Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/BwzivSMoRDfPAhKRCD-J1x_VLwc.roa
File: BwzivSMoRDfPAhKRCD-J1x_VLwc.roa (raw, json)
Hash identifier: LHC4oFEiH7slj7uRANBq6FCuR1AaPYSd7b0D9VJsXT8=
Subject key identifier: 07:0C:E2:BD:23:28:44:37:CF:02:12:91:08:3F:89:D7:1F:D5:2F:07
Certificate issuer: /CN=67920420f722f7d7f3c4b25a80e17d7290171180
Certificate serial: 01856CCAD2194DAA882EB894F334117D16E4
Authority key identifier: 67:92:04:20:F7:22:F7:D7:F3:C4:B2:5A:80:E1:7D:72:90:17:11:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5IEIPci99fzxLJagOF9cpAXEYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/BwzivSMoRDfPAhKRCD-J1x_VLwc.roa
Signing time: Sun 01 Jan 2023 10:05:09 +0000
ROA not before: Sun 01 Jan 2023 10:05:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8280
IP address blocks: 185.82.36.0/24 maxlen: 32
185.82.38.0/24 maxlen: 32
185.82.36.0/22 maxlen: 24
185.82.37.0/24 maxlen: 32
185.82.39.0/24 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:d2:19:4d:aa:88:2e:b8:94:f3:34:11:7d:16:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67920420f722f7d7f3c4b25a80e17d7290171180
Validity
Not Before: Jan 1 10:05:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=070ce2bd23284437cf021291083f89d71fd52f07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4f:4f:04:02:d8:86:98:43:7f:69:82:63:49:
86:4b:01:f1:be:a6:cd:35:4a:d1:f0:c9:46:f0:42:
62:fe:11:f5:ea:c0:c8:de:27:63:01:90:0f:1f:68:
bd:2e:d6:db:39:65:18:38:97:08:36:54:c7:f1:c6:
e8:51:e7:b3:2b:ad:6d:43:e6:da:13:ac:1e:1b:21:
38:88:f9:47:c2:9e:84:05:3c:01:8f:bd:31:a6:1a:
eb:a7:34:17:e5:86:6d:fc:7c:47:c4:2e:9b:19:0d:
ec:5f:86:b0:fe:34:3b:4e:65:ca:91:ee:d1:24:64:
63:34:fd:69:7a:24:8c:1b:98:43:e0:7e:1f:5f:c6:
7a:ee:1b:5c:b1:38:d3:bb:7e:4f:a9:92:4e:98:f9:
a7:9a:da:65:49:6b:6c:f7:67:d9:98:fe:cd:2d:a1:
39:08:51:c0:af:46:df:5a:f1:4b:ae:e7:17:42:49:
15:ec:5e:12:d5:52:e0:06:3e:b7:6f:5c:28:3e:7f:
52:8e:51:c8:47:4d:98:df:e2:03:84:34:78:bb:48:
d3:dd:93:03:7b:32:df:21:62:96:7f:ac:b7:7b:69:
93:be:1c:0b:b0:f1:06:2d:70:1c:cb:ae:0e:4c:78:
39:c4:45:b7:7f:9e:fc:ea:fb:5e:1d:a8:43:3d:82:
4c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:0C:E2:BD:23:28:44:37:CF:02:12:91:08:3F:89:D7:1F:D5:2F:07
X509v3 Authority Key Identifier:
keyid:67:92:04:20:F7:22:F7:D7:F3:C4:B2:5A:80:E1:7D:72:90:17:11:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5IEIPci99fzxLJagOF9cpAXEYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/BwzivSMoRDfPAhKRCD-J1x_VLwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/Z5IEIPci99fzxLJagOF9cpAXEYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.36.0/22
