Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/60ccfa-0930-46b4-8317-f8ca9cb63317/1/bcSzkmZJFCJBclpVIe49L3SER7o.roa
File: bcSzkmZJFCJBclpVIe49L3SER7o.roa (raw, json)
Hash identifier: mTfIdT4XU9YmNKFzzLAia6FGX0qL4yXwC0xJ2brspcs=
Subject key identifier: 6D:C4:B3:92:66:49:14:22:41:72:5A:55:21:EE:3D:2F:74:84:47:BA
Certificate issuer: /CN=b4430ba11506741d676ea202e291ec7ec6191b17
Certificate serial: 018CCA2A08C2D3C794750B7F7B39478F8EB2
Authority key identifier: B4:43:0B:A1:15:06:74:1D:67:6E:A2:02:E2:91:EC:7E:C6:19:1B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tEMLoRUGdB1nbqIC4pHsfsYZGxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/60ccfa-0930-46b4-8317-f8ca9cb63317/1/bcSzkmZJFCJBclpVIe49L3SER7o.roa
Signing time: Tue 02 Jan 2024 12:33:21 +0000
ROA not before: Tue 02 Jan 2024 12:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51225
IP address blocks: 91.218.4.0/23 maxlen: 23
91.218.4.0/22 maxlen: 22
91.218.4.0/24 maxlen: 24
91.218.6.0/24 maxlen: 24
91.218.5.0/24 maxlen: 24
2001:7f8:94::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 18 Jan 2024 17:09:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:08:c2:d3:c7:94:75:0b:7f:7b:39:47:8f:8e:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4430ba11506741d676ea202e291ec7ec6191b17
Validity
Not Before: Jan 2 12:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dc4b3926649142241725a5521ee3d2f748447ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:12:e2:b8:7f:45:80:ae:a7:2a:d5:6a:ff:99:
ed:b3:0a:4f:c0:ac:1d:8e:7e:8d:2d:f5:a0:9a:c0:
35:01:bd:8c:34:b5:01:2f:b1:e9:7f:2a:56:fc:ca:
b5:af:c8:1e:74:2e:f4:d0:e3:02:d6:65:bc:92:cd:
a1:6c:78:42:d2:86:2d:ba:53:44:40:f3:44:44:6a:
8c:69:da:4b:55:13:a8:30:59:57:be:ce:11:a2:5b:
4d:29:cd:a5:17:ce:57:61:50:a5:d5:e6:8e:81:f7:
c8:4e:57:2e:b3:1e:2c:51:89:b7:29:84:7d:cd:b5:
2b:30:a1:96:db:58:c9:05:ef:f3:37:5d:e7:4d:40:
20:ee:80:df:0b:66:aa:58:f8:16:9b:2d:92:3e:91:
b4:b3:f7:11:53:8a:f5:6e:bc:3e:fb:e3:fd:41:f4:
a9:58:81:b3:ef:26:a6:79:0b:6e:92:db:b5:b7:d8:
73:89:03:66:16:8b:ba:24:e5:03:aa:93:9e:47:d0:
dd:78:41:99:dd:79:6d:97:a4:ce:4e:49:46:47:f7:
88:89:59:55:96:5b:c2:78:e1:85:0f:0a:ea:1b:4e:
f1:57:34:59:4e:79:b9:24:37:4a:dc:c8:aa:78:49:
c5:b4:b1:83:54:19:6f:83:b3:43:ae:fe:98:6c:4c:
5c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C4:B3:92:66:49:14:22:41:72:5A:55:21:EE:3D:2F:74:84:47:BA
X509v3 Authority Key Identifier:
keyid:B4:43:0B:A1:15:06:74:1D:67:6E:A2:02:E2:91:EC:7E:C6:19:1B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tEMLoRUGdB1nbqIC4pHsfsYZGxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/60ccfa-0930-46b4-8317-f8ca9cb63317/1/bcSzkmZJFCJBclpVIe49L3SER7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/60ccfa-0930-46b4-8317-f8ca9cb63317/1/tEMLoRUGdB1nbqIC4pHsfsYZGxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.4.0/22
