Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/bzsMGZpLJn_LrmPSUtIHguIYCNs.roa
File: bzsMGZpLJn_LrmPSUtIHguIYCNs.roa (raw, json)
Hash identifier: AMNPeX+/+Rw+qphw1S5NL9y7q/g+JgkI0djvA1xJZMw=
Subject key identifier: 6F:3B:0C:19:9A:4B:26:7F:CB:AE:63:D2:52:D2:07:82:E2:18:08:DB
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01871A93CE41C94D95AC2510D2BC6534FF0D
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/bzsMGZpLJn_LrmPSUtIHguIYCNs.roa
Signing time: Sat 25 Mar 2023 21:01:46 +0000
ROA not before: Sat 25 Mar 2023 21:01:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 194.28.156.0/24 maxlen: 24
194.28.158.0/24 maxlen: 24
194.104.4.0/24 maxlen: 24
185.177.78.0/23 maxlen: 24
212.69.132.0/24 maxlen: 24
194.104.5.0/24 maxlen: 24
194.104.6.0/24 maxlen: 24
212.69.133.0/24 maxlen: 24
212.69.134.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1a:93:ce:41:c9:4d:95:ac:25:10:d2:bc:65:34:ff:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 25 21:01:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f3b0c199a4b267fcbae63d252d20782e21808db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:81:59:16:78:d8:6f:5a:58:84:56:d9:ba:f6:
03:99:2a:e2:e7:45:6e:2c:55:9c:0d:11:65:b6:60:
11:9e:c7:89:24:e4:9a:7b:29:75:64:8c:f5:60:33:
d0:03:9c:1d:1a:ab:47:88:31:ca:f6:84:08:91:c1:
57:de:55:09:ab:bb:6d:8c:ea:5f:19:ea:f1:6d:eb:
05:1b:a2:53:04:2d:d4:f0:6b:28:bc:3d:47:31:ee:
fa:9e:d9:42:5c:b5:5d:1d:41:1b:70:b8:81:b0:ea:
92:89:0b:1f:9d:f0:b9:45:57:1d:b1:5a:4e:2d:27:
86:d7:05:1b:90:ce:81:13:f4:72:d8:9d:bc:4a:fb:
6e:96:2e:6f:e2:e7:5d:98:f7:62:bb:1d:9b:23:04:
0b:11:26:01:a1:b2:0d:1b:fc:c6:11:35:77:50:fb:
dd:86:e1:21:77:42:bc:8a:da:24:72:3f:c0:a9:5d:
5f:b5:a5:0f:88:21:6c:8a:14:ae:5e:ab:21:db:b8:
58:f5:3f:4b:99:94:a1:b0:8e:fa:09:f5:2f:5c:83:
8f:43:27:a0:cb:e0:e9:13:97:7e:39:45:01:f8:c9:
a8:e9:ad:78:c6:e7:36:69:09:22:5f:5d:3e:51:db:
c5:00:fc:0f:3a:5a:c0:4d:b1:c0:4b:62:6e:be:d3:
7f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:3B:0C:19:9A:4B:26:7F:CB:AE:63:D2:52:D2:07:82:E2:18:08:DB
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/bzsMGZpLJn_LrmPSUtIHguIYCNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.78.0/23
194.28.156.0/24
194.28.158.0/24
194.104.4.0-194.104.6.255
212.69.132.0-212.69.134.255
Signature Algorithm: sha256WithRSAEncryption
6c:41:9b:25:23:86:ec:8b:ea:f5:08:68:7b:e1:c6:71:71:27:
50:0b:01:90:7e:da:dd:60:ea:93:1a:cb:30:ea:61:e2:df:13:
62:bc:5d:9e:6b:67:9b:31:bf:fa:54:be:c6:3b:1b:a6:5c:28:
ac:c7:64:56:70:a9:a0:0f:5b:8b:cc:00:d0:4b:0a:23:d7:9b:
d1:10:82:9e:2c:3c:99:91:69:62:22:59:dd:26:93:97:5c:47:
70:e9:23:f0:6c:47:44:6f:9c:93:d1:c9:6f:d3:6a:73:e4:d1:
51:fb:5c:c0:19:21:c6:4b:eb:9a:8d:96:d5:49:ca:a5:ee:41:
25:7f:63:09:54:a4:63:9e:36:79:67:72:4d:06:b0:d1:2a:9e:
28:65:50:54:66:02:93:9e:ba:b3:1b:13:21:56:ea:1a:32:9c:
8b:2e:39:d0:aa:6c:09:71:05:89:0f:1e:50:e1:88:53:9e:05:
cb:c3:ae:00:f5:88:d9:d3:f8:90:61:36:80:26:5b:d5:2a:f4:
98:60:cd:41:89:96:6c:93:a4:ae:e2:64:89:1a:22:34:71:94:
35:4a:e2:bc:d6:8c:31:8b:59:74:43:fa:68:f4:00:9e:0c:ef:
2f:2b:50:5f:9e:72:4f:c6:2b:e3:10:53:18:96:53:33:c3:99:
15:6b:65:3f
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYcak85ByU2VrCUQ0rxlNP8NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzI1MjEwMTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjNiMGMxOTlhNGIyNjdmY2JhZTYzZDI1MmQyMDc4MmUyMTgwOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIFZFnjYb1pYhFbZuvYDmSri50Vu
LFWcDRFltmARnseJJOSaeyl1ZIz1YDPQA5wdGqtHiDHK9oQIkcFX3lUJq7ttjOpf
GerxbesFG6JTBC3U8GsovD1HMe76ntlCXLVdHUEbcLiBsOqSiQsfnfC5RVcdsVpO
LSeG1wUbkM6BE/Ry2J28Svtuli5v4uddmPdiux2bIwQLESYBobING/zGETV3UPvd
huEhd0K8itokcj/AqV1ftaUPiCFsihSuXqsh27hY9T9LmZShsI76CfUvXIOPQyeg
y+DpE5d+OUUB+Mmo6a14xuc2aQkiX10+UdvFAPwPOlrATbHAS2JuvtN/uQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFG87DBmaSyZ/y65j0lLSB4LiGAjbMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvYnpzTUdacExKbl9Mcm1QU1V0SUhndUlZQ05zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQBubFOAwQA
whycAwQAwhyeMAwDBALCaAQDBADCaAYwDAMEAtRFhAMEANRFhjANBgkqhkiG9w0B
AQsFAAOCAQEAbEGbJSOG7Ivq9Qhoe+HGcXEnUAsBkH7a3WDqkxrLMOph4t8TYrxd
nmtnmzG/+lS+xjsbplworMdkVnCpoA9bi8wA0EsKI9eb0RCCniw8mZFpYiJZ3SaT
l1xHcOkj8GxHRG+ck9HJb9Nqc+TRUftcwBkhxkvrmo2W1UnKpe5BJX9jCVSkY542
eWdyTQaw0SqeKGVQVGYCk566sxsTIVbqGjKciy450KpsCXEFiQ8eUOGIU54Fy8Ou
APWI2dP4kGE2gCZb1Sr0mGDNQYmWbJOkruJkiRoiNHGUNUrivNaMMYtZdEP6aPQA
ngzvLytQX55yT8Yr4xBTGJZTM8OZFWtlPw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:24 2023 by rpki-client on console-ams.rpki-client.org