Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/BzRVuGa9ZH90S05u94vSOvcBnUQ.roa
File: BzRVuGa9ZH90S05u94vSOvcBnUQ.roa (raw, json)
Hash identifier: JoKiKixrlz/LCSMXUsYwcansVa+Sa7pt25+HFHDkWSA=
Subject key identifier: 07:34:55:B8:66:BD:64:7F:74:4B:4E:6E:F7:8B:D2:3A:F7:01:9D:44
Certificate issuer: /CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Certificate serial: 01910A523216EA3E0875ECE4C209942B23AD
Authority key identifier: FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/BzRVuGa9ZH90S05u94vSOvcBnUQ.roa
Signing time: Wed 31 Jul 2024 19:44:04 +0000
ROA not before: Wed 31 Jul 2024 19:44:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47152
IP address blocks: 2a10:ba87:fed0::/44 maxlen: 44
2a10:ba87:fef0::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0a:52:32:16:ea:3e:08:75:ec:e4:c2:09:94:2b:23:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Validity
Not Before: Jul 31 19:44:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=073455b866bd647f744b4e6ef78bd23af7019d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3e:d6:ee:c2:23:70:ab:b9:75:89:5b:af:8d:
50:39:68:ce:20:d7:03:bd:99:47:ee:62:93:3b:6f:
c4:47:ad:f7:5a:33:bf:ce:e7:b8:5e:a8:32:3e:61:
74:ca:9e:6a:00:fe:b8:53:a9:05:79:3f:89:fe:f3:
3d:f6:6d:36:da:13:7d:f3:26:85:2e:9d:47:44:5f:
0b:4b:97:6d:80:d5:27:82:54:a1:19:69:df:f1:a1:
16:2b:68:e8:3c:33:3d:75:83:e0:d2:7a:58:f7:5e:
3c:43:4b:2b:88:ea:d1:d5:40:ed:72:8d:a4:26:d1:
be:ed:8f:db:9e:8b:56:a8:7d:6d:f2:c4:ed:cd:dd:
58:33:1b:c9:eb:a6:80:da:78:4f:5f:94:80:e8:08:
20:fa:6f:d4:f9:ba:98:eb:cd:09:65:94:0e:56:95:
84:58:e8:65:0d:97:0e:ff:5a:9a:8e:86:3e:0b:e4:
4b:8d:26:d4:0e:11:bd:13:e8:58:16:19:2d:61:42:
ef:58:73:77:5a:ee:57:74:b3:66:c0:17:bb:a6:f9:
12:ca:19:59:35:89:70:77:69:2a:ab:8c:d0:bc:9c:
8d:4f:0a:d2:92:2d:b0:5d:7e:1e:78:6e:0c:8a:c7:
3b:cb:c5:74:74:fa:06:df:d9:8c:50:a4:b4:46:e1:
63:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:34:55:B8:66:BD:64:7F:74:4B:4E:6E:F7:8B:D2:3A:F7:01:9D:44
X509v3 Authority Key Identifier:
keyid:FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/BzRVuGa9ZH90S05u94vSOvcBnUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ba87:fed0::/44
2a10:ba87:fef0::/44
Signature Algorithm: sha256WithRSAEncryption
30:25:91:69:56:7c:91:ef:92:31:bb:e5:79:41:20:ab:4b:88:
6b:e5:23:c1:7a:bf:dd:68:2a:ff:86:50:f9:26:ab:07:67:38:
a8:c7:4c:99:07:3f:b2:d7:fc:db:28:9d:c6:fd:c2:80:d5:b8:
df:82:e2:04:8f:f1:76:93:91:74:2a:10:55:e3:66:67:4e:c2:
dc:cb:86:5b:b8:4b:5a:3d:cc:87:26:ed:26:44:63:38:ef:e4:
2c:0c:2c:dd:9e:46:95:aa:03:bf:ac:48:c4:af:d7:9a:b8:67:
0c:79:2f:ab:db:a8:9a:43:d6:28:17:bd:73:6e:a0:35:a7:82:
92:23:d3:a2:f4:7d:28:80:bc:dc:e3:f1:4a:86:0f:2c:a2:e9:
92:db:35:55:91:37:45:0d:9a:bf:6d:e8:40:ef:0f:3d:77:cd:
68:09:91:83:72:9e:0a:cc:42:c7:f8:d3:30:cd:26:22:36:ba:
e2:c2:b7:a2:3b:92:ac:c5:00:3c:8d:ec:c9:fd:8e:06:46:3c:
57:cd:41:8c:55:0f:23:e9:14:6a:47:83:06:49:70:49:a3:57:
02:ad:0e:09:0d:53:dd:45:f2:04:80:5a:89:27:8a:db:3f:28:
f9:cd:1c:4a:f8:8b:ad:96:e7:02:74:72:68:e1:aa:34:29:68:
d1:20:e5:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZEKUjIW6j4IdezkwgmUKyOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjFjYjRiYWExNTg2MmQxYjU3NzNiZjJiZTYwY2E1ZjRm
YzI0ZDQwHhcNMjQwNzMxMTk0NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzM0NTViODY2YmQ2NDdmNzQ0YjRlNmVmNzhiZDIzYWY3MDE5ZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwj7W7sIjcKu5dYlbr41QOWjOINcD
vZlH7mKTO2/ER633WjO/zue4XqgyPmF0yp5qAP64U6kFeT+J/vM99m022hN98yaF
Lp1HRF8LS5dtgNUnglShGWnf8aEWK2joPDM9dYPg0npY9148Q0sriOrR1UDtco2k
JtG+7Y/bnotWqH1t8sTtzd1YMxvJ66aA2nhPX5SA6Agg+m/U+bqY680JZZQOVpWE
WOhlDZcO/1qajoY+C+RLjSbUDhG9E+hYFhktYULvWHN3Wu5XdLNmwBe7pvkSyhlZ
NYlwd2kqq4zQvJyNTwrSki2wXX4eeG4Misc7y8V0dPoG39mMUKS0RuFj3wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAc0VbhmvWR/dEtObveL0jr3AZ1EMB8GA1UdIwQY
MBaAFP0hy0uqFYYtG1dzvyvmDKX0/CTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUt
YmU1NTIwYTVjODIxLzEvQnpSVnVHYTlaSDkwUzA1dTk0dlNPdmNCblVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUtYmU1NTIwYTVjODIx
LzEvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKhC6h/7Q
AwcEKhC6h/7wMA0GCSqGSIb3DQEBCwUAA4IBAQAwJZFpVnyR75Ixu+V5QSCrS4hr
5SPBer/daCr/hlD5JqsHZziox0yZBz+y1/zbKJ3G/cKA1bjfguIEj/F2k5F0KhBV
42ZnTsLcy4ZbuEtaPcyHJu0mRGM47+QsDCzdnkaVqgO/rEjEr9eauGcMeS+r26ia
Q9YoF71zbqA1p4KSI9Oi9H0ogLzc4/FKhg8soumS2zVVkTdFDZq/behA7w89d81o
CZGDcp4KzELH+NMwzSYiNrriwreiO5KsxQA8jezJ/Y4GRjxXzUGMVQ8j6RRqR4MG
SXBJo1cCrQ4JDVPdRfIEgFqJJ4rbPyj5zRxK+IutlucCdHJo4ao0KWjRIOXV
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:15:09 2025 by rpki-client