Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/6ef09b-802a-45f7-9e7f-06d530cefd8a/1/BFp3wrvJI_82JAiOnz5J9F5fxDI.roa
File: BFp3wrvJI_82JAiOnz5J9F5fxDI.roa (raw, json)
Hash identifier: UGFt70UQFIv52NAtE5HMo6wX3gj138oztwtF4bJDN48=
Subject key identifier: 04:5A:77:C2:BB:C9:23:FF:36:24:08:8E:9F:3E:49:F4:5E:5F:C4:32
Certificate issuer: /CN=efea177bcc2b0ef64cab604e6e6427b1ade0bf69
Certificate serial: 01856BDC77D3B3B3A4304C905F99373C8C12
Authority key identifier: EF:EA:17:7B:CC:2B:0E:F6:4C:AB:60:4E:6E:64:27:B1:AD:E0:BF:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7-oXe8wrDvZMq2BObmQnsa3gv2k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/6ef09b-802a-45f7-9e7f-06d530cefd8a/1/BFp3wrvJI_82JAiOnz5J9F5fxDI.roa
Signing time: Sun 01 Jan 2023 05:44:48 +0000
ROA not before: Sun 01 Jan 2023 05:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209041
IP address blocks: 81.21.225.0/24 maxlen: 24
81.21.224.0/24 maxlen: 24
81.21.227.0/24 maxlen: 24
2a0d:26c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:77:d3:b3:b3:a4:30:4c:90:5f:99:37:3c:8c:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efea177bcc2b0ef64cab604e6e6427b1ade0bf69
Validity
Not Before: Jan 1 05:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=045a77c2bbc923ff3624088e9f3e49f45e5fc432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:14:86:57:49:87:0e:1d:90:cb:05:bd:ac:73:
cb:ec:6d:34:4b:12:02:19:91:4f:87:ad:4b:f9:73:
4e:c1:5f:f7:16:da:03:cb:4e:15:07:c1:8e:fc:a2:
ca:ac:13:bc:71:65:86:08:04:aa:e9:b7:af:9a:50:
c8:7a:89:95:1e:84:a6:90:86:be:b2:72:b9:08:d7:
ed:3c:31:88:15:a2:24:e0:fa:7b:0a:e5:73:03:a3:
72:47:25:01:01:11:1d:77:7c:08:9d:9e:6d:22:aa:
e0:9a:ec:12:3b:f2:ae:4c:93:98:ef:40:cc:f3:d0:
36:a3:07:af:3e:72:72:85:19:ff:ac:03:58:76:2f:
1f:49:6a:22:ea:7c:2b:35:eb:7f:fb:08:00:e6:52:
aa:65:24:b6:f6:b3:c5:d8:1c:74:42:51:fb:33:8d:
1c:55:f9:69:7f:77:a0:9a:da:80:0f:60:b5:47:1d:
4a:cb:4d:4c:b1:b5:01:8b:5a:27:08:4f:c8:0a:94:
c2:1e:9b:d7:40:99:3c:57:d4:69:f4:c3:f4:8e:c1:
1d:95:a2:a6:92:c6:6c:c1:06:bb:6b:82:2a:77:1a:
7c:b6:50:66:cb:17:53:b9:71:05:ee:92:05:57:b9:
8e:30:2e:d3:a4:af:50:af:21:29:c2:f3:d6:32:12:
02:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:5A:77:C2:BB:C9:23:FF:36:24:08:8E:9F:3E:49:F4:5E:5F:C4:32
X509v3 Authority Key Identifier:
keyid:EF:EA:17:7B:CC:2B:0E:F6:4C:AB:60:4E:6E:64:27:B1:AD:E0:BF:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7-oXe8wrDvZMq2BObmQnsa3gv2k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6ef09b-802a-45f7-9e7f-06d530cefd8a/1/BFp3wrvJI_82JAiOnz5J9F5fxDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6ef09b-802a-45f7-9e7f-06d530cefd8a/1/7-oXe8wrDvZMq2BObmQnsa3gv2k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.224.0/23
