Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/654433-e320-42ae-bb61-570b14833534/1/bhjnPjJqHWANswJ0bBaP15knjoU.roa
File: bhjnPjJqHWANswJ0bBaP15knjoU.roa (raw, json)
Hash identifier: fR03RzdRpn6pq8/v4/gdlhEnS3z2h0kvdq6bJKC4Q4M=
Subject key identifier: 6E:18:E7:3E:32:6A:1D:60:0D:B3:02:74:6C:16:8F:D7:99:27:8E:85
Certificate issuer: /CN=cba0171a02d5e4a75fb40635545ae0064c8cccad
Certificate serial: 018571A7C19BEA2F82CCCF647128DB0067C1
Authority key identifier: CB:A0:17:1A:02:D5:E4:A7:5F:B4:06:35:54:5A:E0:06:4C:8C:CC:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y6AXGgLV5KdftAY1VFrgBkyMzK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/654433-e320-42ae-bb61-570b14833534/1/bhjnPjJqHWANswJ0bBaP15knjoU.roa
Signing time: Mon 02 Jan 2023 08:44:57 +0000
ROA not before: Mon 02 Jan 2023 08:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15404
IP address blocks: 91.213.68.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:c1:9b:ea:2f:82:cc:cf:64:71:28:db:00:67:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cba0171a02d5e4a75fb40635545ae0064c8cccad
Validity
Not Before: Jan 2 08:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e18e73e326a1d600db302746c168fd799278e85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:2c:99:89:d6:fd:56:61:c6:0e:7d:20:0d:b3:
30:97:eb:9c:bc:bc:55:17:11:4b:73:89:b7:90:07:
0e:9e:ce:72:d1:0b:23:73:e5:97:fc:2d:93:10:db:
af:ac:b9:6f:32:4d:09:b9:c9:af:5c:fb:84:0b:4e:
98:72:c0:30:81:37:38:6b:e0:9e:b1:6e:ea:d5:17:
00:d4:dd:d2:c0:8d:26:78:a2:b9:d7:d3:65:47:de:
25:8a:b1:14:cf:c4:ee:37:2b:99:61:75:56:cd:3e:
cd:88:ea:f5:7a:70:aa:cf:53:85:4f:d5:e8:68:a9:
ed:20:25:4c:7f:c2:0f:03:13:4e:ab:7c:13:bf:69:
89:2c:79:ef:c8:26:ae:9c:1e:83:dc:f6:9c:b4:81:
46:33:94:a1:7e:1f:f0:8c:9e:33:47:cd:3b:71:3f:
37:13:7d:d9:bd:3c:c6:da:7f:ca:b5:0c:ab:d9:1f:
76:7e:1d:4f:ef:c1:62:0b:1e:46:04:56:95:ec:e2:
fa:8e:0e:62:94:c0:04:a7:e3:69:12:19:ba:fb:99:
d2:2f:37:4b:d8:73:df:41:e6:d2:1f:7b:30:1c:3b:
6a:6d:60:96:ec:da:8c:c9:24:c9:76:fd:2b:08:ed:
47:74:21:16:44:b8:76:01:a4:04:9a:2d:46:84:3b:
51:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:18:E7:3E:32:6A:1D:60:0D:B3:02:74:6C:16:8F:D7:99:27:8E:85
X509v3 Authority Key Identifier:
keyid:CB:A0:17:1A:02:D5:E4:A7:5F:B4:06:35:54:5A:E0:06:4C:8C:CC:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y6AXGgLV5KdftAY1VFrgBkyMzK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/654433-e320-42ae-bb61-570b14833534/1/bhjnPjJqHWANswJ0bBaP15knjoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/654433-e320-42ae-bb61-570b14833534/1/y6AXGgLV5KdftAY1VFrgBkyMzK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.68.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:23:d6:b0:00:69:25:ff:4f:9a:26:63:11:e0:f9:31:98:d4:
5b:ea:93:9e:d9:d2:b6:08:ea:d7:9f:2f:e5:5e:35:fc:8f:a4:
fb:0a:89:ee:46:72:f4:ed:19:bb:0e:ca:7d:47:a3:2d:f6:37:
69:ac:2b:a7:d6:47:5c:28:48:c7:0e:4c:34:99:3b:1b:16:6e:
fb:02:da:fc:6e:ad:97:42:bf:65:42:13:d9:b0:ae:58:6f:48:
da:6c:0d:59:b3:2e:1a:18:4e:aa:23:ca:ff:0d:08:aa:8e:15:
b6:3b:94:74:b5:c4:7c:dd:de:cf:e2:75:88:c8:24:8f:43:db:
c0:06:31:0b:8e:35:41:02:fe:62:55:e2:15:cd:b7:9a:70:ee:
38:aa:7f:39:f4:ee:63:c4:d9:0b:12:c4:32:1d:fe:47:b1:98:
af:4b:fc:28:63:26:af:45:99:6e:cf:2b:0c:89:57:c2:19:1b:
66:c9:4b:f6:3f:d3:dd:05:59:b3:d6:96:90:83:83:91:c3:cd:
5e:aa:8f:e5:56:7d:3d:94:17:ec:56:58:ce:75:31:63:5a:fe:
66:da:16:3e:28:7d:a9:aa:11:0c:6f:a2:b2:d5:87:8e:f7:fe:
0b:bd:28:81:da:6b:4f:7b:5d:a0:bd:83:52:8c:ce:02:3b:34:
b5:8b:65:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp8Gb6i+CzM9kcSjbAGfBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYTAxNzFhMDJkNWU0YTc1ZmI0MDYzNTU0NWFlMDA2NGM4
Y2NjYWQwHhcNMjMwMTAyMDg0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTE4ZTczZTMyNmExZDYwMGRiMzAyNzQ2YzE2OGZkNzk5Mjc4ZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCyZidb9VmHGDn0gDbMwl+ucvLxV
FxFLc4m3kAcOns5y0Qsjc+WX/C2TENuvrLlvMk0JucmvXPuEC06YcsAwgTc4a+Ce
sW7q1RcA1N3SwI0meKK519NlR94lirEUz8TuNyuZYXVWzT7NiOr1enCqz1OFT9Xo
aKntICVMf8IPAxNOq3wTv2mJLHnvyCaunB6D3PactIFGM5Shfh/wjJ4zR807cT83
E33ZvTzG2n/KtQyr2R92fh1P78FiCx5GBFaV7OL6jg5ilMAEp+NpEhm6+5nSLzdL
2HPfQebSH3swHDtqbWCW7NqMySTJdv0rCO1HdCEWRLh2AaQEmi1GhDtRowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4Y5z4yah1gDbMCdGwWj9eZJ46FMB8GA1UdIwQY
MBaAFMugFxoC1eSnX7QGNVRa4AZMjMytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTZBWEdnTFY1S2RmdEFZMVZGcmdCa3lNekswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC82NTQ0MzMtZTMyMC00MmFlLWJiNjEt
NTcwYjE0ODMzNTM0LzEvYmhqblBqSnFIV0FOc3dKMGJCYVAxNWtuam9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC82NTQ0MzMtZTMyMC00MmFlLWJiNjEtNTcwYjE0ODMzNTM0
LzEveTZBWEdnTFY1S2RmdEFZMVZGcmdCa3lNekswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9VEMA0G
CSqGSIb3DQEBCwUAA4IBAQAqI9awAGkl/0+aJmMR4PkxmNRb6pOe2dK2COrXny/l
XjX8j6T7ConuRnL07Rm7Dsp9R6Mt9jdprCun1kdcKEjHDkw0mTsbFm77Atr8bq2X
Qr9lQhPZsK5Yb0jabA1Zsy4aGE6qI8r/DQiqjhW2O5R0tcR83d7P4nWIyCSPQ9vA
BjELjjVBAv5iVeIVzbeacO44qn859O5jxNkLEsQyHf5HsZivS/woYyavRZluzysM
iVfCGRtmyUv2P9PdBVmz1paQg4ORw81eqo/lVn09lBfsVljOdTFjWv5m2hY+KH2p
qhEMb6Ky1YeO9/4LvSiB2mtPe12gvYNSjM4COzS1i2WU
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:24 2024 by rpki-client on console-fra.rpki-client.org