Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/6ccf03-090d-416e-86cf-e9dc3f1cf824/1/BZXmWrW-69m4k2H34vv0tg_x1sA.roa
File: BZXmWrW-69m4k2H34vv0tg_x1sA.roa (raw, json)
Hash identifier: BNr6mTKZVmnOK05QpY4s2OuYGPPNgEWZr2Kv5CsPNxk=
Subject key identifier: 05:95:E6:5A:B5:BE:EB:D9:B8:93:61:F7:E2:FB:F4:B6:0F:F1:D6:C0
Certificate issuer: /CN=eba8db3b54d081c30bf51bdc7b19e4f6480b7f53
Certificate serial: 018CB63A88150A456A72C1197E8F3D27C495
Authority key identifier: EB:A8:DB:3B:54:D0:81:C3:0B:F5:1B:DC:7B:19:E4:F6:48:0B:7F:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/66jbO1TQgcML9Rvcexnk9kgLf1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/6ccf03-090d-416e-86cf-e9dc3f1cf824/1/BZXmWrW-69m4k2H34vv0tg_x1sA.roa
Signing time: Fri 29 Dec 2023 15:38:58 +0000
ROA not before: Fri 29 Dec 2023 15:38:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 185.192.36.0/23 maxlen: 23
185.192.36.0/22 maxlen: 22
185.192.38.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b6:3a:88:15:0a:45:6a:72:c1:19:7e:8f:3d:27:c4:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eba8db3b54d081c30bf51bdc7b19e4f6480b7f53
Validity
Not Before: Dec 29 15:38:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0595e65ab5beebd9b89361f7e2fbf4b60ff1d6c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ec:f2:bc:7c:19:9c:1d:aa:bb:33:53:fd:03:
2d:cb:31:96:55:f4:ea:8c:2a:f2:17:a1:ea:c8:5c:
89:31:c2:4b:94:7c:b6:b7:d2:c0:72:d7:fb:36:8a:
25:45:c3:90:95:79:dd:5d:4c:42:b4:64:47:93:32:
1e:a5:36:a5:35:4e:e4:24:78:3a:0b:3b:4c:7d:8f:
94:98:34:cc:9d:37:d1:4b:44:93:91:e7:b0:be:c2:
76:29:8d:3e:a3:4e:29:ae:ca:d7:f9:7d:ab:05:e1:
69:6a:92:c8:ee:71:45:7b:52:20:f7:dd:40:2b:f7:
53:df:12:4d:3d:e0:58:0a:11:f4:9f:aa:8f:f3:02:
98:15:ab:e8:23:03:a2:96:dc:21:e2:bf:6c:d3:f3:
3d:e0:87:41:19:d5:e6:e4:bc:79:d4:0e:ae:b4:c0:
03:ac:b9:4b:c8:c5:30:da:d5:1e:10:39:88:c7:b4:
62:4d:e0:b7:5f:c6:eb:f3:0d:9b:80:6b:a8:cf:3b:
ff:b5:6e:26:fa:80:8d:7a:30:2f:11:32:bd:8e:8a:
de:a2:6c:db:75:6f:17:49:3d:42:04:9e:51:5e:1a:
ee:e6:1d:44:03:78:c1:2f:44:7f:1c:8c:c6:50:b0:
73:ca:9d:1e:e8:fe:0f:2e:00:40:d9:a0:65:85:2d:
f8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:95:E6:5A:B5:BE:EB:D9:B8:93:61:F7:E2:FB:F4:B6:0F:F1:D6:C0
X509v3 Authority Key Identifier:
keyid:EB:A8:DB:3B:54:D0:81:C3:0B:F5:1B:DC:7B:19:E4:F6:48:0B:7F:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/66jbO1TQgcML9Rvcexnk9kgLf1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6ccf03-090d-416e-86cf-e9dc3f1cf824/1/BZXmWrW-69m4k2H34vv0tg_x1sA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6ccf03-090d-416e-86cf-e9dc3f1cf824/1/66jbO1TQgcML9Rvcexnk9kgLf1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.36.0/22
