Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/9293cf-2939-486e-b8f8-c58a9d5c7534/1/bziEJrebQGLcHClnDG7e8onN8Zg.roa
File: bziEJrebQGLcHClnDG7e8onN8Zg.roa (raw, json)
Hash identifier: HgMX01K47JojFZQubAkkf+6LcMh2DWA2zYX7dHH5iug=
Subject key identifier: 6F:38:84:26:B7:9B:40:62:DC:1C:29:67:0C:6E:DE:F2:89:CD:F1:98
Certificate issuer: /CN=16bfc6576ff4287a88e9de3e210b9ec0e111b5ad
Certificate serial: 01856CEF0DA6E092E4CC8CC8C25835397142
Authority key identifier: 16:BF:C6:57:6F:F4:28:7A:88:E9:DE:3E:21:0B:9E:C0:E1:11:B5:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fr_GV2_0KHqI6d4-IQuewOERta0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/9293cf-2939-486e-b8f8-c58a9d5c7534/1/bziEJrebQGLcHClnDG7e8onN8Zg.roa
Signing time: Sun 01 Jan 2023 10:44:43 +0000
ROA not before: Sun 01 Jan 2023 10:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59766
IP address blocks: 185.51.168.0/22 maxlen: 22
89.148.128.0/18 maxlen: 18
62.69.128.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:0d:a6:e0:92:e4:cc:8c:c8:c2:58:35:39:71:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16bfc6576ff4287a88e9de3e210b9ec0e111b5ad
Validity
Not Before: Jan 1 10:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f388426b79b4062dc1c29670c6edef289cdf198
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a7:41:f9:f8:12:98:9a:44:2b:57:3d:ef:4b:
1a:4b:8d:6f:c4:cd:75:20:07:de:5c:b5:9c:f0:c9:
d4:82:65:95:92:f2:0d:78:a0:c2:a6:f4:69:c8:33:
59:c7:cb:a8:27:90:6c:ab:52:66:21:78:ed:8a:ae:
b2:ec:5d:70:dc:bc:f5:a4:a5:0f:7a:13:e0:86:9c:
2f:ea:4d:fc:77:07:b1:e7:24:e2:e9:a2:47:5a:bd:
c6:da:8f:d5:62:c5:51:3f:22:01:bf:8c:28:be:a6:
f1:ca:26:4f:32:63:be:71:f4:42:04:e6:8e:56:b5:
f6:6f:8e:89:6a:60:2d:14:1a:d5:63:38:de:16:ce:
81:2d:4b:fd:d2:4e:32:db:e6:6f:fa:97:f8:c5:8e:
45:06:28:f2:8a:8b:de:8f:bc:fd:75:78:e1:e9:04:
00:28:25:29:39:1f:89:a0:d1:72:18:69:fc:02:30:
f1:bd:c3:af:40:4f:0c:fc:cf:a4:b4:ea:3a:af:33:
c0:59:c8:30:3b:dc:50:a5:29:1b:c7:56:78:c3:23:
5f:9d:bd:70:75:08:8e:16:0e:11:7d:50:64:70:fd:
4e:62:65:af:c5:09:ca:c5:82:c4:80:57:a4:5d:ae:
9d:95:8f:46:59:92:68:1d:f4:90:21:1d:07:ad:26:
bd:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:38:84:26:B7:9B:40:62:DC:1C:29:67:0C:6E:DE:F2:89:CD:F1:98
X509v3 Authority Key Identifier:
keyid:16:BF:C6:57:6F:F4:28:7A:88:E9:DE:3E:21:0B:9E:C0:E1:11:B5:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fr_GV2_0KHqI6d4-IQuewOERta0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/9293cf-2939-486e-b8f8-c58a9d5c7534/1/bziEJrebQGLcHClnDG7e8onN8Zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/9293cf-2939-486e-b8f8-c58a9d5c7534/1/Fr_GV2_0KHqI6d4-IQuewOERta0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.69.128.0/21
