Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/BshbRpYBah1P2y3kwDyxWvEcNc0.roa
File: BshbRpYBah1P2y3kwDyxWvEcNc0.roa (raw, json)
Hash identifier: +KnxIOynNfQV3eAQIxi2l2UWWJN0rCZMVjiL0IBTmXg=
Subject key identifier: 06:C8:5B:46:96:01:6A:1D:4F:DB:2D:E4:C0:3C:B1:5A:F1:1C:35:CD
Certificate issuer: /CN=74896c544b461d8b062eff9e3d2c29cd3cc960ec
Certificate serial: 01856FA718921C4C8BF6A4B3FC093E121862
Authority key identifier: 74:89:6C:54:4B:46:1D:8B:06:2E:FF:9E:3D:2C:29:CD:3C:C9:60:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dIlsVEtGHYsGLv-ePSwpzTzJYOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/BshbRpYBah1P2y3kwDyxWvEcNc0.roa
Signing time: Sun 01 Jan 2023 23:24:59 +0000
ROA not before: Sun 01 Jan 2023 23:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36351
IP address blocks: 89.38.52.0/24 maxlen: 24
89.38.54.0/24 maxlen: 24
89.38.53.0/24 maxlen: 24
185.69.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:18:92:1c:4c:8b:f6:a4:b3:fc:09:3e:12:18:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74896c544b461d8b062eff9e3d2c29cd3cc960ec
Validity
Not Before: Jan 1 23:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06c85b4696016a1d4fdb2de4c03cb15af11c35cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:74:60:35:2c:23:8b:dc:ef:ed:12:32:0d:ef:
35:73:10:94:93:6c:9a:4d:9f:b9:32:8a:b0:10:24:
12:ac:5f:1f:78:5f:82:ba:77:47:d3:12:76:34:10:
ad:9e:31:83:d2:35:ae:1e:ae:b0:03:05:e3:0f:8f:
e9:72:e1:8b:9b:b2:d1:4b:bf:53:30:cc:9b:16:7a:
2b:a7:0f:b6:b0:9a:62:77:44:76:40:a0:7f:f4:4c:
54:a7:e8:3a:75:fe:a8:b9:47:69:b8:db:76:2d:4a:
45:7e:2f:82:fe:08:b2:c6:f1:7d:09:85:ae:72:26:
5d:fe:79:68:b1:54:c4:46:d5:8b:4c:39:db:03:e2:
a7:1b:8b:d8:1f:e0:87:95:e9:33:f1:ed:67:7c:2e:
c0:9b:c7:cc:b3:f7:0c:fd:74:e6:22:05:f5:8a:d7:
ae:26:e0:d0:a6:54:db:ba:18:c9:10:4a:76:07:4e:
c0:15:46:ba:39:36:26:93:a9:56:d3:fa:ec:c3:61:
23:cd:3f:af:7d:9e:a5:a9:7f:f7:16:85:71:24:20:
82:91:ab:69:82:44:8c:47:b2:87:27:69:9c:56:aa:
06:f6:01:59:d5:61:0a:c3:f4:dd:7b:49:ae:97:aa:
5d:34:ad:b5:98:7e:92:2e:9e:e3:49:71:94:a4:66:
0f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C8:5B:46:96:01:6A:1D:4F:DB:2D:E4:C0:3C:B1:5A:F1:1C:35:CD
X509v3 Authority Key Identifier:
keyid:74:89:6C:54:4B:46:1D:8B:06:2E:FF:9E:3D:2C:29:CD:3C:C9:60:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dIlsVEtGHYsGLv-ePSwpzTzJYOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/BshbRpYBah1P2y3kwDyxWvEcNc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/dIlsVEtGHYsGLv-ePSwpzTzJYOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.52.0-89.38.54.255