Signature Algorithm: sha256WithRSAEncryption
32:65:18:65:a2:bb:79:d7:44:4b:22:0c:0a:bc:30:59:a0:96:
6f:27:5e:da:a0:ad:74:58:a8:45:28:8c:53:a6:12:af:3f:0c:
7e:01:78:69:be:5a:b0:b0:e2:78:70:3a:ae:ca:d1:ab:6e:75:
eb:4b:70:ed:bc:cd:a0:0b:d3:42:51:49:67:ae:1a:00:76:8e:
d3:f6:14:83:df:ac:10:db:e4:06:3c:4e:f0:c6:83:c2:4e:f2:
51:53:1c:44:ba:ac:ec:85:b7:d8:6d:54:18:8a:00:53:f2:b2:
34:c9:e6:f1:4c:08:c0:63:d9:b8:97:f9:6e:b7:18:a2:c7:3f:
b7:03:91:ff:b2:cc:05:18:87:4d:e4:88:ee:74:52:71:cd:89:
b0:d5:a7:5c:a6:cc:87:e7:cf:e3:71:17:3d:b5:23:be:bf:d2:
f2:72:a2:d0:36:f1:70:37:1a:0a:64:19:2d:4e:8a:82:0e:a1:
28:04:d6:95:5c:2b:b8:8e:8e:3b:f6:c7:cf:e9:97:37:4e:b8:
01:f3:5c:3f:b2:86:90:05:f8:06:c3:e3:00:a4:58:91:6a:5c:
4c:8c:60:92:91:18:81:55:b2:29:8a:40:8e:89:5a:d9:a2:2d:
d4:f4:d9:d0:0d:68:bb:54:07:cf:5c:de:49:fc:41:5f:55:60:
e4:33:2a:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy2OogVCkVqcsEZfo89J8SVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYThkYjNiNTRkMDgxYzMwYmY1MWJkYzdiMTllNGY2NDgw
YjdmNTMwHhcNMjMxMjI5MTUzODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTk1ZTY1YWI1YmVlYmQ5Yjg5MzYxZjdlMmZiZjRiNjBmZjFkNmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmezyvHwZnB2quzNT/QMtyzGWVfTq
jCryF6HqyFyJMcJLlHy2t9LActf7NoolRcOQlXndXUxCtGRHkzIepTalNU7kJHg6
CztMfY+UmDTMnTfRS0STkeewvsJ2KY0+o04prsrX+X2rBeFpapLI7nFFe1Ig991A
K/dT3xJNPeBYChH0n6qP8wKYFavoIwOiltwh4r9s0/M94IdBGdXm5Lx51A6utMAD
rLlLyMUw2tUeEDmIx7RiTeC3X8br8w2bgGuozzv/tW4m+oCNejAvETK9joreomzb
dW8XST1CBJ5RXhru5h1EA3jBL0R/HIzGULBzyp0e6P4PLgBA2aBlhS345wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAWV5lq1vuvZuJNh9+L79LYP8dbAMB8GA1UdIwQY
MBaAFOuo2ztU0IHDC/Ub3HsZ5PZIC39TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjZqYk8xVFFnY01MOVJ2Y2V4bms5a2dMZjFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82Y2NmMDMtMDkwZC00MTZlLTg2Y2Yt
ZTlkYzNmMWNmODI0LzEvQlpYbVdyVy02OW00azJIMzR2djB0Z194MXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi82Y2NmMDMtMDkwZC00MTZlLTg2Y2YtZTlkYzNmMWNmODI0
LzEvNjZqYk8xVFFnY01MOVJ2Y2V4bms5a2dMZjFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucAkMA0G
CSqGSIb3DQEBCwUAA4IBAQAyZRhlort510RLIgwKvDBZoJZvJ17aoK10WKhFKIxT
phKvPwx+AXhpvlqwsOJ4cDquytGrbnXrS3DtvM2gC9NCUUlnrhoAdo7T9hSD36wQ
2+QGPE7wxoPCTvJRUxxEuqzshbfYbVQYigBT8rI0yebxTAjAY9m4l/lutxiixz+3
A5H/sswFGIdN5IjudFJxzYmw1adcpsyH58/jcRc9tSO+v9LycqLQNvFwNxoKZBkt
ToqCDqEoBNaVXCu4jo479sfP6Zc3TrgB81w/soaQBfgGw+MApFiRalxMjGCSkRiB
VbIpikCOiVrZoi3U9NnQDWi7VAfPXN5J/EFfVWDkMyqy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:25 2024 by rpki-client on console-ams.rpki-client.org