Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/BzMaQuXb3aLvCjHqlyxVg4-6bO8.roa
File: BzMaQuXb3aLvCjHqlyxVg4-6bO8.roa (raw, json)
Hash identifier: NhSP23QW9cDo2ZX0TyDt+NA9VZiypup/r/KVNEIwKb0=
Subject key identifier: 07:33:1A:42:E5:DB:DD:A2:EF:0A:31:EA:97:2C:55:83:8F:BA:6C:EF
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018C8F03C605B6E8C7CF9D04A61EF7FEBABB
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/BzMaQuXb3aLvCjHqlyxVg4-6bO8.roa
Signing time: Fri 22 Dec 2023 00:53:58 +0000
ROA not before: Fri 22 Dec 2023 00:53:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 193.3.174.0/24 maxlen: 24
91.213.17.0/24 maxlen: 24
146.19.112.0/24 maxlen: 24
185.255.54.0/24 maxlen: 24
213.232.238.0/24 maxlen: 24
77.75.225.0/24 maxlen: 24
178.212.76.0/24 maxlen: 24
62.133.34.0/24 maxlen: 24
79.110.231.0/24 maxlen: 24
212.23.197.0/24 maxlen: 24
2a0b:4080::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8f:03:c6:05:b6:e8:c7:cf:9d:04:a6:1e:f7:fe:ba:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Dec 22 00:53:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07331a42e5dbdda2ef0a31ea972c55838fba6cef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:17:36:e8:b5:2c:98:4b:3f:17:9c:18:8f:f2:
0f:6f:1f:07:3e:ad:e0:0b:9a:6a:63:8a:83:8f:20:
cf:8b:5a:3a:cb:d3:fc:47:5a:04:22:8c:d6:59:ed:
9f:b2:9c:e4:a5:53:0b:f5:74:28:89:6d:50:9e:4a:
2b:7d:f1:64:d3:df:8e:61:83:c0:39:8f:07:26:a8:
de:1a:43:cb:a4:e9:31:e4:13:0e:62:81:0e:cf:99:
ba:e6:ff:fc:e4:ce:c1:4f:5f:3d:44:df:98:7b:74:
89:3c:e3:bc:f7:7c:ab:39:92:75:ba:89:68:67:ad:
e8:b1:56:1e:df:58:3e:9f:12:85:80:17:4f:a8:e7:
20:6e:d1:ba:ef:f6:d0:e6:08:48:fc:2f:74:92:e2:
24:a2:a7:7a:c4:69:8f:62:70:f7:8b:b9:ba:71:32:
a1:c6:ab:b8:19:5b:9d:6d:72:f2:06:15:21:a7:67:
87:70:fa:fb:61:b8:0c:a6:eb:1f:fa:b8:eb:00:bc:
d9:32:bc:73:57:64:a0:0e:f4:18:5d:56:a3:be:97:
70:b4:45:96:f7:a4:15:35:5b:92:52:55:6d:67:35:
2b:93:d0:8f:5c:ff:96:17:12:ec:e3:44:0d:29:b5:
54:19:cf:9a:df:02:1d:be:a3:51:48:40:99:f9:80:
21:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:33:1A:42:E5:DB:DD:A2:EF:0A:31:EA:97:2C:55:83:8F:BA:6C:EF
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/BzMaQuXb3aLvCjHqlyxVg4-6bO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.133.34.0/24
77.75.225.0/24
79.110.231.0/24
91.213.17.0/24
146.19.112.0/24
178.212.76.0/24
185.255.54.0/24
193.3.174.0/24
