Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/BgtL9HETbzAOTqdpuMP5BEZK8Uc.roa
File: BgtL9HETbzAOTqdpuMP5BEZK8Uc.roa (raw, json)
Hash identifier: pfUfhCc4SY8UamSQsz7LFatr3RW05YhXGNbdlGph3/g=
Subject key identifier: 06:0B:4B:F4:71:13:6F:30:0E:4E:A7:69:B8:C3:F9:04:46:4A:F1:47
Certificate issuer: /CN=e760126dce78bc16e66c2e6e7635848ac46846af
Certificate serial: 018CC7937CF95C6F8A600A9C29C8E1E2923A
Authority key identifier: E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/BgtL9HETbzAOTqdpuMP5BEZK8Uc.roa
Signing time: Tue 02 Jan 2024 00:29:40 +0000
ROA not before: Tue 02 Jan 2024 00:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 146.247.102.0/24 maxlen: 24
146.247.102.0/23 maxlen: 23
146.247.103.0/24 maxlen: 24
146.247.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 17:59:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:7c:f9:5c:6f:8a:60:0a:9c:29:c8:e1:e2:92:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e760126dce78bc16e66c2e6e7635848ac46846af
Validity
Not Before: Jan 2 00:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=060b4bf471136f300e4ea769b8c3f904464af147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:09:cd:df:21:07:bf:33:80:74:8b:5d:62:75:
c3:26:bb:b4:c3:33:6a:e2:da:58:4e:17:5e:3a:ec:
97:7b:c3:5f:6d:57:85:58:e6:ba:80:ae:75:72:aa:
99:cf:6c:b3:1e:a6:c6:8b:1a:60:5b:de:57:98:c7:
bd:4f:ab:95:6f:23:d3:bb:a3:b6:58:4b:03:fe:8a:
7e:c6:cd:b9:30:fb:30:59:9c:b4:2d:55:65:4f:dd:
38:63:0f:f0:02:4e:89:42:e2:47:40:10:22:50:7f:
23:a2:6b:eb:97:a5:1a:43:d2:0a:3c:50:82:d4:70:
6d:a5:0f:3b:3b:e0:96:b9:dd:f2:32:63:40:a0:2d:
57:fd:a8:a8:79:18:92:2e:80:32:00:c0:39:cb:50:
d7:1a:3d:7a:27:f9:24:83:f9:fb:2c:de:81:22:ad:
27:8c:3a:7e:46:86:f2:d1:79:33:c5:97:2c:5a:6b:
5c:64:9d:49:58:0f:a7:bb:d9:60:f7:26:0c:db:20:
2a:1a:96:14:c0:66:cf:c6:0f:0a:38:a3:55:bb:dd:
48:61:4b:94:6c:b1:96:36:5c:40:5c:65:04:c8:9b:
b5:7e:94:99:2e:aa:a0:2b:21:68:ab:b9:b7:6e:e0:
b3:73:78:04:3f:64:2c:28:6b:36:ee:22:d1:11:51:
a5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:0B:4B:F4:71:13:6F:30:0E:4E:A7:69:B8:C3:F9:04:46:4A:F1:47
X509v3 Authority Key Identifier:
keyid:E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/BgtL9HETbzAOTqdpuMP5BEZK8Uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.102.0/23
146.247.127.0/24
Signature Algorithm: sha256WithRSAEncryption
87:57:57:3f:26:be:a3:24:97:4e:7c:40:61:43:aa:b8:63:0b:
a7:d7:86:4b:42:63:0c:76:74:25:97:8a:00:10:f0:13:1c:d2:
7f:d2:44:d5:79:5e:5e:3d:2e:90:9f:fb:c7:39:f4:d9:43:8f:
cc:45:ae:73:8e:5e:37:49:12:a4:b6:9b:52:9f:19:56:6a:4e:
69:8d:43:6f:87:28:5a:0d:51:ca:10:49:39:a9:5c:a7:7f:df:
02:18:b7:6c:61:24:3d:22:e3:81:2d:74:a8:ea:5b:67:95:df:
4e:b5:c6:ec:ee:1c:07:c3:81:f9:37:91:00:45:f6:b1:1d:5f:
df:a7:c5:c5:c9:d1:04:34:97:f8:fb:8b:a8:a2:4d:33:9f:d4:
d2:05:ae:89:c9:00:19:7c:04:97:ee:69:37:f7:9b:f8:cb:75:
fb:a2:f7:99:af:6f:7e:91:2e:59:a1:cd:9b:6c:c8:16:f1:9a:
ed:1a:f0:cb:e8:75:55:a7:f0:86:6b:b6:58:0f:09:81:48:35:
6b:cc:21:0c:43:5f:1d:a6:b3:28:8b:46:7f:c2:b4:b4:70:2c:
59:29:74:78:6f:4b:8d:57:26:7d:59:32:a3:c5:4c:2b:e2:38:
20:b1:f9:6c:15:7f:0a:29:c2:7b:71:a4:fd:99:04:b4:8c:63:
17:ba:93:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHk3z5XG+KYAqcKcjh4pI6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjAxMjZkY2U3OGJjMTZlNjZjMmU2ZTc2MzU4NDhhYzQ2
ODQ2YWYwHhcNMjQwMTAyMDAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjBiNGJmNDcxMTM2ZjMwMGU0ZWE3NjliOGMzZjkwNDQ2NGFmMTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwnN3yEHvzOAdItdYnXDJru0wzNq
4tpYThdeOuyXe8NfbVeFWOa6gK51cqqZz2yzHqbGixpgW95XmMe9T6uVbyPTu6O2
WEsD/op+xs25MPswWZy0LVVlT904Yw/wAk6JQuJHQBAiUH8jomvrl6UaQ9IKPFCC
1HBtpQ87O+CWud3yMmNAoC1X/aioeRiSLoAyAMA5y1DXGj16J/kkg/n7LN6BIq0n
jDp+Roby0XkzxZcsWmtcZJ1JWA+nu9lg9yYM2yAqGpYUwGbPxg8KOKNVu91IYUuU
bLGWNlxAXGUEyJu1fpSZLqqgKyFoq7m3buCzc3gEP2QsKGs27iLREVGliQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAYLS/RxE28wDk6nabjD+QRGSvFHMB8GA1UdIwQY
MBaAFOdgEm3OeLwW5mwubnY1hIrEaEavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3Yjgt
ZDI0ZjU2MmRlZGQyLzEvQmd0TDlIRVRiekFPVHFkcHVNUDVCRVpLOFVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3YjgtZDI0ZjU2MmRlZGQy
LzEvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBkvdmAwQA
kvd/MA0GCSqGSIb3DQEBCwUAA4IBAQCHV1c/Jr6jJJdOfEBhQ6q4Ywun14ZLQmMM
dnQll4oAEPATHNJ/0kTVeV5ePS6Qn/vHOfTZQ4/MRa5zjl43SRKktptSnxlWak5p
jUNvhyhaDVHKEEk5qVynf98CGLdsYSQ9IuOBLXSo6ltnld9Otcbs7hwHw4H5N5EA
RfaxHV/fp8XFydEENJf4+4uook0zn9TSBa6JyQAZfASX7mk395v4y3X7oveZr29+
kS5Zoc2bbMgW8ZrtGvDL6HVVp/CGa7ZYDwmBSDVrzCEMQ18dprMoi0Z/wrS0cCxZ
KXR4b0uNVyZ9WTKjxUwr4jggsflsFX8KKcJ7caT9mQS0jGMXupPB
Generated at Tue Oct 15 20:42:51 2024 by rpki-client on console-ams.rpki-client.org