Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/BxY5e76PHkLkZ47hlCtvsNlIdZQ.roa
File: BxY5e76PHkLkZ47hlCtvsNlIdZQ.roa (raw, json)
Hash identifier: JlWVpCAOfK8AW4Ifi8oFq2/RiJ6Mqix8qn4RLBqo6Ig=
Subject key identifier: 07:16:39:7B:BE:8F:1E:42:E4:67:8E:E1:94:2B:6F:B0:D9:48:75:94
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 018B27B85CDD0F1A229496D2522758378C8B
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/BxY5e76PHkLkZ47hlCtvsNlIdZQ.roa
Signing time: Fri 13 Oct 2023 06:27:55 +0000
ROA not before: Fri 13 Oct 2023 06:27:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51032
IP address blocks: 62.122.88.0/21 maxlen: 24
178.216.176.0/21 maxlen: 21
91.123.80.0/20 maxlen: 20
89.23.146.0/24 maxlen: 24
89.23.147.0/24 maxlen: 24
89.23.160.0/19 maxlen: 19
89.23.168.0/21 maxlen: 21
178.212.80.0/21 maxlen: 24
89.23.176.0/21 maxlen: 21
91.202.204.0/22 maxlen: 22
89.23.128.0/19 maxlen: 19
89.23.128.0/21 maxlen: 24
89.23.144.0/20 maxlen: 24
31.128.128.0/19 maxlen: 24
2a13:2c80::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:27:b8:5c:dd:0f:1a:22:94:96:d2:52:27:58:37:8c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: Oct 13 06:27:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0716397bbe8f1e42e4678ee1942b6fb0d9487594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:6d:ba:9d:39:80:5b:37:18:0a:56:2f:1b:26:
6a:7e:06:dc:2c:4e:5b:0f:74:71:c9:3c:7b:28:71:
b9:a5:d9:df:8a:1e:2b:c9:79:17:90:0f:1c:35:72:
cb:06:3b:2c:e9:75:5e:68:b2:3b:48:31:d0:6b:2a:
ba:6a:08:ac:d6:e3:01:71:f3:e0:51:10:f2:16:ab:
8a:3a:2d:bc:b9:db:c6:b0:ee:7d:09:5b:ca:56:3e:
de:ab:1e:38:40:aa:b8:7e:9b:45:7f:1d:91:a4:61:
71:d6:25:ae:55:18:ba:e2:98:59:19:70:cf:81:a2:
3c:ea:7d:5d:d3:c7:37:25:27:31:4a:58:1b:38:d8:
ee:22:01:af:80:90:dc:5d:3c:b0:38:a3:ba:b4:64:
33:f9:32:d1:70:8f:b4:76:b1:7f:d4:b5:f6:7c:cc:
d8:4c:a9:2d:c9:ff:3c:e9:de:de:8a:84:4c:a6:6b:
20:a3:5c:f1:cc:0f:ad:92:13:f1:a6:d3:17:39:2c:
06:9b:0f:f4:9f:f5:17:10:de:61:4d:83:ec:92:4d:
18:de:9c:e2:bf:64:a4:65:82:f0:ab:3b:2b:2b:97:
21:30:5d:7b:a9:57:57:3b:44:85:34:3c:00:48:0d:
8e:cf:15:13:94:cf:5a:74:b2:92:52:55:6f:c4:46:
5a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:16:39:7B:BE:8F:1E:42:E4:67:8E:E1:94:2B:6F:B0:D9:48:75:94
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/BxY5e76PHkLkZ47hlCtvsNlIdZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.128.0/19
62.122.88.0/21
