Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5bda54-db7a-46d3-9cf9-16b1d2ee88a6/1/bzpbNMnOoMpjp0ilavud6Afuj4g.roa
File: bzpbNMnOoMpjp0ilavud6Afuj4g.roa (raw, json)
Hash identifier: YJdc+cZzK8n8+aAGERFEMk4JqG79nWsg8bXaiYX9uOY=
Subject key identifier: 6F:3A:5B:34:C9:CE:A0:CA:63:A7:48:A5:6A:FB:9D:E8:07:EE:8F:88
Certificate issuer: /CN=8dce4df68044985a177b3032f00fc6fe224ad8b3
Certificate serial: 01857328255B1903A7C5B449A3B23345DE9C
Authority key identifier: 8D:CE:4D:F6:80:44:98:5A:17:7B:30:32:F0:0F:C6:FE:22:4A:D8:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jc5N9oBEmFoXezAy8A_G_iJK2LM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/5bda54-db7a-46d3-9cf9-16b1d2ee88a6/1/bzpbNMnOoMpjp0ilavud6Afuj4g.roa
Signing time: Mon 02 Jan 2023 15:44:48 +0000
ROA not before: Mon 02 Jan 2023 15:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212696
IP address blocks: 185.195.128.0/22 maxlen: 24
2a0a:5ac0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:25:5b:19:03:a7:c5:b4:49:a3:b2:33:45:de:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dce4df68044985a177b3032f00fc6fe224ad8b3
Validity
Not Before: Jan 2 15:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f3a5b34c9cea0ca63a748a56afb9de807ee8f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:fd:95:3f:28:28:f4:c7:b4:6c:98:62:d1:45:
ea:3e:41:82:41:6c:04:33:28:4d:08:ab:95:82:36:
10:14:a0:b7:28:7c:b7:43:e4:20:4a:92:c9:bd:6b:
81:16:b6:d0:66:ff:03:30:35:a0:e3:9e:34:c2:a6:
26:e1:17:54:a1:cb:44:ef:1f:7f:bb:aa:ed:ef:0d:
76:8d:55:82:5a:5f:f0:9a:ad:2e:6d:d0:cb:3b:87:
1d:4b:94:88:8d:b0:93:b4:22:9f:99:4b:de:96:07:
d8:f4:52:ac:11:03:c2:05:68:2b:41:2f:c3:16:88:
c9:81:97:40:11:0f:8c:0f:3f:93:be:2b:a1:f6:cc:
7b:2a:33:3c:7a:67:cf:0b:00:43:95:9a:1b:26:b1:
c3:e2:d7:f3:c6:6e:58:51:29:bb:28:80:02:6a:0c:
dc:7c:25:77:94:b6:c2:9c:af:88:b5:04:6d:63:58:
de:77:f3:d8:cc:ba:21:3a:c0:19:fb:20:d5:9c:c2:
6c:c3:1f:61:7a:dc:72:df:d4:22:91:b6:2f:0f:66:
23:22:28:e6:f6:33:ec:71:ce:09:ba:f4:a5:a0:85:
fa:95:b7:65:03:f1:24:41:6f:dd:fb:c3:0c:40:f9:
10:71:33:70:f2:6a:64:c6:87:84:f9:2a:fd:0f:80:
a2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:3A:5B:34:C9:CE:A0:CA:63:A7:48:A5:6A:FB:9D:E8:07:EE:8F:88
X509v3 Authority Key Identifier:
keyid:8D:CE:4D:F6:80:44:98:5A:17:7B:30:32:F0:0F:C6:FE:22:4A:D8:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jc5N9oBEmFoXezAy8A_G_iJK2LM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5bda54-db7a-46d3-9cf9-16b1d2ee88a6/1/bzpbNMnOoMpjp0ilavud6Afuj4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5bda54-db7a-46d3-9cf9-16b1d2ee88a6/1/jc5N9oBEmFoXezAy8A_G_iJK2LM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.128.0/22
