Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/BzHVrdVodb4CLtlRcS2n4-6Q-8k.roa
File: BzHVrdVodb4CLtlRcS2n4-6Q-8k.roa (raw, json)
Hash identifier: dgBDetiNoCdAtSHnuNeDksI3cVmvRNrjPSzisdiEX/A=
Subject key identifier: 07:31:D5:AD:D5:68:75:BE:02:2E:D9:51:71:2D:A7:E3:EE:90:FB:C9
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018D547B3FDBD7595B86F0BCECB6F08D037E
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/BzHVrdVodb4CLtlRcS2n4-6Q-8k.roa
Signing time: Mon 29 Jan 2024 09:09:39 +0000
ROA not before: Mon 29 Jan 2024 09:09:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 79.175.95.0/24 maxlen: 24
79.175.96.0/24 maxlen: 24
109.121.33.0/24 maxlen: 24
109.121.36.0/24 maxlen: 24
109.121.37.0/24 maxlen: 24
109.121.38.0/24 maxlen: 24
109.121.39.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.121.42.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.121.45.0/24 maxlen: 24
109.121.47.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
178.253.237.0/24 maxlen: 24
188.255.128.0/24 maxlen: 24
188.255.212.0/24 maxlen: 24
212.69.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 18:06:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:54:7b:3f:db:d7:59:5b:86:f0:bc:ec:b6:f0:8d:03:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 29 09:09:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0731d5add56875be022ed951712da7e3ee90fbc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:41:ba:7d:26:b5:24:c3:b6:28:3f:f3:4d:92:
ab:20:81:ff:20:dc:a4:47:84:32:cb:7c:13:e5:cd:
05:fe:03:6a:87:74:1f:11:d3:36:ef:a0:ee:d7:cf:
74:d6:6a:99:1b:23:d2:51:c1:f7:09:9e:00:54:35:
9a:9b:1a:88:e9:7f:2e:1c:ba:d6:94:80:b3:b0:a5:
4b:a6:76:db:5a:81:b3:0e:d2:61:3c:81:41:f7:30:
51:6f:49:12:5a:a5:fc:a4:47:aa:75:f1:a5:3e:67:
dd:62:80:05:3c:d7:72:db:eb:16:25:60:d5:46:f7:
4b:d4:a0:57:4a:36:80:f7:36:04:6d:59:cd:02:fe:
71:32:df:89:9c:c0:18:77:c9:57:71:22:6f:21:1d:
7b:5e:5d:25:f7:56:a3:62:12:0a:2b:30:33:0c:43:
14:0d:c8:2c:a9:b3:d9:7a:33:1a:64:ec:b9:de:6b:
ef:01:02:ec:44:f6:e3:dc:13:74:e8:21:38:83:ab:
e4:dc:b2:b0:94:e0:1b:ca:17:e1:70:17:d1:1d:b8:
4b:74:2a:ce:bb:33:13:a2:49:80:2d:b8:fe:98:28:
93:ea:46:67:af:56:12:a7:79:92:8b:06:fc:41:7e:
e5:39:2e:83:e1:1d:c8:a8:21:c4:4d:9c:09:d3:68:
b9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:31:D5:AD:D5:68:75:BE:02:2E:D9:51:71:2D:A7:E3:EE:90:FB:C9
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/BzHVrdVodb4CLtlRcS2n4-6Q-8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.175.95.0-79.175.96.255
