Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/B3bNJyqGPDBmHOThOvfRinXsXcU.roa
File: B3bNJyqGPDBmHOThOvfRinXsXcU.roa (raw, json)
Hash identifier: kA77Wpk4wtBvgFu6CKBElMODOynxj/p8YVFx0723E34=
Subject key identifier: 07:76:CD:27:2A:86:3C:30:66:1C:E4:E1:3A:F7:D1:8A:75:EC:5D:C5
Certificate issuer: /CN=f0ff2c6229af763a99f5349a32510df4a4526143
Certificate serial: 018572A6F49E361868F2338A4C64E4767ABD
Authority key identifier: F0:FF:2C:62:29:AF:76:3A:99:F5:34:9A:32:51:0D:F4:A4:52:61:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/B3bNJyqGPDBmHOThOvfRinXsXcU.roa
Signing time: Mon 02 Jan 2023 13:23:42 +0000
ROA not before: Mon 02 Jan 2023 13:23:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197746
IP address blocks: 194.219.79.0/24 maxlen: 24
62.1.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a6:f4:9e:36:18:68:f2:33:8a:4c:64:e4:76:7a:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0ff2c6229af763a99f5349a32510df4a4526143
Validity
Not Before: Jan 2 13:23:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0776cd272a863c30661ce4e13af7d18a75ec5dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f1:49:b0:5b:aa:57:01:f8:b1:41:b8:68:f7:
27:ff:0a:33:03:4f:f4:e1:65:e6:84:f5:ca:13:12:
61:d3:bc:d9:8f:5e:2b:23:ff:4a:f1:ed:69:01:0f:
15:38:8b:f2:2c:c1:74:8b:9e:a5:f1:d3:ea:f6:d3:
0c:f1:e8:55:2c:2a:de:79:87:1a:91:eb:bd:f2:56:
e5:86:0c:39:05:c9:f9:8a:2d:69:1f:c5:2f:bd:d9:
76:d2:d5:a0:1a:83:b1:ae:57:20:53:37:54:30:de:
d9:82:6e:04:28:c3:38:cb:8b:82:19:fa:1c:3f:8f:
87:d8:19:b5:db:bd:78:70:f1:27:0b:3f:26:04:3a:
ee:2d:7c:92:38:82:e4:e2:52:8e:48:13:66:9a:4f:
ef:de:6e:3b:bd:9e:60:ac:8d:1f:92:e1:3c:02:16:
f9:bb:f4:fa:a7:68:b3:ee:2a:9e:02:ef:25:c3:f7:
b4:09:cd:24:f6:ee:ac:e0:5a:44:bd:ca:f8:6b:0c:
73:78:eb:b0:65:8d:4b:eb:bd:8b:11:45:1b:42:30:
79:8d:8c:c7:93:5b:4c:e5:ea:fc:d7:00:ee:eb:e4:
78:5c:3b:68:5b:46:53:a0:13:d4:25:20:23:bb:aa:
e3:79:3f:67:c8:ab:5c:92:d0:d8:42:e7:a4:1f:e0:
ac:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:76:CD:27:2A:86:3C:30:66:1C:E4:E1:3A:F7:D1:8A:75:EC:5D:C5
X509v3 Authority Key Identifier:
keyid:F0:FF:2C:62:29:AF:76:3A:99:F5:34:9A:32:51:0D:F4:A4:52:61:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/B3bNJyqGPDBmHOThOvfRinXsXcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/8P8sYimvdjqZ9TSaMlEN9KRSYUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.1.216.0/24
194.219.79.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:b6:fa:a2:89:28:60:55:c7:cf:c9:00:05:29:b3:50:e6:2a:
cc:b6:5a:78:24:2f:bd:9c:1d:e7:c7:76:03:6c:a9:ce:c2:d3:
3b:17:d7:4d:f0:8d:f1:3e:04:ba:98:a7:6c:bf:a9:4e:2d:0c:
f8:02:36:38:ee:55:97:75:b5:32:e4:46:e8:9d:25:29:ab:96:
73:78:71:c7:7f:46:39:f3:4b:97:1e:ca:c5:b2:11:28:e0:47:
de:d5:fe:dc:5d:6e:4b:52:e4:b5:a1:82:7d:96:97:dd:c0:6a:
69:a8:2f:a6:1b:74:d6:0d:8a:da:12:b1:2b:ab:34:70:05:aa:
b9:d3:d7:1a:48:38:5a:14:1d:12:bd:a7:2c:fe:1e:97:0d:5e:
28:73:19:50:96:f4:ce:df:49:0a:3e:4a:7e:c1:d6:fd:62:a2:
16:b6:5e:6b:45:4a:49:9d:05:1f:84:1d:ad:f4:41:5f:69:e7:
ed:ba:0a:f8:51:81:05:98:81:cc:18:83:91:0c:3f:b5:e2:26:
46:6e:0a:55:35:d9:45:5a:bd:39:17:1a:50:be:8a:f6:7d:5f:
11:6f:f4:a5:bc:8b:98:00:85:a4:6a:6a:5c:56:ad:1d:06:2b:
d8:cb:3c:f2:8a:ed:e7:6f:fc:3f:62:72:b6:d1:1c:d2:0b:e8:
aa:f7:71:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVypvSeNhho8jOKTGTkdnq9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZmYyYzYyMjlhZjc2M2E5OWY1MzQ5YTMyNTEwZGY0YTQ1
MjYxNDMwHhcNMjMwMTAyMTMyMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzc2Y2QyNzJhODYzYzMwNjYxY2U0ZTEzYWY3ZDE4YTc1ZWM1ZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/FJsFuqVwH4sUG4aPcn/wozA0/0
4WXmhPXKExJh07zZj14rI/9K8e1pAQ8VOIvyLMF0i56l8dPq9tMM8ehVLCreeYca
keu98lblhgw5Bcn5ii1pH8Uvvdl20tWgGoOxrlcgUzdUMN7Zgm4EKMM4y4uCGfoc
P4+H2Bm12714cPEnCz8mBDruLXySOILk4lKOSBNmmk/v3m47vZ5grI0fkuE8Ahb5
u/T6p2iz7iqeAu8lw/e0Cc0k9u6s4FpEvcr4awxzeOuwZY1L672LEUUbQjB5jYzH
k1tM5er81wDu6+R4XDtoW0ZToBPUJSAju6rjeT9nyKtcktDYQuekH+CsLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAd2zScqhjwwZhzk4Tr30Yp17F3FMB8GA1UdIwQY
MBaAFPD/LGIpr3Y6mfU0mjJRDfSkUmFDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFA4c1lpbXZkanFaOVRTYU1sRU45S1JTWVVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTFmYTItYzU4MC00YTAyLWExODYt
ZTY5ZjdhNWQyZDkwLzEvQjNiTkp5cUdQREJtSE9UaE92ZlJpblhzWGNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTFmYTItYzU4MC00YTAyLWExODYtZTY5ZjdhNWQyZDkw
LzEvOFA4c1lpbXZkanFaOVRTYU1sRU45S1JTWVVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPgHYAwQA
wttPMA0GCSqGSIb3DQEBCwUAA4IBAQC0tvqiiShgVcfPyQAFKbNQ5irMtlp4JC+9
nB3nx3YDbKnOwtM7F9dN8I3xPgS6mKdsv6lOLQz4AjY47lWXdbUy5EbonSUpq5Zz
eHHHf0Y580uXHsrFshEo4Efe1f7cXW5LUuS1oYJ9lpfdwGppqC+mG3TWDYraErEr
qzRwBaq509caSDhaFB0Svacs/h6XDV4ocxlQlvTO30kKPkp+wdb9YqIWtl5rRUpJ
nQUfhB2t9EFfaeftugr4UYEFmIHMGIORDD+14iZGbgpVNdlFWr05FxpQvor2fV8R
b/SlvIuYAIWkampcVq0dBivYyzzyiu3nb/w/YnK20RzSC+iq93Ey
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:32 2024 by rpki-client on console-ams.rpki-client.org