Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/07fed6-00b3-4cea-a74e-beeebedffc95/1/bzTi6C-4TjkcpL_X6D9KyLTg0KA.roa
File: bzTi6C-4TjkcpL_X6D9KyLTg0KA.roa (raw, json)
Hash identifier: SLiEgRHGWHnzxJwwqFRQ3hKo4mTiz+a7i+MGzKd32oc=
Subject key identifier: 6F:34:E2:E8:2F:B8:4E:39:1C:A4:BF:D7:E8:3F:4A:C8:B4:E0:D0:A0
Certificate issuer: /CN=c50c97eb9baf5428f50f45d330357678b73e061c
Certificate serial: 018C2655BA3B589E1A710BFEAA040EE9553C
Authority key identifier: C5:0C:97:EB:9B:AF:54:28:F5:0F:45:D3:30:35:76:78:B7:3E:06:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xQyX65uvVCj1D0XTMDV2eLc-Bhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/07fed6-00b3-4cea-a74e-beeebedffc95/1/bzTi6C-4TjkcpL_X6D9KyLTg0KA.roa
Signing time: Fri 01 Dec 2023 17:03:21 +0000
ROA not before: Fri 01 Dec 2023 17:03:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207203
IP address blocks: 185.190.48.0/24 maxlen: 24
2a0a:440::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 04 Dec 2023 12:02:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:26:55:ba:3b:58:9e:1a:71:0b:fe:aa:04:0e:e9:55:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c50c97eb9baf5428f50f45d330357678b73e061c
Validity
Not Before: Dec 1 17:03:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f34e2e82fb84e391ca4bfd7e83f4ac8b4e0d0a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:46:31:29:0d:35:45:1a:dd:7b:14:15:2a:ef:
37:52:9a:35:1c:68:b7:54:58:9f:69:e4:f7:ae:fe:
84:7b:cf:8d:d9:80:bd:4a:34:da:83:68:81:17:75:
0a:d6:a8:95:e7:bc:cd:45:79:b9:db:9f:44:0c:e6:
da:d2:62:0c:dd:71:35:77:29:af:62:e4:b7:e2:28:
54:86:99:bf:a5:9c:47:d8:e8:fe:78:25:58:2e:da:
b2:e7:0e:19:50:ff:01:08:9c:1d:ca:02:31:67:64:
19:bb:7e:e2:be:c1:30:75:cc:ff:75:a6:c4:d9:52:
3a:b9:ec:7b:ed:c7:5c:aa:79:70:cd:dd:19:5b:d0:
ee:0a:b7:f5:dd:b2:94:84:04:53:7c:38:f4:e5:56:
76:c1:43:4a:06:dd:14:ac:de:53:67:e1:7d:a6:14:
20:8d:c5:3e:7e:29:25:8b:90:3a:a7:d7:c4:7b:ee:
2b:36:14:32:7d:51:00:02:63:ea:e5:fa:22:6a:98:
d1:dc:4b:0d:38:83:b0:3d:5b:0a:b7:e2:11:99:82:
0d:04:24:93:b7:c0:b2:22:79:90:7e:dc:1f:aa:85:
31:73:ce:e0:f9:2a:49:aa:4d:97:7e:8e:20:a6:58:
50:91:2f:f5:55:71:15:f5:a1:d2:93:9e:b3:32:2c:
56:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:34:E2:E8:2F:B8:4E:39:1C:A4:BF:D7:E8:3F:4A:C8:B4:E0:D0:A0
X509v3 Authority Key Identifier:
keyid:C5:0C:97:EB:9B:AF:54:28:F5:0F:45:D3:30:35:76:78:B7:3E:06:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xQyX65uvVCj1D0XTMDV2eLc-Bhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/07fed6-00b3-4cea-a74e-beeebedffc95/1/bzTi6C-4TjkcpL_X6D9KyLTg0KA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/07fed6-00b3-4cea-a74e-beeebedffc95/1/xQyX65uvVCj1D0XTMDV2eLc-Bhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.48.0/24
