Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/bC_QDKiDP9BoGKjM5WA2Ge9c0LM.roa
File: bC_QDKiDP9BoGKjM5WA2Ge9c0LM.roa (raw, json)
Hash identifier: PwnxFt1pVM9OABI8tTGODgjROb0n48nxBaq49c5p/Jg=
Subject key identifier: 6C:2F:D0:0C:A8:83:3F:D0:68:18:A8:CC:E5:60:36:19:EF:5C:D0:B3
Certificate issuer: /CN=7abe11843dbe80340b2460fc160ec6b9b88f222a
Certificate serial: 01865B442234A5E6E45E07327C8B348D8DA3
Authority key identifier: 7A:BE:11:84:3D:BE:80:34:0B:24:60:FC:16:0E:C6:B9:B8:8F:22:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/bC_QDKiDP9BoGKjM5WA2Ge9c0LM.roa
Signing time: Thu 16 Feb 2023 17:27:17 +0000
ROA not before: Thu 16 Feb 2023 17:27:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200327
IP address blocks: 212.233.68.0/22 maxlen: 24
2a13:6d40::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 27 Apr 2023 14:47:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5b:44:22:34:a5:e6:e4:5e:07:32:7c:8b:34:8d:8d:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7abe11843dbe80340b2460fc160ec6b9b88f222a
Validity
Not Before: Feb 16 17:27:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c2fd00ca8833fd06818a8cce5603619ef5cd0b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:37:f5:07:ce:3b:89:7f:b9:6e:7a:a6:47:1e:
16:69:94:9c:11:20:d3:11:e4:77:75:49:b3:78:5f:
c0:e0:18:26:db:28:3f:41:b3:d7:22:c1:54:70:bf:
70:c4:56:78:c1:94:be:e7:6b:ba:48:09:24:d2:f1:
41:a0:48:d9:9a:b6:1c:1c:ce:48:34:87:d8:5b:5a:
ea:5a:a2:1b:67:11:23:31:97:03:7a:50:7e:23:8d:
b5:3a:bf:af:d3:0d:2d:40:f0:91:f3:05:35:6b:80:
44:e2:51:9f:23:24:7b:af:29:bf:28:a3:51:25:62:
47:69:db:9e:ee:47:59:05:a1:12:74:0a:e9:12:77:
3a:1d:04:c5:b9:d6:57:29:de:47:c1:b3:28:c7:0f:
f8:3a:71:ce:41:e5:34:1d:fb:99:a2:f6:c0:ee:fe:
69:5a:eb:58:30:1c:33:88:70:63:87:e6:8f:55:89:
7d:70:4b:ea:f8:d9:5c:e9:c4:8b:4b:9b:31:a9:0e:
c8:3f:c7:78:d1:23:0f:40:61:63:d7:54:6f:ad:b5:
9b:4e:ce:c2:8b:42:99:d9:ae:c7:05:0f:c6:a6:e5:
7d:29:cb:a7:f3:0e:40:90:ad:3c:4e:1e:e9:ce:ca:
6b:0c:7a:cb:d5:cf:34:7b:66:38:b0:4a:75:fe:48:
d5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:2F:D0:0C:A8:83:3F:D0:68:18:A8:CC:E5:60:36:19:EF:5C:D0:B3
X509v3 Authority Key Identifier:
keyid:7A:BE:11:84:3D:BE:80:34:0B:24:60:FC:16:0E:C6:B9:B8:8F:22:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/bC_QDKiDP9BoGKjM5WA2Ge9c0LM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/er4RhD2-gDQLJGD8Fg7GubiPIio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.233.68.0/22
IPv6:
2a13:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
