Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/f1af90-355c-484b-b923-d31d4cb1b129/1/v8RSDx8N65gz_3cQGg8YPdskAzs.roa
File: v8RSDx8N65gz_3cQGg8YPdskAzs.roa (raw, json)
Hash identifier: Jq4yjAYl1TSvCcUzSYP4Uv9pWlNNXDCdoK3XO2k1F1E=
Subject key identifier: BF:C4:52:0F:1F:0D:EB:98:33:FF:77:10:1A:0F:18:3D:DB:24:03:3B
Certificate issuer: /CN=30309941a6d84fa4dbddaf0f4ecd99f9f043cfdc
Certificate serial: 01856EB9286032E6DD12E5BC96FB78ACC06C
Authority key identifier: 30:30:99:41:A6:D8:4F:A4:DB:DD:AF:0F:4E:CD:99:F9:F0:43:CF:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MDCZQabYT6Tb3a8PTs2Z-fBDz9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/f1af90-355c-484b-b923-d31d4cb1b129/1/v8RSDx8N65gz_3cQGg8YPdskAzs.roa
Signing time: Sun 01 Jan 2023 19:05:06 +0000
ROA not before: Sun 01 Jan 2023 19:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206994
IP address blocks: 193.5.147.0/24 maxlen: 24
2a0c:8187::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:28:60:32:e6:dd:12:e5:bc:96:fb:78:ac:c0:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30309941a6d84fa4dbddaf0f4ecd99f9f043cfdc
Validity
Not Before: Jan 1 19:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfc4520f1f0deb9833ff77101a0f183ddb24033b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a5:9e:28:08:07:0b:2c:67:d2:21:aa:47:cd:
7c:c5:9e:a6:c2:18:b9:55:bf:ca:7e:a6:35:72:5e:
dc:b9:2b:52:f7:05:a9:1f:fb:2d:ea:31:cc:80:4f:
38:07:18:08:35:3e:46:6c:22:b9:06:35:f9:1e:1a:
dc:59:2a:92:d9:67:1f:38:a2:30:6a:d0:83:ac:36:
be:66:44:4c:b6:a0:0a:72:11:6b:bf:0e:81:67:47:
14:fd:27:f2:68:77:b4:04:7a:d0:d4:bb:a3:57:97:
14:57:45:f5:79:57:8a:c5:93:7c:05:11:b8:e3:8a:
e6:2d:9c:3b:e8:3b:e1:d5:f6:27:8f:3e:20:74:ee:
22:64:88:cd:e6:99:4b:b4:50:53:11:bb:9a:80:fd:
67:d5:c0:b1:c0:85:86:1e:30:23:61:1a:b1:b0:c1:
73:95:3d:ee:05:67:c1:6f:5f:40:cb:08:4f:c4:c6:
95:24:44:14:c9:ed:a8:d2:5e:30:aa:6a:27:86:83:
fd:c6:76:46:89:63:79:5e:f4:27:29:75:dc:32:13:
b0:71:1c:2d:9e:bb:17:93:ca:a2:44:b6:b5:c0:8c:
35:5a:de:a2:83:9b:e4:87:04:78:f7:a2:47:2e:c8:
b1:63:be:c8:aa:14:5b:d4:cd:48:81:8d:a6:73:8c:
63:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:C4:52:0F:1F:0D:EB:98:33:FF:77:10:1A:0F:18:3D:DB:24:03:3B
X509v3 Authority Key Identifier:
keyid:30:30:99:41:A6:D8:4F:A4:DB:DD:AF:0F:4E:CD:99:F9:F0:43:CF:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MDCZQabYT6Tb3a8PTs2Z-fBDz9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/f1af90-355c-484b-b923-d31d4cb1b129/1/v8RSDx8N65gz_3cQGg8YPdskAzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/f1af90-355c-484b-b923-d31d4cb1b129/1/MDCZQabYT6Tb3a8PTs2Z-fBDz9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.147.0/24
