Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/BYcwxMUBmK96me76HDuSZ2TIBZI.roa
File: BYcwxMUBmK96me76HDuSZ2TIBZI.roa (raw, json)
Hash identifier: YxbbDv2SKpFTWkYMr+9jely5nelNzYyqzVj5DSxyMME=
Subject key identifier: 05:87:30:C4:C5:01:98:AF:7A:99:EE:FA:1C:3B:92:67:64:C8:05:92
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018B99BAC4786D6B2E2BD0CC65A5F654FEFE
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/BYcwxMUBmK96me76HDuSZ2TIBZI.roa
Signing time: Sat 04 Nov 2023 09:47:15 +0000
ROA not before: Sat 04 Nov 2023 09:47:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 213.145.72.0/21 maxlen: 24
85.115.208.0/23 maxlen: 24
85.115.208.0/24 maxlen: 24
213.145.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Nov 2023 15:08:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:99:ba:c4:78:6d:6b:2e:2b:d0:cc:65:a5:f6:54:fe:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Nov 4 09:47:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=058730c4c50198af7a99eefa1c3b926764c80592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:d4:07:74:f5:74:c6:c8:de:fb:df:ee:e7:3c:
9e:55:b2:20:5d:02:61:9f:94:fe:a7:9f:75:24:25:
92:2c:22:20:7d:98:f6:9a:db:f6:2d:c0:ff:5e:11:
9f:c4:d2:e6:06:72:d6:28:92:8e:c1:6c:ca:71:8f:
e7:e4:51:2a:c5:93:d1:4d:96:a2:dd:51:fc:2c:66:
d2:f1:94:f0:f7:50:7b:42:17:1d:f9:b3:99:dc:8d:
b9:7f:1e:64:0b:70:a6:fa:46:1e:cb:86:22:5e:34:
5a:b1:a2:9d:61:c8:3f:d8:2d:88:96:40:40:b2:f8:
90:a8:51:83:0e:be:45:ed:88:77:e2:f6:ea:d7:17:
50:a6:e2:35:8f:1b:ed:21:98:64:27:73:b6:20:bc:
5a:14:d5:f2:ba:72:22:93:5a:8a:9b:c5:33:4c:62:
e9:2e:78:af:4a:1c:a8:77:72:d0:5c:cd:39:ca:f6:
6c:36:d6:bb:a3:7f:a0:95:d3:1e:85:c1:26:a1:c8:
2f:4b:b3:fe:d1:2d:64:50:ad:91:94:cf:91:22:77:
a2:54:1c:40:91:05:c9:97:44:c6:89:98:dd:14:93:
30:7a:c3:8f:af:0f:1a:06:56:94:4c:a4:93:90:a2:
e1:ca:a4:a3:42:9f:0c:8e:01:8c:d5:42:60:37:6b:
57:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:87:30:C4:C5:01:98:AF:7A:99:EE:FA:1C:3B:92:67:64:C8:05:92
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/BYcwxMUBmK96me76HDuSZ2TIBZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.72.0/21
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
f0:0f:f5:ce:7b:85:04:df:47:1b:6b:b2:1e:2e:b9:df:41:bb:
fe:eb:cd:12:72:16:52:95:50:20:d4:d0:26:b5:bc:71:b6:d9:
79:6f:99:00:e4:b4:7b:85:8e:fd:b2:f0:b0:2c:b2:e3:b5:87:
f4:22:83:d9:b2:17:b5:4d:3c:f8:e3:92:d4:bd:be:2e:4a:4f:
94:d0:5b:98:e4:8f:88:f1:98:39:4b:0c:9f:18:59:dd:35:fa:
8c:f5:cc:cf:27:f5:60:86:00:0b:10:11:78:5c:9b:5f:2f:bb:
42:90:ee:f1:5c:48:2b:e6:51:76:ce:9e:4f:fa:57:af:89:6f:
95:37:35:fd:6f:e5:70:8d:26:e9:b8:3a:e4:8a:0e:96:3d:39:
11:74:f9:89:61:e2:2a:02:12:10:52:7f:24:fa:b8:7a:1a:37:
78:4c:5a:a2:48:ff:55:50:44:53:1f:85:00:68:7d:f5:3d:cb:
4c:97:25:3f:88:5b:2d:39:27:aa:ef:2d:ba:ed:26:22:46:25:
32:fb:2f:8c:d4:52:1d:81:e3:be:9a:c6:4f:e8:f8:f9:38:51:
de:a9:44:aa:47:c5:f2:ec:22:a3:de:20:ff:48:27:44:a5:a6:
1d:ea:c2:d2:54:fd:e0:d0:53:5d:3b:d1:5c:ba:48:01:05:30:
a4:a7:cf:81
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuZusR4bWsuK9DMZaX2VP7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMxMTA0MDk0NzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTg3MzBjNGM1MDE5OGFmN2E5OWVlZmExYzNiOTI2NzY0YzgwNTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9tQHdPV0xsje+9/u5zyeVbIgXQJh
n5T+p591JCWSLCIgfZj2mtv2LcD/XhGfxNLmBnLWKJKOwWzKcY/n5FEqxZPRTZai
3VH8LGbS8ZTw91B7Qhcd+bOZ3I25fx5kC3Cm+kYey4YiXjRasaKdYcg/2C2IlkBA
sviQqFGDDr5F7Yh34vbq1xdQpuI1jxvtIZhkJ3O2ILxaFNXyunIik1qKm8UzTGLp
LnivShyod3LQXM05yvZsNta7o3+gldMehcEmocgvS7P+0S1kUK2RlM+RIneiVBxA
kQXJl0TGiZjdFJMwesOPrw8aBlaUTKSTkKLhyqSjQp8MjgGM1UJgN2tXawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAWHMMTFAZivepnu+hw7kmdkyAWSMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvQlljd3hNVUJtSzk2bWU3NkhEdVNaMlRJQlpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVXPQAwQD
1ZFIAwQD1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQDwD/XOe4UE30cba7IeLrnfQbv+
680SchZSlVAg1NAmtbxxttl5b5kA5LR7hY79svCwLLLjtYf0IoPZshe1TTz445LU
vb4uSk+U0FuY5I+I8Zg5SwyfGFndNfqM9czPJ/VghgALEBF4XJtfL7tCkO7xXEgr
5lF2zp5P+leviW+VNzX9b+VwjSbpuDrkig6WPTkRdPmJYeIqAhIQUn8k+rh6Gjd4
TFqiSP9VUERTH4UAaH31PctMlyU/iFstOSeq7y267SYiRiUy+y+M1FIdgeO+msZP
6Pj5OFHeqUSqR8Xy7CKj3iD/SCdEpaYd6sLSVP3g0FNdO9FcukgBBTCkp8+B
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:12 2024 by rpki-client on console-ams.rpki-client.org