Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/f0cc41-b3e7-46ff-a976-29df4e2611f1/1/bjzQ3crU5PcA96LY9dtw4NuDZis.roa
File: bjzQ3crU5PcA96LY9dtw4NuDZis.roa (raw, json)
Hash identifier: c92ekc6E+hzq/irXhplbV3DQ1UOi7LGz/QcJM4z4KJg=
Subject key identifier: 6E:3C:D0:DD:CA:D4:E4:F7:00:F7:A2:D8:F5:DB:70:E0:DB:83:66:2B
Certificate issuer: /CN=70f68cded39e3ec54cee2233252ef3937ba9828d
Certificate serial: 018CC8DEBD4C5B09678BC123E695E582CF1C
Authority key identifier: 70:F6:8C:DE:D3:9E:3E:C5:4C:EE:22:33:25:2E:F3:93:7B:A9:82:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPaM3tOePsVM7iIzJS7zk3upgo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/f0cc41-b3e7-46ff-a976-29df4e2611f1/1/bjzQ3crU5PcA96LY9dtw4NuDZis.roa
Signing time: Tue 02 Jan 2024 06:31:29 +0000
ROA not before: Tue 02 Jan 2024 06:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211201
IP address blocks: 193.33.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:bd:4c:5b:09:67:8b:c1:23:e6:95:e5:82:cf:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f68cded39e3ec54cee2233252ef3937ba9828d
Validity
Not Before: Jan 2 06:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e3cd0ddcad4e4f700f7a2d8f5db70e0db83662b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:38:8f:0d:35:85:d5:ec:9e:6e:cd:57:a6:b2:
14:81:9a:44:31:94:e7:f6:9c:22:32:73:f4:3d:12:
4e:bb:ed:a6:d7:6b:c9:74:f9:d7:60:1e:62:ec:d6:
4b:00:e4:b3:cb:c0:c2:f6:c1:85:f1:d9:a2:d5:06:
c5:bb:d3:7a:3a:26:92:a2:32:0c:7d:ac:4c:ce:d2:
1c:2b:e5:4f:82:51:85:e9:b7:ed:0b:dd:d4:14:c4:
64:fb:cc:ef:71:cc:61:47:13:f1:af:ef:aa:e0:4d:
31:ec:32:74:12:52:03:1f:42:a9:96:22:fc:d6:04:
7b:6a:20:5c:71:e9:7b:ed:17:42:a0:c7:a5:83:00:
f0:fd:2c:43:30:49:73:70:b7:2c:e5:d8:30:f7:45:
ae:25:06:db:86:97:17:98:94:fb:4b:84:0d:9d:5a:
12:29:48:08:92:24:40:f8:53:5d:b7:1f:40:1d:ab:
fa:29:0e:48:ad:79:67:62:0f:5a:5b:56:40:42:bf:
8a:a0:c8:0a:14:0d:c2:e5:3a:58:33:ad:03:f5:e8:
76:79:d8:79:a6:b8:0f:4f:c6:00:62:0b:ee:9b:53:
06:4d:bd:55:a3:21:f0:94:95:83:c2:41:89:49:85:
e4:62:f0:8f:99:84:ef:2a:f5:b4:0e:6e:7c:01:5f:
c4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:3C:D0:DD:CA:D4:E4:F7:00:F7:A2:D8:F5:DB:70:E0:DB:83:66:2B
X509v3 Authority Key Identifier:
keyid:70:F6:8C:DE:D3:9E:3E:C5:4C:EE:22:33:25:2E:F3:93:7B:A9:82:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPaM3tOePsVM7iIzJS7zk3upgo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/f0cc41-b3e7-46ff-a976-29df4e2611f1/1/bjzQ3crU5PcA96LY9dtw4NuDZis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/f0cc41-b3e7-46ff-a976-29df4e2611f1/1/cPaM3tOePsVM7iIzJS7zk3upgo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.96.0/24