IPv6:
2a0c:8187::/32
Signature Algorithm: sha256WithRSAEncryption
86:ce:02:e1:f6:a7:8d:68:37:32:1b:b6:1e:a6:69:44:e0:f7:
74:dd:52:4d:f0:96:3a:2b:33:15:01:35:f3:65:de:e1:f1:c9:
0c:f7:4e:0f:78:a8:5b:ff:41:30:4f:7a:8f:76:43:4d:77:a0:
d5:be:5f:2a:04:ad:d7:fc:e9:59:5d:36:bb:9b:b0:e8:5a:89:
07:51:dc:c0:3e:89:6a:84:65:34:7c:d8:13:0a:53:e4:69:b1:
a0:d0:58:17:25:85:37:50:3a:52:bf:4f:0f:d8:22:9c:ee:e9:
77:4f:37:13:22:5d:3d:c6:ae:93:78:44:31:00:c0:10:45:d0:
57:ca:35:c9:e0:87:b6:f0:af:71:66:a5:3d:e3:e2:95:0c:36:
aa:03:34:d8:80:3a:3f:7b:b3:9a:3b:5c:d1:de:b6:35:b1:09:
20:fe:4a:80:f1:f5:8c:a0:88:c0:75:c4:88:a9:f4:69:ba:ab:
65:c0:79:7c:34:13:af:8e:26:24:b5:51:09:f4:da:1f:7e:17:
46:0f:9a:3b:5b:06:bf:95:a5:19:63:58:47:c5:27:d7:62:ea:
4e:83:d8:44:90:38:bb:62:e2:64:71:d9:ec:fd:c5:e8:ce:6c:
97:2a:8b:43:a0:74:6e:06:a6:1a:2f:1b:1b:f5:8a:9d:cb:05:
32:b1:94:08
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuuShgMubdEuW8lvt4rMBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMzA5OTQxYTZkODRmYTRkYmRkYWYwZjRlY2Q5OWY5ZjA0
M2NmZGMwHhcNMjMwMTAxMTkwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmM0NTIwZjFmMGRlYjk4MzNmZjc3MTAxYTBmMTgzZGRiMjQwMzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqWeKAgHCyxn0iGqR818xZ6mwhi5
Vb/KfqY1cl7cuStS9wWpH/st6jHMgE84BxgINT5GbCK5BjX5HhrcWSqS2WcfOKIw
atCDrDa+ZkRMtqAKchFrvw6BZ0cU/SfyaHe0BHrQ1LujV5cUV0X1eVeKxZN8BRG4
44rmLZw76Dvh1fYnjz4gdO4iZIjN5plLtFBTEbuagP1n1cCxwIWGHjAjYRqxsMFz
lT3uBWfBb19AywhPxMaVJEQUye2o0l4wqmonhoP9xnZGiWN5XvQnKXXcMhOwcRwt
nrsXk8qiRLa1wIw1Wt6ig5vkhwR496JHLsixY77IqhRb1M1IgY2mc4xjfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL/EUg8fDeuYM/93EBoPGD3bJAM7MB8GA1UdIwQY
MBaAFDAwmUGm2E+k292vD07NmfnwQ8/cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTURDWlFhYllUNlRiM2E4UFRzMlotZkJEejl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9mMWFmOTAtMzU1Yy00ODRiLWI5MjMt
ZDMxZDRjYjFiMTI5LzEvdjhSU0R4OE42NWd6XzNjUUdnOFlQZHNrQXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9mMWFmOTAtMzU1Yy00ODRiLWI5MjMtZDMxZDRjYjFiMTI5
LzEvTURDWlFhYllUNlRiM2E4UFRzMlotZkJEejl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwQWTMA0E
AgACMAcDBQAqDIGHMA0GCSqGSIb3DQEBCwUAA4IBAQCGzgLh9qeNaDcyG7YepmlE
4Pd03VJN8JY6KzMVATXzZd7h8ckM904PeKhb/0EwT3qPdkNNd6DVvl8qBK3X/OlZ
XTa7m7DoWokHUdzAPolqhGU0fNgTClPkabGg0FgXJYU3UDpSv08P2CKc7ul3TzcT
Il09xq6TeEQxAMAQRdBXyjXJ4Ie28K9xZqU94+KVDDaqAzTYgDo/e7OaO1zR3rY1
sQkg/kqA8fWMoIjAdcSIqfRpuqtlwHl8NBOvjiYktVEJ9NoffhdGD5o7Wwa/laUZ
Y1hHxSfXYupOg9hEkDi7YuJkcdns/cXozmyXKotDoHRuBqYaLxsb9YqdywUysZQI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:16 2024 by rpki-client on console-fra.rpki-client.org