Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/RfcBamgBenCv5IEtJiPxi37DGbY.roa
File: RfcBamgBenCv5IEtJiPxi37DGbY.roa (raw, json)
Hash identifier: t9YWs4lfBfpcTIvfRYdPzZJS2MYDULui/+5xvoiM/nw=
Subject key identifier: 45:F7:01:6A:68:01:7A:70:AF:E4:81:2D:26:23:F1:8B:7E:C3:19:B6
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018996645EC3C94E76B008202AD4F354943C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/RfcBamgBenCv5IEtJiPxi37DGbY.roa
Signing time: Thu 27 Jul 2023 08:08:27 +0000
ROA not before: Thu 27 Jul 2023 08:08:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 91.217.250.0/24 maxlen: 24
91.217.249.0/24 maxlen: 24
45.89.32.0/22 maxlen: 24
45.131.248.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:96:64:5e:c3:c9:4e:76:b0:08:20:2a:d4:f3:54:94:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 27 08:08:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45f7016a68017a70afe4812d2623f18b7ec319b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b0:72:12:c6:28:fa:3d:0a:c1:3e:93:43:56:
94:bc:34:ce:74:bc:04:71:6b:99:aa:8d:2a:73:9f:
25:03:65:9e:58:e4:b1:c4:9c:ad:0a:28:27:68:b8:
b7:85:34:c6:f7:3b:3e:91:8d:4b:1c:be:77:5b:0d:
83:c2:c0:57:80:06:08:a9:a3:f8:32:da:f4:88:63:
68:2c:df:8e:53:5f:57:02:a1:52:22:6f:58:e1:f6:
82:14:2f:cf:01:7c:72:de:85:8e:ec:73:96:88:7b:
f1:76:c5:84:40:8c:76:39:4f:1d:27:ab:49:cb:1d:
4a:33:6b:9e:ef:4f:fa:53:dc:02:2a:3e:38:ec:99:
ab:1c:07:7d:e7:f5:53:11:0e:fc:38:76:06:a2:e0:
42:11:3e:d3:c9:d9:49:79:dd:b2:d7:d6:9e:65:ca:
98:2f:84:c2:33:f2:b5:35:4e:7c:73:42:6f:5e:e6:
44:24:bc:d1:6c:07:90:56:a6:7e:ba:b2:5d:2c:20:
62:30:24:78:9e:43:c0:c3:8f:ad:1c:51:0f:ca:05:
0e:b4:bf:67:0c:30:98:22:69:d3:ef:8b:3a:62:d9:
f8:20:7d:fc:7c:c2:f2:de:44:9f:c8:d2:a2:f1:71:
65:67:9f:98:57:0c:51:3b:bc:34:5c:34:28:68:de:
9b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F7:01:6A:68:01:7A:70:AF:E4:81:2D:26:23:F1:8B:7E:C3:19:B6
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/RfcBamgBenCv5IEtJiPxi37DGbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.32.0/22
45.131.248.0/22
91.217.249.0-91.217.250.255
Signature Algorithm: sha256WithRSAEncryption
70:e7:63:81:93:88:3f:93:2e:45:da:02:fc:0c:c8:1c:b8:ef:
6b:39:b6:ce:75:f9:59:d6:30:1b:f9:c1:0d:07:a5:0d:d6:53:
1a:37:8a:91:9e:c3:07:ba:1e:09:c4:5b:c2:f0:71:e5:9f:e5:
5f:fc:5e:c4:b1:72:74:82:82:3b:b6:be:5a:6a:78:8c:0e:1e:
90:a6:43:ce:05:3d:ae:12:b0:7c:58:cb:33:a9:39:4a:fe:3d:
fc:6d:4e:fa:e2:9e:5a:a9:52:0c:9d:22:cf:7c:6f:40:66:e2:
0b:bd:bf:c7:96:b0:19:f1:fc:45:36:4c:47:89:38:00:94:e4:
d9:84:15:ba:e4:a3:ab:36:b5:72:32:51:19:82:b7:09:92:6f:
19:23:6a:29:9e:39:b8:07:3d:f7:3f:02:e6:7b:38:cb:99:0e:
63:42:39:fe:a6:9d:4e:64:1c:8d:bd:3e:b4:92:4f:d3:f6:97:
08:4d:3f:83:21:02:a8:9f:84:94:e0:50:5d:40:c7:9d:07:b5:
fc:ef:22:40:38:22:4d:37:5e:1b:60:b8:68:30:06:cb:ec:e7:
8a:73:e3:86:50:19:c5:a0:33:0c:bb:c8:15:f1:5a:1f:20:3a:
7d:20:66:d0:68:70:db:fc:5e:d2:79:9d:4f:b0:b7:7f:c6:6d:
5d:bd:ea:f5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYmWZF7DyU52sAggKtTzVJQ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzI3MDgwODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWY3MDE2YTY4MDE3YTcwYWZlNDgxMmQyNjIzZjE4YjdlYzMxOWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbByEsYo+j0KwT6TQ1aUvDTOdLwE
cWuZqo0qc58lA2WeWOSxxJytCignaLi3hTTG9zs+kY1LHL53Ww2DwsBXgAYIqaP4
Mtr0iGNoLN+OU19XAqFSIm9Y4faCFC/PAXxy3oWO7HOWiHvxdsWEQIx2OU8dJ6tJ
yx1KM2ue70/6U9wCKj447JmrHAd95/VTEQ78OHYGouBCET7TydlJed2y19aeZcqY
L4TCM/K1NU58c0JvXuZEJLzRbAeQVqZ+urJdLCBiMCR4nkPAw4+tHFEPygUOtL9n
DDCYImnT74s6Ytn4IH38fMLy3kSfyNKi8XFlZ5+YVwxRO7w0XDQoaN6bRQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEX3AWpoAXpwr+SBLSYj8Yt+wxm2MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUmZjQmFtZ0JlbkN2NUlFdEppUHhpMzdER2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCLVkgAwQC
LYP4MAwDBABb2fkDBABb2fowDQYJKoZIhvcNAQELBQADggEBAHDnY4GTiD+TLkXa
AvwMyBy472s5ts51+VnWMBv5wQ0HpQ3WUxo3ipGewwe6HgnEW8LwceWf5V/8XsSx
cnSCgju2vlpqeIwOHpCmQ84FPa4SsHxYyzOpOUr+PfxtTvrinlqpUgydIs98b0Bm
4gu9v8eWsBnx/EU2TEeJOACU5NmEFbrko6s2tXIyURmCtwmSbxkjaimeObgHPfc/
AuZ7OMuZDmNCOf6mnU5kHI29PrSST9P2lwhNP4MhAqifhJTgUF1Ax50HtfzvIkA4
Ik03XhtguGgwBsvs54pz44ZQGcWgMwy7yBXxWh8gOn0gZtBocNv8XtJ5nU+wt3/G
bV296vU=
-----END CERTIFICATE-----
Generated at Thu Aug 17 05:47:48 2023 by rpki-client on console-ams.rpki-client.org