Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/df1bcc-0200-46cb-a933-66340bbff0b9/1/0BICdqb5A9bNsYNyfblTmTRkwnw.roa
File: 0BICdqb5A9bNsYNyfblTmTRkwnw.roa (raw, json)
Hash identifier: PtABaGHDi334AqwnRLZfJcN8f3EkaEmqQ2GDuvQaa7Y=
Subject key identifier: D0:12:02:76:A6:F9:03:D6:CD:B1:83:72:7D:B9:53:99:34:64:C2:7C
Certificate issuer: /CN=1b646d42ce89d4093e4ac927a7f236f37a51abe2
Certificate serial: 018CC3B6F5A88379BCBE165B271AAF0B2915
Authority key identifier: 1B:64:6D:42:CE:89:D4:09:3E:4A:C9:27:A7:F2:36:F3:7A:51:AB:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2RtQs6J1Ak-Ssknp_I283pRq-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/df1bcc-0200-46cb-a933-66340bbff0b9/1/0BICdqb5A9bNsYNyfblTmTRkwnw.roa
Signing time: Mon 01 Jan 2024 06:29:56 +0000
ROA not before: Mon 01 Jan 2024 06:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33843
IP address blocks: 91.206.46.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f5:a8:83:79:bc:be:16:5b:27:1a:af:0b:29:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b646d42ce89d4093e4ac927a7f236f37a51abe2
Validity
Not Before: Jan 1 06:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0120276a6f903d6cdb183727db953993464c27c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6b:98:2f:85:4c:cb:ed:15:17:58:69:a8:4d:
95:6a:70:6f:f1:6e:6a:fd:72:d8:5b:09:88:70:de:
bd:5a:75:0f:95:a4:78:ad:71:53:f4:e9:94:63:80:
35:73:4c:bf:32:29:7d:07:ef:de:5f:ee:6b:34:e9:
4a:dc:de:2f:c1:77:63:c2:cf:de:eb:91:28:5d:80:
57:2d:d2:89:25:89:1f:54:11:5b:43:56:cc:d0:53:
c4:18:61:ae:6b:1c:61:15:0d:da:68:59:2e:67:52:
0d:5a:ed:b8:b7:bf:0f:c7:b6:35:5a:97:e9:a5:9d:
08:c9:90:a2:9d:96:4d:be:37:c0:f7:74:af:41:12:
7c:18:c0:31:79:55:07:aa:7d:b1:9c:b1:48:6b:ef:
1e:21:73:b0:47:cc:52:ba:ae:3f:88:bb:6c:4a:5e:
e3:59:55:b1:c4:bc:73:14:1c:26:48:b0:a0:0d:e2:
3d:13:5b:2f:7b:70:6c:c1:45:13:11:b6:37:c6:81:
4f:19:e4:e0:81:34:aa:20:33:04:7e:b6:64:9d:ed:
cd:d3:c4:10:24:1b:13:86:26:79:6a:ba:37:cb:ee:
e9:0e:79:fb:af:51:4d:d6:8e:bc:50:29:70:37:12:
11:bf:61:cc:c2:08:f2:a2:86:b8:53:d5:2c:0d:99:
22:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:12:02:76:A6:F9:03:D6:CD:B1:83:72:7D:B9:53:99:34:64:C2:7C
X509v3 Authority Key Identifier:
keyid:1B:64:6D:42:CE:89:D4:09:3E:4A:C9:27:A7:F2:36:F3:7A:51:AB:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2RtQs6J1Ak-Ssknp_I283pRq-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/df1bcc-0200-46cb-a933-66340bbff0b9/1/0BICdqb5A9bNsYNyfblTmTRkwnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/df1bcc-0200-46cb-a933-66340bbff0b9/1/G2RtQs6J1Ak-Ssknp_I283pRq-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.46.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:f5:fb:79:f0:c2:f3:2e:f3:93:33:2e:bf:c3:f0:96:e9:e1:
