Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/BZLALd26Pof14O89-L3mh82Zl_g.roa
File: BZLALd26Pof14O89-L3mh82Zl_g.roa (raw, json)
Hash identifier: v2eWwPOxY9EJBd/4RgYCJDXray1+JkoGF+OKdv8y6m0=
Subject key identifier: 05:92:C0:2D:DD:BA:3E:87:F5:E0:EF:3D:F8:BD:E6:87:CD:99:97:F8
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0189AD72C64E5B18AD6494085D708B1203F0
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/BZLALd26Pof14O89-L3mh82Zl_g.roa
Signing time: Mon 31 Jul 2023 19:35:27 +0000
ROA not before: Mon 31 Jul 2023 19:35:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.255.206.0/24 maxlen: 24
109.121.35.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
212.69.0.0/24 maxlen: 24
188.255.134.0/24 maxlen: 24
77.105.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Aug 2023 08:46:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ad:72:c6:4e:5b:18:ad:64:94:08:5d:70:8b:12:03:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jul 31 19:35:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0592c02dddba3e87f5e0ef3df8bde687cd9997f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2f:ea:fd:8f:49:ef:5e:5c:ab:15:ed:a0:e2:
e5:39:e6:87:29:e3:fc:df:7a:d5:e6:45:6e:d3:4c:
90:21:f4:77:c8:74:72:ae:8b:4e:e5:9d:c3:65:36:
c1:29:06:15:38:e0:e4:e2:c5:09:04:3e:ae:9b:2e:
1c:9e:1e:6a:67:53:b7:e7:91:d2:f6:92:a6:50:4f:
c6:b0:87:18:a7:f5:d5:ba:a8:ac:d8:16:cd:7f:03:
57:e1:01:ef:32:a5:ca:0b:da:af:0d:72:11:c1:27:
15:bb:3a:28:37:9e:17:ec:25:23:4d:f4:0e:c0:b8:
8f:32:64:15:05:54:65:f7:e3:53:b3:56:ed:30:99:
05:e4:96:a9:97:4d:f2:91:62:ab:2f:ee:0b:89:98:
ec:79:6f:06:88:6c:36:dc:8d:b2:b2:81:5d:07:25:
bd:46:ed:85:63:d9:4e:5f:89:3a:52:8c:ec:24:2b:
83:8a:e0:43:96:24:8e:f5:c9:c5:cc:63:67:46:52:
d6:84:a7:db:8a:87:b3:f6:dd:be:2f:14:ea:16:b5:
f9:98:4f:7d:16:04:89:94:c3:c3:72:e8:62:22:6e:
39:53:a2:bd:28:47:51:a3:c2:59:13:55:1d:01:18:
cb:10:a6:ea:ea:69:92:9e:b0:54:83:2f:7c:b0:ee:
ba:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:92:C0:2D:DD:BA:3E:87:F5:E0:EF:3D:F8:BD:E6:87:CD:99:97:F8
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/BZLALd26Pof14O89-L3mh82Zl_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
109.121.35.0/24
109.121.43.0/24
188.255.134.0/24
188.255.206.0/24
212.69.0.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:64:67:a9:dc:72:68:ef:5b:71:74:cd:bc:a7:7d:0b:38:c2:
d6:11:5a:4e:55:bc:bc:f7:9f:aa:fa:d1:d6:4f:e7:7f:4f:e6:
46:f4:13:86:47:44:a3:42:d2:da:5e:e8:65:7a:d5:78:ef:71:
a0:1e:ee:fd:1d:ad:89:5b:3a:8f:3c:57:6d:d7:c8:7e:79:3b:
96:86:bc:84:d8:fd:0f:d1:02:f4:ad:ef:0e:5e:a9:17:0f:fd:
38:d9:6a:b3:ab:c8:9c:2a:49:a8:a9:be:9a:f7:2a:b4:df:84:
f8:fb:af:cb:a9:86:e9:48:3c:58:b5:2d:70:e7:ee:46:8c:c0:
bc:75:a9:b2:50:28:4a:ae:f9:11:5b:53:8b:9f:1c:76:2c:51:
65:e5:35:f1:5d:32:69:0c:9f:a2:d8:d2:ba:88:93:3f:19:76:
7a:46:54:6e:8d:2f:0e:7b:0c:37:94:0b:39:18:29:c4:13:6c:
86:3c:64:3e:3d:da:b7:65:94:6f:68:66:e3:ca:c3:dc:0e:c8:
33:33:b8:29:fc:98:2a:d1:3c:ff:4b:ca:ef:11:4c:c5:1e:72:
93:46:6f:97:5e:31:b2:16:b7:b3:7c:cf:c7:1d:e2:d6:e4:86:
41:70:34:89:57:44:00:6b:ca:e9:27:aa:07:e6:9f:37:14:de:
ef:b4:58:24
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYmtcsZOWxitZJQIXXCLEgPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNzMxMTkzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTkyYzAyZGRkYmEzZTg3ZjVlMGVmM2RmOGJkZTY4N2NkOTk5N2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlS/q/Y9J715cqxXtoOLlOeaHKeP8
33rV5kVu00yQIfR3yHRyrotO5Z3DZTbBKQYVOODk4sUJBD6umy4cnh5qZ1O355HS
9pKmUE/GsIcYp/XVuqis2BbNfwNX4QHvMqXKC9qvDXIRwScVuzooN54X7CUjTfQO
wLiPMmQVBVRl9+NTs1btMJkF5Japl03ykWKrL+4LiZjseW8GiGw23I2ysoFdByW9
Ru2FY9lOX4k6UozsJCuDiuBDliSO9cnFzGNnRlLWhKfbioez9t2+LxTqFrX5mE99
FgSJlMPDcuhiIm45U6K9KEdRo8JZE1UdARjLEKbq6mmSnrBUgy98sO66RwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAWSwC3duj6H9eDvPfi95ofNmZf4MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvQlpMQUxkMjZQb2YxNE84OS1MM21oODJabF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATWkIAwQA
bXkjAwQAbXkrAwQAvP+GAwQAvP/OAwQA1EUAMA0GCSqGSIb3DQEBCwUAA4IBAQBf
ZGep3HJo71txdM28p30LOMLWEVpOVby895+q+tHWT+d/T+ZG9BOGR0SjQtLaXuhl
etV473GgHu79Ha2JWzqPPFdt18h+eTuWhryE2P0P0QL0re8OXqkXD/042Wqzq8ic
Kkmoqb6a9yq034T4+6/LqYbpSDxYtS1w5+5GjMC8damyUChKrvkRW1OLnxx2LFFl
5TXxXTJpDJ+i2NK6iJM/GXZ6RlRujS8Oeww3lAs5GCnEE2yGPGQ+Pdq3ZZRvaGbj
ysPcDsgzM7gp/Jgq0Tz/S8rvEUzFHnKTRm+XXjGyFrezfM/HHeLW5IZBcDSJV0QA
a8rpJ6oH5p83FN7vtFgk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:03 2024 by rpki-client on console-ams.rpki-client.org