IPv6:
2a0a:5ac0::/32
Signature Algorithm: sha256WithRSAEncryption
2c:3e:30:81:1c:71:ab:34:5d:8e:59:53:d1:d0:8a:0a:07:0b:
b6:de:25:b5:09:d2:2a:be:9e:82:52:21:4d:22:0a:cf:16:f0:
c7:d9:1e:29:ed:ac:27:59:ff:f6:84:41:88:e2:7b:ba:08:99:
d4:5d:d7:3d:db:73:6a:ef:00:a1:72:26:61:1f:36:53:4d:2e:
34:b0:70:d0:29:d2:77:4f:81:9e:65:8c:e4:fe:26:63:8a:30:
fc:9b:b3:00:8c:fb:b6:b9:f9:ce:93:b8:6d:b4:55:84:45:fc:
1c:55:e5:a1:c3:af:c8:e6:dd:02:11:a8:ca:21:eb:2a:5d:da:
25:19:65:44:2d:32:fc:80:23:c6:5d:f8:70:dc:7f:13:29:d3:
ce:c7:c1:88:19:1b:fd:2d:08:4c:03:8c:b5:db:65:f7:33:91:
0c:89:f8:ce:cc:be:12:f7:8e:99:45:c2:5a:07:aa:d1:ba:01:
f8:d3:ea:04:47:a6:99:44:b9:d8:cb:d0:04:b6:33:55:32:3c:
48:2f:45:7e:91:29:ff:56:8d:7f:65:a3:b2:f3:0c:04:77:ef:
0a:aa:7f:c4:ea:b6:34:59:04:3e:2e:d3:32:77:6d:4d:b3:c3:
27:89:d5:c4:da:ed:c3:15:07:6c:6b:fd:12:be:e4:19:42:12:
16:f0:4b:85
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzKCVbGQOnxbRJo7IzRd6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkY2U0ZGY2ODA0NDk4NWExNzdiMzAzMmYwMGZjNmZlMjI0
YWQ4YjMwHhcNMjMwMTAyMTU0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjNhNWIzNGM5Y2VhMGNhNjNhNzQ4YTU2YWZiOWRlODA3ZWU4Zjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/2VPygo9Me0bJhi0UXqPkGCQWwE
MyhNCKuVgjYQFKC3KHy3Q+QgSpLJvWuBFrbQZv8DMDWg4540wqYm4RdUoctE7x9/
u6rt7w12jVWCWl/wmq0ubdDLO4cdS5SIjbCTtCKfmUvelgfY9FKsEQPCBWgrQS/D
FojJgZdAEQ+MDz+Tviuh9sx7KjM8emfPCwBDlZobJrHD4tfzxm5YUSm7KIACagzc
fCV3lLbCnK+ItQRtY1jed/PYzLohOsAZ+yDVnMJswx9hetxy39QikbYvD2YjIijm
9jPscc4JuvSloIX6lbdlA/EkQW/d+8MMQPkQcTNw8mpkxoeE+Sr9D4CilwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG86WzTJzqDKY6dIpWr7negH7o+IMB8GA1UdIwQY
MBaAFI3OTfaARJhaF3swMvAPxv4iStizMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamM1TjlvQkVtRm9YZXpBeThBX0dfaUpLMkxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81YmRhNTQtZGI3YS00NmQzLTljZjkt
MTZiMWQyZWU4OGE2LzEvYnpwYk5Nbk9vTXBqcDBpbGF2dWQ2QWZ1ajRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81YmRhNTQtZGI3YS00NmQzLTljZjktMTZiMWQyZWU4OGE2
LzEvamM1TjlvQkVtRm9YZXpBeThBX0dfaUpLMkxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucOAMA0E
AgACMAcDBQAqClrAMA0GCSqGSIb3DQEBCwUAA4IBAQAsPjCBHHGrNF2OWVPR0IoK
Bwu23iW1CdIqvp6CUiFNIgrPFvDH2R4p7awnWf/2hEGI4nu6CJnUXdc923Nq7wCh
ciZhHzZTTS40sHDQKdJ3T4GeZYzk/iZjijD8m7MAjPu2ufnOk7httFWERfwcVeWh
w6/I5t0CEajKIesqXdolGWVELTL8gCPGXfhw3H8TKdPOx8GIGRv9LQhMA4y122X3
M5EMifjOzL4S946ZRcJaB6rRugH40+oER6aZRLnYy9AEtjNVMjxIL0V+kSn/Vo1/
ZaOy8wwEd+8Kqn/E6rY0WQQ+LtMyd21Ns8MnidXE2u3DFQdsa/0SvuQZQhIW8EuF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:51 2024 by rpki-client on console-fra.rpki-client.org