89.23.128.0/18
91.123.80.0/20
91.202.204.0/22
178.212.80.0/21
178.216.176.0/21
IPv6:
2a13:2c80::/29
Signature Algorithm: sha256WithRSAEncryption
38:17:fb:7c:6a:4d:97:cf:4d:b1:eb:e6:cb:85:40:53:d5:91:
cc:a8:b5:bc:d3:cf:be:63:8e:ae:dd:b0:91:ed:9e:64:bb:03:
b1:b1:35:14:d4:04:7e:6b:b0:8b:90:cb:c4:9c:2a:f4:a4:d0:
b7:26:da:e5:a9:c9:c9:fd:dd:05:b0:f8:ba:19:f7:4e:75:9d:
ab:4b:b6:43:4a:18:dd:a4:88:92:cb:0c:5b:5f:fa:0c:38:60:
b2:be:20:77:8a:9c:8a:7e:24:2f:59:30:e6:ee:be:9e:24:83:
0f:c2:7d:a0:ca:eb:3d:99:36:64:28:e4:b8:27:d6:ec:de:a4:
31:e6:ad:2d:21:f5:7d:76:52:36:5e:53:16:26:c4:41:b2:3a:
0e:a1:cc:72:00:74:49:eb:40:79:f3:95:6a:91:0e:3b:2d:cc:
0c:d5:45:6b:9c:cf:2a:95:f8:53:8f:65:77:f2:40:88:d7:c1:
c6:8d:f9:ff:07:18:fa:48:f9:91:4e:ae:82:a6:43:7a:60:56:
01:cc:5a:d7:30:9b:c6:42:a7:8b:93:c9:aa:bc:ac:31:e6:99:
36:52:74:4b:d5:03:6b:15:a0:0c:57:0d:4a:b5:d9:a2:3d:ca:
f9:81:50:4e:86:66:5c:8d:92:55:04:83:80:df:c7:18:30:e9:
13:28:ac:5d
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYsnuFzdDxoilJbSUidYN4yLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjMxMDEzMDYyNzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzE2Mzk3YmJlOGYxZTQyZTQ2NzhlZTE5NDJiNmZiMGQ5NDg3NTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg226nTmAWzcYClYvGyZqfgbcLE5b
D3RxyTx7KHG5pdnfih4ryXkXkA8cNXLLBjss6XVeaLI7SDHQayq6agis1uMBcfPg
URDyFquKOi28udvGsO59CVvKVj7eqx44QKq4fptFfx2RpGFx1iWuVRi64phZGXDP
gaI86n1d08c3JScxSlgbONjuIgGvgJDcXTywOKO6tGQz+TLRcI+0drF/1LX2fMzY
TKktyf886d7eioRMpmsgo1zxzA+tkhPxptMXOSwGmw/0n/UXEN5hTYPskk0Y3pzi
v2SkZYLwqzsrK5chMF17qVdXO0SFNDwASA2OzxUTlM9adLKSUlVvxEZaKwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFAcWOXu+jx5C5GeO4ZQrb7DZSHWUMB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEvQnhZNWU3NlBIa0xrWjQ3aGxDdHZzTmxJZFpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFH4CAAwQD
PnpYAwQGWReAAwQEW3tQAwQCW8rMAwQDstRQAwQDstiwMA0EAgACMAcDBQMqEyyA
MA0GCSqGSIb3DQEBCwUAA4IBAQA4F/t8ak2Xz02x6+bLhUBT1ZHMqLW808++Y46u
3bCR7Z5kuwOxsTUU1AR+a7CLkMvEnCr0pNC3JtrlqcnJ/d0FsPi6GfdOdZ2rS7ZD
ShjdpIiSywxbX/oMOGCyviB3ipyKfiQvWTDm7r6eJIMPwn2gyus9mTZkKOS4J9bs
3qQx5q0tIfV9dlI2XlMWJsRBsjoOocxyAHRJ60B585VqkQ47LcwM1UVrnM8qlfhT
j2V38kCI18HGjfn/Bxj6SPmRTq6CpkN6YFYBzFrXMJvGQqeLk8mqvKwx5pk2UnRL
1QNrFaAMVw1KtdmiPcr5gVBOhmZcjZJVBIOA38cYMOkTKKxd
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:28 2024 by rpki-client on console-fra.rpki-client.org