d0:fc:6e:d5:47:05:66:b6:af:a2:81:68:3a:e5:e5:1d:7a:aa:
b6:46:96:ce:15:f3:6c:7c:70:c8:df:f4:55:42:75:34:71:4f:
81:82:0d:e4:ee:b8:b1:c1:f0:65:99:56:d2:15:1f:65:80:40:
c2:3c:f6:2c:7a:51:07:60:ad:ba:68:58:5e:61:d7:5b:f3:a8:
d6:99:b1:28:3b:9a:f8:d0:2d:16:14:e3:2e:1d:a0:8d:09:b4:
e6:d4:2a:a8:0b:22:a3:be:fa:6a:10:6b:f8:7f:09:79:81:55:
55:32:f8:a3:07:5e:4d:7d:c8:e9:ac:56:fc:af:d5:13:a5:36:
40:77:cb:93:cb:43:cf:bf:3b:60:76:90:a7:00:dd:3b:8d:35:
fc:da:55:ac:7e:49:2f:ce:03:4a:9f:c1:35:c6:7e:ca:73:4f:
8c:e0:1f:41:1f:8c:fc:a6:d7:61:bc:ea:e1:dc:0c:d5:88:57:
e5:ea:ca:fc:00:28:dd:6a:31:50:b1:8c:31:55:a0:6c:d4:b0:
d2:4e:b1:9f:e3:62:2a:64:94:b3:9e:56:34:7b:6a:a1:9e:7d:
fc:cc:67:c0:e9:c6:0f:98:72:90:e2:4e:10:a0:d8:96:12:fe:
ff:2a:c2:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtvWog3m8vhZbJxqvCykVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNjQ2ZDQyY2U4OWQ0MDkzZTRhYzkyN2E3ZjIzNmYzN2E1
MWFiZTIwHhcNMjQwMTAxMDYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDEyMDI3NmE2ZjkwM2Q2Y2RiMTgzNzI3ZGI5NTM5OTM0NjRjMjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmuYL4VMy+0VF1hpqE2VanBv8W5q
/XLYWwmIcN69WnUPlaR4rXFT9OmUY4A1c0y/Mil9B+/eX+5rNOlK3N4vwXdjws/e
65EoXYBXLdKJJYkfVBFbQ1bM0FPEGGGuaxxhFQ3aaFkuZ1INWu24t78Px7Y1Wpfp
pZ0IyZCinZZNvjfA93SvQRJ8GMAxeVUHqn2xnLFIa+8eIXOwR8xSuq4/iLtsSl7j
WVWxxLxzFBwmSLCgDeI9E1sve3BswUUTEbY3xoFPGeTggTSqIDMEfrZkne3N08QQ
JBsThiZ5aro3y+7pDnn7r1FN1o68UClwNxIRv2HMwgjyooa4U9UsDZkiqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNASAnam+QPWzbGDcn25U5k0ZMJ8MB8GA1UdIwQY
MBaAFBtkbULOidQJPkrJJ6fyNvN6UaviMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJSdFFzNkoxQWstU3NrbnBfSTI4M3BScS1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kZjFiY2MtMDIwMC00NmNiLWE5MzMt
NjYzNDBiYmZmMGI5LzEvMEJJQ2RxYjVBOWJOc1lOeWZibFRtVFJrd253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kZjFiY2MtMDIwMC00NmNiLWE5MzMtNjYzNDBiYmZmMGI5
LzEvRzJSdFFzNkoxQWstU3NrbnBfSTI4M3BScS1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW84uMA0G
CSqGSIb3DQEBCwUAA4IBAQAu9ft58MLzLvOTMy6/w/CW6eHQ/G7VRwVmtq+igWg6
5eUdeqq2RpbOFfNsfHDI3/RVQnU0cU+Bgg3k7rixwfBlmVbSFR9lgEDCPPYselEH
YK26aFheYddb86jWmbEoO5r40C0WFOMuHaCNCbTm1CqoCyKjvvpqEGv4fwl5gVVV
MvijB15NfcjprFb8r9UTpTZAd8uTy0PPvztgdpCnAN07jTX82lWsfkkvzgNKn8E1
xn7Kc0+M4B9BH4z8ptdhvOrh3AzViFfl6sr8ACjdajFQsYwxVaBs1LDSTrGf42Iq
ZJSznlY0e2qhnn38zGfA6cYPmHKQ4k4QoNiWEv7/KsL/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:39 2025 by rpki-client