Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/3f0f8b-af93-423b-bea5-d2e351609759/1/B5Z-34vhKhaBo4W62AWpURjGfe8.roa
File: B5Z-34vhKhaBo4W62AWpURjGfe8.roa (raw, json)
Hash identifier: XAbfUfp2HWQP6EhO0TDdZmPiRSPSk4nGeHwfs+ZEmA0=
Subject key identifier: 07:96:7E:DF:8B:E1:2A:16:81:A3:85:BA:D8:05:A9:51:18:C6:7D:EF
Certificate issuer: /CN=c559d4693555b9f2ad6807bacedc4b5a2e701a48
Certificate serial: 0186F076422B22E5D0960BFDBBD342AE1691
Authority key identifier: C5:59:D4:69:35:55:B9:F2:AD:68:07:BA:CE:DC:4B:5A:2E:70:1A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xVnUaTVVufKtaAe6ztxLWi5wGkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/3f0f8b-af93-423b-bea5-d2e351609759/1/B5Z-34vhKhaBo4W62AWpURjGfe8.roa
Signing time: Fri 17 Mar 2023 16:45:27 +0000
ROA not before: Fri 17 Mar 2023 16:45:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29650
IP address blocks: 185.70.28.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 06 Dec 2023 07:43:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f0:76:42:2b:22:e5:d0:96:0b:fd:bb:d3:42:ae:16:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c559d4693555b9f2ad6807bacedc4b5a2e701a48
Validity
Not Before: Mar 17 16:45:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07967edf8be12a1681a385bad805a95118c67def
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d1:c3:be:b9:71:de:38:35:95:34:53:6f:c2:
c2:83:2c:07:58:5c:2a:51:c0:14:bf:86:3b:ed:2a:
e6:27:ef:22:20:50:ed:06:b7:d2:72:27:69:98:61:
19:6d:cd:fb:59:43:66:93:37:2a:fd:d3:3d:eb:17:
50:ca:16:04:b0:c5:34:3d:31:95:53:16:d1:aa:7f:
67:3b:e5:48:4a:dc:7d:eb:5d:e0:8a:e3:17:aa:9c:
1a:88:28:f7:c6:4b:2f:65:50:dd:2e:90:a3:09:8d:
60:68:11:84:e1:68:ca:15:99:4e:71:0b:0e:bc:46:
bc:16:df:05:0f:93:09:61:c2:94:99:4d:7d:ab:5d:
a7:97:a8:8a:98:c5:03:73:c6:53:c9:87:0e:ea:6d:
ba:1b:91:67:29:c7:7d:45:34:af:d8:4b:f7:8c:1c:
0a:eb:71:12:eb:1f:7f:b6:4b:3f:66:10:53:de:11:
97:f0:8c:8c:0a:5e:5f:5c:67:57:72:aa:cb:b5:29:
22:92:bc:eb:9d:52:54:63:d0:eb:b5:5d:5c:78:43:
20:59:68:8d:85:7c:83:90:42:ba:16:a4:c7:24:0b:
c6:8c:f8:c7:50:ce:f3:03:4b:c4:eb:63:00:d4:64:
d2:6c:c2:3b:1f:ed:c9:04:6b:ed:2c:a1:86:ab:5c:
01:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:96:7E:DF:8B:E1:2A:16:81:A3:85:BA:D8:05:A9:51:18:C6:7D:EF
X509v3 Authority Key Identifier:
keyid:C5:59:D4:69:35:55:B9:F2:AD:68:07:BA:CE:DC:4B:5A:2E:70:1A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xVnUaTVVufKtaAe6ztxLWi5wGkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/3f0f8b-af93-423b-bea5-d2e351609759/1/B5Z-34vhKhaBo4W62AWpURjGfe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/3f0f8b-af93-423b-bea5-d2e351609759/1/xVnUaTVVufKtaAe6ztxLWi5wGkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.28.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:68:71:4f:74:8f:75:d3:b0:62:f7:f0:44:34:49:97:2d:65:
97:b8:f9:52:e5:ac:30:07:4b:0f:80:73:f5:d6:7d:e5:98:b5:
8d:47:a0:76:c8:df:5d:b7:36:e9:1c:3a:13:32:d9:c0:e2:1e:
ae:d1:52:bd:99:42:a3:c2:9e:78:c2:2b:bf:8e:83:72:f7:69:
21:e6:55:33:c8:89:1e:cb:b8:c9:52:61:a1:b1:95:a1:c4:2c:
fc:0d:51:f9:e7:44:84:c0:cb:31:7f:bd:19:0f:2e:22:b3:99:
d1:17:9b:ca:3a:df:b4:ff:fb:48:4b:e9:42:99:32:57:7b:b6:
54:e8:24:a0:d4:53:8a:72:0f:7c:88:b6:e5:a9:81:a3:74:fb:
2e:12:41:6e:56:19:67:ff:8e:ea:0e:fd:e3:8a:b5:f7:a7:09:
d1:c2:7d:8e:08:82:e6:f7:3d:17:bc:2f:6c:b5:3c:c3:e0:5e:
48:7f:38:34:34:a8:e3:61:00:12:48:e5:f6:02:e5:f0:95:9d:
b8:17:53:4e:a1:3c:8b:89:a4:38:4c:fc:e8:07:77:6b:93:71:
57:9f:aa:83:33:e4:6f:5e:c5:b7:5c:86:00:81:45:74:3d:c9:
b0:e5:97:84:a7:37:0e:9c:8f:bb:5c:c0:fe:1b:77:49:51:42:
42:0e:61:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbwdkIrIuXQlgv9u9NCrhaRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NTlkNDY5MzU1NWI5ZjJhZDY4MDdiYWNlZGM0YjVhMmU3
MDFhNDgwHhcNMjMwMzE3MTY0NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzk2N2VkZjhiZTEyYTE2ODFhMzg1YmFkODA1YTk1MTE4YzY3ZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtHDvrlx3jg1lTRTb8LCgywHWFwq
UcAUv4Y77SrmJ+8iIFDtBrfScidpmGEZbc37WUNmkzcq/dM96xdQyhYEsMU0PTGV
UxbRqn9nO+VIStx9613giuMXqpwaiCj3xksvZVDdLpCjCY1gaBGE4WjKFZlOcQsO
vEa8Ft8FD5MJYcKUmU19q12nl6iKmMUDc8ZTyYcO6m26G5FnKcd9RTSv2Ev3jBwK
63ES6x9/tks/ZhBT3hGX8IyMCl5fXGdXcqrLtSkikrzrnVJUY9DrtV1ceEMgWWiN
hXyDkEK6FqTHJAvGjPjHUM7zA0vE62MA1GTSbMI7H+3JBGvtLKGGq1wBawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAeWft+L4SoWgaOFutgFqVEYxn3vMB8GA1UdIwQY
MBaAFMVZ1Gk1VbnyrWgHus7cS1oucBpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFZuVWFUVlZ1Zkt0YUFlNnp0eExXaTV3R2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8zZjBmOGItYWY5My00MjNiLWJlYTUt
ZDJlMzUxNjA5NzU5LzEvQjVaLTM0dmhLaGFCbzRXNjJBV3BVUmpHZmU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8zZjBmOGItYWY5My00MjNiLWJlYTUtZDJlMzUxNjA5NzU5
LzEveFZuVWFUVlZ1Zkt0YUFlNnp0eExXaTV3R2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUYcMA0G
CSqGSIb3DQEBCwUAA4IBAQCbaHFPdI9107Bi9/BENEmXLWWXuPlS5awwB0sPgHP1
1n3lmLWNR6B2yN9dtzbpHDoTMtnA4h6u0VK9mUKjwp54wiu/joNy92kh5lUzyIke
y7jJUmGhsZWhxCz8DVH550SEwMsxf70ZDy4is5nRF5vKOt+0//tIS+lCmTJXe7ZU
6CSg1FOKcg98iLblqYGjdPsuEkFuVhln/47qDv3jirX3pwnRwn2OCILm9z0XvC9s
tTzD4F5Ifzg0NKjjYQASSOX2AuXwlZ24F1NOoTyLiaQ4TPzoB3drk3FXn6qDM+Rv
XsW3XIYAgUV0Pcmw5ZeEpzcOnI+7XMD+G3dJUUJCDmG2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:39 2024 by rpki-client on console-ams.rpki-client.org