Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/BLoiRYJnbRLyIDVGHzfuEkC6Qew.roa
File: BLoiRYJnbRLyIDVGHzfuEkC6Qew.roa (raw, json)
Hash identifier: x8xvs5e9nY80+6A2SMpeuhqpCFsM9/bzqDwsrj5BHhs=
Subject key identifier: 04:BA:22:45:82:67:6D:12:F2:20:35:46:1F:37:EE:12:40:BA:41:EC
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 01921EBDCF2E12C75873AA9B1A7460BE421B
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/BLoiRYJnbRLyIDVGHzfuEkC6Qew.roa
Signing time: Mon 23 Sep 2024 11:56:48 +0000
ROA not before: Mon 23 Sep 2024 11:56:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197450
IP address blocks: 91.92.42.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 11:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1e:bd:cf:2e:12:c7:58:73:aa:9b:1a:74:60:be:42:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Sep 23 11:56:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04ba224582676d12f22035461f37ee1240ba41ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:a6:94:55:20:6a:4d:64:13:12:23:3e:71:0c:
05:ad:1e:d3:7d:2d:45:66:96:ba:a0:3a:5a:f2:47:
d8:c2:c1:a8:0e:a5:6c:19:50:90:24:15:57:01:1d:
fe:6d:b1:72:c1:53:37:21:85:73:9a:bd:23:7e:6a:
29:28:62:1a:0c:b8:e9:4c:4c:72:49:37:96:24:c0:
5b:c8:f2:42:5e:56:b5:2a:97:4a:32:a5:02:15:e2:
fb:a3:6c:75:d3:fe:30:09:a9:da:aa:7c:94:85:3a:
9f:5f:46:96:65:4e:47:e6:3c:21:6a:a3:29:4c:f5:
ee:84:e5:51:1c:ff:b3:6c:a8:f0:9a:4d:59:a0:5b:
d7:57:ee:89:15:68:ea:88:08:d7:7a:13:cd:81:64:
af:f5:74:8f:c1:f3:7b:18:ba:77:c7:b8:31:8c:8b:
cb:11:93:85:33:0f:c4:95:e4:df:3b:f5:2c:c3:9f:
b6:f2:9b:33:68:82:45:04:bd:68:ad:11:c6:86:15:
4c:2c:00:13:79:8e:74:78:b5:b8:28:ba:4f:34:7f:
69:62:a1:e9:95:70:86:82:68:a1:bc:da:c1:7e:53:
9d:41:7a:11:21:b8:39:dc:5e:d5:df:4a:8f:10:c3:
2a:cc:52:02:14:71:26:13:a9:d5:a0:6b:29:16:79:
93:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:BA:22:45:82:67:6D:12:F2:20:35:46:1F:37:EE:12:40:BA:41:EC
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/BLoiRYJnbRLyIDVGHzfuEkC6Qew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.42.0/24
93.152.207.0/24
Signature Algorithm: sha256WithRSAEncryption
28:c7:5d:ea:ec:12:46:f3:93:58:ec:8c:54:95:64:49:a1:93:
ba:1a:fe:f5:af:c6:dd:40:a8:d5:f2:af:95:2d:8f:c4:6c:13:
a7:53:66:06:27:dc:3f:ad:ac:46:30:d3:f5:51:ee:e2:d7:27:
13:dc:6d:d9:ea:19:c2:24:54:54:69:fd:84:79:1a:72:07:f3:
a3:17:84:7a:96:b1:4d:c8:ce:bd:91:9e:df:c0:03:5b:e1:cd:
d1:0d:1a:55:20:e1:7b:31:50:b5:85:bf:c2:c6:2c:a6:7d:8d:
d3:57:c3:fd:0b:dc:a7:1a:d4:21:05:09:60:c3:d4:87:2b:86:
ea:2d:19:26:44:51:27:f2:35:87:06:fc:fd:ea:bf:47:4b:a3:
87:f9:ed:41:d9:ef:8a:da:d4:29:be:6b:85:69:4b:09:17:a3:
43:f7:0d:1a:53:b3:76:82:37:96:a3:37:30:3d:fa:1c:8e:2d:
fa:f7:ee:2e:dd:f0:21:ee:90:c1:a0:43:2c:03:8a:d2:7b:f4:
5b:fe:18:1a:34:18:25:12:d9:e1:73:36:ed:8e:91:ff:6d:0a:
9c:32:44:ed:07:f2:1f:46:82:45:b4:cc:dc:a8:28:d9:1c:19:
c7:4d:50:fd:3a:ba:f1:6a:29:6b:47:be:75:aa:39:af:f3:56:
8c:a6:cb:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIevc8uEsdYc6qbGnRgvkIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwOTIzMTE1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGJhMjI0NTgyNjc2ZDEyZjIyMDM1NDYxZjM3ZWUxMjQwYmE0MWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qaUVSBqTWQTEiM+cQwFrR7TfS1F
Zpa6oDpa8kfYwsGoDqVsGVCQJBVXAR3+bbFywVM3IYVzmr0jfmopKGIaDLjpTExy
STeWJMBbyPJCXla1KpdKMqUCFeL7o2x10/4wCanaqnyUhTqfX0aWZU5H5jwhaqMp
TPXuhOVRHP+zbKjwmk1ZoFvXV+6JFWjqiAjXehPNgWSv9XSPwfN7GLp3x7gxjIvL
EZOFMw/EleTfO/Usw5+28pszaIJFBL1orRHGhhVMLAATeY50eLW4KLpPNH9pYqHp
lXCGgmihvNrBflOdQXoRIbg53F7V30qPEMMqzFICFHEmE6nVoGspFnmT1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAS6IkWCZ20S8iA1Rh837hJAukHsMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvQkxvaVJZSm5iUkx5SURWR0h6ZnVFa0M2UWV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW1wqAwQA
XZjPMA0GCSqGSIb3DQEBCwUAA4IBAQAox13q7BJG85NY7IxUlWRJoZO6Gv71r8bd
QKjV8q+VLY/EbBOnU2YGJ9w/raxGMNP1Ue7i1ycT3G3Z6hnCJFRUaf2EeRpyB/Oj
F4R6lrFNyM69kZ7fwANb4c3RDRpVIOF7MVC1hb/CxiymfY3TV8P9C9ynGtQhBQlg
w9SHK4bqLRkmRFEn8jWHBvz96r9HS6OH+e1B2e+K2tQpvmuFaUsJF6ND9w0aU7N2
gjeWozcwPfocji369+4u3fAh7pDBoEMsA4rSe/Rb/hgaNBglEtnhczbtjpH/bQqc
MkTtB/IfRoJFtMzcqCjZHBnHTVD9OrrxailrR751qjmv81aMpssa
-----END CERTIFICATE-----
Generated at Thu Oct 3 13:08:42 2024 by rpki-client on console-fra.rpki-client.org