Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/BzNNXS6rANha6mWzTK7vozLS6Pk.roa
File: BzNNXS6rANha6mWzTK7vozLS6Pk.roa (raw, json)
Hash identifier: qNGuJS1BtoICV4TKAkv7S9X+4m+mGR1v/oquVMS7ptc=
Subject key identifier: 07:33:4D:5D:2E:AB:00:D8:5A:EA:65:B3:4C:AE:EF:A3:32:D2:E8:F9
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018AB1EDB4AF444451A82C3B2483AEBDBF5E
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/BzNNXS6rANha6mWzTK7vozLS6Pk.roa
Signing time: Wed 20 Sep 2023 09:31:00 +0000
ROA not before: Wed 20 Sep 2023 09:31:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.122.42.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
193.93.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Sep 2023 18:16:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b1:ed:b4:af:44:44:51:a8:2c:3b:24:83:ae:bd:bf:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Sep 20 09:31:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07334d5d2eab00d85aea65b34caeefa332d2e8f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6f:d0:d2:f0:2e:0a:67:64:ec:a6:1b:9b:39:
d9:16:2c:30:26:88:db:41:3d:16:cd:f5:70:d0:c4:
56:68:65:77:e9:52:3f:17:f1:80:1e:ed:41:2a:be:
cc:b7:15:3a:40:3e:b4:9d:cb:4d:b6:3a:0f:89:0f:
2a:24:ba:38:43:cf:05:5d:b0:37:9b:26:2a:dd:da:
14:c1:7e:7e:36:96:32:ad:38:68:65:58:58:84:c4:
bc:17:39:83:28:f1:da:24:03:8f:5c:92:f2:c8:79:
0d:58:53:65:6c:1e:6b:7f:7d:64:c5:4f:df:3b:01:
ca:aa:ed:0a:84:0a:78:49:43:30:b6:2f:35:39:56:
06:1e:b9:0a:15:41:8f:d1:d9:4b:fb:c3:50:d2:41:
c8:c9:9e:cf:30:48:f4:5e:f3:2e:fc:d8:e4:4a:d2:
f4:22:88:ee:82:b0:86:c8:d6:06:96:aa:ed:fd:94:
5c:03:0a:ea:1a:b0:d9:26:5c:12:ea:3e:be:a7:be:
8c:ed:07:10:02:85:9c:88:bf:93:8b:cc:dc:cc:cc:
d1:7f:1b:ff:34:1e:3e:a7:33:fe:1f:45:7e:e6:18:
30:1d:27:11:ba:a7:fe:d4:57:52:75:6d:37:35:31:
47:4b:ef:fe:40:9f:4f:1a:19:ea:e6:75:3e:40:97:
af:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:33:4D:5D:2E:AB:00:D8:5A:EA:65:B3:4C:AE:EF:A3:32:D2:E8:F9
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/BzNNXS6rANha6mWzTK7vozLS6Pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.42.0/24
109.122.46.0/24
193.93.55.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:7c:c3:8e:f3:6c:8e:80:83:b7:e0:09:3f:d8:5c:5c:96:2e:
7b:a0:41:f5:cb:cd:7a:0d:f9:11:73:94:d2:19:2c:ea:6d:1d:
3e:a4:46:dd:af:fa:58:71:31:7d:8a:e6:7c:3f:7a:bb:ef:56:
9d:89:bf:47:2d:fd:fb:6f:d8:82:f6:98:b3:cd:3b:3f:10:8f:
90:47:96:4d:0e:a6:c1:56:bc:63:b1:46:36:ed:4d:7d:00:1e:
d6:a0:60:fc:6a:23:a8:37:4a:be:7f:ba:b6:2d:d4:87:02:3b:
1f:f1:79:da:49:ed:85:4a:63:1d:6a:09:59:80:a9:0a:e4:d5:
49:b4:7d:c7:79:40:3a:71:c2:7c:f9:15:16:30:c2:66:a3:6b:
92:03:4f:d0:bd:3d:a5:0a:67:b5:8c:e1:2d:b5:23:a4:8d:6b:
6c:0e:74:ac:7a:4f:46:53:86:20:04:98:8f:0a:20:00:85:29:
a8:24:ab:af:fb:c4:5a:ea:73:f0:0b:24:96:03:03:89:2c:56:
69:f2:14:d5:79:5d:dc:c6:72:6a:89:4e:22:96:c3:6c:99:45:
fd:91:51:31:83:54:98:f1:19:82:ec:75:82:a7:e3:04:ac:92:
54:06:ae:14:4c:32:22:1a:8b:ca:ed:c3:b6:bb:ac:f4:a7:31:
84:8b:6e:fa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqx7bSvRERRqCw7JIOuvb9eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwOTIwMDkzMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzMzNGQ1ZDJlYWIwMGQ4NWFlYTY1YjM0Y2FlZWZhMzMyZDJlOGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhG/Q0vAuCmdk7KYbmznZFiwwJojb
QT0WzfVw0MRWaGV36VI/F/GAHu1BKr7MtxU6QD60nctNtjoPiQ8qJLo4Q88FXbA3
myYq3doUwX5+NpYyrThoZVhYhMS8FzmDKPHaJAOPXJLyyHkNWFNlbB5rf31kxU/f
OwHKqu0KhAp4SUMwti81OVYGHrkKFUGP0dlL+8NQ0kHIyZ7PMEj0XvMu/NjkStL0
IojugrCGyNYGlqrt/ZRcAwrqGrDZJlwS6j6+p76M7QcQAoWciL+Ti8zczMzRfxv/
NB4+pzP+H0V+5hgwHScRuqf+1FdSdW03NTFHS+/+QJ9PGhnq5nU+QJev2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAczTV0uqwDYWupls0yu76My0uj5MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvQnpOTlhTNnJBTmhhNm1XelRLN3ZvekxTNlBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbXoqAwQA
bXouAwQAwV03MA0GCSqGSIb3DQEBCwUAA4IBAQA6fMOO82yOgIO34Ak/2Fxcli57
oEH1y816DfkRc5TSGSzqbR0+pEbdr/pYcTF9iuZ8P3q771adib9HLf37b9iC9piz
zTs/EI+QR5ZNDqbBVrxjsUY27U19AB7WoGD8aiOoN0q+f7q2LdSHAjsf8XnaSe2F
SmMdaglZgKkK5NVJtH3HeUA6ccJ8+RUWMMJmo2uSA0/QvT2lCme1jOEttSOkjWts
DnSsek9GU4YgBJiPCiAAhSmoJKuv+8Ra6nPwCySWAwOJLFZp8hTVeV3cxnJqiU4i
lsNsmUX9kVExg1SY8RmC7HWCp+MErJJUBq4UTDIiGovK7cO2u6z0pzGEi276
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org