Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/38f016-f821-4c3e-b391-e2037352725a/1/BIz-9kAPpCxKXNHgBakitNloZJU.roa
File: BIz-9kAPpCxKXNHgBakitNloZJU.roa (raw, json)
Hash identifier: DN7A0n+9HOAoMpTsZz8+XeoDlPvq/rwOfYpyCns8TT8=
Subject key identifier: 04:8C:FE:F6:40:0F:A4:2C:4A:5C:D1:E0:05:A9:22:B4:D9:68:64:95
Certificate issuer: /CN=2fc515b71f91c6e56a14afb4eefd95061dec49d4
Certificate serial: 018CC26D16B1A091725A41CEC20C4E8BB998
Authority key identifier: 2F:C5:15:B7:1F:91:C6:E5:6A:14:AF:B4:EE:FD:95:06:1D:EC:49:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L8UVtx-RxuVqFK-07v2VBh3sSdQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/38f016-f821-4c3e-b391-e2037352725a/1/BIz-9kAPpCxKXNHgBakitNloZJU.roa
Signing time: Mon 01 Jan 2024 00:29:38 +0000
ROA not before: Mon 01 Jan 2024 00:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197659
IP address blocks: 91.223.228.0/24 maxlen: 24
185.188.48.0/22 maxlen: 22
2a0b:c080::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:16:b1:a0:91:72:5a:41:ce:c2:0c:4e:8b:b9:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fc515b71f91c6e56a14afb4eefd95061dec49d4
Validity
Not Before: Jan 1 00:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=048cfef6400fa42c4a5cd1e005a922b4d9686495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4a:c5:bd:ad:4c:2a:a7:b4:5c:4f:35:92:8c:
8c:3c:57:3d:27:c7:cc:64:71:00:5e:4f:de:c2:a4:
40:6c:ae:5c:04:39:d8:51:aa:de:d9:8f:b8:b4:d4:
51:81:90:7b:60:54:fb:57:cb:40:52:74:06:a0:a0:
76:2e:b7:0a:16:a5:fd:5c:42:8f:c2:68:f8:51:a8:
50:74:ea:bf:28:6f:15:37:b9:63:89:71:28:0f:d5:
55:df:c5:95:94:ee:01:9c:b4:70:b2:0e:4a:8e:d0:
9a:f9:08:e3:ab:96:12:9d:7c:20:4f:66:87:2f:67:
5c:b3:31:c4:fc:79:a6:42:fe:c8:4c:6c:8d:5c:a8:
4a:5f:f7:48:da:b4:6a:07:0a:62:c2:0c:c3:bb:f3:
29:ad:88:e3:52:d3:36:9c:e0:e6:be:ed:bd:bf:03:
5c:4f:f7:b4:0d:c7:33:f1:75:d9:17:75:40:7a:49:
f3:b7:34:2e:45:94:d3:41:b9:7a:e9:46:61:b2:de:
11:d6:06:70:d3:32:bf:02:5a:2f:81:50:2a:ea:9d:
72:82:87:42:ec:48:e5:f9:5d:a8:15:af:3b:5d:74:
c0:3e:5b:3f:53:81:59:73:e3:3b:71:d9:36:a6:c7:
82:f9:33:61:c3:c6:a8:70:b9:d9:2a:d3:97:a2:af:
e7:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:8C:FE:F6:40:0F:A4:2C:4A:5C:D1:E0:05:A9:22:B4:D9:68:64:95
X509v3 Authority Key Identifier:
keyid:2F:C5:15:B7:1F:91:C6:E5:6A:14:AF:B4:EE:FD:95:06:1D:EC:49:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L8UVtx-RxuVqFK-07v2VBh3sSdQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/38f016-f821-4c3e-b391-e2037352725a/1/BIz-9kAPpCxKXNHgBakitNloZJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/38f016-f821-4c3e-b391-e2037352725a/1/L8UVtx-RxuVqFK-07v2VBh3sSdQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.228.0/24
