Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c63652-d03e-4134-bfd3-e298a43b8930/1/Bmi644adm-381iEuHgmc9hMRijs.roa
File: Bmi644adm-381iEuHgmc9hMRijs.roa (raw, json)
Hash identifier: nAd5faSUzw/gffFR3EQbq2Ungy9KdsUZOOqpstWZxro=
Subject key identifier: 06:68:BA:E3:86:9D:9B:ED:FC:D6:21:2E:1E:09:9C:F6:13:11:8A:3B
Certificate issuer: /CN=1685cdba5d7daf6ddccf8675a90a25b6ed6444d7
Certificate serial: 01856FD4E8750EA88F5F7DB971694F6D634E
Authority key identifier: 16:85:CD:BA:5D:7D:AF:6D:DC:CF:86:75:A9:0A:25:B6:ED:64:44:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FoXNul19r23cz4Z1qQoltu1kRNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c63652-d03e-4134-bfd3-e298a43b8930/1/Bmi644adm-381iEuHgmc9hMRijs.roa
Signing time: Mon 02 Jan 2023 00:15:02 +0000
ROA not before: Mon 02 Jan 2023 00:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 91.199.253.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:e8:75:0e:a8:8f:5f:7d:b9:71:69:4f:6d:63:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1685cdba5d7daf6ddccf8675a90a25b6ed6444d7
Validity
Not Before: Jan 2 00:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0668bae3869d9bedfcd6212e1e099cf613118a3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:fe:4e:e9:51:ce:5f:01:38:70:a7:2d:56:a1:
c2:75:64:20:e9:20:a6:47:ac:bf:ae:14:d1:68:b7:
fa:0a:90:de:9d:3e:23:e4:c9:a7:df:97:bc:47:7e:
ac:10:12:46:f9:63:e7:e6:75:34:d5:89:98:eb:1a:
bc:83:ba:22:77:3b:e2:a1:51:3b:3e:47:48:75:d7:
3d:68:53:98:05:7b:e5:c1:ee:35:54:4b:24:12:80:
d8:33:a7:3d:db:cb:b5:93:e0:ab:cd:e2:4a:54:57:
64:f8:e4:f1:10:7b:7a:bc:97:94:f3:88:38:d5:ea:
ee:93:07:b4:9f:93:18:dc:4b:4e:13:9e:ce:bc:1c:
10:f5:12:d3:46:4c:56:28:69:00:b9:5f:ac:0d:85:
34:98:f0:38:da:ae:e2:f3:c2:f6:09:80:bd:b2:5e:
10:8c:63:00:0e:7f:94:47:15:94:a1:27:f4:4b:82:
39:aa:95:e6:81:79:59:28:c9:36:ec:50:46:29:44:
af:79:6c:3e:5a:55:aa:31:55:c8:d7:6e:3c:ac:ee:
da:4a:4a:a7:28:bf:cd:98:ec:73:cf:af:fc:c9:0d:
c5:14:df:c0:71:33:30:d6:9f:e8:e0:4b:9f:03:ea:
79:2c:6e:03:52:71:b4:e6:10:43:85:bc:7a:1e:50:
c8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:68:BA:E3:86:9D:9B:ED:FC:D6:21:2E:1E:09:9C:F6:13:11:8A:3B
X509v3 Authority Key Identifier:
keyid:16:85:CD:BA:5D:7D:AF:6D:DC:CF:86:75:A9:0A:25:B6:ED:64:44:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FoXNul19r23cz4Z1qQoltu1kRNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c63652-d03e-4134-bfd3-e298a43b8930/1/Bmi644adm-381iEuHgmc9hMRijs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c63652-d03e-4134-bfd3-e298a43b8930/1/FoXNul19r23cz4Z1qQoltu1kRNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.253.0/24
