Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BqaavEkmV9D2Hf8CdejZ0iaw794.roa
File: BqaavEkmV9D2Hf8CdejZ0iaw794.roa (raw, json)
Hash identifier: fo0Td/6jLQqPuDjex7Dp9uvLmbTENyCDnqZl93VYRsk=
Subject key identifier: 06:A6:9A:BC:49:26:57:D0:F6:1D:FF:02:75:E8:D9:D2:26:B0:EF:DE
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018A980F8C36100B43FACB8FF8A599F0CDBD
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BqaavEkmV9D2Hf8CdejZ0iaw794.roa
Signing time: Fri 15 Sep 2023 08:57:50 +0000
ROA not before: Fri 15 Sep 2023 08:57:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 185.238.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Oct 2023 09:41:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:98:0f:8c:36:10:0b:43:fa:cb:8f:f8:a5:99:f0:cd:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 15 08:57:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06a69abc492657d0f61dff0275e8d9d226b0efde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b2:4f:83:59:da:7f:9a:d7:92:78:9b:cc:9c:
16:70:18:56:a1:cf:b9:2e:be:f5:c0:a2:d1:06:29:
42:6b:6d:23:85:e6:ee:10:d7:2e:24:3f:ba:b4:96:
db:8a:68:60:fc:c1:40:85:4d:6d:c8:a6:a5:97:e2:
ac:c5:e2:2d:33:30:6c:ec:de:c7:fc:bf:0d:83:62:
af:e8:52:29:3a:cf:6e:46:e2:87:11:c1:4c:fe:fe:
10:fb:0c:96:6f:4b:e8:97:db:09:9e:a8:37:f7:81:
1a:19:9d:58:02:a9:e7:38:a5:6e:05:eb:85:fb:bd:
d4:7a:49:59:28:13:34:a0:96:76:e4:78:2e:18:ab:
01:da:72:45:96:7a:0c:79:71:43:33:fc:cc:aa:13:
92:50:58:c2:57:5b:6b:7d:c0:c2:6f:d4:d9:c6:8f:
4a:b6:17:d6:28:e4:2c:ab:5b:8d:6a:be:28:8a:df:
d1:70:5c:ea:dc:be:1c:68:42:6b:d7:0e:9f:ab:5c:
13:e7:78:4d:ed:54:f8:87:98:df:20:e5:02:fd:47:
55:49:08:03:f5:3c:b1:a9:ec:50:39:a3:3d:fd:21:
1e:66:94:8d:ea:d4:34:73:73:57:2e:0f:9a:22:d6:
a9:5b:b4:77:1b:2f:12:11:25:0c:73:0f:e7:ba:7d:
9c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A6:9A:BC:49:26:57:D0:F6:1D:FF:02:75:E8:D9:D2:26:B0:EF:DE
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BqaavEkmV9D2Hf8CdejZ0iaw794.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.229.0/24
Signature Algorithm: sha256WithRSAEncryption
03:3a:cc:58:50:6d:5e:26:bb:4d:9a:14:c0:f5:bf:68:77:ea:
e7:2c:94:7e:5d:cf:d5:9f:c9:5b:23:22:ca:93:fc:fd:55:ac:
46:6c:46:92:b2:c7:7c:28:b4:cc:70:ac:4b:78:95:9e:40:84:
14:a0:8b:da:63:b2:39:e7:26:76:d7:c2:cc:ad:c9:3b:12:75:
9b:32:52:8a:5f:86:ba:a5:9a:59:b1:01:33:2c:5c:d7:7c:21:
e1:0a:d0:33:ea:ba:81:eb:9b:ab:97:97:a9:4b:9e:c5:82:c7:
3e:07:25:2b:2d:fe:9a:6e:02:56:9a:0b:c9:83:f4:0b:4f:dc:
2c:cb:ee:6c:9c:ac:7c:b5:3b:ad:e2:6f:65:d8:0d:5a:73:3d:
f4:a3:07:b5:30:4a:03:03:3a:d3:4a:1d:92:9c:57:c4:9f:ef:
9a:75:b9:de:e2:12:2b:7c:be:67:a1:b0:e2:17:8a:91:98:70:
d1:2f:61:c7:0d:25:83:6d:6c:ec:57:9c:67:83:78:4e:61:12:
b5:7a:6a:da:ee:8b:00:8f:89:a7:df:c0:93:f1:83:54:39:0a:
d5:44:d3:0e:c5:17:97:d4:2f:54:7f:21:2f:77:e2:d5:34:ee:
58:e3:d2:da:30:af:21:64:f8:17:4f:08:52:94:97:15:5e:55:
4f:57:81:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqYD4w2EAtD+suP+KWZ8M29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwOTE1MDg1NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmE2OWFiYzQ5MjY1N2QwZjYxZGZmMDI3NWU4ZDlkMjI2YjBlZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLJPg1naf5rXknibzJwWcBhWoc+5
Lr71wKLRBilCa20jhebuENcuJD+6tJbbimhg/MFAhU1tyKall+KsxeItMzBs7N7H
/L8Ng2Kv6FIpOs9uRuKHEcFM/v4Q+wyWb0vol9sJnqg394EaGZ1YAqnnOKVuBeuF
+73UeklZKBM0oJZ25HguGKsB2nJFlnoMeXFDM/zMqhOSUFjCV1trfcDCb9TZxo9K
thfWKOQsq1uNar4oit/RcFzq3L4caEJr1w6fq1wT53hN7VT4h5jfIOUC/UdVSQgD
9TyxqexQOaM9/SEeZpSN6tQ0c3NXLg+aItapW7R3Gy8SESUMcw/nun2cwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAammrxJJlfQ9h3/AnXo2dImsO/eMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQnFhYXZFa21WOUQySGY4Q2RlalowaWF3Nzk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue7lMA0G
CSqGSIb3DQEBCwUAA4IBAQADOsxYUG1eJrtNmhTA9b9od+rnLJR+Xc/Vn8lbIyLK
k/z9VaxGbEaSssd8KLTMcKxLeJWeQIQUoIvaY7I55yZ218LMrck7EnWbMlKKX4a6
pZpZsQEzLFzXfCHhCtAz6rqB65url5epS57Fgsc+ByUrLf6abgJWmgvJg/QLT9ws
y+5snKx8tTut4m9l2A1acz30owe1MEoDAzrTSh2SnFfEn++adbne4hIrfL5nobDi
F4qRmHDRL2HHDSWDbWzsV5xng3hOYRK1emra7osAj4mn38CT8YNUOQrVRNMOxReX
1C9UfyEvd+LVNO5Y49LaMK8hZPgXTwhSlJcVXlVPV4HO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org