Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/bvCWhIWYliXU_RfrqOKjkQnoIVU.roa
File: bvCWhIWYliXU_RfrqOKjkQnoIVU.roa (raw, json)
Hash identifier: KXCr/Z5+cb2EPTvtNZhIn8LBkBS6z1i19acSrlnAIFs=
Subject key identifier: 6E:F0:96:84:85:98:96:25:D4:FD:17:EB:A8:E2:A3:91:09:E8:21:55
Certificate issuer: /CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Certificate serial: 01899777F2275C28CF06689176822FE778CC
Authority key identifier: 9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/bvCWhIWYliXU_RfrqOKjkQnoIVU.roa
Signing time: Thu 27 Jul 2023 13:09:27 +0000
ROA not before: Thu 27 Jul 2023 13:09:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 92.249.38.0/24 maxlen: 24
92.249.37.0/24 maxlen: 24
92.249.36.0/24 maxlen: 24
92.249.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Sep 2023 07:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:97:77:f2:27:5c:28:cf:06:68:91:76:82:2f:e7:78:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Validity
Not Before: Jul 27 13:09:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ef0968485989625d4fd17eba8e2a39109e82155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0f:b2:2e:82:4c:24:f3:08:3f:c8:1d:af:e0:
94:38:c2:8d:1b:44:71:91:45:8a:18:46:fe:22:df:
21:7b:80:69:4e:fe:3b:ee:7b:cd:45:0b:2d:d1:02:
ec:19:b3:95:43:42:49:d7:45:0e:b8:b9:38:56:11:
3c:8e:2d:ea:c3:10:f4:31:c9:be:c6:08:d7:14:8a:
90:ee:c0:2b:80:f4:19:a9:bc:cf:ee:b0:78:47:2a:
ca:2f:3f:80:2d:c9:01:b7:2a:e4:9d:73:7c:f1:65:
94:6e:eb:d5:a6:47:8a:8f:2a:15:ff:ce:15:82:9f:
b8:cd:77:83:e6:36:26:e3:50:a2:eb:53:07:3f:9e:
75:2f:86:11:d8:fc:83:30:4d:56:3d:e5:cb:cd:ac:
78:e3:f1:8c:fb:5d:ec:83:4f:a2:6f:1d:d1:be:91:
27:0b:d9:d1:76:16:2b:2a:4a:ce:51:ea:1a:f1:24:
24:e5:5e:7e:d3:27:13:fa:4f:2b:f7:16:bc:6f:8d:
c0:17:dd:ad:a8:63:25:a3:66:93:18:b4:bf:d7:a6:
a9:70:d5:34:82:e1:08:4f:de:7d:92:39:76:ff:f6:
73:0b:19:ab:98:8e:52:c4:81:71:8e:2f:80:07:cd:
b9:6d:c8:33:df:10:cb:e0:0a:a3:f7:d2:d2:79:4b:
89:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F0:96:84:85:98:96:25:D4:FD:17:EB:A8:E2:A3:91:09:E8:21:55
X509v3 Authority Key Identifier:
keyid:9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/bvCWhIWYliXU_RfrqOKjkQnoIVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.36.0/22
Signature Algorithm: sha256WithRSAEncryption
65:a8:04:c4:a2:d0:95:16:32:0b:96:c9:8c:0a:e9:bf:3e:d9:
80:62:ef:95:09:c7:f5:c6:19:54:ae:f1:a3:77:61:8b:6c:9c:
32:fe:75:32:86:b7:6c:0f:bd:77:03:9a:7c:78:c4:87:7e:a2:
67:51:fa:87:6f:ef:2c:72:10:8a:d3:8b:de:05:bb:7f:c7:0e:
d8:b5:c5:db:63:40:26:49:84:8d:9c:46:2c:8b:38:4f:6d:f3:
2e:64:ca:d1:ac:d8:60:3a:9c:2c:39:65:f0:1b:94:92:9e:36:
a3:2a:61:fe:e3:3e:50:cf:1a:ed:fe:71:b0:2c:52:1b:97:66:
5d:f9:cb:08:c0:cc:7e:51:92:3b:d3:b5:94:28:14:22:1e:5c:
81:5a:91:1c:ff:c3:17:08:e4:77:dc:7c:d9:be:ab:19:c1:32:
f3:52:35:3f:83:f1:51:89:f1:b6:3a:61:7d:2a:c4:08:e4:d9:
d8:87:15:8f:aa:5d:d2:19:e2:20:59:ae:01:e2:76:54:de:f7:
9d:b2:2a:63:50:75:2c:6d:b0:dd:87:f2:ba:47:20:d1:aa:b3:
3b:e6:01:c6:08:b7:47:53:2f:8c:84:3a:ca:29:ab:39:b8:a0:
78:cf:c6:5a:d5:da:ba:b5:9c:67:e1:3d:76:e2:f8:24:43:c1:
3d:1c:e6:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmXd/InXCjPBmiRdoIv53jMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjRiMjdkOWYzZGY2ZTE0ZWJjNzllMTQ2ZThiZTMyNzU0
YmY4MDAwHhcNMjMwNzI3MTMwOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWYwOTY4NDg1OTg5NjI1ZDRmZDE3ZWJhOGUyYTM5MTA5ZTgyMTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQ+yLoJMJPMIP8gdr+CUOMKNG0Rx
kUWKGEb+It8he4BpTv477nvNRQst0QLsGbOVQ0JJ10UOuLk4VhE8ji3qwxD0Mcm+
xgjXFIqQ7sArgPQZqbzP7rB4RyrKLz+ALckBtyrknXN88WWUbuvVpkeKjyoV/84V
gp+4zXeD5jYm41Ci61MHP551L4YR2PyDME1WPeXLzax44/GM+13sg0+ibx3RvpEn
C9nRdhYrKkrOUeoa8SQk5V5+0ycT+k8r9xa8b43AF92tqGMlo2aTGLS/16apcNU0
guEIT959kjl2//ZzCxmrmI5SxIFxji+AB825bcgz3xDL4Aqj99LSeUuJOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG7wloSFmJYl1P0X66jio5EJ6CFVMB8GA1UdIwQY
MBaAFJoksn2fPfbhTrx54UbovjJ1S/gAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgt
NDhkNWZmNGJhMjU1LzEvYnZDV2hJV1lsaVhVX1JmcnFPS2prUW5vSVZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgtNDhkNWZmNGJhMjU1
LzEvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXPkkMA0G
CSqGSIb3DQEBCwUAA4IBAQBlqATEotCVFjILlsmMCum/PtmAYu+VCcf1xhlUrvGj
d2GLbJwy/nUyhrdsD713A5p8eMSHfqJnUfqHb+8schCK04veBbt/xw7YtcXbY0Am
SYSNnEYsizhPbfMuZMrRrNhgOpwsOWXwG5SSnjajKmH+4z5Qzxrt/nGwLFIbl2Zd
+csIwMx+UZI707WUKBQiHlyBWpEc/8MXCOR33HzZvqsZwTLzUjU/g/FRifG2OmF9
KsQI5NnYhxWPql3SGeIgWa4B4nZU3vedsipjUHUsbbDdh/K6RyDRqrM75gHGCLdH
Uy+MhDrKKas5uKB4z8Za1dq6tZxn4T124vgkQ8E9HOa8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:22 2024 by rpki-client on console-ams.rpki-client.org