Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/bKGKUSufEk4qJNBC05RiQrGXwcY.roa
File: bKGKUSufEk4qJNBC05RiQrGXwcY.roa (raw, json)
Hash identifier: 7XVJbsqtg7hOeTioPk6eNauSTjWo5NB64TSCiUeSp5k=
Subject key identifier: 6C:A1:8A:51:2B:9F:12:4E:2A:24:D0:42:D3:94:62:42:B1:97:C1:C6
Certificate issuer: /CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Certificate serial: 01856C6EF9D4F0D8C497BDDE8C5068D7A760
Authority key identifier: FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/bKGKUSufEk4qJNBC05RiQrGXwcY.roa
Signing time: Sun 01 Jan 2023 08:24:50 +0000
ROA not before: Sun 01 Jan 2023 08:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44716
IP address blocks: 87.225.128.0/17 maxlen: 17
212.42.224.0/19 maxlen: 24
212.42.244.0/24 maxlen: 24
212.21.64.0/19 maxlen: 24
2001:bf0::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:f9:d4:f0:d8:c4:97:bd:de:8c:50:68:d7:a7:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Validity
Not Before: Jan 1 08:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ca18a512b9f124e2a24d042d3946242b197c1c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:bf:36:1b:21:d6:4f:56:75:c3:dc:57:41:64:
46:a6:5a:a0:5b:b9:51:1b:89:00:e2:e0:5f:6c:05:
d1:d6:51:6b:4c:87:e3:cd:74:f6:46:5b:12:80:bc:
79:c6:7b:9b:58:4e:71:9a:6b:e4:cd:b7:e6:70:f8:
66:98:23:66:ba:d6:43:26:bb:bd:37:4d:d2:86:e5:
11:45:85:a4:62:c4:6c:4e:29:95:47:dd:87:32:ea:
9c:cf:a4:70:06:7b:a7:66:93:40:f3:6e:d9:c7:73:
34:ef:20:ca:12:11:fc:8f:64:0c:d9:e2:be:a5:36:
b4:40:a1:1b:a5:ef:ac:da:38:6f:47:6e:37:b4:cc:
4f:70:5f:f7:d1:9f:2a:cd:20:3e:74:5c:f9:d6:1b:
d8:c3:bb:9f:e8:53:0b:26:34:36:7f:96:4d:02:76:
22:31:16:07:b4:fa:f7:2c:3f:4c:ff:e3:7e:d9:77:
6b:24:81:43:f9:72:97:89:17:e8:44:cc:b1:61:94:
f1:d8:73:6a:03:a0:69:2c:9d:bb:58:23:e0:a7:2d:
76:2d:03:c4:7d:94:12:91:23:e5:ed:67:ca:fa:4c:
ae:d0:c2:5e:2c:d6:93:ab:34:7c:1d:c5:dd:c0:07:
be:d9:2b:49:f5:7a:29:ed:67:71:01:ab:bf:7d:a8:
16:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A1:8A:51:2B:9F:12:4E:2A:24:D0:42:D3:94:62:42:B1:97:C1:C6
X509v3 Authority Key Identifier:
keyid:FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/bKGKUSufEk4qJNBC05RiQrGXwcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.225.128.0/17
212.21.64.0/19
212.42.224.0/19
IPv6:
2001:bf0::/29
Signature Algorithm: sha256WithRSAEncryption
5b:dc:cd:ad:97:c0:94:2c:bf:cd:d7:f2:5a:83:73:2a:a5:ba:
3f:c0:fa:7f:65:6b:b7:5d:ef:24:4d:ee:ab:8c:4f:1a:66:a6:
bb:44:ac:19:7b:3c:e7:bc:28:dc:24:e3:aa:e1:fe:42:4e:06:
81:7f:bb:93:81:7d:ce:5b:96:30:d1:70:71:d4:88:e3:60:70:
2a:d8:e0:c5:f5:91:d0:5d:60:b1:80:e5:ef:e7:f2:1c:f2:5b:
52:6c:0a:7e:cb:7f:40:f5:ce:91:a2:57:ef:e9:41:c5:55:24:
1a:c8:5e:b4:bf:87:67:a2:5a:f1:52:8d:89:cf:5b:a4:6d:f1:
7e:8e:e6:ef:ae:0e:2c:0f:b3:c4:4d:66:e8:7e:08:22:1c:ad:
5e:3d:5e:d3:9c:50:a2:12:f4:3d:74:70:79:c7:18:dc:30:e4:
67:3c:53:40:97:e1:fa:27:22:d6:ff:5b:05:63:33:5b:9d:05:
1a:b6:1e:88:16:2c:d9:6b:f4:59:77:b4:b1:f5:6a:46:f6:bd:
e6:b2:bd:df:de:09:4b:d9:24:75:76:f3:5a:2e:ba:eb:0f:c2:
d5:ee:02:47:1c:82:b8:68:dd:e4:5f:91:ee:9c:63:85:c7:68:
d1:14:f6:bd:c3:37:f9:d9:c0:7c:75:47:35:49:67:0a:b2:5d:
4e:c0:17:34
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVsbvnU8NjEl73ejFBo16dgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMzE0OTI0NzNhNzhjNmZlOWY1MzlmOWZhN2QyMjUyNTYw
YTJiN2UwHhcNMjMwMTAxMDgyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2ExOGE1MTJiOWYxMjRlMmEyNGQwNDJkMzk0NjI0MmIxOTdjMWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhb82GyHWT1Z1w9xXQWRGplqgW7lR
G4kA4uBfbAXR1lFrTIfjzXT2RlsSgLx5xnubWE5xmmvkzbfmcPhmmCNmutZDJru9
N03ShuURRYWkYsRsTimVR92HMuqcz6RwBnunZpNA827Zx3M07yDKEhH8j2QM2eK+
pTa0QKEbpe+s2jhvR243tMxPcF/30Z8qzSA+dFz51hvYw7uf6FMLJjQ2f5ZNAnYi
MRYHtPr3LD9M/+N+2XdrJIFD+XKXiRfoRMyxYZTx2HNqA6BpLJ27WCPgpy12LQPE
fZQSkSPl7WfK+kyu0MJeLNaTqzR8HcXdwAe+2StJ9Xop7WdxAau/fagWcwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGyhilErnxJOKiTQQtOUYkKxl8HGMB8GA1UdIwQY
MBaAFP8xSSRzp4xv6fU5+fp9IlJWCit+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDct
NzNmZDNiYzE5YWE3LzEvYktHS1VTdWZFazRxSk5CQzA1UmlRckdYd2NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDctNzNmZDNiYzE5YWE3
LzEvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQHV+GAAwQF
1BVAAwQF1CrgMA0EAgACMAcDBQMgAQvwMA0GCSqGSIb3DQEBCwUAA4IBAQBb3M2t
l8CULL/N1/Jag3Mqpbo/wPp/ZWu3Xe8kTe6rjE8aZqa7RKwZezznvCjcJOOq4f5C
TgaBf7uTgX3OW5Yw0XBx1IjjYHAq2ODF9ZHQXWCxgOXv5/Ic8ltSbAp+y39A9c6R
olfv6UHFVSQayF60v4dnolrxUo2Jz1ukbfF+jubvrg4sD7PETWbofggiHK1ePV7T
nFCiEvQ9dHB5xxjcMORnPFNAl+H6JyLW/1sFYzNbnQUath6IFizZa/RZd7Sx9WpG
9r3msr3f3glL2SR1dvNaLrrrD8LV7gJHHIK4aN3kX5HunGOFx2jRFPa9wzf52cB8
dUc1SWcKsl1OwBc0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:40 2024 by rpki-client on console-ams.rpki-client.org