Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/Bwe3EsMGmNGKG9tx8B9GQVziAdc.roa
File: Bwe3EsMGmNGKG9tx8B9GQVziAdc.roa (raw, json)
Hash identifier: ExJ9GNvA/MMqx4CUgXRnUzYlv+WSW3J48vjy7Wdvs1M=
Subject key identifier: 07:07:B7:12:C3:06:98:D1:8A:1B:DB:71:F0:1F:46:41:5C:E2:01:D7
Certificate issuer: /CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Certificate serial: 01857094E8B53DF550E3E4D68ABD40D8E1FA
Authority key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/Bwe3EsMGmNGKG9tx8B9GQVziAdc.roa
Signing time: Mon 02 Jan 2023 03:44:45 +0000
ROA not before: Mon 02 Jan 2023 03:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12635
IP address blocks: 2001:4b6c::/30 maxlen: 30
2001:4b69::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:94:e8:b5:3d:f5:50:e3:e4:d6:8a:bd:40:d8:e1:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Validity
Not Before: Jan 2 03:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0707b712c30698d18a1bdb71f01f46415ce201d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d8:67:2b:bd:3e:e5:66:91:0e:e8:43:f6:ce:
09:da:b8:43:85:2f:b2:e7:93:12:63:15:b6:3a:af:
e2:9c:af:c4:91:3e:0c:e5:c7:03:5c:2f:a5:33:25:
a1:3a:02:70:32:c9:04:6c:1c:d7:a8:85:97:26:c0:
a1:d0:16:fa:00:ed:05:e1:0b:c9:3c:a9:95:f3:bb:
f5:d3:5c:c0:9d:e9:9d:47:10:7c:40:64:63:4b:e3:
19:43:58:22:9a:39:1c:67:24:4e:67:ce:68:75:18:
aa:dd:4e:e3:ae:a9:92:e2:b8:79:41:8f:ba:2b:a2:
2e:da:5c:a4:56:56:a4:cb:8e:4e:09:c4:01:8e:c0:
fc:a2:bd:4e:56:9b:1b:cb:40:2d:fa:98:95:b4:b6:
df:9c:c0:f7:a8:76:25:7b:a6:f0:58:f2:1a:2d:ae:
58:44:fd:8f:f5:73:6d:e0:ba:08:fc:4b:ca:25:e3:
a1:d9:0c:b0:cf:ff:6e:68:9d:2c:ce:f2:ee:a5:7d:
a7:80:00:2e:0d:75:8e:f1:de:68:8c:cc:01:d4:dc:
e7:86:9f:f5:0a:43:d9:70:a0:18:81:4e:ba:0c:c3:
6b:76:c1:d9:88:30:27:90:5c:d6:18:ef:23:38:5b:
d9:9c:ca:d5:ae:90:31:b3:11:ce:4d:56:11:b3:82:
54:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:07:B7:12:C3:06:98:D1:8A:1B:DB:71:F0:1F:46:41:5C:E2:01:D7
X509v3 Authority Key Identifier:
keyid:DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/Bwe3EsMGmNGKG9tx8B9GQVziAdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4b69::/32
2001:4b6c::/30
Signature Algorithm: sha256WithRSAEncryption
94:94:84:1a:b2:b3:36:a5:00:a5:76:49:15:1f:02:16:1e:c4:
ae:0e:af:cd:c8:54:17:c4:e6:e1:96:b4:05:10:b2:d6:0f:b5:
4e:aa:11:25:13:13:51:30:45:b4:22:d3:e7:a0:c5:bd:83:15:
12:f8:5e:76:ac:68:d5:a7:f6:36:cd:8d:60:68:85:53:a2:30:
4c:f6:a4:5d:88:29:94:60:07:35:16:ed:4a:47:60:ef:fa:de:
00:e8:fc:5a:b3:53:2d:45:a7:6a:7e:4c:a8:b7:cc:29:f3:52:
a4:df:3e:08:91:9a:97:6a:fe:18:bd:50:87:41:7e:db:d5:4f:
f3:16:53:6c:1e:87:c1:b4:1d:64:02:0c:4d:06:30:0f:fa:eb:
27:3a:c1:e7:c2:a8:79:7a:9a:e1:68:4a:89:68:90:d4:fa:47:
f9:9e:6c:10:26:62:9a:2b:72:7a:a2:0c:a6:71:9e:21:9c:3b:
a8:33:25:c3:43:b2:3e:3b:a7:9d:b9:81:54:31:11:53:67:dd:
aa:8d:3a:71:b6:58:62:3f:3b:d8:22:53:27:8b:da:43:16:c3:
d1:41:a3:20:ab:12:31:9e:b1:b3:8b:b6:4b:a3:33:f1:2e:4c:
77:e3:7f:8a:23:62:ef:f0:1d:8d:a1:c2:5d:91:36:bf:eb:c2:
98:90:90:f5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVwlOi1PfVQ4+TWir1A2OH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWQxOTdmYmJlZTJhMWRjY2I0ZjU1NzIyYTgyMTBkMzEw
NWIwNDIwHhcNMjMwMTAyMDM0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzA3YjcxMmMzMDY5OGQxOGExYmRiNzFmMDFmNDY0MTVjZTIwMWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjthnK70+5WaRDuhD9s4J2rhDhS+y
55MSYxW2Oq/inK/EkT4M5ccDXC+lMyWhOgJwMskEbBzXqIWXJsCh0Bb6AO0F4QvJ
PKmV87v101zAnemdRxB8QGRjS+MZQ1gimjkcZyROZ85odRiq3U7jrqmS4rh5QY+6
K6Iu2lykVlaky45OCcQBjsD8or1OVpsby0At+piVtLbfnMD3qHYle6bwWPIaLa5Y
RP2P9XNt4LoI/EvKJeOh2Qywz/9uaJ0szvLupX2ngAAuDXWO8d5ojMwB1Nznhp/1
CkPZcKAYgU66DMNrdsHZiDAnkFzWGO8jOFvZnMrVrpAxsxHOTVYRs4JUawIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAcHtxLDBpjRihvbcfAfRkFc4gHXMB8GA1UdIwQY
MBaAFNudGX+77iodzLT1VyKoIQ0xBbBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMt
NGIyMzk1NmZiZDg2LzEvQndlM0VzTUdtTkdLRzl0eDhCOUdRVnppQWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMtNGIyMzk1NmZiZDg2
LzEvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAIAFLaQMF
AiABS2wwDQYJKoZIhvcNAQELBQADggEBAJSUhBqyszalAKV2SRUfAhYexK4Or83I
VBfE5uGWtAUQstYPtU6qESUTE1EwRbQi0+egxb2DFRL4XnasaNWn9jbNjWBohVOi
MEz2pF2IKZRgBzUW7UpHYO/63gDo/FqzUy1Fp2p+TKi3zCnzUqTfPgiRmpdq/hi9
UIdBftvVT/MWU2weh8G0HWQCDE0GMA/66yc6wefCqHl6muFoSolokNT6R/mebBAm
YporcnqiDKZxniGcO6gzJcNDsj47p525gVQxEVNn3aqNOnG2WGI/O9giUyeL2kMW
w9FBoyCrEjGesbOLtkujM/EuTHfjf4ojYu/wHY2hwl2RNr/rwpiQkPU=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:51 2024 by rpki-client on console-fra.rpki-client.org