Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/f7c4a2-b606-4292-b9f7-fa3c4ef5edf6/1/BzKryYII7Y5hA4VsBk7y7Nkl0YI.roa
File: BzKryYII7Y5hA4VsBk7y7Nkl0YI.roa (raw, json)
Hash identifier: xFilEwy/aoD0dUrzSnyv+9P/+dmwRcp2NOMJiXA3tZM=
Subject key identifier: 07:32:AB:C9:82:08:ED:8E:61:03:85:6C:06:4E:F2:EC:D9:25:D1:82
Certificate issuer: /CN=3da6e69e65dd0a540599703ed0c92474cb20e939
Certificate serial: 0186938A164A725B545AD469C67010478935
Authority key identifier: 3D:A6:E6:9E:65:DD:0A:54:05:99:70:3E:D0:C9:24:74:CB:20:E9:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PabmnmXdClQFmXA-0MkkdMsg6Tk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/f7c4a2-b606-4292-b9f7-fa3c4ef5edf6/1/BzKryYII7Y5hA4VsBk7y7Nkl0YI.roa
Signing time: Mon 27 Feb 2023 15:42:25 +0000
ROA not before: Mon 27 Feb 2023 15:42:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25291
IP address blocks: 91.106.120.0/21 maxlen: 24
46.227.96.0/21 maxlen: 24
88.133.232.0/21 maxlen: 24
80.209.192.0/19 maxlen: 24
95.130.160.0/21 maxlen: 24
212.77.160.0/19 maxlen: 24
185.119.92.0/22 maxlen: 24
88.133.176.0/20 maxlen: 24
81.27.160.0/20 maxlen: 24
217.74.0.0/21 maxlen: 24
5.149.224.0/20 maxlen: 24
130.185.0.0/18 maxlen: 24
2001:16e0::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 Mar 2023 10:25:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:93:8a:16:4a:72:5b:54:5a:d4:69:c6:70:10:47:89:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3da6e69e65dd0a540599703ed0c92474cb20e939
Validity
Not Before: Feb 27 15:42:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0732abc98208ed8e6103856c064ef2ecd925d182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:84:59:4f:e9:f6:50:df:c0:12:c9:a5:de:45:
94:63:8f:dc:f0:7c:15:a2:6e:40:64:9d:13:85:c4:
6b:19:0a:7f:90:d9:88:4d:d7:48:e5:ee:7a:f5:06:
80:97:08:eb:37:41:ad:30:dd:f5:e8:f6:f5:d7:dc:
f0:27:66:12:15:4a:56:30:2f:b8:39:0d:11:1b:16:
f0:1d:fb:ea:5a:4d:84:ba:97:1f:b3:b3:9c:ef:d4:
78:e7:30:b9:8e:31:aa:de:2f:f5:c1:00:e6:ff:94:
d6:78:ea:5c:3c:49:9d:51:cb:d7:33:95:f7:0a:52:
66:90:04:8e:11:c2:b6:bd:b2:88:64:71:ed:27:c6:
3a:b6:32:12:e1:a0:13:b9:af:18:a5:29:88:a3:d2:
c6:ba:23:c8:2a:cb:8e:29:0c:ba:d5:3c:6c:13:73:
a8:b2:bf:f9:ca:d5:c3:9d:a9:4f:b4:04:ef:38:b7:
d9:af:04:3d:1e:d3:97:9c:61:cc:53:a7:e1:a5:86:
30:db:86:0a:fb:b0:fb:23:4c:4b:ab:b3:85:65:e3:
3c:c7:d3:2f:1f:a3:a0:2f:91:06:41:7b:99:9d:cd:
0b:24:9e:87:4c:d1:f4:f5:f5:c8:99:58:d3:99:f7:
45:a7:e9:24:f7:97:80:70:4d:a5:9e:17:68:b7:12:
ac:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:32:AB:C9:82:08:ED:8E:61:03:85:6C:06:4E:F2:EC:D9:25:D1:82
X509v3 Authority Key Identifier:
keyid:3D:A6:E6:9E:65:DD:0A:54:05:99:70:3E:D0:C9:24:74:CB:20:E9:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PabmnmXdClQFmXA-0MkkdMsg6Tk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/f7c4a2-b606-4292-b9f7-fa3c4ef5edf6/1/BzKryYII7Y5hA4VsBk7y7Nkl0YI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/f7c4a2-b606-4292-b9f7-fa3c4ef5edf6/1/PabmnmXdClQFmXA-0MkkdMsg6Tk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.224.0/20
