Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/4edda4-ebc5-4434-bb91-f7710a030fa2/1/BZSXCve27Kn5xT6FHA1LszClmWg.roa
File: BZSXCve27Kn5xT6FHA1LszClmWg.roa (raw, json)
Hash identifier: VOzrqLPF+iOvQpc/Y1MIXHIitWccQDH6UKROAay/+rg=
Subject key identifier: 05:94:97:0A:F7:B6:EC:A9:F9:C5:3E:85:1C:0D:4B:B3:30:A5:99:68
Certificate issuer: /CN=7a704007e2135c8b1278035ba7642b99159444b1
Certificate serial: 01856CE63D1FE28FDEEE1C34C234734F79B0
Authority key identifier: 7A:70:40:07:E2:13:5C:8B:12:78:03:5B:A7:64:2B:99:15:94:44:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/enBAB-ITXIsSeANbp2QrmRWURLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/4edda4-ebc5-4434-bb91-f7710a030fa2/1/BZSXCve27Kn5xT6FHA1LszClmWg.roa
Signing time: Sun 01 Jan 2023 10:35:06 +0000
ROA not before: Sun 01 Jan 2023 10:35:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15600
IP address blocks: 5.149.16.0/20 maxlen: 20
185.74.148.0/22 maxlen: 22
2a00:d260::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:3d:1f:e2:8f:de:ee:1c:34:c2:34:73:4f:79:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a704007e2135c8b1278035ba7642b99159444b1
Validity
Not Before: Jan 1 10:35:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0594970af7b6eca9f9c53e851c0d4bb330a59968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c8:94:cd:0f:fb:fc:e2:60:b5:2b:00:2a:46:
45:34:18:90:5f:f5:37:64:e8:eb:0f:93:8b:dc:06:
be:55:a3:9b:df:43:dd:8d:d5:5f:7a:64:78:51:62:
31:a1:b9:0e:88:12:3b:50:d0:7c:3c:27:75:48:94:
fa:c9:11:05:c5:f0:c3:68:3e:8f:18:60:d4:74:ca:
5f:11:b5:bc:fa:47:35:0c:2c:62:3b:60:38:66:26:
2f:e4:9d:9f:3f:15:7e:64:7b:15:60:45:8f:1b:80:
e6:dd:c0:4d:97:69:d3:93:a5:f4:9a:26:98:77:7b:
b3:89:29:60:88:fc:a8:65:3b:e5:a5:fd:d4:24:f5:
eb:43:b7:de:9c:87:65:b9:28:ea:e8:a2:16:d1:7c:
51:5f:8d:1a:98:d5:f9:2b:ac:d1:97:5e:30:42:9f:
97:33:d9:95:df:88:de:e4:84:e6:78:3f:cb:e6:d6:
c7:eb:5d:f8:7b:4a:4e:a3:e6:86:91:fb:12:3e:c5:
0b:92:35:04:13:eb:29:5f:f4:49:36:33:a6:de:69:
69:07:61:c5:96:7e:9c:1c:ee:60:2d:cb:5c:43:a1:
ec:62:1e:32:cb:de:fd:e2:76:3a:d8:c1:2f:bc:81:
1a:b5:b1:ef:7e:78:9a:6e:23:87:56:cb:e7:3e:d7:
62:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:94:97:0A:F7:B6:EC:A9:F9:C5:3E:85:1C:0D:4B:B3:30:A5:99:68
X509v3 Authority Key Identifier:
keyid:7A:70:40:07:E2:13:5C:8B:12:78:03:5B:A7:64:2B:99:15:94:44:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/enBAB-ITXIsSeANbp2QrmRWURLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/4edda4-ebc5-4434-bb91-f7710a030fa2/1/BZSXCve27Kn5xT6FHA1LszClmWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/4edda4-ebc5-4434-bb91-f7710a030fa2/1/enBAB-ITXIsSeANbp2QrmRWURLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.16.0/20
