Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/bkk5PXTcT25sgEmFF8CsftV-ogE.roa
File: bkk5PXTcT25sgEmFF8CsftV-ogE.roa (raw, json)
Hash identifier: DpWhaY5yY6GXwaQn0R/E6wbjWA25VscDJc5xM3Ys9rA=
Subject key identifier: 6E:49:39:3D:74:DC:4F:6E:6C:80:49:85:17:C0:AC:7E:D5:7E:A2:01
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018D7E4A3097F016E7BDC4C6471C5BC8A6F2
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/bkk5PXTcT25sgEmFF8CsftV-ogE.roa
Signing time: Tue 06 Feb 2024 12:00:07 +0000
ROA not before: Tue 06 Feb 2024 12:00:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 185.230.66.0/24 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.113.0/24 maxlen: 24
193.8.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 14:47:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7e:4a:30:97:f0:16:e7:bd:c4:c6:47:1c:5b:c8:a6:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 6 12:00:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e49393d74dc4f6e6c80498517c0ac7ed57ea201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3f:a4:3a:c5:c5:66:20:1d:5d:52:0d:e7:c6:
c8:6c:4e:70:28:33:4d:9c:ff:c2:af:b7:77:cb:61:
e2:06:b9:74:c0:e3:36:b2:a7:67:25:ce:ce:56:9b:
87:79:8f:6a:d2:21:92:ca:5e:6f:d0:38:d6:63:f4:
ab:c5:37:1e:4b:24:01:80:ba:e7:7f:44:bf:5d:ab:
d5:32:d8:0d:ec:df:12:26:dd:7a:fd:86:e3:7a:55:
2a:72:ce:72:e1:4d:2e:6f:cc:10:ef:ea:45:2f:42:
f2:ed:4d:9c:86:a8:75:48:51:11:f0:2c:7b:a0:5a:
fe:e0:05:9d:40:cc:4f:76:75:2f:ca:fa:51:05:3c:
6a:49:3f:be:48:0b:e0:8f:fb:43:f6:3c:2e:a2:22:
f1:4a:b9:50:73:00:1f:92:5d:82:3b:63:a4:ba:5e:
b1:9a:a2:0c:cb:80:4b:7b:f0:3b:03:d8:19:0e:55:
f2:72:8e:8f:1c:db:f1:e5:df:bb:8d:ab:1b:54:03:
c2:fa:18:d7:7c:78:95:22:94:72:9a:9a:6a:b1:53:
09:87:81:a8:cc:e3:12:1d:e0:f2:21:3f:29:1a:f3:
6d:ed:71:1c:7b:70:1c:a8:45:89:75:11:75:ab:8a:
74:7a:b7:62:a3:85:f0:50:60:35:97:f5:ca:db:26:
10:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:49:39:3D:74:DC:4F:6E:6C:80:49:85:17:C0:AC:7E:D5:7E:A2:01
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/bkk5PXTcT25sgEmFF8CsftV-ogE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.66.0/24
193.8.112.0/23
193.8.115.0/24
Signature Algorithm: sha256WithRSAEncryption
93:6a:ef:d0:a2:f5:fa:9c:20:1d:33:b9:b0:29:35:d8:1b:42:
3d:55:e7:d3:b6:73:6f:b5:b8:27:19:80:7f:5a:cf:81:2d:49:
f1:36:fd:b0:38:91:6f:9d:47:29:fd:fb:cb:bb:0a:1e:cc:aa:
d7:30:76:45:de:30:81:c1:af:3e:4b:7a:80:7b:c1:ef:20:47:
e3:80:e3:26:cc:43:fa:46:13:18:5a:24:90:ca:a6:e7:ec:70:
f8:a7:85:33:97:4a:f0:b7:fa:14:25:89:78:6b:8d:58:84:b6:
4e:46:3f:05:16:9b:dc:b0:9a:15:87:47:a2:9a:c4:33:42:4e:
df:f2:2b:a2:bc:cb:06:56:3b:17:01:79:37:9b:49:87:8e:96:
da:cf:91:18:61:15:ed:f7:c4:49:24:d6:66:a9:8b:da:c4:79:
ac:24:1d:24:95:15:61:6c:68:fe:ab:e2:db:3e:ad:cd:0a:8b:
31:4d:6a:81:7b:f9:ad:7c:f9:03:f2:93:8b:3d:5e:f8:f8:00:
64:66:01:35:cc:0b:0a:0b:a1:b7:c9:9a:e2:0e:20:d8:73:f7:
09:c0:01:e4:5b:a7:93:f3:b9:f5:e4:bb:5e:fb:7d:e2:43:b3:
0e:31:0f:d5:13:f0:2d:e8:b8:30:e0:6e:6d:b3:c5:30:4c:9a:
97:4f:2c:b0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1+SjCX8BbnvcTGRxxbyKbyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMjA2MTIwMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQ5MzkzZDc0ZGM0ZjZlNmM4MDQ5ODUxN2MwYWM3ZWQ1N2VhMjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkT+kOsXFZiAdXVIN58bIbE5wKDNN
nP/Cr7d3y2HiBrl0wOM2sqdnJc7OVpuHeY9q0iGSyl5v0DjWY/SrxTceSyQBgLrn
f0S/XavVMtgN7N8SJt16/YbjelUqcs5y4U0ub8wQ7+pFL0Ly7U2chqh1SFER8Cx7
oFr+4AWdQMxPdnUvyvpRBTxqST++SAvgj/tD9jwuoiLxSrlQcwAfkl2CO2Okul6x
mqIMy4BLe/A7A9gZDlXyco6PHNvx5d+7jasbVAPC+hjXfHiVIpRymppqsVMJh4Go
zOMSHeDyIT8pGvNt7XEce3AcqEWJdRF1q4p0erdio4XwUGA1l/XK2yYQZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG5JOT103E9ubIBJhRfArH7VfqIBMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvYmtrNVBYVGNUMjVzZ0VtRkY4Q3NmdFYtb2dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAueZCAwQB
wQhwAwQAwQhzMA0GCSqGSIb3DQEBCwUAA4IBAQCTau/QovX6nCAdM7mwKTXYG0I9
VefTtnNvtbgnGYB/Ws+BLUnxNv2wOJFvnUcp/fvLuwoezKrXMHZF3jCBwa8+S3qA
e8HvIEfjgOMmzEP6RhMYWiSQyqbn7HD4p4Uzl0rwt/oUJYl4a41YhLZORj8FFpvc
sJoVh0eimsQzQk7f8iuivMsGVjsXAXk3m0mHjpbaz5EYYRXt98RJJNZmqYvaxHms
JB0klRVhbGj+q+LbPq3NCosxTWqBe/mtfPkD8pOLPV74+ABkZgE1zAsKC6G3yZri
DiDYc/cJwAHkW6eT87n15Lte+33iQ7MOMQ/VE/At6Lgw4G5ts8UwTJqXTyyw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:27 2024 by rpki-client on console-ams.rpki-client.org