Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/32ae3e-d848-45f1-9cc1-6dec46994ba4/1/bbz7NY5sjxFxRUsMD8pwt2ijMY8.roa
File: bbz7NY5sjxFxRUsMD8pwt2ijMY8.roa (raw, json)
Hash identifier: oyK1Aff/T/B48lBNKHHmkUfNB0/VXSqpgLM5PA0kW4g=
Subject key identifier: 6D:BC:FB:35:8E:6C:8F:11:71:45:4B:0C:0F:CA:70:B7:68:A3:31:8F
Certificate issuer: /CN=52dc49fe93a3f62add4ce9891d9033ead83d988c
Certificate serial: 0193E378B8DE7D01F913D98CA74A40794D31
Authority key identifier: 52:DC:49:FE:93:A3:F6:2A:DD:4C:E9:89:1D:90:33:EA:D8:3D:98:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtxJ_pOj9irdTOmJHZAz6tg9mIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/32ae3e-d848-45f1-9cc1-6dec46994ba4/1/bbz7NY5sjxFxRUsMD8pwt2ijMY8.roa
Signing time: Fri 20 Dec 2024 09:49:19 +0000
ROA not before: Fri 20 Dec 2024 09:49:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 559
IP address blocks: 147.88.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e3:78:b8:de:7d:01:f9:13:d9:8c:a7:4a:40:79:4d:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52dc49fe93a3f62add4ce9891d9033ead83d988c
Validity
Not Before: Dec 20 09:49:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dbcfb358e6c8f1171454b0c0fca70b768a3318f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:78:0c:2a:3e:01:8c:91:1e:7c:03:9d:df:86:
f3:db:8b:56:d9:df:89:0f:1d:54:8e:1c:1b:ac:7f:
91:6e:99:25:29:e8:c5:4a:61:a3:fd:98:29:e3:23:
0b:ee:96:0b:98:63:09:2b:bd:2f:c0:60:b1:dc:ef:
bd:46:1f:48:ec:33:14:38:5c:57:84:b8:86:d6:cc:
11:59:19:48:b0:48:76:85:21:8e:c1:81:54:9b:a9:
97:c1:a1:d6:30:0c:8e:6c:0a:f0:d8:b6:b2:4a:9b:
90:aa:41:64:fb:17:3c:3d:f4:fc:7c:f1:82:8e:46:
81:20:c0:dd:6e:fc:44:31:f0:09:72:27:26:0c:33:
11:c0:01:0a:22:5b:a5:f3:8c:96:a2:da:e0:cf:e5:
59:7b:fa:4d:1f:b5:08:4e:28:39:96:5c:36:3d:cb:
12:73:12:c6:a0:29:d2:de:cc:33:dc:b4:8c:e8:71:
d2:fe:e2:6c:33:65:73:47:1d:5e:1f:a5:ff:00:bb:
8c:78:a9:80:7c:3c:2c:84:18:7b:64:1b:ec:93:6e:
5b:cb:a2:dc:0e:39:ee:56:a0:d9:5e:e2:44:68:55:
93:27:f2:47:3f:66:51:f3:2b:37:80:d7:b2:66:a5:
79:ff:eb:1c:33:5a:d7:36:ca:b5:bf:10:33:5b:eb:
d2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:BC:FB:35:8E:6C:8F:11:71:45:4B:0C:0F:CA:70:B7:68:A3:31:8F
X509v3 Authority Key Identifier:
keyid:52:DC:49:FE:93:A3:F6:2A:DD:4C:E9:89:1D:90:33:EA:D8:3D:98:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtxJ_pOj9irdTOmJHZAz6tg9mIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/32ae3e-d848-45f1-9cc1-6dec46994ba4/1/bbz7NY5sjxFxRUsMD8pwt2ijMY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/32ae3e-d848-45f1-9cc1-6dec46994ba4/1/UtxJ_pOj9irdTOmJHZAz6tg9mIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.88.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:0e:7a:ae:21:0d:69:40:4c:99:2f:12:f8:85:a1:bf:00:c7:
