Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/BuZa6qc_xfnbhVTVgY9pIQsjDMg.roa
File: BuZa6qc_xfnbhVTVgY9pIQsjDMg.roa (raw, json)
Hash identifier: IUdZ1XiL3C2ugOwot9R/M6ESlFGVUctS8Dl7mtRk4lo=
Subject key identifier: 06:E6:5A:EA:A7:3F:C5:F9:DB:85:54:D5:81:8F:69:21:0B:23:0C:C8
Certificate issuer: /CN=f60846f21c56a8513d31c155dd199197a3ffc7c0
Certificate serial: 01879AD287A5E9A1F5CF64475967F2C91904
Authority key identifier: F6:08:46:F2:1C:56:A8:51:3D:31:C1:55:DD:19:91:97:A3:FF:C7:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/BuZa6qc_xfnbhVTVgY9pIQsjDMg.roa
Signing time: Wed 19 Apr 2023 18:41:41 +0000
ROA not before: Wed 19 Apr 2023 18:41:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30893
IP address blocks: 185.231.100.0/22 maxlen: 24
195.47.238.0/24 maxlen: 24
2a0c:5700:3133::/48 maxlen: 48
2a0c:5700:5353::/48 maxlen: 48
2a0c:5700::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9a:d2:87:a5:e9:a1:f5:cf:64:47:59:67:f2:c9:19:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f60846f21c56a8513d31c155dd199197a3ffc7c0
Validity
Not Before: Apr 19 18:41:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06e65aeaa73fc5f9db8554d5818f69210b230cc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:5d:64:17:8b:1b:3c:d3:1c:e0:7c:55:48:53:
db:72:a2:3a:79:f8:13:8b:bf:d0:22:86:35:8f:96:
de:31:35:08:1d:c2:32:b8:15:75:80:17:dc:26:26:
92:db:f2:2e:6b:8f:0e:63:54:c2:34:a5:dc:15:03:
3b:e2:97:d8:f8:50:78:ff:11:c9:05:07:2b:f8:e9:
f7:bd:1c:40:10:53:02:41:43:28:64:29:c6:c7:86:
32:1b:89:db:54:db:08:4a:38:9d:7f:4d:8c:0e:38:
d8:bb:1e:b9:84:38:c9:51:09:f8:b1:3b:31:0a:a6:
df:d4:1e:45:5a:bc:6e:f3:ce:ba:21:2e:ca:94:47:
7f:13:2a:cf:01:6b:85:c3:98:f9:8f:0f:6f:3c:55:
46:a0:70:84:ff:82:e7:d6:f3:f2:c6:54:5b:b4:1b:
86:4e:e3:94:2b:6d:75:71:77:a0:2b:37:f5:b0:45:
72:79:c8:0c:72:30:12:0e:2a:1a:f4:4e:9c:94:df:
42:19:00:0d:84:60:08:a2:31:2d:a5:0e:3a:ef:0f:
db:f5:5d:68:87:ab:a6:8a:3e:de:bd:1c:91:83:b2:
76:58:a8:0a:4a:cd:b9:77:43:67:54:92:a9:a4:1c:
98:9e:f5:51:36:7e:f4:1f:b5:98:56:e5:22:d6:66:
2d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:E6:5A:EA:A7:3F:C5:F9:DB:85:54:D5:81:8F:69:21:0B:23:0C:C8
X509v3 Authority Key Identifier:
keyid:F6:08:46:F2:1C:56:A8:51:3D:31:C1:55:DD:19:91:97:A3:FF:C7:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/BuZa6qc_xfnbhVTVgY9pIQsjDMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/9ghG8hxWqFE9McFV3RmRl6P_x8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.100.0/22
195.47.238.0/24
IPv6:
2a0c:5700::/29
Signature Algorithm: sha256WithRSAEncryption