Signature Algorithm: sha256WithRSAEncryption
70:55:06:5b:63:f4:3d:2d:e0:2c:6f:dc:49:cc:13:3e:f6:75:
2c:5e:86:1f:fb:f1:68:47:56:55:c4:7f:80:52:de:4c:4d:0c:
e8:8e:cc:6f:01:1a:37:14:cd:f0:42:81:5d:1f:91:8a:b0:08:
38:0a:24:48:20:1f:80:7f:17:bd:f4:27:d1:54:46:93:c8:ae:
23:3f:60:c4:44:91:a8:0a:0e:d3:62:f7:18:01:45:67:52:63:
50:64:f9:1d:dc:d1:41:fc:bb:1a:fd:cd:44:0a:9c:ff:b4:6a:
26:11:d7:4c:9a:9e:8f:c2:f4:c9:b7:d6:d9:19:55:59:18:b7:
fe:53:3b:70:46:50:7a:30:21:c1:f1:3c:ee:a2:89:02:8e:e1:
d7:7f:c1:2f:ab:6c:fa:11:e8:b9:80:f9:5f:7a:fe:2b:20:27:
8e:91:bc:96:ea:f9:cf:28:c5:82:17:4a:17:f2:56:26:81:42:
84:30:33:dc:b7:7c:f3:06:59:b2:06:f7:9a:80:07:62:f4:fb:
f2:e2:05:7e:25:94:b3:cd:2b:bb:e4:2d:13:60:66:26:55:f1:
2d:f5:fd:3f:3a:85:29:77:16:6d:ac:61:dd:42:49:a1:53:89:
86:99:0f:5e:34:d2:0e:81:1d:15:0f:cd:02:79:4b:d6:4f:91:
b2:70:f4:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsytIZTaqILriU8zQRfRbkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTIwNDIwZjcyMmY3ZDdmM2M0YjI1YTgwZTE3ZDcyOTAx
NzExODAwHhcNMjMwMTAxMTAwNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzBjZTJiZDIzMjg0NDM3Y2YwMjEyOTEwODNmODlkNzFmZDUyZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiE9PBALYhphDf2mCY0mGSwHxvqbN
NUrR8MlG8EJi/hH16sDI3idjAZAPH2i9LtbbOWUYOJcINlTH8cboUeezK61tQ+ba
E6weGyE4iPlHwp6EBTwBj70xphrrpzQX5YZt/HxHxC6bGQ3sX4aw/jQ7TmXKke7R
JGRjNP1peiSMG5hD4H4fX8Z67htcsTjTu35PqZJOmPmnmtplSWts92fZmP7NLaE5
CFHAr0bfWvFLrucXQkkV7F4S1VLgBj63b1woPn9SjlHIR02Y3+IDhDR4u0jT3ZMD
ezLfIWKWf6y3e2mTvhwLsPEGLXAcy64OTHg5xEW3f5786vteHahDPYJMcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAcM4r0jKEQ3zwISkQg/idcf1S8HMB8GA1UdIwQY
MBaAFGeSBCD3IvfX88SyWoDhfXKQFxGAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVJRUlQY2k5OWZ6eExKYWdPRjljcEFYRVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yN2NhMTYtZjQ2Yi00ZjhlLWI5MmUt
NWVkMDg5YzFhZmVkLzEvQnd6aXZTTW9SRGZQQWhLUkNELUoxeF9WTHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yN2NhMTYtZjQ2Yi00ZjhlLWI5MmUtNWVkMDg5YzFhZmVk
LzEvWjVJRUlQY2k5OWZ6eExKYWdPRjljcEFYRVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVIkMA0G
CSqGSIb3DQEBCwUAA4IBAQBwVQZbY/Q9LeAsb9xJzBM+9nUsXoYf+/FoR1ZVxH+A
Ut5MTQzojsxvARo3FM3wQoFdH5GKsAg4CiRIIB+Afxe99CfRVEaTyK4jP2DERJGo
Cg7TYvcYAUVnUmNQZPkd3NFB/Lsa/c1ECpz/tGomEddMmp6PwvTJt9bZGVVZGLf+
UztwRlB6MCHB8TzuookCjuHXf8Evq2z6Eei5gPlfev4rICeOkbyW6vnPKMWCF0oX
8lYmgUKEMDPct3zzBlmyBveagAdi9Pvy4gV+JZSzzSu75C0TYGYmVfEt9f0/OoUp
dxZtrGHdQkmhU4mGmQ9eNNIOgR0VD80CeUvWT5GycPQr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:50 2024 by rpki-client on console-ams.rpki-client.org