Signature Algorithm: sha256WithRSAEncryption
93:a0:7f:98:32:6e:7d:81:6c:53:11:84:71:63:06:c7:e6:c3:
31:b9:7b:fc:cb:35:9e:37:94:55:ea:89:87:5f:33:d7:f1:2d:
ee:79:0b:6c:53:88:41:72:94:57:60:2c:16:ab:a7:51:6e:ef:
64:a7:5c:8f:dd:a1:aa:77:1a:97:4f:ea:0c:bd:80:6e:1d:d9:
fc:7c:e7:c1:bb:0c:e1:50:a1:7d:49:ea:01:04:db:73:34:a6:
56:f0:9b:af:26:8b:f9:19:2e:ff:1f:bb:db:70:fa:8a:53:69:
cd:32:c3:37:c2:28:6f:84:de:08:05:50:ae:31:d6:a8:8c:fd:
4b:6d:30:3e:03:08:ec:53:f7:0d:3b:c0:7f:73:7c:85:0d:ac:
01:d3:2c:e5:34:df:5f:3d:3c:f3:5f:f7:ef:00:d3:34:30:e7:
1c:a9:98:4c:98:b8:27:ed:d4:94:09:07:99:62:3c:bf:49:91:
ee:c1:2c:ca:4d:04:fc:06:66:30:db:9f:ea:22:1d:a6:44:85:
e1:c3:39:b0:b1:5e:93:62:94:2d:6a:43:ba:de:c1:21:48:3f:
7e:2e:98:d1:0c:bb:69:6c:c8:42:2f:1d:21:c0:a5:09:1c:38:
9d:dc:d1:db:0c:1a:e0:eb:3c:15:b7:00:7c:31:be:e2:8d:f6:
eb:5c:21:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1Oh1DqiPX325cWlPbWNOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODVjZGJhNWQ3ZGFmNmRkY2NmODY3NWE5MGEyNWI2ZWQ2
NDQ0ZDcwHhcNMjMwMTAyMDAxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjY4YmFlMzg2OWQ5YmVkZmNkNjIxMmUxZTA5OWNmNjEzMTE4YTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjf5O6VHOXwE4cKctVqHCdWQg6SCm
R6y/rhTRaLf6CpDenT4j5Mmn35e8R36sEBJG+WPn5nU01YmY6xq8g7oidzvioVE7
PkdIddc9aFOYBXvlwe41VEskEoDYM6c928u1k+CrzeJKVFdk+OTxEHt6vJeU84g4
1erukwe0n5MY3EtOE57OvBwQ9RLTRkxWKGkAuV+sDYU0mPA42q7i88L2CYC9sl4Q
jGMADn+URxWUoSf0S4I5qpXmgXlZKMk27FBGKUSveWw+WlWqMVXI1248rO7aSkqn
KL/NmOxzz6/8yQ3FFN/AcTMw1p/o4EufA+p5LG4DUnG05hBDhbx6HlDIuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAZouuOGnZvt/NYhLh4JnPYTEYo7MB8GA1UdIwQY
MBaAFBaFzbpdfa9t3M+GdakKJbbtZETXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9YTnVsMTlyMjNjejRaMXFRb2x0dTFrUk5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jNjM2NTItZDAzZS00MTM0LWJmZDMt
ZTI5OGE0M2I4OTMwLzEvQm1pNjQ0YWRtLTM4MWlFdUhnbWM5aE1SaWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jNjM2NTItZDAzZS00MTM0LWJmZDMtZTI5OGE0M2I4OTMw
LzEvRm9YTnVsMTlyMjNjejRaMXFRb2x0dTFrUk5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8f9MA0G
CSqGSIb3DQEBCwUAA4IBAQCToH+YMm59gWxTEYRxYwbH5sMxuXv8yzWeN5RV6omH
XzPX8S3ueQtsU4hBcpRXYCwWq6dRbu9kp1yP3aGqdxqXT+oMvYBuHdn8fOfBuwzh
UKF9SeoBBNtzNKZW8JuvJov5GS7/H7vbcPqKU2nNMsM3wihvhN4IBVCuMdaojP1L
bTA+AwjsU/cNO8B/c3yFDawB0yzlNN9fPTzzX/fvANM0MOccqZhMmLgn7dSUCQeZ
Yjy/SZHuwSzKTQT8BmYw25/qIh2mRIXhwzmwsV6TYpQtakO63sEhSD9+LpjRDLtp
bMhCLx0hwKUJHDid3NHbDBrg6zwVtwB8Mb7ijfbrXCH7
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:51 2024 by rpki-client on console.sobornost.net