82:13:a8:9f:de:73:e6:8f:c5:c7:f3:b4:24:ea:c4:5f:c8:e4:
c7:77:27:a5:67:08:df:62:2a:cf:c2:46:91:f0:d1:e9:e7:7a:
7f:e7:6e:2f:b9:2e:08:b2:a8:f1:c8:15:f1:3f:14:6b:09:c8:
1e:16:1a:cb:62:e4:92:51:df:5f:15:e0:bd:90:dc:e9:fa:ab:
9d:0c:c1:f3:d4:b2:77:be:65:72:1b:bb:80:9b:ff:51:cd:1a:
a5:05:dc:b9:df:52:ba:31:45:55:56:64:97:d9:05:e0:d5:3e:
bb:27:55:8d:0f:a7:2c:a1:e3:16:69:0b:3c:75:64:a9:8c:86:
f8:89:c1:94:dd:ea:cc:18:7c:f2:c2:03:e5:fa:08:a7:9c:5a:
57:8d:83:43:6e:25:fc:80:de:b9:dd:aa:8a:3e:aa:af:ea:cd:
2c:40:28:a2:2b:5d:32:92:4e:42:7c:68:ad:0f:eb:16:6a:e0:
77:39:c0:fb:86:38:d1:d3:63:cd:c9:86:4c:c3:07:a0:a9:75:
c7:e1:d6:70:7a:24:53:1b:d8:52:86:9e:d9:c9:d7:d6:d4:65:
ab:60:d0:ea:ad:90:a9:ce:3b:75:ff:a9:7f:e5:9d:91:68:b9:
5d:91:3d:2a:4e:c8:25:b1:05:18:69:3d:d9:ee:b2:6f:6b:6e:
49:ed:bd:aa
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYea0oel6aH1z2RHWWfyyRkEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MDg0NmYyMWM1NmE4NTEzZDMxYzE1NWRkMTk5MTk3YTNm
ZmM3YzAwHhcNMjMwNDE5MTg0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmU2NWFlYWE3M2ZjNWY5ZGI4NTU0ZDU4MThmNjkyMTBiMjMwY2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh11kF4sbPNMc4HxVSFPbcqI6efgT
i7/QIoY1j5beMTUIHcIyuBV1gBfcJiaS2/Iua48OY1TCNKXcFQM74pfY+FB4/xHJ
BQcr+On3vRxAEFMCQUMoZCnGx4YyG4nbVNsISjidf02MDjjYux65hDjJUQn4sTsx
Cqbf1B5FWrxu8866IS7KlEd/EyrPAWuFw5j5jw9vPFVGoHCE/4Ln1vPyxlRbtBuG
TuOUK211cXegKzf1sEVyecgMcjASDioa9E6clN9CGQANhGAIojEtpQ467w/b9V1o
h6umij7evRyRg7J2WKgKSs25d0NnVJKppByYnvVRNn70H7WYVuUi1mYtbQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAbmWuqnP8X524VU1YGPaSELIwzIMB8GA1UdIwQY
MBaAFPYIRvIcVqhRPTHBVd0ZkZej/8fAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWdoRzhoeFdxRkU5TWNGVjNSbVJsNlBfeDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hMGY0YmUtNGMwZC00ZGY1LTkwYzYt
YTZkNDVlZjdkMjI3LzEvQnVaYTZxY194Zm5iaFZUVmdZOXBJUXNqRE1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hMGY0YmUtNGMwZC00ZGY1LTkwYzYtYTZkNDVlZjdkMjI3
LzEvOWdoRzhoeFdxRkU5TWNGVjNSbVJsNlBfeDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuedkAwQA
wy/uMA0EAgACMAcDBQMqDFcAMA0GCSqGSIb3DQEBCwUAA4IBAQCCE6if3nPmj8XH
87Qk6sRfyOTHdyelZwjfYirPwkaR8NHp53p/524vuS4IsqjxyBXxPxRrCcgeFhrL
YuSSUd9fFeC9kNzp+qudDMHz1LJ3vmVyG7uAm/9RzRqlBdy531K6MUVVVmSX2QXg
1T67J1WND6csoeMWaQs8dWSpjIb4icGU3erMGHzywgPl+ginnFpXjYNDbiX8gN65
3aqKPqqv6s0sQCiiK10ykk5CfGitD+sWauB3OcD7hjjR02PNyYZMwwegqXXH4dZw
eiRTG9hShp7ZydfW1GWrYNDqrZCpzjt1/6l/5Z2RaLldkT0qTsglsQUYaT3Z7rJv
a25J7b2q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:26 2024 by rpki-client on console-fra.rpki-client.org