Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BzZmWD08wVZ_SvH1cpks9ugLMZ4.roa
File: BzZmWD08wVZ_SvH1cpks9ugLMZ4.roa (raw, json)
Hash identifier: 5H5sUSdaBEQJk2JMZf85SNp43fBlMKIXITonWABup1E=
Subject key identifier: 07:36:66:58:3D:3C:C1:56:7F:4A:F1:F5:72:99:2C:F6:E8:0B:31:9E
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 018CCA2A5D5B112427F01B76B65515FA0683
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BzZmWD08wVZ_SvH1cpks9ugLMZ4.roa
Signing time: Tue 02 Jan 2024 12:33:43 +0000
ROA not before: Tue 02 Jan 2024 12:33:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204948
IP address blocks: 185.234.248.0/23 maxlen: 23
185.234.250.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Nov 2024 11:16:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:5d:5b:11:24:27:f0:1b:76:b6:55:15:fa:06:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Jan 2 12:33:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=073666583d3cc1567f4af1f572992cf6e80b319e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:dc:88:ae:be:b0:45:62:ea:82:fc:46:8d:89:
3e:94:ea:ad:41:35:19:9f:ef:40:78:8e:9c:cc:ce:
bd:0f:52:fc:85:bf:7f:ee:86:2e:4f:b6:44:60:5d:
cc:3c:0c:95:81:e0:ef:39:0c:1b:85:16:31:50:cd:
de:89:9b:8e:80:ae:51:8f:47:81:c6:d7:ec:92:63:
4f:82:99:35:0f:90:1c:16:2a:fe:ca:99:10:4a:3f:
67:5b:ea:44:82:e7:a0:81:3b:93:8c:3c:9c:90:63:
b0:cc:0f:7c:63:c6:27:5b:db:c8:cc:45:1b:1b:f8:
b5:e6:95:55:fb:b9:d2:46:5c:1b:e8:18:5f:e2:c7:
a2:d5:68:8f:20:38:c8:43:4e:fc:e7:bb:28:3c:d0:
bf:fc:ce:d8:68:eb:e0:22:32:f6:06:75:79:fd:d4:
0d:40:42:38:75:2c:f6:b8:68:8b:f4:80:fb:a1:04:
9f:d6:b7:aa:05:5d:cf:b4:40:b1:db:72:77:6d:ef:
b6:48:70:aa:62:ae:9e:13:53:03:2f:4b:97:b3:0f:
27:f0:90:ad:cf:5d:5a:36:8d:38:f6:ff:48:4f:92:
68:51:13:30:5f:32:8b:bb:fb:1b:50:5e:23:fb:f9:
25:96:b4:9d:a2:e8:9c:cb:ac:35:5b:7f:ea:07:71:
13:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:36:66:58:3D:3C:C1:56:7F:4A:F1:F5:72:99:2C:F6:E8:0B:31:9E
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BzZmWD08wVZ_SvH1cpks9ugLMZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.248.0/22
Signature Algorithm: sha256WithRSAEncryption
12:53:31:5a:85:50:1c:9e:8e:ab:89:84:aa:52:fb:31:49:45:
08:e7:b0:17:95:08:e4:ad:7f:eb:f8:1f:74:e1:1b:03:f2:db:
05:01:ff:9f:11:d3:33:9d:b5:c9:9c:51:7e:8c:c5:2c:e1:ee:
bf:97:b1:18:05:4a:ad:d0:08:29:55:cb:53:51:2b:df:e8:33:
03:48:5d:65:b2:34:c8:05:ce:75:29:95:aa:e9:41:5d:6b:fb:
df:08:52:df:48:c0:ac:f7:68:20:b3:f0:a9:d1:99:b1:49:41:
ac:1a:3f:17:8e:d0:e0:d3:d1:3e:c2:77:60:8d:57:86:8c:f6:
1a:1c:50:24:ef:13:3c:06:6e:d8:34:88:42:b0:ec:90:16:c7:
d1:6f:02:71:37:66:63:33:de:71:9b:75:6a:d3:e5:fe:9d:9b:
09:63:27:34:c0:aa:1e:44:8d:54:b8:81:22:fe:74:5c:85:36:
22:a5:0a:55:f5:0f:fc:e2:5e:3b:c1:5c:7e:bc:f5:5d:cd:e3:
5d:d5:06:bf:60:70:e7:b3:70:6e:c9:e9:ab:66:e8:a3:45:64:
f9:05:d7:e7:6e:11:c7:67:90:17:b0:be:59:37:ca:6e:cc:1e:
52:33:00:bb:8e:a8:4e:23:ee:ec:96:ca:f6:82:e1:2a:92:b4:
0c:f7:3c:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKl1bESQn8Bt2tlUV+gaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTJhZTJjZDA5NDMzMzAxOGM0MWRhYWZiNDc0YzZjZmE4
MGQwN2QwHhcNMjQwMTAyMTIzMzQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzM2NjY1ODNkM2NjMTU2N2Y0YWYxZjU3Mjk5MmNmNmU4MGIzMTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdyIrr6wRWLqgvxGjYk+lOqtQTUZ
n+9AeI6czM69D1L8hb9/7oYuT7ZEYF3MPAyVgeDvOQwbhRYxUM3eiZuOgK5Rj0eB
xtfskmNPgpk1D5AcFir+ypkQSj9nW+pEgueggTuTjDyckGOwzA98Y8YnW9vIzEUb
G/i15pVV+7nSRlwb6Bhf4sei1WiPIDjIQ07857soPNC//M7YaOvgIjL2BnV5/dQN
QEI4dSz2uGiL9ID7oQSf1reqBV3PtECx23J3be+2SHCqYq6eE1MDL0uXsw8n8JCt
z11aNo049v9IT5JoURMwXzKLu/sbUF4j+/kllrSdouicy6w1W3/qB3ETMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAc2Zlg9PMFWf0rx9XKZLPboCzGeMB8GA1UdIwQY
MBaAFASirizQlDMwGMQdqvtHTGz6gNB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMt
NmU2ZThkOTMwM2U5LzEvQnpabVdEMDh3VlpfU3ZIMWNwa3M5dWdMTVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMtNmU2ZThkOTMwM2U5
LzEvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuer4MA0G
CSqGSIb3DQEBCwUAA4IBAQASUzFahVAcno6riYSqUvsxSUUI57AXlQjkrX/r+B90
4RsD8tsFAf+fEdMznbXJnFF+jMUs4e6/l7EYBUqt0AgpVctTUSvf6DMDSF1lsjTI
Bc51KZWq6UFda/vfCFLfSMCs92ggs/Cp0ZmxSUGsGj8XjtDg09E+wndgjVeGjPYa
HFAk7xM8Bm7YNIhCsOyQFsfRbwJxN2ZjM95xm3Vq0+X+nZsJYyc0wKoeRI1UuIEi
/nRchTYipQpV9Q/84l47wVx+vPVdzeNd1Qa/YHDns3BuyemrZuijRWT5BdfnbhHH
Z5AXsL5ZN8puzB5SMwC7jqhOI+7slsr2guEqkrQM9zyf
-----END CERTIFICATE-----
Generated at Wed Nov 13 13:01:08 2024 by rpki-client on console-fra.rpki-client.org