2b:63:b4:76:a0:af:3e:7c:e7:3b:9c:b6:1a:38:00:b2:85:ad:
b9:1d:5c:0e:e7:3c:a8:74:a0:0e:cc:21:5d:b6:33:8d:f4:e4:
af:79:a1:02:54:f5:4c:50:44:61:18:59:d6:3b:03:cc:a2:c5:
85:88:e1:5f:23:18:40:98:42:0a:1d:37:ee:21:ed:d7:a2:11:
bd:9f:84:97:5c:86:73:64:8f:1f:3e:2c:2d:bc:63:b7:5a:5f:
5c:ec:0c:47:53:09:f7:ca:cd:02:b8:df:45:94:84:2d:1c:10:
da:ba:59:2c:83:d7:5e:f7:48:e2:2c:3d:2d:4f:7f:cb:d1:35:
3d:58:48:d9:0a:02:ac:84:00:30:e2:de:e2:55:5a:93:5c:9e:
3f:b1:34:e2:ea:7b:7c:45:2b:83:33:a4:0f:fa:3c:ca:db:cf:
4d:7d:21:f7:5c:5d:af:94:4b:19:fa:0f:d8:4e:49:cf:e0:a0:
64:99:fd:99:63:c4:4a:8d:8b:0e:c6:3e:ed:ca:58:5a:e2:07:
14:c0:88:ad:55:d0:4b:62:7a:c7:8d:5e:c4:e4:e1:a0:2f:c3:
a1:7a:80:00:81:ad:95:d2:a1:cf:d8:9d:93:58:cc:db:16:36:
66:e5:dc:13
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZPjeLjefQH5E9mMp0pAeU0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZGM0OWZlOTNhM2Y2MmFkZDRjZTk4OTFkOTAzM2VhZDgz
ZDk4OGMwHhcNMjQxMjIwMDk0OTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGJjZmIzNThlNmM4ZjExNzE0NTRiMGMwZmNhNzBiNzY4YTMzMThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3gMKj4BjJEefAOd34bz24tW2d+J
Dx1UjhwbrH+RbpklKejFSmGj/Zgp4yML7pYLmGMJK70vwGCx3O+9Rh9I7DMUOFxX
hLiG1swRWRlIsEh2hSGOwYFUm6mXwaHWMAyObArw2LaySpuQqkFk+xc8PfT8fPGC
jkaBIMDdbvxEMfAJcicmDDMRwAEKIlul84yWotrgz+VZe/pNH7UITig5llw2PcsS
cxLGoCnS3swz3LSM6HHS/uJsM2VzRx1eH6X/ALuMeKmAfDwshBh7ZBvsk25by6Lc
DjnuVqDZXuJEaFWTJ/JHP2ZR8ys3gNeyZqV5/+scM1rXNsq1vxAzW+vSIwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFG28+zWObI8RcUVLDA/KcLdoozGPMB8GA1UdIwQY
MBaAFFLcSf6To/Yq3UzpiR2QM+rYPZiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXR4Sl9wT2o5aXJkVE9tSkhaQXo2dGc5bUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8zMmFlM2UtZDg0OC00NWYxLTljYzEt
NmRlYzQ2OTk0YmE0LzEvYmJ6N05ZNXNqeEZ4UlVzTUQ4cHd0MmlqTVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8zMmFlM2UtZDg0OC00NWYxLTljYzEtNmRlYzQ2OTk0YmE0
LzEvVXR4Sl9wT2o5aXJkVE9tSkhaQXo2dGc5bUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAk1gwDQYJ
KoZIhvcNAQELBQADggEBADAOeq4hDWlATJkvEviFob8AxytjtHagrz585zuctho4
ALKFrbkdXA7nPKh0oA7MIV22M4305K95oQJU9UxQRGEYWdY7A8yixYWI4V8jGECY
QgodN+4h7deiEb2fhJdchnNkjx8+LC28Y7daX1zsDEdTCffKzQK430WUhC0cENq6
WSyD1173SOIsPS1Pf8vRNT1YSNkKAqyEADDi3uJVWpNcnj+xNOLqe3xFK4MzpA/6
PMrbz019IfdcXa+USxn6D9hOSc/goGSZ/ZljxEqNiw7GPu3KWFriBxTAiK1V0Eti
eseNXsTk4aAvw6F6gACBrZXSoc/YnZNYzNsWNmbl3BM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:35:54 2025 by rpki-client