB8GA1UdIwQY
MBaAFJlLfTDBxPYkMYLT7NPQU59C+qz9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVV0OU1NSEU5aVF4Z3RQczA5QlRuMEw2clAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80YWI4MWUtNDViOC00MWE1LWFhNWUt
NTY0NmVlZGQ5OWJmLzEvYnRISm1RQV9nOGhOa253MmJvbWo2RTNZSUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80YWI4MWUtNDViOC00MWE1LWFhNWUtNTY0NmVlZGQ5OWJm
LzEvbVV0OU1NSEU5aVF4Z3RQczA5QlRuMEw2clAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8XAAwQB
uYTEMA0GCSqGSIb3DQEBCwUAA4IBAQB9bypc25ljlxyyClT1xQQvj939uwiUZZex
Av3PcXBL+YfEAXNnPvW1dXK5jbyFMg8LmTWOMg69rvvw41K5KhWF9UgSs3poTqJj
Fq6h0+jeIgfSjVggxZ4GHTgnWyQbfy5/9YOtBHe8JB31Z681A1mR/jZCcSNT+n9E
iAw/dWLvIBKMuuU3SliAZHlBMAIum+MbXsN516430d7jSnwB4SAVvrNhDjGr8x/F
csZUCBZ7twPgQ9S5REJ0X7NOePi0MkLC8lvDahhgNZ5Uq2NfQ0Hfi8u+AosGHDID
CpCUXvT/wJyl6Le453+aelWRU6YFuuh62evCbdxOEqeSFTJ/pDyA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:42 2024 by rpki-client on console-fra.rpki-client.org