185.188.48.0/22
IPv6:
2a0b:c080::/29
Signature Algorithm: sha256WithRSAEncryption
15:15:41:6c:f5:af:a2:21:ba:9c:23:f2:2d:e9:30:17:cb:cd:
1b:12:e8:41:a5:51:d1:d3:87:d1:91:95:2e:5c:ca:58:a7:5f:
b8:ef:f9:45:65:f2:81:57:62:66:8b:78:23:10:14:4f:1c:4a:
2c:19:52:32:66:66:d4:38:ea:5a:57:d2:33:ee:67:2d:8a:a0:
1e:52:af:04:d7:f5:05:49:53:ba:5b:fd:d4:b7:0a:47:8a:7a:
db:1c:98:b3:2e:57:10:ca:ff:ff:0c:fe:ec:83:dd:c0:4f:3d:
18:25:c7:a3:98:d1:23:a0:14:5b:12:f0:05:b3:b5:a3:e8:e6:
a3:1e:12:69:b6:fa:66:0b:eb:00:bd:42:9e:35:a4:e0:96:b0:
cd:91:d0:43:7b:66:1d:5b:63:9d:94:71:62:69:6a:49:1a:80:
57:16:0c:42:2c:4e:8b:67:20:87:d7:61:9c:88:22:66:93:18:
a7:b5:f8:8a:8a:c7:9d:e7:95:f8:98:97:5c:73:24:c0:1b:cb:
f6:99:8b:d2:c8:b1:e3:7b:bf:9a:27:fa:7c:64:5f:36:04:c4:
2a:08:f4:ce:74:9b:1d:e8:cc:3d:ef:50:d4:e3:48:6a:35:41:
21:b2:bd:ac:83:4b:5f:71:f2:7d:44:a0:ad:70:96:67:35:43:
e1:ab:82:40
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzCbRaxoJFyWkHOwgxOi7mYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYzUxNWI3MWY5MWM2ZTU2YTE0YWZiNGVlZmQ5NTA2MWRl
YzQ5ZDQwHhcNMjQwMTAxMDAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDhjZmVmNjQwMGZhNDJjNGE1Y2QxZTAwNWE5MjJiNGQ5Njg2NDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUrFva1MKqe0XE81koyMPFc9J8fM
ZHEAXk/ewqRAbK5cBDnYUare2Y+4tNRRgZB7YFT7V8tAUnQGoKB2LrcKFqX9XEKP
wmj4UahQdOq/KG8VN7ljiXEoD9VV38WVlO4BnLRwsg5KjtCa+Qjjq5YSnXwgT2aH
L2dcszHE/HmmQv7ITGyNXKhKX/dI2rRqBwpiwgzDu/MprYjjUtM2nODmvu29vwNc
T/e0Dccz8XXZF3VAeknztzQuRZTTQbl66UZhst4R1gZw0zK/AlovgVAq6p1ygodC
7Ejl+V2oFa87XXTAPls/U4FZc+M7cdk2pseC+TNhw8aocLnZKtOXoq/nBQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFASM/vZAD6QsSlzR4AWpIrTZaGSVMB8GA1UdIwQY
MBaAFC/FFbcfkcblahSvtO79lQYd7EnUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDhVVnR4LVJ4dVZxRkstMDd2MlZCaDNzU2RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zOGYwMTYtZjgyMS00YzNlLWIzOTEt
ZTIwMzczNTI3MjVhLzEvQkl6LTlrQVBwQ3hLWE5IZ0Jha2l0TmxvWkpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zOGYwMTYtZjgyMS00YzNlLWIzOTEtZTIwMzczNTI3MjVh
LzEvTDhVVnR4LVJ4dVZxRkstMDd2MlZCaDNzU2RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9/kAwQC
ubwwMA0EAgACMAcDBQMqC8CAMA0GCSqGSIb3DQEBCwUAA4IBAQAVFUFs9a+iIbqc
I/It6TAXy80bEuhBpVHR04fRkZUuXMpYp1+47/lFZfKBV2Jmi3gjEBRPHEosGVIy
ZmbUOOpaV9Iz7mctiqAeUq8E1/UFSVO6W/3UtwpHinrbHJizLlcQyv//DP7sg93A
Tz0YJcejmNEjoBRbEvAFs7Wj6OajHhJptvpmC+sAvUKeNaTglrDNkdBDe2YdW2Od
lHFiaWpJGoBXFgxCLE6LZyCH12GciCJmkxintfiKised55X4mJdccyTAG8v2mYvS
yLHje7+aJ/p8ZF82BMQqCPTOdJsd6Mw971DU40hqNUEhsr2sg0tfcfJ9RKCtcJZn
NUPhq4JA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:59 2025 by rpki-client