Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BzlCy37PDNjSWAhlyOM6NTKv2_s.roa
File: BzlCy37PDNjSWAhlyOM6NTKv2_s.roa (raw, json)
Hash identifier: f/W+7tZ2ePnULt46PU4ltgptbhxJsVsFrQxq82FnfkM=
Subject key identifier: 07:39:42:CB:7E:CF:0C:D8:D2:58:08:65:C8:E3:3A:35:32:AF:DB:FB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191C96284F0EDF21FD3DBA845EE62612621
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BzlCy37PDNjSWAhlyOM6NTKv2_s.roa
Signing time: Fri 06 Sep 2024 22:09:22 +0000
ROA not before: Fri 06 Sep 2024 22:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 06 Sep 2024 23:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c9:62:84:f0:ed:f2:1f:d3:db:a8:45:ee:62:61:26:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 6 22:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=073942cb7ecf0cd8d2580865c8e33a3532afdbfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cc:16:dd:fb:f6:9c:1f:8f:ba:16:59:35:c9:
03:8d:a0:c9:59:e9:c7:02:69:b7:38:05:a1:b7:af:
d8:e9:18:f1:a1:a4:6e:0a:f2:37:48:b9:24:c2:2b:
71:4e:33:bf:fb:2f:7f:1e:0e:56:33:d9:4a:9b:61:
07:f1:2e:7f:89:4c:43:3f:01:75:56:8d:b3:de:26:
dd:d4:03:1b:3a:94:31:0f:4e:94:40:9c:2d:eb:ae:
cd:8d:38:28:3e:c6:4f:80:b8:0d:6c:b1:50:6b:13:
7f:e1:fb:06:27:a2:1e:07:81:ee:4d:bd:ed:11:d5:
3a:d5:fd:d3:04:cd:fd:9b:c6:3f:84:4e:39:59:a2:
fb:8e:24:da:a0:34:6f:52:3f:6d:db:b7:39:a7:d2:
f7:16:5a:33:3b:c3:c6:e6:ed:64:21:6d:9f:de:fd:
8f:25:1b:b4:17:43:47:96:b7:bc:fe:6e:e1:af:72:
6f:7f:c1:3a:66:b7:c8:57:9e:b2:e5:54:77:cb:09:
a0:7e:b8:48:e8:80:1d:8a:30:e2:ed:a1:10:83:d2:
70:f5:e2:dd:78:e5:c7:77:7f:67:46:b4:44:c1:26:
0f:73:5c:12:ee:fe:f6:7d:51:1d:24:72:48:26:e6:
99:0b:de:31:af:d6:45:c3:c3:15:57:4e:97:d1:8c:
ab:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:39:42:CB:7E:CF:0C:D8:D2:58:08:65:C8:E3:3A:35:32:AF:DB:FB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BzlCy37PDNjSWAhlyOM6NTKv2_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
64:c2:35:f7:c8:4a:b8:72:18:31:96:d8:70:71:3e:5b:fb:7e:
ff:d7:1f:71:be:56:c7:d0:88:bc:99:95:e9:0b:85:55:0f:fb:
a7:ed:ca:e3:6d:85:e9:79:31:b7:5b:35:aa:e7:39:2f:df:7c:
65:d9:27:dd:1b:a7:dd:42:45:2a:8c:73:ec:59:bd:4a:d9:cf:
7a:63:88:3f:f5:76:86:c8:2d:af:4a:f9:1a:bc:d2:22:ee:2c:
89:cd:a8:aa:2c:cb:bf:ed:75:62:e6:a5:f7:e6:dd:51:b7:85:
67:5d:48:82:94:25:28:04:ae:f0:06:47:65:bb:28:c3:09:c5:
1d:b2:80:45:4e:1e:40:60:a2:6f:78:2f:c9:45:8c:f3:1c:4f:
d4:88:dc:a4:71:75:85:73:f6:5b:97:6d:66:53:54:0b:5c:e0:
a4:9d:70:9c:d6:9d:ac:9b:14:0e:f4:96:46:f1:e0:c1:8f:1c:
8a:e1:0a:41:4e:7f:e7:7f:59:8d:03:e0:7d:00:2a:5d:67:18:
f8:16:6c:aa:bb:dd:86:92:81:c9:9d:61:ce:3d:14:c2:f6:77:
1a:f6:55:11:9e:2d:93:f6:36:73:79:b7:80:37:a4:11:7d:5a:
f2:60:ab:6b:47:71:75:fe:45:1a:5b:a6:97:84:2a:72:e4:40:
42:e5:69:53
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZHJYoTw7fIf09uoRe5iYSYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA2MjIwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzM5NDJjYjdlY2YwY2Q4ZDI1ODA4NjVjOGUzM2EzNTMyYWZkYmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcwW3fv2nB+PuhZZNckDjaDJWenH
Amm3OAWht6/Y6RjxoaRuCvI3SLkkwitxTjO/+y9/Hg5WM9lKm2EH8S5/iUxDPwF1
Vo2z3ibd1AMbOpQxD06UQJwt667NjTgoPsZPgLgNbLFQaxN/4fsGJ6IeB4HuTb3t
EdU61f3TBM39m8Y/hE45WaL7jiTaoDRvUj9t27c5p9L3FlozO8PG5u1kIW2f3v2P
JRu0F0NHlre8/m7hr3Jvf8E6ZrfIV56y5VR3ywmgfrhI6IAdijDi7aEQg9Jw9eLd
eOXHd39nRrREwSYPc1wS7v72fVEdJHJIJuaZC94xr9ZFw8MVV06X0Yyr7QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAc5Qst+zwzY0lgIZcjjOjUyr9v7MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQnpsQ3kzN1BETmpTV0FobHlPTTZOVEt2Ml9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAZMI198hKuHIYMZbYcHE+W/t+
/9cfcb5Wx9CIvJmV6QuFVQ/7p+3K422F6Xkxt1s1quc5L998Zdkn3Run3UJFKoxz
7Fm9StnPemOIP/V2hsgtr0r5GrzSIu4sic2oqizLv+11Yual9+bdUbeFZ11IgpQl
KASu8AZHZbsowwnFHbKARU4eQGCib3gvyUWM8xxP1IjcpHF1hXP2W5dtZlNUC1zg
pJ1wnNadrJsUDvSWRvHgwY8ciuEKQU5/539ZjQPgfQAqXWcY+BZsqrvdhpKByZ1h
zj0UwvZ3GvZVEZ4tk/Y2c3m3gDekEX1a8mCra0dxdf5FGluml4QqcuRAQuVpUw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:41 2025 by rpki-client