2f:c3:e7:5d:09:e1:8b:2c:a2:d1:94:10:b2:2d:c9:ed:28:53:
6d:3d:bd:c5:99:cc:00:38:76:9f:e6:c0:7c:d7:0b:e4:20:5a:
dd:3a:7a:03:5f:23:74:bc:f9:d4:de:58:08:ca:34:71:19:49:
be:b1:a4:8a:07:10:b1:c7:13:5f:64:b3:9d:65:ad:88:99:45:
77:2e:96:0e:88:bd:32:c2:b2:d1:d5:11:2a:69:af:5f:61:8c:
03:8e:99:f4:3b:13:3d:9c:24:56:33:97:96:52:b7:2f:9e:e8:
70:6a:21:4e:a4:9a:66:f5:b6:0d:99:be:6f:a0:9c:62:11:ba:
b3:46:c7:20:19:9d:52:a8:1d:34:ed:e3:44:bb:84:d7:3f:8b:
ed:5b:ee:69:82:55:62:5d:51:e1:7f:22:f0:e8:ab:c8:11:50:
72:4b:71:e9:0f:2b:91:06:69:2d:e7:12:82:25:08:7b:9d:c8:
79:b4:a9:2a:b4:db:5a:ca:93:f7:22:69:bd:8d:ea:b9:9f:c9:
82:55:1e:ae:fc:b8:07:4f:9e:85:c9:92:6b:bf:7c:c7:aa:b9:
74:4f:9e:5c:8a:08:5d:b9:6a:4d:1f:31:a3:fb:b8:f8:7f:dc:
ca:8a:a1:ea:35:13:36:df:1b:8f:d2:d7:dc:f4:f4:53:f9:22:
8a:a1:09:b8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYZbRCI0pebkXgcyfIs0jY2jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhYmUxMTg0M2RiZTgwMzQwYjI0NjBmYzE2MGVjNmI5Yjg4
ZjIyMmEwHhcNMjMwMjE2MTcyNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzJmZDAwY2E4ODMzZmQwNjgxOGE4Y2NlNTYwMzYxOWVmNWNkMGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3jf1B847iX+5bnqmRx4WaZScESDT
EeR3dUmzeF/A4Bgm2yg/QbPXIsFUcL9wxFZ4wZS+52u6SAkk0vFBoEjZmrYcHM5I
NIfYW1rqWqIbZxEjMZcDelB+I421Or+v0w0tQPCR8wU1a4BE4lGfIyR7rym/KKNR
JWJHadue7kdZBaESdArpEnc6HQTFudZXKd5HwbMoxw/4OnHOQeU0HfuZovbA7v5p
WutYMBwziHBjh+aPVYl9cEvq+Nlc6cSLS5sxqQ7IP8d40SMPQGFj11RvrbWbTs7C
i0KZ2a7HBQ/GpuV9Kcun8w5AkK08Th7pzsprDHrL1c80e2Y4sEp1/kjVnwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGwv0Ayogz/QaBiozOVgNhnvXNCzMB8GA1UdIwQY
MBaAFHq+EYQ9voA0CyRg/BYOxrm4jyIqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXI0UmhEMi1nRFFMSkdEOEZnN0d1YmlQSWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82MjM1NjEtMDcxNS00Mjc3LWEwYmUt
MzQxMWM2ZmI0ZmNhLzEvYkNfUURLaURQOUJvR0tqTTVXQTJHZTljMExNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82MjM1NjEtMDcxNS00Mjc3LWEwYmUtMzQxMWM2ZmI0ZmNh
LzEvZXI0UmhEMi1nRFFMSkdEOEZnN0d1YmlQSWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQC1OlEMA0E
AgACMAcDBQMqE21AMA0GCSqGSIb3DQEBCwUAA4IBAQAvw+ddCeGLLKLRlBCyLcnt
KFNtPb3FmcwAOHaf5sB81wvkIFrdOnoDXyN0vPnU3lgIyjRxGUm+saSKBxCxxxNf
ZLOdZa2ImUV3LpYOiL0ywrLR1REqaa9fYYwDjpn0OxM9nCRWM5eWUrcvnuhwaiFO
pJpm9bYNmb5voJxiEbqzRscgGZ1SqB007eNEu4TXP4vtW+5pglViXVHhfyLw6KvI
EVByS3HpDyuRBmkt5xKCJQh7nch5tKkqtNtaypP3Imm9jeq5n8mCVR6u/LgHT56F
yZJrv3zHqrl0T55cighduWpNHzGj+7j4f9zKiqHqNRM23xuP0tfc9PRT+SKKoQm4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:23 2024 by rpki-client on console-fra.rpki-client.org