Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/BzjN_NXMpQxZV9AAHHOK1-1-qIk.roa
File: BzjN_NXMpQxZV9AAHHOK1-1-qIk.roa (raw, json)
Hash identifier: obMCIwHKB8LwCPwCtIflrCvgOhMkq2r8Uq3agqBz0F8=
Subject key identifier: 07:38:CD:FC:D5:CC:A5:0C:59:57:D0:00:1C:73:8A:D7:ED:7E:A8:89
Certificate issuer: /CN=5f0fd90d987297cb5dd4e07be840d280d1e2cc4a
Certificate serial: 018CC4922F9B24CC434EDA501E16E54CA1E0
Authority key identifier: 5F:0F:D9:0D:98:72:97:CB:5D:D4:E0:7B:E8:40:D2:80:D1:E2:CC:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xw_ZDZhyl8td1OB76EDSgNHizEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/BzjN_NXMpQxZV9AAHHOK1-1-qIk.roa
Signing time: Mon 01 Jan 2024 10:29:23 +0000
ROA not before: Mon 01 Jan 2024 10:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2001:67c:1980::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:2f:9b:24:cc:43:4e:da:50:1e:16:e5:4c:a1:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f0fd90d987297cb5dd4e07be840d280d1e2cc4a
Validity
Not Before: Jan 1 10:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0738cdfcd5cca50c5957d0001c738ad7ed7ea889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:05:49:14:07:49:eb:53:76:d1:00:6d:e9:1c:
d6:ec:cb:fb:99:cd:7e:25:73:6e:0c:b9:c2:7d:b2:
e1:cd:da:23:bd:d0:21:bc:c2:7f:b9:4f:e2:3f:25:
ee:e2:40:d4:0a:60:31:43:32:22:ad:c1:73:de:3f:
43:e8:67:60:b2:79:8e:86:40:0a:c3:ad:e6:95:3d:
21:9d:4c:aa:9a:5f:2d:e3:38:93:49:9d:b2:35:fe:
39:55:06:b5:ed:3b:e7:c2:0b:74:00:ca:fc:72:d8:
5f:65:e9:8a:36:ea:2b:cf:d6:1c:8e:da:43:73:64:
8f:52:57:4b:99:d5:2b:73:dc:e3:27:af:3c:ff:4e:
79:f1:92:84:83:ad:90:4a:a8:e0:58:d4:94:f2:1d:
57:01:ea:be:66:d4:a6:7f:0a:d9:01:da:34:92:17:
b4:15:26:85:36:b7:6a:48:ee:14:36:e3:a9:04:fb:
58:3e:74:76:e0:b1:67:5a:e0:ca:17:6f:39:0c:ac:
7b:66:36:ea:7d:b2:6f:ae:97:9a:0a:1f:34:ac:84:
d2:1b:c9:ba:b6:ab:97:06:1a:a0:b0:43:7b:22:5f:
f9:cf:e1:d7:ee:68:82:04:a7:3e:1a:57:b2:dd:5d:
c1:d6:31:cc:3e:4d:22:ca:85:94:f4:6c:22:22:f7:
6e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:38:CD:FC:D5:CC:A5:0C:59:57:D0:00:1C:73:8A:D7:ED:7E:A8:89
X509v3 Authority Key Identifier:
keyid:5F:0F:D9:0D:98:72:97:CB:5D:D4:E0:7B:E8:40:D2:80:D1:E2:CC:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xw_ZDZhyl8td1OB76EDSgNHizEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/BzjN_NXMpQxZV9AAHHOK1-1-qIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/Xw_ZDZhyl8td1OB76EDSgNHizEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1980::/48
Signature Algorithm: sha256WithRSAEncryption
