Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bxpA7n12AEvcYGLP-YQG1fDg4GM.roa
File: bxpA7n12AEvcYGLP-YQG1fDg4GM.roa (raw, json)
Hash identifier: Zoyirp4th89wh6/eyr5K3n6MpfjsymReHSQtPF7egmU=
Subject key identifier: 6F:1A:40:EE:7D:76:00:4B:DC:60:62:CF:F9:84:06:D5:F0:E0:E0:63
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B70977562D0087678B3F4E1EC3DFD9D7D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bxpA7n12AEvcYGLP-YQG1fDg4GM.roa
Signing time: Fri 27 Oct 2023 10:04:16 +0000
ROA not before: Fri 27 Oct 2023 10:04:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197854
IP address blocks: 45.130.200.0/24 maxlen: 24
2a10:7401::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:70:97:75:62:d0:08:76:78:b3:f4:e1:ec:3d:fd:9d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 27 10:04:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f1a40ee7d76004bdc6062cff98406d5f0e0e063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:98:bb:5f:ad:1e:56:d6:ca:0e:52:c8:d8:7c:
e7:86:a0:7e:78:5f:d5:ce:e3:12:83:db:29:19:1f:
5a:83:1a:3d:53:1d:99:9c:de:17:c5:54:41:1d:94:
47:e7:1f:f2:a4:fc:39:95:a9:eb:ac:95:4b:42:8f:
70:5f:ee:4b:80:4c:50:42:80:c3:94:8d:de:01:68:
8f:34:25:66:61:5b:5c:56:03:c8:fd:f2:f7:4a:b0:
88:df:ec:3b:ca:ed:de:92:f6:b1:6a:bd:c5:20:18:
92:ec:23:5f:03:e0:79:63:da:b8:c7:04:6a:8b:78:
5d:ce:e6:40:81:fc:7a:3c:dc:1b:0c:40:bc:47:0a:
bc:4d:24:04:e9:c6:9f:ae:2c:a3:3e:9f:17:f2:06:
6f:17:41:e9:01:7a:2f:47:21:96:52:a2:a3:37:51:
0a:49:9c:0e:4e:b6:85:bc:e1:57:16:39:6c:f1:e6:
fa:3b:4e:d0:4b:20:cc:bf:08:bc:5f:80:3d:47:20:
50:10:5b:5d:e8:cc:fb:84:77:b0:5e:97:e8:1c:c4:
24:04:d3:90:7e:50:7f:85:7d:19:b1:00:4f:45:7b:
c3:eb:f8:8b:ef:41:52:9d:ea:ef:7b:b7:fe:21:c6:
44:00:59:d3:a4:b4:8d:69:dd:3f:fa:6e:83:39:b1:
fd:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:1A:40:EE:7D:76:00:4B:DC:60:62:CF:F9:84:06:D5:F0:E0:E0:63
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bxpA7n12AEvcYGLP-YQG1fDg4GM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.200.0/24
IPv6:
2a10:7401::/32
Signature Algorithm: sha256WithRSAEncryption
35:b3:a2:ea:8a:7e:17:f8:64:a7:e4:8e:86:3b:2d:58:e1:4d:
e7:aa:3c:c3:6b:62:4d:02:ef:bc:17:ba:ff:8b:f0:d4:7d:b9:
23:a9:aa:a5:87:38:77:af:0e:71:77:21:3a:7b:03:d8:3b:33:
ae:6d:5e:47:89:d4:ff:18:a8:62:2b:34:83:e8:49:88:f0:0c:
63:5b:ea:dd:8f:0e:e9:9e:96:15:3f:84:1e:8c:31:26:f9:14:
eb:81:d2:13:22:65:bf:db:98:fd:c3:20:b1:df:da:f6:85:cf:
0c:0a:b4:76:ac:15:81:a5:09:b0:1e:c3:dd:e4:de:0c:86:3d:
69:78:99:c9:fc:97:67:92:6c:d8:d0:78:3e:94:00:10:be:38:
f5:a3:65:71:48:e3:dc:ca:88:18:2e:ec:c3:35:2a:a8:eb:d7:
d8:72:0b:f8:ef:a3:3a:35:e1:f8:56:69:ca:cb:52:b3:ee:01:
20:e4:7e:be:81:92:42:72:18:44:f7:67:b0:f5:f9:d5:d5:01:
b2:48:d6:91:e7:62:af:45:c7:7f:af:e6:c0:73:c1:7b:8b:0a:
a0:5c:e3:1e:a0:99:c4:51:25:58:83:6a:49:16:6b:bd:e2:6f:
99:bb:14:eb:23:2d:49:81:e2:0d:1e:64:c4:3f:35:33:8f:c1:
d8:b0:56:f8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYtwl3Vi0Ah2eLP04ew9/Z19MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDI3MTAwNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjFhNDBlZTdkNzYwMDRiZGM2MDYyY2ZmOTg0MDZkNWYwZTBlMDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpi7X60eVtbKDlLI2HznhqB+eF/V
zuMSg9spGR9agxo9Ux2ZnN4XxVRBHZRH5x/ypPw5lanrrJVLQo9wX+5LgExQQoDD
lI3eAWiPNCVmYVtcVgPI/fL3SrCI3+w7yu3ekvaxar3FIBiS7CNfA+B5Y9q4xwRq
i3hdzuZAgfx6PNwbDEC8Rwq8TSQE6cafriyjPp8X8gZvF0HpAXovRyGWUqKjN1EK
SZwOTraFvOFXFjls8eb6O07QSyDMvwi8X4A9RyBQEFtd6Mz7hHewXpfoHMQkBNOQ
flB/hX0ZsQBPRXvD6/iL70FSnerve7f+IcZEAFnTpLSNad0/+m6DObH9bQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG8aQO59dgBL3GBiz/mEBtXw4OBjMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYnhwQTduMTJBRXZjWUdMUC1ZUUcxZkRnNEdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALYLIMA0E
AgACMAcDBQAqEHQBMA0GCSqGSIb3DQEBCwUAA4IBAQA1s6Lqin4X+GSn5I6GOy1Y
4U3nqjzDa2JNAu+8F7r/i/DUfbkjqaqlhzh3rw5xdyE6ewPYOzOubV5HidT/GKhi
KzSD6EmI8AxjW+rdjw7pnpYVP4QejDEm+RTrgdITImW/25j9wyCx39r2hc8MCrR2
rBWBpQmwHsPd5N4Mhj1peJnJ/JdnkmzY0Hg+lAAQvjj1o2VxSOPcyogYLuzDNSqo
69fYcgv476M6NeH4VmnKy1Kz7gEg5H6+gZJCchhE92ew9fnV1QGySNaR52KvRcd/
r+bAc8F7iwqgXOMeoJnEUSVYg2pJFmu94m+ZuxTrIy1JgeINHmTEPzUzj8HYsFb4
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:28 2024 by rpki-client on console-fra.rpki-client.org