Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/BETTrkl0fz6H-FZAezLMCTVSXG4.roa
File: BETTrkl0fz6H-FZAezLMCTVSXG4.roa (raw, json)
Hash identifier: JKDB4XmR+R1bfrRjcFxXUkuKpL13fMmw0P29ZObORuo=
Subject key identifier: 04:44:D3:AE:49:74:7F:3E:87:F8:56:40:7B:32:CC:09:35:52:5C:6E
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 0185728359D8F42B7EF49ACEAC05CD2953B8
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/BETTrkl0fz6H-FZAezLMCTVSXG4.roa
Signing time: Mon 02 Jan 2023 12:44:48 +0000
ROA not before: Mon 02 Jan 2023 12:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49287
IP address blocks: 91.192.82.0/24 maxlen: 24
213.183.35.0/24 maxlen: 24
213.183.34.0/24 maxlen: 24
5.188.174.0/24 maxlen: 24
5.188.175.0/24 maxlen: 24
93.189.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:59:d8:f4:2b:7e:f4:9a:ce:ac:05:cd:29:53:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Jan 2 12:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0444d3ae49747f3e87f856407b32cc0935525c6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:86:bd:c2:88:1f:4a:38:d5:fa:67:d8:77:7f:
4b:44:ad:af:82:cf:50:7c:d9:14:63:f0:cc:30:42:
6e:7d:18:28:6a:ee:db:00:da:af:1b:4a:7d:72:81:
05:ac:19:82:95:d7:fe:73:cd:72:1e:66:7f:4e:8c:
08:36:38:62:f0:bd:b1:84:a1:ad:b3:d8:fb:53:5c:
89:7e:be:88:24:ea:5c:84:08:ab:34:4c:99:1d:09:
40:90:3b:ee:41:53:50:bf:52:5c:d4:0b:e4:bc:6f:
cf:70:98:57:51:43:95:f0:34:97:82:e8:23:53:44:
3c:32:1a:04:36:18:9d:7f:4e:db:05:39:ed:f3:16:
ef:6f:18:db:04:96:c6:cc:8d:b1:07:41:e2:08:9e:
51:b3:d7:d5:cc:62:e6:a1:2b:ba:a7:97:88:b6:25:
e7:7b:75:da:a2:8a:04:7e:97:35:3a:2d:7a:de:25:
58:54:96:5b:33:6f:1d:ce:a3:a1:f7:18:bf:ed:f8:
e2:cc:95:f0:51:ef:42:86:8d:e1:e0:5c:4b:6c:f0:
77:02:04:9d:b1:f6:2c:39:d0:f7:e6:c3:88:07:11:
b5:4a:a1:d6:82:a1:63:3f:30:f8:c8:8b:17:cc:1d:
3a:f8:41:ac:26:38:52:ba:9b:40:d8:7c:05:33:51:
41:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:44:D3:AE:49:74:7F:3E:87:F8:56:40:7B:32:CC:09:35:52:5C:6E
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/BETTrkl0fz6H-FZAezLMCTVSXG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.174.0/23
91.192.82.0/24
93.189.59.0/24
213.183.34.0/23
Signature Algorithm: sha256WithRSAEncryption
77:d8:38:b1:32:7c:d0:16:20:43:07:8d:27:60:90:5d:a4:39:
f9:c6:81:3c:82:dd:61:48:d5:f2:d9:21:d2:3b:0b:78:83:76:
52:72:1a:de:6e:45:60:f4:5d:71:b6:6b:93:33:3e:24:2e:76:
0b:6b:61:a9:fb:91:52:13:ea:98:4b:ea:f7:3a:48:60:40:62:
b4:1c:7c:0f:59:83:dd:32:3a:a4:08:24:42:10:04:18:e9:29:
35:ae:60:85:d5:98:d3:29:8d:ef:4d:d0:92:e1:ab:a0:43:30:
03:1f:6c:63:e0:cc:0c:17:c3:20:d7:0b:d7:4c:64:50:0a:9d:
35:e2:44:3c:c2:77:ab:e8:97:08:90:ff:53:67:a5:b7:58:5f:
52:fa:f2:9a:14:32:46:db:de:fd:fb:14:95:a7:ca:49:e9:de:
29:6d:05:e1:9c:60:f9:5d:68:2f:94:04:f5:50:a5:65:7b:a7:
ad:19:48:38:d9:97:73:ee:cb:e4:18:60:96:93:e0:d8:79:22:
4e:a5:09:10:d4:0a:7d:39:ce:bc:c6:3d:42:8e:eb:0a:6a:76:
b3:d9:7c:ec:8b:d0:bb:64:a7:05:14:0d:01:20:25:8a:38:28:
78:bb:52:5a:f2:00:cd:25:f4:0d:9f:ef:c4:90:58:b0:d6:7a:
2d:18:f0:22
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVyg1nY9Ct+9JrOrAXNKVO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjMwMTAyMTI0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDQ0ZDNhZTQ5NzQ3ZjNlODdmODU2NDA3YjMyY2MwOTM1NTI1YzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4a9wogfSjjV+mfYd39LRK2vgs9Q
fNkUY/DMMEJufRgoau7bANqvG0p9coEFrBmCldf+c81yHmZ/TowINjhi8L2xhKGt
s9j7U1yJfr6IJOpchAirNEyZHQlAkDvuQVNQv1Jc1AvkvG/PcJhXUUOV8DSXgugj
U0Q8MhoENhidf07bBTnt8xbvbxjbBJbGzI2xB0HiCJ5Rs9fVzGLmoSu6p5eItiXn
e3XaoooEfpc1Oi163iVYVJZbM28dzqOh9xi/7fjizJXwUe9Cho3h4FxLbPB3AgSd
sfYsOdD35sOIBxG1SqHWgqFjPzD4yIsXzB06+EGsJjhSuptA2HwFM1FB3wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFARE065JdH8+h/hWQHsyzAk1UlxuMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvQkVUVHJrbDBmejZILUZaQWV6TE1DVFZTWEc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBbyuAwQA
W8BSAwQAXb07AwQB1bciMA0GCSqGSIb3DQEBCwUAA4IBAQB32DixMnzQFiBDB40n
YJBdpDn5xoE8gt1hSNXy2SHSOwt4g3ZSchrebkVg9F1xtmuTMz4kLnYLa2Gp+5FS
E+qYS+r3OkhgQGK0HHwPWYPdMjqkCCRCEAQY6Sk1rmCF1ZjTKY3vTdCS4augQzAD
H2xj4MwMF8Mg1wvXTGRQCp014kQ8wner6JcIkP9TZ6W3WF9S+vKaFDJG2979+xSV
p8pJ6d4pbQXhnGD5XWgvlAT1UKVle6etGUg42Zdz7svkGGCWk+DYeSJOpQkQ1Ap9
Oc68xj1CjusKanaz2Xzsi9C7ZKcFFA0BICWKOCh4u1Ja8gDNJfQNn+/EkFiw1not
GPAi
-----END CERTIFICATE-----
Generated at Wed Nov 1 13:06:13 2023 by rpki-client on console-ams.rpki-client.org