Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/BO-OvZr7VoAuR5J-7HRxxzhXoXo.roa
File: BO-OvZr7VoAuR5J-7HRxxzhXoXo.roa (raw, json)
Hash identifier: Xmk55BFNNcYVGvLD81K0ctf08plDHE9E6nDnq4JqlV8=
Subject key identifier: 04:EF:8E:BD:9A:FB:56:80:2E:47:92:7E:EC:74:71:C7:38:57:A1:7A
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 018E7FC5114FF1551EE902EA7A7CA5676FE0
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/BO-OvZr7VoAuR5J-7HRxxzhXoXo.roa
Signing time: Wed 27 Mar 2024 11:56:45 +0000
ROA not before: Wed 27 Mar 2024 11:56:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10753
IP address blocks: 152.89.28.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Apr 2024 06:51:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:c5:11:4f:f1:55:1e:e9:02:ea:7a:7c:a5:67:6f:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Mar 27 11:56:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04ef8ebd9afb56802e47927eec7471c73857a17a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:cc:ae:53:3b:62:e7:34:02:03:af:0c:fb:3a:
b8:ce:d2:5d:c5:d7:d6:99:10:64:0f:3f:d6:48:38:
24:d3:a9:9e:ec:f9:5d:f7:7d:45:a3:3c:6f:e8:09:
4d:c5:91:4f:7e:c1:dc:c3:71:87:d3:ec:82:2f:b0:
d7:db:5c:0f:63:a6:8e:d6:99:e1:8b:94:2e:bc:c2:
91:a2:1e:0f:52:61:f5:ac:d8:d1:fe:89:92:f4:ed:
3b:1f:75:82:dc:4b:4e:fd:8b:76:b0:88:a3:12:18:
14:de:2b:25:63:c3:be:09:7b:7c:a5:7e:2a:ab:ed:
1c:b7:b3:01:43:a6:7f:0f:c8:94:80:96:07:b0:11:
8e:12:61:0d:d2:cc:d7:ec:be:4c:fb:4f:bd:73:dc:
db:40:8f:fc:a6:aa:a4:6e:ab:e4:a2:98:9b:e7:af:
f7:89:ba:21:d6:83:62:f0:47:69:ec:8d:59:d5:3a:
fc:14:d7:f1:57:1a:90:97:ba:21:2b:1a:50:2c:8a:
ec:fd:34:da:bc:9c:de:fc:e3:9b:5f:c5:44:0d:a9:
03:80:ce:1f:73:75:1b:c8:59:cc:28:b8:2c:f6:b1:
19:e0:bf:7b:e3:eb:f5:af:92:49:90:01:9b:51:85:
9f:6f:f9:aa:2b:98:9a:51:15:93:e6:7e:79:6c:a8:
9c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:EF:8E:BD:9A:FB:56:80:2E:47:92:7E:EC:74:71:C7:38:57:A1:7A
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/BO-OvZr7VoAuR5J-7HRxxzhXoXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.28.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:81:f5:e8:67:73:60:0f:52:b6:86:23:23:f7:84:9a:b7:dd:
ea:06:c2:8b:7d:cb:1c:0c:97:d6:ef:96:29:cb:c2:2b:b3:22:
10:9e:3f:97:f8:2a:a5:c8:93:42:23:a1:0c:04:21:7c:5c:bd:
c3:00:ba:df:58:c4:16:c4:69:71:92:d5:b5:25:ad:6d:a7:9e:
f9:1f:fa:d7:14:98:ff:ff:0f:c2:3b:b8:62:3e:0a:a4:0c:75:
ae:6a:bf:ad:54:9f:04:3d:6d:e6:82:e2:cb:0e:b5:ce:f4:4d:
5b:67:46:6b:b3:a5:3a:3b:cc:c2:90:51:db:27:4d:df:b2:8b:
3a:4d:c1:cb:6d:8f:c1:e0:1c:9d:07:4f:50:bc:e8:d5:63:97:
80:9a:3a:c6:f8:ec:90:b3:37:f7:72:dc:74:49:db:2a:66:9c:
34:a5:85:70:85:9c:ce:d2:91:ee:ea:a0:d0:17:f0:ca:d0:7f:
7c:ce:a6:a5:b0:1c:44:bd:26:ec:c9:82:36:95:c4:fa:31:81:
d9:19:30:d6:6f:9d:eb:ae:c1:b7:42:79:c9:9d:6c:c2:e9:74:
45:8e:43:a6:08:fa:d4:41:22:ad:eb:49:dd:e3:41:50:c0:98:
9d:1f:27:2d:20:7a:61:20:04:65:3f:f6:41:0e:cc:d1:62:bf:
f1:2b:7a:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5/xRFP8VUe6QLqenylZ2/gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjQwMzI3MTE1NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGVmOGViZDlhZmI1NjgwMmU0NzkyN2VlYzc0NzFjNzM4NTdhMTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicyuUzti5zQCA68M+zq4ztJdxdfW
mRBkDz/WSDgk06me7Pld931Fozxv6AlNxZFPfsHcw3GH0+yCL7DX21wPY6aO1pnh
i5QuvMKRoh4PUmH1rNjR/omS9O07H3WC3EtO/Yt2sIijEhgU3islY8O+CXt8pX4q
q+0ct7MBQ6Z/D8iUgJYHsBGOEmEN0szX7L5M+0+9c9zbQI/8pqqkbqvkopib56/3
iboh1oNi8Edp7I1Z1Tr8FNfxVxqQl7ohKxpQLIrs/TTavJze/OObX8VEDakDgM4f
c3UbyFnMKLgs9rEZ4L974+v1r5JJkAGbUYWfb/mqK5iaURWT5n55bKic8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFATvjr2a+1aALkeSfux0ccc4V6F6MB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvQk8tT3ZacjdWb0F1UjVKLTdIUnh4emhYb1hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmFkcMA0G
CSqGSIb3DQEBCwUAA4IBAQAPgfXoZ3NgD1K2hiMj94Sat93qBsKLfcscDJfW75Yp
y8IrsyIQnj+X+CqlyJNCI6EMBCF8XL3DALrfWMQWxGlxktW1Ja1tp575H/rXFJj/
/w/CO7hiPgqkDHWuar+tVJ8EPW3mguLLDrXO9E1bZ0Zrs6U6O8zCkFHbJ03fsos6
TcHLbY/B4BydB09QvOjVY5eAmjrG+OyQszf3ctx0SdsqZpw0pYVwhZzO0pHu6qDQ
F/DK0H98zqalsBxEvSbsyYI2lcT6MYHZGTDWb53rrsG3QnnJnWzC6XRFjkOmCPrU
QSKt60nd40FQwJidHyctIHphIARlP/ZBDszRYr/xK3pp
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:44 2025 by rpki-client