81.21.227.0/24
IPv6:
2a0d:26c0::/32
Signature Algorithm: sha256WithRSAEncryption
4a:19:c3:bd:b9:31:93:59:c5:2b:5e:6d:4f:ca:56:21:11:9d:
14:f4:57:32:ef:3a:d6:7b:f3:6b:82:03:3c:30:50:fe:45:62:
ad:38:48:b8:15:47:c2:6e:a3:3c:b1:c0:ae:b6:a6:20:36:90:
93:f5:97:0e:78:f9:58:f1:8a:80:a9:29:a2:91:f2:8e:c1:13:
bc:dc:0b:d3:3a:79:f3:0a:ef:61:1b:84:9d:71:6b:c1:8f:43:
df:cd:74:6a:4f:48:70:b6:38:a6:a3:02:ff:ab:66:1c:80:58:
9c:7a:87:d5:b1:82:9e:c0:03:6c:d1:e9:37:9a:45:32:7f:f7:
c0:c0:2b:3d:bd:1a:d1:f0:d4:53:fb:2d:e8:d1:84:3f:38:b2:
07:a7:bf:eb:76:f9:47:7d:cb:f0:8b:1a:37:1e:99:bc:87:67:
aa:a5:9b:a2:7b:79:d3:b9:6e:96:69:05:bf:36:65:0a:46:5b:
33:38:3c:4f:45:65:e3:56:d6:a9:7f:5d:6f:57:9f:d4:d9:aa:
9e:7f:45:0c:3d:f6:4d:23:90:37:04:52:fa:3a:7d:ba:64:3d:
70:b6:7c:65:f5:f4:33:ad:51:55:3d:f7:41:42:65:48:d7:c4:
9d:66:e2:9a:3c:5c:fa:01:a5:79:9e:9f:a6:09:e8:c5:a4:31:
d9:bb:21:af
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVr3HfTs7OkMEyQX5k3PIwSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZWExNzdiY2MyYjBlZjY0Y2FiNjA0ZTZlNjQyN2IxYWRl
MGJmNjkwHhcNMjMwMTAxMDU0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDVhNzdjMmJiYzkyM2ZmMzYyNDA4OGU5ZjNlNDlmNDVlNWZjNDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRSGV0mHDh2QywW9rHPL7G00SxIC
GZFPh61L+XNOwV/3FtoDy04VB8GO/KLKrBO8cWWGCASq6bevmlDIeomVHoSmkIa+
snK5CNftPDGIFaIk4Pp7CuVzA6NyRyUBAREdd3wInZ5tIqrgmuwSO/KuTJOY70DM
89A2owevPnJyhRn/rANYdi8fSWoi6nwrNet/+wgA5lKqZSS29rPF2Bx0QlH7M40c
Vflpf3egmtqAD2C1Rx1Ky01MsbUBi1onCE/ICpTCHpvXQJk8V9Rp9MP0jsEdlaKm
ksZswQa7a4Iqdxp8tlBmyxdTuXEF7pIFV7mOMC7TpK9QryEpwvPWMhICLQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFARad8K7ySP/NiQIjp8+SfReX8QyMB8GA1UdIwQY
MBaAFO/qF3vMKw72TKtgTm5kJ7Gt4L9pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNy1vWGU4d3JEdlpNcTJCT2JtUW5zYTNndjJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy82ZWYwOWItODAyYS00NWY3LTllN2Yt
MDZkNTMwY2VmZDhhLzEvQkZwM3dydkpJXzgySkFpT256NUo5RjVmeERJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy82ZWYwOWItODAyYS00NWY3LTllN2YtMDZkNTMwY2VmZDhh
LzEvNy1vWGU4d3JEdlpNcTJCT2JtUW5zYTNndjJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBURXgAwQA
URXjMA0EAgACMAcDBQAqDSbAMA0GCSqGSIb3DQEBCwUAA4IBAQBKGcO9uTGTWcUr
Xm1PylYhEZ0U9Fcy7zrWe/NrggM8MFD+RWKtOEi4FUfCbqM8scCutqYgNpCT9ZcO
ePlY8YqAqSmikfKOwRO83AvTOnnzCu9hG4SdcWvBj0PfzXRqT0hwtjimowL/q2Yc
gFiceofVsYKewANs0ek3mkUyf/fAwCs9vRrR8NRT+y3o0YQ/OLIHp7/rdvlHfcvw
ixo3Hpm8h2eqpZuie3nTuW6WaQW/NmUKRlszODxPRWXjVtapf11vV5/U2aqef0UM
PfZNI5A3BFL6On26ZD1wtnxl9fQzrVFVPfdBQmVI18SdZuKaPFz6AaV5np+mCejF
pDHZuyGv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:09 2024 by rpki-client on console-fra.rpki-client.org