185.74.148.0/22
IPv6:
2a00:d260::/29
Signature Algorithm: sha256WithRSAEncryption
69:df:17:ac:60:88:00:7c:72:02:f0:91:ed:42:2a:47:81:5f:
b1:ad:61:52:60:ea:9b:e0:03:38:34:86:6e:1f:26:3d:b0:24:
dd:26:9e:b9:dd:1c:32:00:1d:83:30:cc:af:61:29:3f:51:db:
c1:36:01:ad:80:fb:ec:9c:dc:a3:cb:3f:fa:ca:4f:9d:11:36:
ba:98:d1:3a:df:69:11:7e:66:5f:df:7d:5a:f0:43:67:c3:19:
63:76:8b:dd:d9:48:79:5f:fa:99:b5:c7:00:d8:cb:e9:8e:4d:
f1:7b:57:a9:25:7e:52:f5:ed:64:78:84:9a:8a:85:c1:22:bd:
ca:3d:df:b6:1d:8e:a2:6c:3e:5d:1f:48:31:be:52:6a:3c:00:
44:f1:5b:69:91:13:db:7c:5b:55:2a:83:f2:96:61:b7:3c:10:
7c:a3:a1:d2:a9:3c:84:ff:e5:e6:7e:86:9c:3d:6c:81:cf:2a:
7d:8b:b5:b3:9e:9f:74:0d:b9:52:f9:fe:a3:d4:61:b9:3d:32:
11:11:f3:6c:77:21:16:af:db:2f:9c:df:98:fa:11:b6:08:c3:
22:71:82:c6:51:ed:65:78:c4:a6:96:07:f6:dc:37:83:45:dd:
18:70:cb:79:6c:09:31:57:86:0e:e8:77:19:3f:6e:83:14:de:
38:c7:91:5c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVs5j0f4o/e7hw0wjRzT3mwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhNzA0MDA3ZTIxMzVjOGIxMjc4MDM1YmE3NjQyYjk5MTU5
NDQ0YjEwHhcNMjMwMTAxMTAzNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTk0OTcwYWY3YjZlY2E5ZjljNTNlODUxYzBkNGJiMzMwYTU5OTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8iUzQ/7/OJgtSsAKkZFNBiQX/U3
ZOjrD5OL3Aa+VaOb30PdjdVfemR4UWIxobkOiBI7UNB8PCd1SJT6yREFxfDDaD6P
GGDUdMpfEbW8+kc1DCxiO2A4ZiYv5J2fPxV+ZHsVYEWPG4Dm3cBNl2nTk6X0miaY
d3uziSlgiPyoZTvlpf3UJPXrQ7fenIdluSjq6KIW0XxRX40amNX5K6zRl14wQp+X
M9mV34je5ITmeD/L5tbH6134e0pOo+aGkfsSPsULkjUEE+spX/RJNjOm3mlpB2HF
ln6cHO5gLctcQ6HsYh4yy9794nY62MEvvIEatbHvfniabiOHVsvnPtdiAQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAWUlwr3tuyp+cU+hRwNS7MwpZloMB8GA1UdIwQY
MBaAFHpwQAfiE1yLEngDW6dkK5kVlESxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW5CQUItSVRYSXNTZUFOYnAyUXJtUldVUkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi80ZWRkYTQtZWJjNS00NDM0LWJiOTEt
Zjc3MTBhMDMwZmEyLzEvQlpTWEN2ZTI3S241eFQ2RkhBMUxzekNsbVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi80ZWRkYTQtZWJjNS00NDM0LWJiOTEtZjc3MTBhMDMwZmEy
LzEvZW5CQUItSVRYSXNTZUFOYnAyUXJtUldVUkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEBZUQAwQC
uUqUMA0EAgACMAcDBQMqANJgMA0GCSqGSIb3DQEBCwUAA4IBAQBp3xesYIgAfHIC
8JHtQipHgV+xrWFSYOqb4AM4NIZuHyY9sCTdJp653RwyAB2DMMyvYSk/UdvBNgGt
gPvsnNyjyz/6yk+dETa6mNE632kRfmZf331a8ENnwxljdovd2Uh5X/qZtccA2Mvp
jk3xe1epJX5S9e1keISaioXBIr3KPd+2HY6ibD5dH0gxvlJqPABE8VtpkRPbfFtV
KoPylmG3PBB8o6HSqTyE/+XmfoacPWyBzyp9i7Wznp90DblS+f6j1GG5PTIREfNs
dyEWr9svnN+Y+hG2CMMicYLGUe1leMSmlgf23DeDRd0YcMt5bAkxV4YO6HcZP26D
FN44x5Fc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:27 2024 by rpki-client on console-ams.rpki-client.org