Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/bzGU5_iJke4zJbrpwYceYUPudlo.roa
File: bzGU5_iJke4zJbrpwYceYUPudlo.roa (raw, json)
Hash identifier: G/iSSVpBoHYX0fYyJHPzn1q2y4aarCOXPSZJXt3iP6Y=
Subject key identifier: 6F:31:94:E7:F8:89:91:EE:33:25:BA:E9:C1:87:1E:61:43:EE:76:5A
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 018F5706D53B787C5E59F6B95BF9DE541CD0
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/bzGU5_iJke4zJbrpwYceYUPudlo.roa
Signing time: Wed 08 May 2024 07:06:56 +0000
ROA not before: Wed 08 May 2024 07:06:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 89.49.0.0/21 maxlen: 24
89.50.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jun 2024 13:22:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:57:06:d5:3b:78:7c:5e:59:f6:b9:5b:f9:de:54:1c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: May 8 07:06:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f3194e7f88991ee3325bae9c1871e6143ee765a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a5:23:fe:b9:42:03:fb:8c:b5:29:c7:02:7d:
9c:8a:50:a8:ba:3d:98:be:4e:3a:d0:f8:df:cc:10:
e5:79:40:d7:f1:e6:2a:9b:a7:df:bb:f2:a0:bb:f9:
c3:33:31:e3:22:97:44:77:76:f2:33:05:f4:f3:b2:
87:c9:70:73:22:78:5c:0f:04:41:91:8f:99:37:e7:
4b:a8:35:81:5e:f7:0e:85:47:34:d4:d0:36:a8:60:
5e:a8:50:03:c3:5e:df:ce:17:36:52:42:2e:1e:b6:
91:97:0c:6f:e4:fd:1d:93:46:14:c5:2a:ca:18:36:
f1:08:32:03:95:e5:cd:04:3e:5e:68:e1:cd:d8:44:
b8:dd:cc:b1:86:e0:5f:bc:f2:5d:a6:e4:9b:a2:a1:
99:02:1a:d6:40:e8:f8:57:25:f2:09:8c:70:c7:ae:
a2:08:c9:04:7f:54:a5:0d:b3:4a:1c:b0:ec:92:7e:
6f:de:d1:e4:c9:1a:6e:8d:89:27:90:c7:d4:ea:7e:
0d:cf:9c:aa:72:e8:c5:01:09:d2:d3:84:c6:58:59:
b9:22:6e:c1:19:b5:32:e5:05:89:a9:ee:27:70:b4:
98:c1:07:f6:c8:9b:92:b5:dd:27:e2:84:ee:ca:82:
2e:8f:80:0d:4e:9a:8e:94:6e:3c:c5:f5:21:ae:fa:
62:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:31:94:E7:F8:89:91:EE:33:25:BA:E9:C1:87:1E:61:43:EE:76:5A
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/bzGU5_iJke4zJbrpwYceYUPudlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.49.0.0/21
89.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:da:65:09:21:3e:11:4b:28:03:a0:35:bf:5f:67:52:25:f7:
4e:ca:69:51:b9:f5:d7:2b:1c:84:3f:22:b1:6b:02:d4:ac:c7:
31:f2:fb:b8:06:66:79:43:0d:c8:fa:4e:06:fe:fd:63:58:8f:
7a:7c:e3:fa:23:ad:1b:8c:de:a9:5f:8b:43:3c:93:bd:e9:f2:
a0:a1:69:c2:ca:73:bf:4e:3e:30:c1:05:60:f9:e6:ea:bb:ee:
63:1b:f7:95:5c:5a:75:bd:32:ce:e2:ad:31:95:33:49:c1:eb:
0c:44:99:45:f8:95:b5:72:31:ea:f5:2e:7e:41:da:d4:e8:d7:
36:f3:eb:1e:3b:d4:77:48:1e:28:b5:8b:6c:03:f7:25:05:2a:
42:da:a3:d7:b4:e8:bc:86:18:0a:97:ba:f8:67:9a:25:d7:94:
a5:18:c0:eb:2c:3a:f6:80:86:4c:e5:0a:cb:8b:e6:f3:6d:1b:
90:90:50:5e:ce:00:5d:42:47:51:3c:b6:55:ef:a3:53:4e:3f:
d0:34:91:8e:ce:85:6f:79:11:20:c9:4d:15:e1:3b:87:7e:e6:
2a:81:a0:a0:44:df:21:69:0b:93:0d:fe:3f:13:ad:7d:5f:d1:
7b:1f:3c:ec:ce:d9:94:5e:00:c3:00:93:52:b0:18:d7:e4:cd:
71:5e:7c:ba
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAY9XBtU7eHxeWfa5W/neVBzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjQwNTA4MDcwNjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjMxOTRlN2Y4ODk5MWVlMzMyNWJhZTljMTg3MWU2MTQzZWU3NjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqUj/rlCA/uMtSnHAn2cilCouj2Y
vk460PjfzBDleUDX8eYqm6ffu/Kgu/nDMzHjIpdEd3byMwX087KHyXBzInhcDwRB
kY+ZN+dLqDWBXvcOhUc01NA2qGBeqFADw17fzhc2UkIuHraRlwxv5P0dk0YUxSrK
GDbxCDIDleXNBD5eaOHN2ES43cyxhuBfvPJdpuSboqGZAhrWQOj4VyXyCYxwx66i
CMkEf1SlDbNKHLDskn5v3tHkyRpujYknkMfU6n4Nz5yqcujFAQnS04TGWFm5Im7B
GbUy5QWJqe4ncLSYwQf2yJuStd0n4oTuyoIuj4ANTpqOlG48xfUhrvpiIQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFG8xlOf4iZHuMyW66cGHHmFD7nZaMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvYnpHVTVfaUprZTR6SmJycHdZY2VZVVB1ZGxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwQDWTEAAwMA
WTIwDQYJKoZIhvcNAQELBQADggEBADjaZQkhPhFLKAOgNb9fZ1Il907KaVG59dcr
HIQ/IrFrAtSsxzHy+7gGZnlDDcj6Tgb+/WNYj3p84/ojrRuM3qlfi0M8k73p8qCh
acLKc79OPjDBBWD55uq77mMb95VcWnW9Ms7irTGVM0nB6wxEmUX4lbVyMer1Ln5B
2tTo1zbz6x471HdIHii1i2wD9yUFKkLao9e06LyGGAqXuvhnmiXXlKUYwOssOvaA
hkzlCsuL5vNtG5CQUF7OAF1CR1E8tlXvo1NOP9A0kY7OhW95ESDJTRXhO4d+5iqB
oKBE3yFpC5MN/j8TrX1f0XsfPOzO2ZReAMMAk1KwGNfkzXFefLo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:53 2024 by rpki-client on console-ams.rpki-client.org