Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/BzB0kG-0JX8wIrEwp_B-6n5gG7g.roa
File: BzB0kG-0JX8wIrEwp_B-6n5gG7g.roa (raw, json)
Hash identifier: A3RuN8RcuHLWm7+jfmTdbpgtcyaEeURALmIb4trHjKQ=
Subject key identifier: 07:30:74:90:6F:B4:25:7F:30:22:B1:30:A7:F0:7E:EA:7E:60:1B:B8
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019375EEE346E3D0D9CE0BD015ED3E0CEF71
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/BzB0kG-0JX8wIrEwp_B-6n5gG7g.roa
Signing time: Fri 29 Nov 2024 03:20:10 +0000
ROA not before: Fri 29 Nov 2024 03:20:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 931
IP address blocks: 188.253.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Dec 2024 21:58:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:75:ee:e3:46:e3:d0:d9:ce:0b:d0:15:ed:3e:0c:ef:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Nov 29 03:20:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=073074906fb4257f3022b130a7f07eea7e601bb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:17:37:5c:f1:44:c9:9a:d8:9a:90:ec:7b:ad:
7c:08:96:94:95:e5:bb:da:0d:ef:43:13:f1:19:85:
96:8a:f8:95:7d:97:6c:7f:46:76:4f:c5:6f:a0:59:
41:bb:1f:5c:66:d8:ab:6b:a2:79:52:d0:4e:76:0c:
08:e2:52:d5:94:d0:21:69:e5:a1:5b:aa:2f:f7:55:
06:7c:ba:80:a4:f5:be:15:a9:bb:22:b3:2d:c5:11:
40:f7:40:dd:53:1a:ce:b3:ec:86:f9:4f:64:3f:36:
24:2a:75:20:f5:a9:aa:aa:3a:7a:94:61:8b:9d:cb:
88:ec:bb:f8:4b:84:3a:42:ec:cc:22:07:62:aa:ac:
37:e0:de:cc:56:61:92:1e:97:aa:82:65:69:c4:18:
91:2c:0d:15:63:7e:f0:7e:ec:71:5a:db:e8:1a:d7:
ee:92:27:e2:f7:03:84:40:e3:5c:0f:6d:6c:a9:45:
c0:be:10:28:10:fa:5e:9f:c2:f8:a5:bd:0c:dd:46:
b8:08:d7:61:02:c6:9c:5b:f5:b2:a0:74:a0:89:02:
f4:be:14:e6:c2:65:cf:4d:5f:c0:e0:f0:3c:e7:63:
6f:c5:9f:aa:eb:4e:64:fe:51:78:d3:a1:b4:f0:9c:
95:c4:4f:7f:06:07:fa:2a:81:20:fc:2c:31:f2:2d:
18:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:30:74:90:6F:B4:25:7F:30:22:B1:30:A7:F0:7E:EA:7E:60:1B:B8
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/BzB0kG-0JX8wIrEwp_B-6n5gG7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.253.28.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:93:db:86:39:58:30:7e:56:23:d3:de:1e:06:c9:5b:18:aa:
41:3b:18:60:24:a6:c1:de:93:60:a1:e1:be:fc:5a:9d:1b:81:
84:87:ba:0f:45:0e:fa:d8:ed:c4:5f:26:4a:0e:8e:40:68:b6:
c3:8f:53:ca:98:58:af:a5:70:29:21:f7:8b:90:93:6a:51:eb:
98:78:ee:cc:f6:cc:f8:ca:80:a6:1a:d0:ab:cb:4d:36:b0:f4:
d8:96:71:95:3c:c2:5f:db:a1:13:8b:c5:35:2e:1f:65:54:8e:
a1:41:6f:d1:35:30:29:ff:e9:9a:9f:43:ca:7b:a1:dc:db:74:
80:42:d8:32:7c:77:96:21:1a:b6:0c:46:33:6e:f6:46:23:99:
b4:1b:86:3e:41:c8:08:80:bb:92:8f:98:c6:7b:de:e5:d3:b9:
af:dd:29:c6:06:4c:5c:e0:e2:0b:00:d6:bb:9e:31:fc:51:66:
d8:f6:85:ae:9e:f1:61:6e:78:d8:dd:d3:7c:1e:81:cf:43:51:
2f:ed:39:1d:ea:68:f1:e5:47:38:3a:e8:10:fe:61:0e:bf:10:
36:cd:e0:52:24:8d:c9:cf:d3:b7:1f:a5:5c:3d:f4:e0:b1:40:
fc:ea:75:67:74:e9:07:cb:e1:d0:96:6a:36:19:63:43:26:3e:
c5:39:aa:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZN17uNG49DZzgvQFe0+DO9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQxMTI5MDMyMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzMwNzQ5MDZmYjQyNTdmMzAyMmIxMzBhN2YwN2VlYTdlNjAxYmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRc3XPFEyZrYmpDse618CJaUleW7
2g3vQxPxGYWWiviVfZdsf0Z2T8VvoFlBux9cZtira6J5UtBOdgwI4lLVlNAhaeWh
W6ov91UGfLqApPW+Fam7IrMtxRFA90DdUxrOs+yG+U9kPzYkKnUg9amqqjp6lGGL
ncuI7Lv4S4Q6QuzMIgdiqqw34N7MVmGSHpeqgmVpxBiRLA0VY37wfuxxWtvoGtfu
kifi9wOEQONcD21sqUXAvhAoEPpen8L4pb0M3Ua4CNdhAsacW/WyoHSgiQL0vhTm
wmXPTV/A4PA852NvxZ+q605k/lF406G08JyVxE9/Bgf6KoEg/Cwx8i0YdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAcwdJBvtCV/MCKxMKfwfup+YBu4MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvQnpCMGtHLTBKWDh3SXJFd3BfQi02bjVnRzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvP0cMA0G
CSqGSIb3DQEBCwUAA4IBAQC2k9uGOVgwflYj094eBslbGKpBOxhgJKbB3pNgoeG+
/FqdG4GEh7oPRQ762O3EXyZKDo5AaLbDj1PKmFivpXApIfeLkJNqUeuYeO7M9sz4
yoCmGtCry002sPTYlnGVPMJf26ETi8U1Lh9lVI6hQW/RNTAp/+man0PKe6Hc23SA
QtgyfHeWIRq2DEYzbvZGI5m0G4Y+QcgIgLuSj5jGe97l07mv3SnGBkxc4OILANa7
njH8UWbY9oWunvFhbnjY3dN8HoHPQ1Ev7Tkd6mjx5Uc4OugQ/mEOvxA2zeBSJI3J
z9O3H6VcPfTgsUD86nVndOkHy+HQlmo2GWNDJj7FOao0
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:44:44 2025 by rpki-client