Signature Algorithm: sha256WithRSAEncryption
28:73:31:df:86:20:56:32:f1:c7:66:cb:83:d0:2e:55:9d:fa:
dc:42:08:49:99:f8:68:79:ee:0f:09:e2:9e:f8:70:a5:2e:7b:
25:9c:a1:1d:de:bb:76:91:91:19:ec:44:2b:8d:3b:33:2f:27:
fb:12:07:5d:cd:69:48:fd:9e:67:c3:c9:3e:ff:2f:6d:ea:4e:
99:ab:2b:6a:e1:25:7a:9e:0d:f4:9c:df:a8:55:59:9a:23:a8:
27:b8:fa:ab:7a:c9:a7:e6:60:d9:24:bb:38:96:71:f2:28:65:
ff:93:3b:67:b6:56:05:ff:6d:4a:91:82:d1:3f:25:f1:66:ab:
7f:9e:90:f7:1c:44:45:95:58:1c:cd:8e:8a:b1:0f:74:b5:b3:
ce:cf:96:4f:9a:25:e6:8b:61:8c:91:f6:c5:cc:d2:4a:42:82:
84:32:fc:f7:a9:ae:f7:f0:43:e3:e9:52:5c:75:6c:37:71:3d:
27:04:84:da:eb:1b:48:87:39:9b:10:6d:9f:99:8b:4f:39:bf:
7d:23:4d:59:2c:3c:63:d7:b9:b3:28:8f:18:8f:9d:e1:52:91:
02:ad:7d:87:06:97:f7:a0:cd:11:c5:94:c3:76:76:7d:f8:b6:
89:dd:8c:66:46:26:7d:00:9f:e4:57:3d:41:73:ac:51:ff:9b:
bd:0f:20:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3r1MWwlni8Ej5pXlgs8cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjY4Y2RlZDM5ZTNlYzU0Y2VlMjIzMzI1MmVmMzkzN2Jh
OTgyOGQwHhcNMjQwMTAyMDYzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTNjZDBkZGNhZDRlNGY3MDBmN2EyZDhmNWRiNzBlMGRiODM2NjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDiPDTWF1eyebs1XprIUgZpEMZTn
9pwiMnP0PRJOu+2m12vJdPnXYB5i7NZLAOSzy8DC9sGF8dmi1QbFu9N6OiaSojIM
faxMztIcK+VPglGF6bftC93UFMRk+8zvccxhRxPxr++q4E0x7DJ0ElIDH0KpliL8
1gR7aiBccel77RdCoMelgwDw/SxDMElzcLcs5dgw90WuJQbbhpcXmJT7S4QNnVoS
KUgIkiRA+FNdtx9AHav6KQ5IrXlnYg9aW1ZAQr+KoMgKFA3C5TpYM60D9eh2edh5
prgPT8YAYgvum1MGTb1VoyHwlJWDwkGJSYXkYvCPmYTvKvW0Dm58AV/E2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG480N3K1OT3APei2PXbcODbg2YrMB8GA1UdIwQY
MBaAFHD2jN7Tnj7FTO4iMyUu85N7qYKNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BhTTN0T2VQc1ZNN2lJekpTN3prM3VwZ28wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9mMGNjNDEtYjNlNy00NmZmLWE5NzYt
MjlkZjRlMjYxMWYxLzEvYmp6UTNjclU1UGNBOTZMWTlkdHc0TnVEWmlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9mMGNjNDEtYjNlNy00NmZmLWE5NzYtMjlkZjRlMjYxMWYx
LzEvY1BhTTN0T2VQc1ZNN2lJekpTN3prM3VwZ28wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSFgMA0G
CSqGSIb3DQEBCwUAA4IBAQAoczHfhiBWMvHHZsuD0C5VnfrcQghJmfhoee4PCeKe
+HClLnslnKEd3rt2kZEZ7EQrjTszLyf7EgddzWlI/Z5nw8k+/y9t6k6Zqytq4SV6
ng30nN+oVVmaI6gnuPqresmn5mDZJLs4lnHyKGX/kztntlYF/21KkYLRPyXxZqt/
npD3HERFlVgczY6KsQ90tbPOz5ZPmiXmi2GMkfbFzNJKQoKEMvz3qa738EPj6VJc
dWw3cT0nBITa6xtIhzmbEG2fmYtPOb99I01ZLDxj17mzKI8Yj53hUpECrX2HBpf3
oM0RxZTDdnZ9+LaJ3YxmRiZ9AJ/kVz1Bc6xR/5u9DyCW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:43 2025 by rpki-client