46.227.96.0/21
80.209.192.0/19
81.27.160.0/20
88.133.176.0/20
88.133.232.0/21
91.106.120.0/21
95.130.160.0/21
130.185.0.0/18
185.119.92.0/22
212.77.160.0/19
217.74.0.0/21
IPv6:
2001:16e0::/29
Signature Algorithm: sha256WithRSAEncryption
77:5c:c3:2a:6a:53:89:da:65:fa:31:82:f2:ea:c1:5a:1d:0d:
79:bb:86:14:46:80:1e:9e:48:23:0f:28:02:23:43:3d:64:41:
7a:d1:9c:b2:b1:12:ce:2c:fe:c6:19:72:d2:44:53:07:90:51:
71:87:50:0d:70:91:e7:4b:4b:55:db:cd:33:76:c6:92:24:cf:
7c:a4:c8:65:5f:e1:bf:0f:46:4c:ea:9e:c6:65:a0:2d:5e:93:
e8:2c:72:c4:7d:bb:0f:72:82:3d:c4:63:97:f7:a2:6c:63:51:
1e:a6:0c:2f:13:02:c0:e6:91:b1:99:ab:c6:85:ea:55:92:c3:
f0:82:8a:36:cd:e6:81:37:0e:89:04:63:9c:78:f3:fa:06:b5:
c0:a0:a8:07:60:8b:23:8a:af:c0:37:b4:66:be:78:c7:33:c2:
25:ac:53:c5:3d:01:2f:ac:37:16:e2:e2:4d:1b:77:22:c2:12:
24:dd:8a:58:1c:fc:95:d5:94:91:a9:fd:34:aa:59:2a:a3:9e:
5c:a9:4c:ce:8b:71:df:58:b3:29:a2:bd:9f:31:8e:ac:41:ec:
62:52:df:15:58:9d:8d:81:79:3c:34:10:8f:30:b9:10:48:f0:
c3:7b:4f:3e:ea:40:ac:cb:c1:98:08:b1:ff:92:3a:52:a0:84:
39:23:ec:da
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYaTihZKcltUWtRpxnAQR4k1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkYTZlNjllNjVkZDBhNTQwNTk5NzAzZWQwYzkyNDc0Y2Iy
MGU5MzkwHhcNMjMwMjI3MTU0MjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzMyYWJjOTgyMDhlZDhlNjEwMzg1NmMwNjRlZjJlY2Q5MjVkMTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24RZT+n2UN/AEsml3kWUY4/c8HwV
om5AZJ0ThcRrGQp/kNmITddI5e569QaAlwjrN0GtMN316Pb119zwJ2YSFUpWMC+4
OQ0RGxbwHfvqWk2Eupcfs7Oc79R45zC5jjGq3i/1wQDm/5TWeOpcPEmdUcvXM5X3
ClJmkASOEcK2vbKIZHHtJ8Y6tjIS4aATua8YpSmIo9LGuiPIKsuOKQy61TxsE3Oo
sr/5ytXDnalPtATvOLfZrwQ9HtOXnGHMU6fhpYYw24YK+7D7I0xLq7OFZeM8x9Mv
H6OgL5EGQXuZnc0LJJ6HTNH09fXImVjTmfdFp+kk95eAcE2lnhdotxKsQQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFAcyq8mCCO2OYQOFbAZO8uzZJdGCMB8GA1UdIwQY
MBaAFD2m5p5l3QpUBZlwPtDJJHTLIOk5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGFibW5tWGRDbFFGbVhBLTBNa2tkTXNnNlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mN2M0YTItYjYwNi00MjkyLWI5Zjct
ZmEzYzRlZjVlZGY2LzEvQnpLcnlZSUk3WTVoQTRWc0JrN3k3TmtsMFlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mN2M0YTItYjYwNi00MjkyLWI5ZjctZmEzYzRlZjVlZGY2
LzEvUGFibW5tWGRDbFFGbVhBLTBNa2tkTXNnNlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQEBZXgAwQD
LuNgAwQFUNHAAwQEURugAwQEWIWwAwQDWIXoAwQDW2p4AwQDX4KgAwQGgrkAAwQC
uXdcAwQF1E2gAwQD2UoAMA0EAgACMAcDBQMgARbgMA0GCSqGSIb3DQEBCwUAA4IB
AQB3XMMqalOJ2mX6MYLy6sFaHQ15u4YURoAenkgjDygCI0M9ZEF60ZyysRLOLP7G
GXLSRFMHkFFxh1ANcJHnS0tV280zdsaSJM98pMhlX+G/D0ZM6p7GZaAtXpPoLHLE
fbsPcoI9xGOX96JsY1EepgwvEwLA5pGxmavGhepVksPwgoo2zeaBNw6JBGOcePP6
BrXAoKgHYIsjiq/AN7RmvnjHM8IlrFPFPQEvrDcW4uJNG3ciwhIk3YpYHPyV1ZSR
qf00qlkqo55cqUzOi3HfWLMpor2fMY6sQexiUt8VWJ2NgXk8NBCPMLkQSPDDe08+
6kCsy8GYCLH/kjpSoIQ5I+za
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:50 2024 by rpki-client on console-fra.rpki-client.org