IPv6:
2a0a:440::/29
Signature Algorithm: sha256WithRSAEncryption
78:57:2e:f3:41:65:0f:9c:c3:43:c6:e9:66:d6:31:23:cd:2d:
8f:a4:df:1f:3a:7f:de:dc:a0:d4:2b:a7:bd:1a:74:39:41:a1:
c2:d6:ab:d3:89:78:a1:c2:de:c8:02:db:eb:ca:c2:9a:eb:eb:
fa:d5:56:81:b3:da:e6:63:52:6e:80:d3:32:79:48:66:20:4c:
66:e0:5f:2d:ae:a2:36:90:71:62:b5:cb:b2:6f:be:55:9d:ad:
ba:ce:95:cf:69:d5:8e:23:21:b5:53:77:5c:1c:19:c4:93:f1:
88:4b:ba:f6:4e:38:66:f0:a4:ad:88:f4:f3:41:f1:39:93:92:
ff:a3:eb:85:cf:27:d5:7d:d4:39:2c:f3:f9:16:c1:78:ed:ae:
21:01:a2:21:b4:ef:04:e8:9b:4f:0a:fa:11:42:99:7b:1a:a9:
6a:55:83:c0:c8:7a:ba:8e:1c:09:2b:e0:b1:55:db:c6:60:e7:
ae:c5:4c:94:28:20:68:cb:cb:8c:ef:7d:b5:a5:0e:0c:9e:d0:
8e:6a:42:09:43:89:5d:c6:42:c0:09:b1:54:34:d2:86:22:d9:
3b:5b:05:49:76:68:26:db:ed:2d:fe:3d:cc:49:c8:31:4e:90:
8e:75:a1:10:04:b7:13:2c:ec:b3:cc:86:9d:e1:74:c2:7a:b1:
a3:22:09:0a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYwmVbo7WJ4acQv+qgQO6VU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MGM5N2ViOWJhZjU0MjhmNTBmNDVkMzMwMzU3Njc4Yjcz
ZTA2MWMwHhcNMjMxMjAxMTcwMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjM0ZTJlODJmYjg0ZTM5MWNhNGJmZDdlODNmNGFjOGI0ZTBkMGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEYxKQ01RRrdexQVKu83Upo1HGi3
VFifaeT3rv6Ee8+N2YC9SjTag2iBF3UK1qiV57zNRXm5259EDOba0mIM3XE1dymv
YuS34ihUhpm/pZxH2Oj+eCVYLtqy5w4ZUP8BCJwdygIxZ2QZu37ivsEwdcz/dabE
2VI6uex77cdcqnlwzd0ZW9DuCrf13bKUhARTfDj05VZ2wUNKBt0UrN5TZ+F9phQg
jcU+fikli5A6p9fEe+4rNhQyfVEAAmPq5foiapjR3EsNOIOwPVsKt+IRmYINBCST
t8CyInmQftwfqoUxc87g+SpJqk2Xfo4gplhQkS/1VXEV9aHSk56zMixWlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG804ugvuE45HKS/1+g/Ssi04NCgMB8GA1UdIwQY
MBaAFMUMl+ubr1Qo9Q9F0zA1dni3PgYcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFF5WDY1dXZWQ2oxRDBYVE1EVjJlTGMtQmh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8wN2ZlZDYtMDBiMy00Y2VhLWE3NGUt
YmVlZWJlZGZmYzk1LzEvYnpUaTZDLTRUamtjcExfWDZEOUt5TFRnMEtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8wN2ZlZDYtMDBiMy00Y2VhLWE3NGUtYmVlZWJlZGZmYzk1
LzEveFF5WDY1dXZWQ2oxRDBYVE1EVjJlTGMtQmh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAub4wMA0E
AgACMAcDBQMqCgRAMA0GCSqGSIb3DQEBCwUAA4IBAQB4Vy7zQWUPnMNDxulm1jEj
zS2PpN8fOn/e3KDUK6e9GnQ5QaHC1qvTiXihwt7IAtvrysKa6+v61VaBs9rmY1Ju
gNMyeUhmIExm4F8trqI2kHFitcuyb75Vna26zpXPadWOIyG1U3dcHBnEk/GIS7r2
Tjhm8KStiPTzQfE5k5L/o+uFzyfVfdQ5LPP5FsF47a4hAaIhtO8E6JtPCvoRQpl7
GqlqVYPAyHq6jhwJK+CxVdvGYOeuxUyUKCBoy8uM7321pQ4MntCOakIJQ4ldxkLA
CbFUNNKGItk7WwVJdmgm2+0t/j3MScgxTpCOdaEQBLcTLOyzzIad4XTCerGjIgkK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:31 2024 by rpki-client on console-fra.rpki-client.org