185.69.240.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:0f:bc:f6:2c:86:28:35:e4:be:f9:ee:0d:c2:52:0b:f8:99:
6c:20:13:64:60:cc:f3:69:c3:89:e2:fe:63:bf:81:50:dd:1e:
35:fc:bf:61:bc:b7:8e:fc:4a:0a:7d:de:1a:87:ff:bc:56:bc:
b6:70:16:07:83:e0:b5:9a:72:8f:85:94:07:ca:41:f0:0d:19:
02:eb:4f:35:5e:83:e7:75:ca:6b:c3:72:41:ef:a0:f3:33:b8:
46:82:fe:e3:7f:c1:a7:78:2e:4a:ec:80:7f:10:55:12:53:1c:
86:c2:d2:e1:c8:1f:02:61:79:79:b4:64:17:8e:d9:60:68:bd:
3a:a3:49:30:77:73:79:63:9a:fe:f1:a4:0d:38:03:35:60:6a:
35:8e:c1:92:c8:0f:d5:b1:41:56:ea:55:2f:0b:0a:7c:6d:1c:
8f:73:54:64:04:99:ce:3b:fc:03:1b:fe:90:e2:c8:b1:8b:63:
d5:f1:0b:12:0a:63:fa:aa:44:5b:99:ad:1d:f3:a4:e8:f9:ba:
bf:7c:40:6c:ef:52:32:19:0a:65:eb:e1:66:99:c3:ef:26:03:
ae:02:38:77:8f:d5:be:e5:11:8a:4d:bb:d8:28:07:87:2d:0b:
b3:00:ff:96:e0:21:a3:11:b2:47:03:e9:9f:70:e5:df:c6:f7:
e2:5f:9e:39
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvpxiSHEyL9qSz/Ak+EhhiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ODk2YzU0NGI0NjFkOGIwNjJlZmY5ZTNkMmMyOWNkM2Nj
OTYwZWMwHhcNMjMwMTAxMjMyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmM4NWI0Njk2MDE2YTFkNGZkYjJkZTRjMDNjYjE1YWYxMWMzNWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3RgNSwji9zv7RIyDe81cxCUk2ya
TZ+5MoqwECQSrF8feF+CundH0xJ2NBCtnjGD0jWuHq6wAwXjD4/pcuGLm7LRS79T
MMybFnorpw+2sJpid0R2QKB/9ExUp+g6df6ouUdpuNt2LUpFfi+C/giyxvF9CYWu
ciZd/nlosVTERtWLTDnbA+KnG4vYH+CHlekz8e1nfC7Am8fMs/cM/XTmIgX1iteu
JuDQplTbuhjJEEp2B07AFUa6OTYmk6lW0/rsw2EjzT+vfZ6lqX/3FoVxJCCCkatp
gkSMR7KHJ2mcVqoG9gFZ1WEKw/Tde0mul6pdNK21mH6SLp7jSXGUpGYP9QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAbIW0aWAWodT9st5MA8sVrxHDXNMB8GA1UdIwQY
MBaAFHSJbFRLRh2LBi7/nj0sKc08yWDsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZElsc1ZFdEdIWXNHTHYtZVBTd3B6VHpKWU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYzIyYTktZjg3MS00MDBjLThmY2Yt
Y2YxNzQwODIzNDAwLzEvQnNoYlJwWUJhaDFQMnkza3dEeXhXdkVjTmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYzIyYTktZjg3MS00MDBjLThmY2YtY2YxNzQwODIzNDAw
LzEvZElsc1ZFdEdIWXNHTHYtZVBTd3B6VHpKWU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJZJjQD
BABZJjYDBAC5RfAwDQYJKoZIhvcNAQELBQADggEBAF8PvPYshig15L757g3CUgv4
mWwgE2RgzPNpw4ni/mO/gVDdHjX8v2G8t478Sgp93hqH/7xWvLZwFgeD4LWaco+F
lAfKQfANGQLrTzVeg+d1ymvDckHvoPMzuEaC/uN/wad4LkrsgH8QVRJTHIbC0uHI
HwJheXm0ZBeO2WBovTqjSTB3c3ljmv7xpA04AzVgajWOwZLID9WxQVbqVS8LCnxt
HI9zVGQEmc47/AMb/pDiyLGLY9XxCxIKY/qqRFuZrR3zpOj5ur98QGzvUjIZCmXr
4WaZw+8mA64COHeP1b7lEYpNu9goB4ctC7MA/5bgIaMRskcD6Z9w5d/G9+Jfnjk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:54 2024 by rpki-client on console-fra.rpki-client.org