Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/BPn3-yzl-yTrYcdrxyIHZtd2JkA.roa
File: BPn3-yzl-yTrYcdrxyIHZtd2JkA.roa (raw, json)
Hash identifier: iQ6AsUs+xV8M5ywZSI7cD+kwsJADVJgsb/ilb+haanA=
Subject key identifier: 04:F9:F7:FB:2C:E5:FB:24:EB:61:C7:6B:C7:22:07:66:D7:76:26:40
Certificate issuer: /CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Certificate serial: 018572A80A09AE24612BED81CD448FA05664
Authority key identifier: 64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/BPn3-yzl-yTrYcdrxyIHZtd2JkA.roa
Signing time: Mon 02 Jan 2023 13:24:53 +0000
ROA not before: Mon 02 Jan 2023 13:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50440
IP address blocks: 37.122.154.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a8:0a:09:ae:24:61:2b:ed:81:cd:44:8f:a0:56:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Validity
Not Before: Jan 2 13:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04f9f7fb2ce5fb24eb61c76bc7220766d7762640
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ab:ce:9b:8b:16:af:c8:95:f9:fc:d1:d4:b6:
8f:ad:83:8e:ce:36:18:f1:e2:56:fe:70:42:7a:d5:
45:e6:79:f7:ec:b9:7b:14:45:b3:09:cc:61:89:12:
ff:b5:4f:59:65:a5:68:34:bb:b0:ff:12:4b:58:79:
d1:f3:d1:56:d8:d2:af:eb:42:40:a8:b2:e4:17:4b:
b1:e1:89:c1:35:6d:72:d3:72:ad:06:69:11:f9:f2:
49:38:53:12:cd:1a:4d:80:9d:a6:e7:34:ba:35:08:
e2:dd:9f:73:87:54:45:88:e5:fd:6c:b8:34:46:3b:
54:ca:a9:eb:91:d5:c5:1c:97:f8:f4:05:e5:85:9d:
02:79:74:73:d6:f8:68:10:de:ec:43:29:16:1e:98:
b5:11:05:e2:a1:41:b4:28:3f:ff:28:3f:2b:09:21:
c0:45:38:09:ac:ae:01:89:ab:74:31:a4:fd:55:84:
df:e9:41:f4:7a:4f:fe:52:a0:89:c1:ae:8a:60:37:
8c:4c:49:68:02:65:37:1d:63:b1:58:cd:8f:83:d8:
86:2d:c9:71:d3:86:16:27:dd:12:e8:cd:63:ed:f4:
75:a9:9f:db:ee:3c:60:8d:73:6b:50:6c:4a:e7:e6:
06:19:80:56:07:ab:f8:41:7a:6a:1a:db:c0:8a:cc:
7b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:F9:F7:FB:2C:E5:FB:24:EB:61:C7:6B:C7:22:07:66:D7:76:26:40
X509v3 Authority Key Identifier:
keyid:64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/BPn3-yzl-yTrYcdrxyIHZtd2JkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.154.0/24
Signature Algorithm: sha256WithRSAEncryption
73:1c:46:2c:3e:5d:6a:20:13:42:60:03:d2:08:55:4e:45:e1:
cb:a1:c5:b8:47:fc:d9:05:e3:3c:61:29:45:6b:49:a0:44:94:
0c:26:61:1b:a6:f4:a5:96:23:e7:69:57:99:8a:ed:0a:21:41:
0a:7d:de:37:88:70:a6:8b:c3:6d:b0:12:2a:73:d8:6d:8f:7a:
8a:6d:7f:9e:50:1d:60:b0:a9:00:96:2b:97:8e:f1:6d:32:ae:
7b:e0:f6:e9:aa:ba:a5:1b:ea:8d:e1:1c:80:ec:fd:28:2c:53:
d5:03:d7:e5:d2:60:9d:07:63:1a:9d:62:6f:de:9d:88:d8:d8:
e0:ed:2d:1a:40:90:3d:9a:98:89:d9:b2:ed:97:32:7c:0e:a5:
ec:cf:be:71:9b:66:34:84:62:5f:61:b3:32:ba:a7:fc:97:31:
f7:a7:52:56:44:18:d5:92:18:df:c7:76:dd:c3:be:ad:5f:3a:
54:10:83:02:2f:bc:2c:00:ed:3c:68:d3:8b:36:31:d1:a2:2c:
a3:9c:34:f4:e2:1f:80:51:f6:e4:f2:5e:69:3e:16:93:e8:3f:
ca:b3:e4:30:04:21:60:90:ee:ea:a0:4e:20:87:6e:b4:dc:2f:
79:2f:17:8e:b2:b7:7d:6b:cd:61:43:9d:1e:e8:f8:25:63:26:
38:94:33:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyqAoJriRhK+2BzUSPoFZkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDE3MWY5M2NjMWNhNzE2ZmM4MDZlMzZhNTU4NTJjZGY0
ZjFjMWMwHhcNMjMwMTAyMTMyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGY5ZjdmYjJjZTVmYjI0ZWI2MWM3NmJjNzIyMDc2NmQ3NzYyNjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqvOm4sWr8iV+fzR1LaPrYOOzjYY
8eJW/nBCetVF5nn37Ll7FEWzCcxhiRL/tU9ZZaVoNLuw/xJLWHnR89FW2NKv60JA
qLLkF0ux4YnBNW1y03KtBmkR+fJJOFMSzRpNgJ2m5zS6NQji3Z9zh1RFiOX9bLg0
RjtUyqnrkdXFHJf49AXlhZ0CeXRz1vhoEN7sQykWHpi1EQXioUG0KD//KD8rCSHA
RTgJrK4Biat0MaT9VYTf6UH0ek/+UqCJwa6KYDeMTEloAmU3HWOxWM2Pg9iGLclx
04YWJ90S6M1j7fR1qZ/b7jxgjXNrUGxK5+YGGYBWB6v4QXpqGtvAisx7gwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAT59/ss5fsk62HHa8ciB2bXdiZAMB8GA1UdIwQY
MBaAFGTRcfk8wcpxb8gG42pVhSzfTxwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAt
YTQ2MzVkZjQ3ZDcwLzEvQlBuMy15emwteVRyWWNkcnh5SUhadGQySmtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAtYTQ2MzVkZjQ3ZDcw
LzEvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJXqaMA0G
CSqGSIb3DQEBCwUAA4IBAQBzHEYsPl1qIBNCYAPSCFVOReHLocW4R/zZBeM8YSlF
a0mgRJQMJmEbpvSlliPnaVeZiu0KIUEKfd43iHCmi8NtsBIqc9htj3qKbX+eUB1g
sKkAliuXjvFtMq574PbpqrqlG+qN4RyA7P0oLFPVA9fl0mCdB2ManWJv3p2I2Njg
7S0aQJA9mpiJ2bLtlzJ8DqXsz75xm2Y0hGJfYbMyuqf8lzH3p1JWRBjVkhjfx3bd
w76tXzpUEIMCL7wsAO08aNOLNjHRoiyjnDT04h+AUfbk8l5pPhaT6D/Ks+QwBCFg
kO7qoE4gh2603C95LxeOsrd9a81hQ50e6PglYyY4lDP6
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:53 2024 by rpki-client on console-fra.rpki-client.org