109.121.33.0/24
109.121.36.0-109.121.40.255
109.121.42.0/23
109.121.45.0/24
109.121.47.0/24
109.233.184.0/23
178.253.237.0/24
188.255.128.0/24
188.255.212.0/24
212.69.11.0/24
Signature Algorithm: sha256WithRSAEncryption
62:a5:63:de:2c:2f:ff:ee:8e:5b:6b:b4:92:f8:44:3b:24:1a:
0d:61:a3:ff:3f:7e:37:98:f7:bb:43:49:f3:3a:2e:35:75:0d:
03:55:85:cc:2e:e2:71:f2:bd:32:67:57:30:88:b0:b8:17:aa:
40:31:1f:be:ab:5d:48:20:7d:e9:a2:89:c3:49:e6:12:64:d2:
5f:5d:38:aa:4f:08:8e:ea:81:f8:3d:38:5e:60:12:99:74:77:
80:d3:87:ef:9d:d2:47:df:6e:e6:57:84:62:6a:bd:da:40:2c:
9b:87:c9:42:00:02:0d:2a:f2:c2:11:b0:72:2a:53:92:f3:2d:
75:69:60:8f:c5:98:57:a9:34:f9:35:09:87:1a:41:15:3b:0f:
86:83:ec:e4:a1:ee:09:f9:17:24:ac:d8:b1:30:78:a9:89:f5:
34:df:6e:e8:f5:28:c1:03:9b:22:ac:9f:82:dd:fc:ac:01:46:
45:11:c9:60:2f:da:9b:66:da:e7:69:ed:86:1f:65:1a:c1:c2:
c7:0e:8c:01:4d:04:f3:ba:be:6f:73:53:b3:d6:37:2c:b0:f0:
40:51:56:6c:71:19:6e:44:d1:8f:2e:3c:c9:7c:d7:45:9e:00:
65:ca:2d:e8:49:26:a0:c7:51:39:23:66:60:43:5b:61:f5:f9:
59:8a:f2:01
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY1Uez/b11lbhvC87LbwjQN+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMTI5MDkwOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzMxZDVhZGQ1Njg3NWJlMDIyZWQ5NTE3MTJkYTdlM2VlOTBmYmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkG6fSa1JMO2KD/zTZKrIIH/INyk
R4Qyy3wT5c0F/gNqh3QfEdM276Du18901mqZGyPSUcH3CZ4AVDWamxqI6X8uHLrW
lICzsKVLpnbbWoGzDtJhPIFB9zBRb0kSWqX8pEeqdfGlPmfdYoAFPNdy2+sWJWDV
RvdL1KBXSjaA9zYEbVnNAv5xMt+JnMAYd8lXcSJvIR17Xl0l91ajYhIKKzAzDEMU
DcgsqbPZejMaZOy53mvvAQLsRPbj3BN06CE4g6vk3LKwlOAbyhfhcBfRHbhLdCrO
uzMTokmALbj+mCiT6kZnr1YSp3mSiwb8QX7lOS6D4R3IqCHETZwJ02i55QIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFAcx1a3VaHW+Ai7ZUXEtp+PukPvJMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvQnpIVnJkVm9kYjRDTHRsUmNTMm40LTZRLThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSMAwDBABPr18D
BABPr2ADBABteSEwDAMEAm15JAMEAG15KAMEAW15KgMEAG15LQMEAG15LwMEAW3p
uAMEALL97QMEALz/gAMEALz/1AMEANRFCzANBgkqhkiG9w0BAQsFAAOCAQEAYqVj
3iwv/+6OW2u0kvhEOyQaDWGj/z9+N5j3u0NJ8zouNXUNA1WFzC7icfK9MmdXMIiw
uBeqQDEfvqtdSCB96aKJw0nmEmTSX104qk8IjuqB+D04XmASmXR3gNOH753SR99u
5leEYmq92kAsm4fJQgACDSrywhGwcipTkvMtdWlgj8WYV6k0+TUJhxpBFTsPhoPs
5KHuCfkXJKzYsTB4qYn1NN9u6PUowQObIqyfgt38rAFGRRHJYC/am2ba52nthh9l
GsHCxw6MAU0E87q+b3NTs9Y3LLDwQFFWbHEZbkTRjy48yXzXRZ4AZcot6EkmoMdR
OSNmYENbYfX5WYryAQ==
-----END CERTIFICATE-----
Generated at Mon Jan 29 22:26:41 2024 by rpki-client on console-fra.rpki-client.org