Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/Bwpo3AuQDFZZjzOqzw96c4RCM6w.roa
File: Bwpo3AuQDFZZjzOqzw96c4RCM6w.roa (raw, json)
Hash identifier: KrpqkQj4Vx1BGUR1GsE1cpTWh1FfMq6S2AExEzi4G9U=
Subject key identifier: 07:0A:68:DC:0B:90:0C:56:59:8F:33:AA:CF:0F:7A:73:84:42:33:AC
Certificate issuer: /CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Certificate serial: 018CC802FA4AEDC8710CE163740B2B80DF32
Authority key identifier: 8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/Bwpo3AuQDFZZjzOqzw96c4RCM6w.roa
Signing time: Tue 02 Jan 2024 02:31:27 +0000
ROA not before: Tue 02 Jan 2024 02:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 79.143.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:fa:4a:ed:c8:71:0c:e1:63:74:0b:2b:80:df:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Validity
Not Before: Jan 2 02:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=070a68dc0b900c56598f33aacf0f7a73844233ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:67:e1:3a:9e:d3:ae:fb:8c:03:b0:ae:54:fe:
f8:3c:01:59:90:48:50:95:8b:7a:49:96:90:c1:ac:
b3:b1:a0:63:ff:e2:5a:00:0b:44:bd:5b:16:f4:2e:
59:3f:97:d3:53:51:fb:12:da:d4:19:39:7c:db:a9:
e6:11:e5:f8:33:29:64:58:1a:cd:e7:92:0a:05:d0:
40:2d:cc:88:f9:62:2f:51:f5:22:3b:f8:bb:dc:3a:
19:1a:2a:3b:23:07:03:c2:69:8c:d2:3a:17:8b:4a:
d8:e2:f5:4a:d8:e0:c2:b3:39:ab:14:f2:a5:ad:76:
ec:ee:2e:cb:03:d6:f8:c9:72:ba:71:e4:da:5b:02:
45:9b:48:6d:96:9c:b1:48:d0:d0:c8:e7:00:66:73:
b4:53:e9:44:97:39:49:2a:cc:00:cb:93:7b:0a:93:
97:c2:2b:02:51:15:94:e7:4a:4b:86:7a:cb:ec:c7:
bb:1e:45:24:90:e1:50:e4:4d:a2:f5:2f:4d:56:89:
5b:80:c3:8e:de:09:0c:e8:a5:97:8f:7f:38:99:8b:
8e:aa:ff:1a:bf:59:93:ef:73:9e:b3:fc:c8:a1:64:
81:3b:9d:19:38:ee:9e:02:c3:84:02:80:3c:1a:cf:
04:bd:02:ff:f4:3f:ab:c6:28:f8:de:65:6c:21:bd:
56:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:0A:68:DC:0B:90:0C:56:59:8F:33:AA:CF:0F:7A:73:84:42:33:AC
X509v3 Authority Key Identifier:
keyid:8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/Bwpo3AuQDFZZjzOqzw96c4RCM6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.143.156.0/24
Signature Algorithm: sha256WithRSAEncryption
34:cf:89:1e:55:ae:38:49:fc:20:70:35:3c:fe:20:74:ec:63:
84:e5:90:9e:6e:99:72:75:2f:db:4b:67:bd:23:77:f4:52:dd:
24:0b:17:e0:65:d5:a8:b1:db:b4:20:9f:7c:d5:0d:c5:0e:13:
87:99:be:f9:af:96:5d:a4:0c:f4:bf:b5:96:17:35:66:e7:21:
d5:fe:80:8b:de:cc:e0:b9:26:b7:aa:13:93:ea:00:ad:50:bd:
f5:a0:fa:b9:24:6a:61:b8:80:9b:ad:d2:b8:9d:39:74:a8:23:
d7:a3:3d:19:72:40:61:9b:9e:12:54:de:9a:30:1d:c2:0a:e8:
70:ff:fa:c5:21:61:ce:5a:90:1f:da:98:25:ed:8d:94:4a:f8:
30:f4:0b:a4:80:9e:97:c9:c9:f0:8b:0c:b7:5a:0b:d1:64:58:
13:f2:8f:7f:0f:1a:ed:bf:09:83:2b:dd:93:ce:92:f5:28:0b:
c0:b8:c6:47:a4:5b:cf:6a:11:b0:ba:66:f0:98:69:2d:81:e3:
20:db:be:f5:c7:05:36:62:2b:69:71:4d:f7:29:91:a3:80:d7:
bc:38:4f:8a:e8:32:48:52:94:5e:ab:d0:63:05:f4:c1:68:7c:
0f:73:cd:bd:62:9d:2e:70:56:d6:84:ee:09:57:e1:47:2a:d0:
57:fe:bf:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAvpK7chxDOFjdAsrgN8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNzg5NjNiM2M0ZjJkZDE4N2MyMDQzN2RmMWQ3ZDljMTY4
Y2FiODEwHhcNMjQwMTAyMDIzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzBhNjhkYzBiOTAwYzU2NTk4ZjMzYWFjZjBmN2E3Mzg0NDIzM2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2fhOp7TrvuMA7CuVP74PAFZkEhQ
lYt6SZaQwayzsaBj/+JaAAtEvVsW9C5ZP5fTU1H7EtrUGTl826nmEeX4MylkWBrN
55IKBdBALcyI+WIvUfUiO/i73DoZGio7IwcDwmmM0joXi0rY4vVK2ODCszmrFPKl
rXbs7i7LA9b4yXK6ceTaWwJFm0htlpyxSNDQyOcAZnO0U+lElzlJKswAy5N7CpOX
wisCURWU50pLhnrL7Me7HkUkkOFQ5E2i9S9NVolbgMOO3gkM6KWXj384mYuOqv8a
v1mT73Oes/zIoWSBO50ZOO6eAsOEAoA8Gs8EvQL/9D+rxij43mVsIb1WWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAcKaNwLkAxWWY8zqs8PenOEQjOsMB8GA1UdIwQY
MBaAFI94ljs8Ty3Rh8IEN98dfZwWjKuBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgt
MWVmOWYyMzE5NTIyLzEvQndwbzNBdVFERlpaanpPcXp3OTZjNFJDTTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgtMWVmOWYyMzE5NTIy
LzEvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT4+cMA0G
CSqGSIb3DQEBCwUAA4IBAQA0z4keVa44SfwgcDU8/iB07GOE5ZCebplydS/bS2e9
I3f0Ut0kCxfgZdWosdu0IJ981Q3FDhOHmb75r5ZdpAz0v7WWFzVm5yHV/oCL3szg
uSa3qhOT6gCtUL31oPq5JGphuICbrdK4nTl0qCPXoz0ZckBhm54SVN6aMB3CCuhw
//rFIWHOWpAf2pgl7Y2USvgw9AukgJ6Xycnwiwy3WgvRZFgT8o9/DxrtvwmDK92T
zpL1KAvAuMZHpFvPahGwumbwmGktgeMg2771xwU2YitpcU33KZGjgNe8OE+K6DJI
UpReq9BjBfTBaHwPc829Yp0ucFbWhO4JV+FHKtBX/r/5
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:57 2025 by rpki-client