212.23.197.0/24
213.232.238.0/24
IPv6:
2a0b:4080::/32
Signature Algorithm: sha256WithRSAEncryption
49:0d:ba:e1:66:92:c8:0e:63:72:02:6f:6e:dc:5b:1e:27:d1:
48:f8:4b:77:0f:b6:7f:3f:cf:65:58:c4:7b:77:94:88:8d:6e:
69:29:f3:ac:76:05:91:38:16:2c:32:a8:39:cf:23:86:0b:17:
bc:e9:50:8b:47:d8:11:3d:2e:1f:53:1d:12:c5:db:22:60:83:
88:3b:90:fa:9a:1f:8b:03:e4:93:8b:4e:41:6f:e3:3a:b2:a0:
24:b1:8a:1b:b1:63:1c:bd:54:c2:5e:92:a7:fe:c3:af:77:b2:
a4:ff:f0:dc:3c:97:35:53:10:d5:aa:bf:e9:f2:47:1b:87:f0:
04:1a:df:d6:42:38:be:67:9e:c6:58:c2:94:e5:cd:cc:dd:38:
4c:56:45:4f:09:ba:d3:07:60:18:3e:30:80:30:55:da:58:40:
c7:67:89:ba:6c:41:2d:f5:a9:ff:47:05:3b:b3:08:8d:20:7e:
be:54:67:10:6a:42:fe:7a:22:1d:8d:da:e7:4a:28:26:d0:d9:
b8:34:15:ee:fc:71:86:eb:56:8c:84:ef:f8:20:3c:be:d0:82:
b9:29:0b:69:40:59:11:e7:45:53:2c:a6:b9:bc:56:66:81:ee:
cc:60:43:12:f4:f8:37:31:60:61:f1:db:8a:67:81:d2:a8:f5:
24:ec:1f:43
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYyPA8YFtujHz50Eph73/rq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMxMjIyMDA1MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzMzMWE0MmU1ZGJkZGEyZWYwYTMxZWE5NzJjNTU4MzhmYmE2Y2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBc26LUsmEs/F5wYj/IPbx8HPq3g
C5pqY4qDjyDPi1o6y9P8R1oEIozWWe2fspzkpVML9XQoiW1QnkorffFk09+OYYPA
OY8HJqjeGkPLpOkx5BMOYoEOz5m65v/85M7BT189RN+Ye3SJPOO893yrOZJ1uolo
Z63osVYe31g+nxKFgBdPqOcgbtG67/bQ5ghI/C90kuIkoqd6xGmPYnD3i7m6cTKh
xqu4GVudbXLyBhUhp2eHcPr7YbgMpusf+rjrALzZMrxzV2SgDvQYXVajvpdwtEWW
96QVNVuSUlVtZzUrk9CPXP+WFxLs40QNKbVUGc+a3wIdvqNRSECZ+YAhtQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFAczGkLl292i7wox6pcsVYOPumzvMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvQnpNYVF1WGIzYUx2Q2pIcWx5eFZnNC02Yk84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQAPoUiAwQA
TUvhAwQAT27nAwQAW9URAwQAkhNwAwQAstRMAwQAuf82AwQAwQOuAwQA1BfFAwQA
1ejuMA0EAgACMAcDBQAqC0CAMA0GCSqGSIb3DQEBCwUAA4IBAQBJDbrhZpLIDmNy
Am9u3FseJ9FI+Et3D7Z/P89lWMR7d5SIjW5pKfOsdgWROBYsMqg5zyOGCxe86VCL
R9gRPS4fUx0SxdsiYIOIO5D6mh+LA+STi05Bb+M6sqAksYobsWMcvVTCXpKn/sOv
d7Kk//DcPJc1UxDVqr/p8kcbh/AEGt/WQji+Z57GWMKU5c3M3ThMVkVPCbrTB2AY
PjCAMFXaWEDHZ4m6bEEt9an/RwU7swiNIH6+VGcQakL+eiIdjdrnSigm0Nm4NBXu
/HGG61aMhO/4IDy+0IK5KQtpQFkR50VTLKa5vFZmge7MYEMS9Pg3MWBh8duKZ4HS
qPUk7B9D
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:34 2024 by rpki-client on console-fra.rpki-client.org