ac:69:0e:91:74:97:c2:1f:e3:d4:3d:34:54:c0:2a:bc:9f:42:
9e:cd:90:19:8b:8d:2b:42:00:10:72:7f:3b:05:c4:0e:59:f6:
80:63:9e:8e:20:09:e9:06:95:c2:96:d0:7f:fa:81:bd:46:dd:
0b:c0:b6:e8:c0:a6:90:11:dd:dc:b7:6a:fd:ce:98:e7:9f:5e:
20:ca:f2:70:37:1d:29:10:67:a9:b2:dc:de:51:01:3a:d3:27:
07:8e:6b:68:11:92:45:b4:8d:67:75:29:99:d8:b7:a1:97:eb:
a2:6b:50:a5:e2:9f:fd:45:69:2a:57:18:f2:86:8c:71:13:90:
0b:6a:ab:23:22:ae:77:66:e8:82:8f:a0:ca:52:04:7a:f7:f5:
8b:1d:b7:d9:c1:bf:ad:cd:82:1d:fe:22:7b:04:69:88:c0:4e:
86:dc:46:49:65:6e:a3:5d:02:ea:b3:e2:62:9c:f1:17:20:59:
df:9f:ae:00:ff:86:ed:58:1b:1b:f0:0c:2e:17:0f:4a:54:61:
7c:1d:b4:1c:49:f1:9c:78:94:ec:38:84:b4:95:a3:43:34:3c:
c8:89:3f:13:20:ab:03:be:cf:45:49:1c:80:3b:24:f6:70:0f:
5b:7a:37:42:ec:7e:6b:9d:71:90:bf:bf:3c:8f:29:95:b7:d2:
11:af:68:9b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEki+bJMxDTtpQHhblTKHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMGZkOTBkOTg3Mjk3Y2I1ZGQ0ZTA3YmU4NDBkMjgwZDFl
MmNjNGEwHhcNMjQwMTAxMTAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzM4Y2RmY2Q1Y2NhNTBjNTk1N2QwMDAxYzczOGFkN2VkN2VhODg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQVJFAdJ61N20QBt6RzW7Mv7mc1+
JXNuDLnCfbLhzdojvdAhvMJ/uU/iPyXu4kDUCmAxQzIircFz3j9D6GdgsnmOhkAK
w63mlT0hnUyqml8t4ziTSZ2yNf45VQa17Tvnwgt0AMr8cthfZemKNuorz9YcjtpD
c2SPUldLmdUrc9zjJ688/0558ZKEg62QSqjgWNSU8h1XAeq+ZtSmfwrZAdo0khe0
FSaFNrdqSO4UNuOpBPtYPnR24LFnWuDKF285DKx7ZjbqfbJvrpeaCh80rITSG8m6
tquXBhqgsEN7Il/5z+HX7miCBKc+Gley3V3B1jHMPk0iyoWU9GwiIvduMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAc4zfzVzKUMWVfQABxzitftfqiJMB8GA1UdIwQY
MBaAFF8P2Q2YcpfLXdTge+hA0oDR4sxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdfWkRaaHlsOHRkMU9CNzZFRFNnTkhpekVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mNjZjYTktM2JkYy00Mjk0LWFkNjIt
N2JjZWZhOWY1OWU4LzEvQnpqTl9OWE1wUXhaVjlBQUhIT0sxLTEtcUlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mNjZjYTktM2JkYy00Mjk0LWFkNjItN2JjZWZhOWY1OWU4
LzEvWHdfWkRaaHlsOHRkMU9CNzZFRFNnTkhpekVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBmA
MA0GCSqGSIb3DQEBCwUAA4IBAQCsaQ6RdJfCH+PUPTRUwCq8n0KezZAZi40rQgAQ
cn87BcQOWfaAY56OIAnpBpXCltB/+oG9Rt0LwLbowKaQEd3ct2r9zpjnn14gyvJw
Nx0pEGepstzeUQE60ycHjmtoEZJFtI1ndSmZ2Lehl+uia1Cl4p/9RWkqVxjyhoxx
E5ALaqsjIq53ZuiCj6DKUgR69/WLHbfZwb+tzYId/iJ7BGmIwE6G3EZJZW6jXQLq
s+JinPEXIFnfn64A/4btWBsb8AwuFw9KVGF8HbQcSfGceJTsOIS0laNDNDzIiT8T
IKsDvs9FSRyAOyT2cA9bejdC7H5rnXGQv788jymVt9IRr2ib
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:10:06 2025 by rpki-client