89.148.128.0/18
185.51.168.0/22
Signature Algorithm: sha256WithRSAEncryption
06:5b:e7:7c:b7:c3:35:8b:d2:c9:32:7a:ac:ca:24:22:18:d1:
7a:37:b3:57:23:7e:31:c6:b2:08:71:29:d8:e6:0a:f7:55:40:
3b:48:92:58:aa:7f:dd:1c:8e:33:4f:51:b5:28:63:18:cd:b3:
07:0b:e4:24:92:08:a1:cd:be:9d:6b:7e:5f:dd:1e:e9:21:26:
95:12:95:a4:55:81:ab:02:c5:b9:78:d5:ea:b1:cb:e2:5a:9c:
aa:72:7f:06:38:78:78:b7:ab:f3:36:78:9e:35:b6:81:60:b3:
a2:ff:6f:f2:02:37:42:c8:55:25:63:46:a3:3e:0e:0e:8a:16:
58:3b:c6:d7:05:b9:80:dc:3b:28:79:c3:98:7d:fd:df:67:c2:
6c:85:98:2a:75:cd:8b:9e:49:7f:d0:e5:de:0f:0e:eb:b1:d2:
ee:95:56:5d:00:24:cc:8e:29:e6:e8:be:6b:f5:7d:44:0f:95:
44:f2:f4:08:8d:52:a2:eb:67:8e:42:27:51:d6:2d:19:84:c0:
22:13:15:e9:51:4a:fa:f3:0f:77:22:65:8a:d3:07:22:a5:14:
17:24:30:53:88:ff:5a:ee:50:a0:d0:a1:10:92:f4:b5:10:dd:
c3:e9:a4:96:d7:c6:f7:22:f3:70:b2:ec:3b:77:56:06:31:4e:
11:1a:05:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVs7w2m4JLkzIzIwlg1OXFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2YmZjNjU3NmZmNDI4N2E4OGU5ZGUzZTIxMGI5ZWMwZTEx
MWI1YWQwHhcNMjMwMTAxMTA0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjM4ODQyNmI3OWI0MDYyZGMxYzI5NjcwYzZlZGVmMjg5Y2RmMTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApadB+fgSmJpEK1c970saS41vxM11
IAfeXLWc8MnUgmWVkvINeKDCpvRpyDNZx8uoJ5Bsq1JmIXjtiq6y7F1w3Lz1pKUP
ehPghpwv6k38dwex5yTi6aJHWr3G2o/VYsVRPyIBv4wovqbxyiZPMmO+cfRCBOaO
VrX2b46JamAtFBrVYzjeFs6BLUv90k4y2+Zv+pf4xY5FBijyiovej7z9dXjh6QQA
KCUpOR+JoNFyGGn8AjDxvcOvQE8M/M+ktOo6rzPAWcgwO9xQpSkbx1Z4wyNfnb1w
dQiOFg4RfVBkcP1OYmWvxQnKxYLEgFekXa6dlY9GWZJoHfSQIR0HrSa9MwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG84hCa3m0Bi3BwpZwxu3vKJzfGYMB8GA1UdIwQY
MBaAFBa/xldv9Ch6iOnePiELnsDhEbWtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnJfR1YyXzBLSHFJNmQ0LUlRdWV3T0VSdGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS85MjkzY2YtMjkzOS00ODZlLWI4Zjgt
YzU4YTlkNWM3NTM0LzEvYnppRUpyZWJRR0xjSENsbkRHN2U4b25OOFpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS85MjkzY2YtMjkzOS00ODZlLWI4ZjgtYzU4YTlkNWM3NTM0
LzEvRnJfR1YyXzBLSHFJNmQ0LUlRdWV3T0VSdGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDPkWAAwQG
WZSAAwQCuTOoMA0GCSqGSIb3DQEBCwUAA4IBAQAGW+d8t8M1i9LJMnqsyiQiGNF6
N7NXI34xxrIIcSnY5gr3VUA7SJJYqn/dHI4zT1G1KGMYzbMHC+Qkkgihzb6da35f
3R7pISaVEpWkVYGrAsW5eNXqscviWpyqcn8GOHh4t6vzNnieNbaBYLOi/2/yAjdC
yFUlY0ajPg4OihZYO8bXBbmA3DsoecOYff3fZ8JshZgqdc2Lnkl/0OXeDw7rsdLu
lVZdACTMjinm6L5r9X1ED5VE8vQIjVKi62eOQidR1i0ZhMAiExXpUUr68w93ImWK
0wcipRQXJDBTiP9a7lCg0KEQkvS1EN3D6aSW18b3IvNwsuw7d1YGMU4RGgUZ
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:50 2024 by rpki-client on console-fra.rpki-client.org