Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/BzsOU_9jmAuzUf77jP9Dv36I4Kc.roa
File: BzsOU_9jmAuzUf77jP9Dv36I4Kc.roa (raw, json)
Hash identifier: ecNBSKqpE2bjcxJo9V/tWETpgA++LOmg7vGNIbYfT6g=
Subject key identifier: 07:3B:0E:53:FF:63:98:0B:B3:51:FE:FB:8C:FF:43:BF:7E:88:E0:A7
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737ADB0926E428636C92919A2403AB71
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/BzsOU_9jmAuzUf77jP9Dv36I4Kc.roa
Signing time: Mon 02 Jan 2023 17:15:08 +0000
ROA not before: Mon 02 Jan 2023 17:15:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209451
IP address blocks: 185.245.132.0/22 maxlen: 24
2a09:55c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:db:09:26:e4:28:63:6c:92:91:9a:24:03:ab:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=073b0e53ff63980bb351fefb8cff43bf7e88e0a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c6:e0:a3:0e:ba:63:2d:3c:1b:6f:ca:88:aa:
d5:14:10:45:07:0f:5d:a7:da:e2:fb:d5:7c:7d:cb:
cd:0c:da:72:3c:b8:87:8d:a0:2b:11:fb:be:97:e7:
38:5d:51:3a:7d:e7:1a:9d:e1:7f:52:33:c2:99:39:
f1:f7:d7:e0:cd:57:4b:20:8c:4a:13:6a:eb:14:a9:
38:d2:1e:3a:f6:da:3f:76:7e:5f:76:c2:a9:5c:15:
a7:04:98:05:ae:fc:15:1e:e4:34:76:a2:cf:65:41:
54:c3:a9:04:63:de:2f:9c:0b:1e:b5:fe:32:0f:15:
8f:7b:14:3f:5b:81:43:2b:5e:a3:7c:38:b3:34:57:
e4:75:86:da:4b:4d:76:13:e3:02:b8:c4:6f:d4:ac:
42:e0:ed:f9:26:bb:8a:8f:14:64:23:a5:09:a3:d7:
fc:5d:85:d2:bc:d4:d0:44:f6:86:86:c4:89:89:08:
ec:3c:6b:cf:3e:8d:68:b4:72:31:9a:b7:dc:cc:d3:
9c:0b:86:41:39:6f:e2:d7:5b:34:b5:73:46:32:a9:
0d:e3:01:f4:31:29:f6:f6:2c:20:71:44:ac:07:f6:
84:e3:e0:a8:78:97:bc:42:24:93:cf:80:16:c9:c1:
23:ae:71:85:f7:de:6c:5d:86:ea:64:bf:6b:ab:fe:
fb:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:3B:0E:53:FF:63:98:0B:B3:51:FE:FB:8C:FF:43:BF:7E:88:E0:A7
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/BzsOU_9jmAuzUf77jP9Dv36I4Kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.132.0/22
IPv6:
2a09:55c0::/29
Signature Algorithm: sha256WithRSAEncryption
92:4d:15:a0:64:65:2f:fb:bd:70:f9:65:8d:85:bd:68:c6:89:
13:5a:10:19:50:3f:4b:ec:b1:97:4d:4a:60:d7:1c:40:e6:f0:
a3:9b:6f:70:77:ff:fe:79:0e:c8:85:33:aa:b3:17:38:da:52:
64:29:f4:a4:b6:77:ec:c7:1c:a0:c2:cb:98:e9:cd:69:41:16:
6e:b0:32:d8:7e:98:6c:8a:44:74:6b:c3:b5:ff:9f:fa:9f:c1:
02:1b:c0:99:99:a9:97:ed:05:18:bd:9e:54:e6:c9:37:04:49:
fe:ce:5f:63:e9:74:6b:e8:33:33:65:a0:5b:65:ae:57:83:0b:
c7:a9:54:88:19:5e:44:85:3c:11:ed:b8:ba:c8:73:1b:85:22:
c3:e9:37:c1:e7:83:00:7f:76:36:ad:39:52:c5:bf:46:3b:f2:
35:63:bb:d5:81:36:86:89:a7:2a:dd:d2:03:83:63:4a:44:f8:
dd:f7:f8:45:10:52:9d:91:0f:61:df:c8:e3:34:95:3e:b3:d4:
44:90:00:83:df:55:87:87:f0:cc:18:7f:1a:2f:0f:05:d2:9e:
2b:c8:1a:6d:f9:38:11:12:f4:5e:b5:08:0b:9f:19:14:0a:19:
f6:ee:49:bd:4a:09:32:0f:ef:ee:d0:b0:9e:8c:2c:ec:df:8d:
e5:05:f9:0d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzetsJJuQoY2ySkZokA6txMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzNiMGU1M2ZmNjM5ODBiYjM1MWZlZmI4Y2ZmNDNiZjdlODhlMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosbgow66Yy08G2/KiKrVFBBFBw9d
p9ri+9V8fcvNDNpyPLiHjaArEfu+l+c4XVE6fecaneF/UjPCmTnx99fgzVdLIIxK
E2rrFKk40h469to/dn5fdsKpXBWnBJgFrvwVHuQ0dqLPZUFUw6kEY94vnAsetf4y
DxWPexQ/W4FDK16jfDizNFfkdYbaS012E+MCuMRv1KxC4O35JruKjxRkI6UJo9f8
XYXSvNTQRPaGhsSJiQjsPGvPPo1otHIxmrfczNOcC4ZBOW/i11s0tXNGMqkN4wH0
MSn29iwgcUSsB/aE4+CoeJe8QiSTz4AWycEjrnGF995sXYbqZL9rq/775QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAc7DlP/Y5gLs1H++4z/Q79+iOCnMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvQnpzT1VfOWptQXV6VWY3N2pQOUR2MzZJNEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufWEMA0E
AgACMAcDBQMqCVXAMA0GCSqGSIb3DQEBCwUAA4IBAQCSTRWgZGUv+71w+WWNhb1o
xokTWhAZUD9L7LGXTUpg1xxA5vCjm29wd//+eQ7IhTOqsxc42lJkKfSktnfsxxyg
wsuY6c1pQRZusDLYfphsikR0a8O1/5/6n8ECG8CZmamX7QUYvZ5U5sk3BEn+zl9j
6XRr6DMzZaBbZa5XgwvHqVSIGV5EhTwR7bi6yHMbhSLD6TfB54MAf3Y2rTlSxb9G
O/I1Y7vVgTaGiacq3dIDg2NKRPjd9/hFEFKdkQ9h38jjNJU+s9REkACD31WHh/DM
GH8aLw8F0p4ryBpt+TgREvRetQgLnxkUChn27km9SgkyD+/u0LCejCzs343lBfkN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:50 2024 by rpki-client on console-ams.rpki-client.org