Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/bGbCLUZqZfXFIdsHcOwgTOLwAOk.roa
File: bGbCLUZqZfXFIdsHcOwgTOLwAOk.roa (raw, json)
Hash identifier: JEyCN+6B8lSKh5Y9H4p/om35IFh2GWnFMbLiJrKzRMk=
Subject key identifier: 6C:66:C2:2D:46:6A:65:F5:C5:21:DB:07:70:EC:20:4C:E2:F0:00:E9
Certificate issuer: /CN=d99a47cdc89f46342f90b0da3c30d9ec5fd63238
Certificate serial: 018B6176C743B879D1C95C9E5BA3E71E63E8
Authority key identifier: D9:9A:47:CD:C8:9F:46:34:2F:90:B0:DA:3C:30:D9:EC:5F:D6:32:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/bGbCLUZqZfXFIdsHcOwgTOLwAOk.roa
Signing time: Tue 24 Oct 2023 11:34:15 +0000
ROA not before: Tue 24 Oct 2023 11:34:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205005
IP address blocks: 195.32.56.0/21 maxlen: 21
195.32.32.0/21 maxlen: 21
195.32.40.0/21 maxlen: 21
195.32.48.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:76:c7:43:b8:79:d1:c9:5c:9e:5b:a3:e7:1e:63:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d99a47cdc89f46342f90b0da3c30d9ec5fd63238
Validity
Not Before: Oct 24 11:34:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c66c22d466a65f5c521db0770ec204ce2f000e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:36:c7:00:1a:15:2b:0c:c5:c0:1e:6a:d0:6d:
7c:a3:60:3a:cd:6d:28:46:b0:55:f3:05:c2:39:8f:
7b:64:4c:0b:4b:d0:df:27:2a:6a:4b:9b:de:51:f6:
ca:96:2e:81:46:58:1c:86:a7:14:8d:b1:22:b8:ff:
b6:68:a0:39:cd:2d:45:ae:06:74:a1:78:48:4b:d6:
dc:4a:09:53:b5:b1:d2:4c:ed:2a:58:a2:b2:48:0c:
4d:71:50:70:f3:fc:82:b4:5d:ef:3d:c8:54:37:19:
81:1d:9c:e3:2d:b2:07:4f:64:0b:e2:ff:1f:da:65:
74:8f:ff:4b:4f:11:eb:1a:17:3d:f0:26:c4:0c:80:
56:0b:2e:5c:5e:4a:2c:74:3a:5f:c4:de:0a:30:6d:
37:23:98:1a:07:5d:5b:78:4d:e5:7b:6a:4c:5b:ca:
06:62:7f:4f:f6:61:94:41:56:d9:ea:80:1f:83:21:
35:69:04:8f:33:2f:99:cf:a6:93:6b:a8:28:74:b5:
34:58:4d:32:14:9f:59:51:b9:f0:25:eb:e7:99:25:
88:15:d1:1c:3c:12:18:86:60:27:62:a2:96:61:e7:
f5:f0:97:63:f6:4b:24:6e:a4:ac:9a:2c:4f:cd:be:
a4:78:03:42:44:34:f7:ad:7e:28:6d:df:5e:08:9b:
b7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:66:C2:2D:46:6A:65:F5:C5:21:DB:07:70:EC:20:4C:E2:F0:00:E9
X509v3 Authority Key Identifier:
keyid:D9:9A:47:CD:C8:9F:46:34:2F:90:B0:DA:3C:30:D9:EC:5F:D6:32:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/bGbCLUZqZfXFIdsHcOwgTOLwAOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.32.32.0/19
Signature Algorithm: sha256WithRSAEncryption
4e:d6:b6:d7:1c:54:6f:37:8e:5a:00:ee:e0:81:4c:01:70:e7:
87:4f:91:c6:b8:4b:36:cd:1b:45:34:7a:e7:ab:9f:18:f8:9c:
e8:ac:e0:44:6d:d1:9f:01:fd:a9:43:3e:fc:c8:17:d0:28:4f:
db:d6:73:88:78:a4:ca:27:df:11:60:26:d2:29:31:4b:6a:2a:
a2:ff:50:81:a2:3c:59:93:08:72:81:ea:bf:62:9c:97:44:ec:
70:c6:db:3f:2c:2e:de:bf:0d:dd:c6:4e:e6:7a:3d:bf:d3:a5:
85:4b:71:15:fd:1e:f7:e7:fa:fd:7f:e5:02:15:e5:96:be:a4:
3b:1f:cc:2f:6c:94:d2:b3:0f:64:78:c6:49:b9:dd:36:7f:46:
dc:2b:b7:b0:6c:35:5a:6c:c0:6d:2f:b5:86:a5:cb:13:8f:49:
96:6b:2f:a6:f1:27:48:52:ff:d8:c6:45:88:b3:a8:c5:87:64:
82:13:2b:92:54:d1:1d:07:78:04:38:25:49:6d:b8:7e:99:8c:
3c:94:a7:1e:60:f5:99:1d:3c:13:08:48:4d:a5:ce:b0:dd:fd:
9a:94:2c:a6:2c:7c:8a:72:3c:c5:9b:73:e1:29:42:dc:23:a5:
c7:ee:da:52:a6:4a:62:7e:ae:8d:cb:2b:c8:2a:2c:5d:06:12:
a3:06:b4:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYthdsdDuHnRyVyeW6PnHmPoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OWE0N2NkYzg5ZjQ2MzQyZjkwYjBkYTNjMzBkOWVjNWZk
NjMyMzgwHhcNMjMxMDI0MTEzNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzY2YzIyZDQ2NmE2NWY1YzUyMWRiMDc3MGVjMjA0Y2UyZjAwMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzbHABoVKwzFwB5q0G18o2A6zW0o
RrBV8wXCOY97ZEwLS9DfJypqS5veUfbKli6BRlgchqcUjbEiuP+2aKA5zS1FrgZ0
oXhIS9bcSglTtbHSTO0qWKKySAxNcVBw8/yCtF3vPchUNxmBHZzjLbIHT2QL4v8f
2mV0j/9LTxHrGhc98CbEDIBWCy5cXkosdDpfxN4KMG03I5gaB11beE3le2pMW8oG
Yn9P9mGUQVbZ6oAfgyE1aQSPMy+Zz6aTa6godLU0WE0yFJ9ZUbnwJevnmSWIFdEc
PBIYhmAnYqKWYef18Jdj9kskbqSsmixPzb6keANCRDT3rX4obd9eCJu3/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGxmwi1GamX1xSHbB3DsIEzi8ADpMB8GA1UdIwQY
MBaAFNmaR83In0Y0L5Cw2jww2exf1jI4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpwSHpjaWZSalF2a0xEYVBERFo3Rl9XTWpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kMzBlZWYtNDk1ZS00M2JkLTkxOWMt
YTJhMGUyZGI0OWQwLzEvYkdiQ0xVWnFaZlhGSWRzSGNPd2dUT0x3QU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kMzBlZWYtNDk1ZS00M2JkLTkxOWMtYTJhMGUyZGI0OWQw
LzEvMlpwSHpjaWZSalF2a0xEYVBERFo3Rl9XTWpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFwyAgMA0G
CSqGSIb3DQEBCwUAA4IBAQBO1rbXHFRvN45aAO7ggUwBcOeHT5HGuEs2zRtFNHrn
q58Y+JzorOBEbdGfAf2pQz78yBfQKE/b1nOIeKTKJ98RYCbSKTFLaiqi/1CBojxZ
kwhygeq/YpyXROxwxts/LC7evw3dxk7mej2/06WFS3EV/R735/r9f+UCFeWWvqQ7
H8wvbJTSsw9keMZJud02f0bcK7ewbDVabMBtL7WGpcsTj0mWay+m8SdIUv/YxkWI
s6jFh2SCEyuSVNEdB3gEOCVJbbh+mYw8lKceYPWZHTwTCEhNpc6w3f2alCymLHyK
cjzFm3PhKULcI6XH7tpSpkpifq6NyyvIKixdBhKjBrRg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:21 2024 by rpki-client on console-fra.rpki-client.org