IPv6:
2001:7f8:94::/48
Signature Algorithm: sha256WithRSAEncryption
0c:8e:ec:15:63:35:9a:a1:c1:9b:01:0e:8b:c7:04:86:50:20:
80:26:0e:e1:d6:ce:b7:52:e2:e3:26:88:ba:2f:85:10:b3:91:
dc:73:5a:62:6e:8b:65:dc:26:76:a1:86:68:92:ac:20:9a:92:
dd:ce:64:69:f9:e2:46:d0:f8:26:12:04:f8:e2:60:ed:0b:09:
f6:21:5c:fd:1a:6c:32:1d:b9:4b:d8:c7:a0:55:c2:5c:e6:96:
73:0d:13:c4:e6:59:cd:c9:19:2d:b3:d7:18:09:44:54:66:e3:
c6:d8:c9:ce:ae:b3:f0:2e:b0:27:d6:6d:b8:12:13:4c:c6:8d:
59:48:75:92:49:d7:71:d7:ad:bf:9e:ed:72:f9:e0:ba:ea:0b:
f7:36:cd:fd:b3:b1:04:5c:05:be:35:12:14:89:b5:6d:42:db:
43:de:25:61:6a:e9:8e:b3:1a:fc:e4:e6:bb:ec:92:41:4c:6c:
f9:07:69:d4:1d:e6:1f:10:b3:13:30:0d:a6:9e:14:c1:9f:dd:
ef:f1:5e:73:07:5f:74:95:e0:72:ee:33:ea:76:ad:6c:b4:70:
db:07:55:c1:31:ff:6e:02:46:e6:a0:4c:66:76:1c:cb:92:9d:
7b:69:fe:9e:a8:9f:a4:69:fb:4c:68:3f:1a:d0:b3:c8:ac:d9:
8b:60:28:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKKgjC08eUdQt/ezlHj46yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NDMwYmExMTUwNjc0MWQ2NzZlYTIwMmUyOTFlYzdlYzYx
OTFiMTcwHhcNMjQwMTAyMTIzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGM0YjM5MjY2NDkxNDIyNDE3MjVhNTUyMWVlM2QyZjc0ODQ0N2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshLiuH9FgK6nKtVq/5ntswpPwKwd
jn6NLfWgmsA1Ab2MNLUBL7HpfypW/Mq1r8gedC700OMC1mW8ks2hbHhC0oYtulNE
QPNERGqMadpLVROoMFlXvs4RoltNKc2lF85XYVCl1eaOgffITlcusx4sUYm3KYR9
zbUrMKGW21jJBe/zN13nTUAg7oDfC2aqWPgWmy2SPpG0s/cRU4r1brw+++P9QfSp
WIGz7yameQtuktu1t9hziQNmFou6JOUDqpOeR9DdeEGZ3Xltl6TOTklGR/eIiVlV
llvCeOGFDwrqG07xVzRZTnm5JDdK3MiqeEnFtLGDVBlvg7NDrv6YbExc5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG3Es5JmSRQiQXJaVSHuPS90hEe6MB8GA1UdIwQY
MBaAFLRDC6EVBnQdZ26iAuKR7H7GGRsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEVNTG9SVUdkQjFuYnFJQzRwSHNmc1laR3hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82MGNjZmEtMDkzMC00NmI0LTgzMTct
ZjhjYTljYjYzMzE3LzEvYmNTemttWkpGQ0pCY2xwVkllNDlMM1NFUjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi82MGNjZmEtMDkzMC00NmI0LTgzMTctZjhjYTljYjYzMzE3
LzEvdEVNTG9SVUdkQjFuYnFJQzRwSHNmc1laR3hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW9oEMA8E
AgACMAkDBwAgAQf4AJQwDQYJKoZIhvcNAQELBQADggEBAAyO7BVjNZqhwZsBDovH
BIZQIIAmDuHWzrdS4uMmiLovhRCzkdxzWmJui2XcJnahhmiSrCCakt3OZGn54kbQ
+CYSBPjiYO0LCfYhXP0abDIduUvYx6BVwlzmlnMNE8TmWc3JGS2z1xgJRFRm48bY
yc6us/AusCfWbbgSE0zGjVlIdZJJ13HXrb+e7XL54LrqC/c2zf2zsQRcBb41EhSJ
tW1C20PeJWFq6Y6zGvzk5rvskkFMbPkHadQd5h8QsxMwDaaeFMGf3e/xXnMHX3SV
4HLuM+p2rWy0cNsHVcEx/24CRuagTGZ2HMuSnXtp/p6on6Rp+0xoPxrQs8is2Ytg
KOM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:15 2024 by rpki-client on console-ams.rpki-client.org