Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/BZw6Ep6IB_p_wY29isvgz1uaeGs.roa
File: BZw6Ep6IB_p_wY29isvgz1uaeGs.roa (raw, json)
Hash identifier: /mSQf0iJKO/IDLhcG5k7t5aMsl/FKAKLquvfJRHfiHo=
Subject key identifier: 05:9C:3A:12:9E:88:07:FA:7F:C1:8D:BD:8A:CB:E0:CF:5B:9A:78:6B
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A399ABCE2539D50E2FD2042C70265
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/BZw6Ep6IB_p_wY29isvgz1uaeGs.roa
Signing time: Tue 02 Jan 2024 12:33:34 +0000
ROA not before: Tue 02 Jan 2024 12:33:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201469
IP address blocks: 31.148.21.0/24 maxlen: 24
31.148.31.0/24 maxlen: 24
95.46.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:39:9a:bc:e2:53:9d:50:e2:fd:20:42:c7:02:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=059c3a129e8807fa7fc18dbd8acbe0cf5b9a786b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:87:a9:41:81:d5:4d:e7:8a:7b:45:ed:d6:b6:
8b:55:89:cf:4b:ed:f3:03:02:08:5b:d1:52:ec:17:
d1:cd:46:61:0a:19:6b:ad:89:c1:5c:36:eb:fe:b0:
2e:f3:b0:b6:74:54:d5:70:ab:ab:40:49:1c:d3:c4:
2e:a0:f0:d7:fd:c7:fc:45:3d:4f:24:35:2e:04:a2:
ce:28:63:91:56:b3:76:5a:b4:a3:35:8e:a5:a2:7f:
59:c1:78:d4:ff:1b:c3:cb:bd:a2:64:0d:28:00:77:
87:09:56:da:d8:a2:14:7c:eb:97:21:47:63:ac:14:
9e:fb:cf:82:2e:16:fa:cf:c0:ce:c2:a8:74:b7:c7:
05:42:df:c3:d4:a7:0a:58:fc:8f:b3:81:53:43:54:
87:65:61:27:cf:91:cf:bc:13:89:2e:ba:b6:d5:14:
35:b6:e2:3b:2a:29:f9:51:e0:6a:2c:a8:bd:7d:e8:
62:f6:f5:38:17:28:e3:41:10:46:05:5e:bd:72:3d:
12:05:cb:c1:c4:05:84:dd:34:62:ec:8a:fb:db:d4:
47:3e:ab:06:e0:7b:ff:21:3c:6f:46:b6:3a:4c:2b:
56:6d:2d:43:27:95:5f:82:cd:26:4a:66:ee:2b:72:
ed:67:4a:97:fd:b2:a6:c7:d5:07:2f:a7:06:36:da:
78:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:9C:3A:12:9E:88:07:FA:7F:C1:8D:BD:8A:CB:E0:CF:5B:9A:78:6B
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/BZw6Ep6IB_p_wY29isvgz1uaeGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.21.0/24
31.148.31.0/24
95.46.4.0/24
Signature Algorithm: sha256WithRSAEncryption
83:01:ee:76:c4:68:d8:a0:22:b4:f5:d1:74:19:b2:01:8b:95:
4d:76:29:76:5c:68:18:28:0b:63:10:75:3d:a6:86:c2:d5:93:
05:fd:7d:a2:2f:fc:4c:70:b9:40:4d:ba:b0:68:f5:90:6e:da:
7a:e4:02:42:e4:6b:8a:a8:76:4d:26:f3:46:54:ae:3b:ac:0d:
08:aa:0e:68:c9:11:99:b7:c3:0e:3e:03:d9:b8:37:81:0c:73:
ef:85:15:eb:2c:5f:59:ef:26:4f:dc:af:75:6d:e5:05:9b:08:
9f:ca:17:e0:4e:45:53:80:7b:ff:0c:f8:78:2d:b3:a4:78:07:
97:32:ab:f9:60:5b:ae:32:bf:41:f9:c7:9a:c4:c7:10:d7:4f:
1f:f8:02:83:ee:d6:ed:34:c1:8a:26:13:3f:9a:b1:39:5d:77:
ad:c5:df:f4:b7:26:92:df:da:bc:b1:7e:5c:87:18:74:94:b3:
be:da:b1:50:75:7a:13:46:d4:6d:3f:4d:95:2c:46:09:49:a8:
a0:64:f7:36:e3:cc:53:d8:ac:63:75:1f:4e:db:32:c3:d3:3e:
94:98:78:2d:66:f3:a4:61:8d:22:7e:fd:6b:c7:c6:ed:db:b4:
43:6a:17:ac:20:5c:1d:83:a1:a8:18:92:c8:33:6b:fd:90:99:
b4:bf:b7:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKjmavOJTnVDi/SBCxwJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTljM2ExMjllODgwN2ZhN2ZjMThkYmQ4YWNiZTBjZjViOWE3ODZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIepQYHVTeeKe0Xt1raLVYnPS+3z
AwIIW9FS7BfRzUZhChlrrYnBXDbr/rAu87C2dFTVcKurQEkc08QuoPDX/cf8RT1P
JDUuBKLOKGORVrN2WrSjNY6lon9ZwXjU/xvDy72iZA0oAHeHCVba2KIUfOuXIUdj
rBSe+8+CLhb6z8DOwqh0t8cFQt/D1KcKWPyPs4FTQ1SHZWEnz5HPvBOJLrq21RQ1
tuI7Kin5UeBqLKi9fehi9vU4FyjjQRBGBV69cj0SBcvBxAWE3TRi7Ir729RHPqsG
4Hv/ITxvRrY6TCtWbS1DJ5Vfgs0mSmbuK3LtZ0qX/bKmx9UHL6cGNtp4UQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAWcOhKeiAf6f8GNvYrL4M9bmnhrMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvQlp3NkVwNklCX3Bfd1kyOWlzdmd6MXVhZUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH5QVAwQA
H5QfAwQAXy4EMA0GCSqGSIb3DQEBCwUAA4IBAQCDAe52xGjYoCK09dF0GbIBi5VN
dil2XGgYKAtjEHU9pobC1ZMF/X2iL/xMcLlATbqwaPWQbtp65AJC5GuKqHZNJvNG
VK47rA0Iqg5oyRGZt8MOPgPZuDeBDHPvhRXrLF9Z7yZP3K91beUFmwifyhfgTkVT
gHv/DPh4LbOkeAeXMqv5YFuuMr9B+ceaxMcQ108f+AKD7tbtNMGKJhM/mrE5XXet
xd/0tyaS39q8sX5chxh0lLO+2rFQdXoTRtRtP02VLEYJSaigZPc248xT2KxjdR9O
2zLD0z6UmHgtZvOkYY0ifv1rx8bt27RDahesIFwdg6GoGJLIM2v9kJm0v7ez
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:48:39 2025 by rpki-client