Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/bc98cb-971d-4b04-b81e-b610568466b3/1/BexmaNzlBVUcJB5SKx16EKGZX2k.roa
File: BexmaNzlBVUcJB5SKx16EKGZX2k.roa (raw, json)
Hash identifier: n+JYIl58ud8TiOte99vEurBlxBoP4nmCIvwBUC65hZQ=
Subject key identifier: 05:EC:66:68:DC:E5:05:55:1C:24:1E:52:2B:1D:7A:10:A1:99:5F:69
Certificate issuer: /CN=26b9ceb10c2c8c00d16099603cc11bed00547be6
Certificate serial: 01856F5DF9007D1677C72E10C99FBE1D0082
Authority key identifier: 26:B9:CE:B1:0C:2C:8C:00:D1:60:99:60:3C:C1:1B:ED:00:54:7B:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JrnOsQwsjADRYJlgPMEb7QBUe-Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/bc98cb-971d-4b04-b81e-b610568466b3/1/BexmaNzlBVUcJB5SKx16EKGZX2k.roa
Signing time: Sun 01 Jan 2023 22:05:07 +0000
ROA not before: Sun 01 Jan 2023 22:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29686
IP address blocks: 82.96.64.0/18 maxlen: 18
185.191.224.0/22 maxlen: 24
82.96.96.0/24 maxlen: 24
85.190.0.0/18 maxlen: 18
85.190.0.0/19 maxlen: 19
2001:1bc7::/48 maxlen: 48
2001:1bc0::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:f9:00:7d:16:77:c7:2e:10:c9:9f:be:1d:00:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26b9ceb10c2c8c00d16099603cc11bed00547be6
Validity
Not Before: Jan 1 22:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05ec6668dce505551c241e522b1d7a10a1995f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:cc:d1:86:e0:0c:2a:92:16:b6:75:86:5f:c2:
d5:01:71:88:ed:ae:06:c6:75:46:be:4e:8c:24:19:
6f:d1:3b:c5:00:bc:7b:02:e9:3a:09:ab:44:a9:85:
df:11:6a:3e:3e:ef:b4:d1:75:7f:95:7f:a3:69:56:
59:b8:3e:b8:dd:79:b8:8b:bd:34:d0:30:ef:51:53:
d7:3c:b9:c5:84:b4:5d:d7:bb:85:c7:d7:54:d3:a7:
53:0e:c5:36:ff:4e:38:1b:02:9c:05:13:ba:e6:01:
c2:ef:5f:87:7c:fa:f0:f1:a8:f0:1d:b5:2e:37:a0:
18:6c:8e:aa:3e:f7:58:d8:a4:73:0d:cf:1a:2f:7e:
ae:27:6c:0a:79:43:31:ba:77:aa:45:9b:a3:05:28:
35:c6:ae:0a:17:e9:e4:bf:00:9d:6b:61:b2:f4:25:
3c:f5:8e:be:d5:d5:6b:06:77:5e:b7:ef:49:cc:ef:
98:ab:4c:3c:fd:de:0d:05:2f:9a:be:99:82:cb:29:
87:30:62:dc:76:35:01:3e:b9:0c:1f:ba:ca:a5:e2:
04:29:c1:0c:8f:8d:2a:f1:cd:d0:b9:66:a4:f1:20:
f5:f4:c4:85:8c:4a:09:7a:b9:78:a9:22:c4:3f:2f:
f7:41:f2:35:2e:f1:14:db:25:cf:a5:06:06:41:73:
12:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:EC:66:68:DC:E5:05:55:1C:24:1E:52:2B:1D:7A:10:A1:99:5F:69
X509v3 Authority Key Identifier:
keyid:26:B9:CE:B1:0C:2C:8C:00:D1:60:99:60:3C:C1:1B:ED:00:54:7B:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JrnOsQwsjADRYJlgPMEb7QBUe-Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/bc98cb-971d-4b04-b81e-b610568466b3/1/BexmaNzlBVUcJB5SKx16EKGZX2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/bc98cb-971d-4b04-b81e-b610568466b3/1/JrnOsQwsjADRYJlgPMEb7QBUe-Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.96.64.0/18
85.190.0.0/18
185.191.224.0/22
IPv6:
2001:1bc0::/29
Signature Algorithm: sha256WithRSAEncryption
39:0b:42:fb:ae:7d:68:26:02:00:a9:44:25:ab:8a:9c:f1:80:
fe:58:a4:98:6e:4e:a6:ff:70:3f:13:99:25:30:72:b0:b2:3c:
aa:61:f9:65:7e:d6:c4:71:a8:17:ce:3b:71:58:4d:03:ef:46:
48:cc:fd:be:82:4d:5e:7f:a0:e3:f2:2f:43:f1:90:50:af:cf:
8f:33:d8:f2:fa:0a:7a:43:0f:19:d7:70:7c:6c:e4:a4:e7:95:
2d:64:ec:b2:07:a5:9e:d3:c3:66:32:12:5b:f2:02:34:82:c3:
a5:cf:8d:d4:3d:a9:e2:1c:a8:0d:01:15:4b:1b:de:2f:d8:3f:
89:f3:8a:03:53:94:23:7f:90:99:c1:27:7f:de:fe:db:44:46:
da:51:09:e1:22:cc:27:b2:d1:34:9d:0e:20:d5:e2:97:71:70:
fd:ec:39:65:f9:c2:ee:68:f7:9a:bf:05:d3:02:66:6e:a7:ff:
d6:7c:3d:c6:48:31:16:e0:20:b8:be:98:2e:75:ff:a8:26:2c:
28:c7:da:2f:d9:e8:77:06:41:bc:03:f5:51:37:79:58:28:93:
11:6d:a0:cc:b8:bb:d1:e1:bf:8c:5e:77:fe:af:0b:8c:2e:f1:
93:69:a3:48:b3:f7:d1:2b:a7:02:d0:89:d1:75:1d:ee:e5:4b:
69:e3:65:94
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvXfkAfRZ3xy4QyZ++HQCCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YjljZWIxMGMyYzhjMDBkMTYwOTk2MDNjYzExYmVkMDA1
NDdiZTYwHhcNMjMwMTAxMjIwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWVjNjY2OGRjZTUwNTU1MWMyNDFlNTIyYjFkN2ExMGExOTk1ZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmszRhuAMKpIWtnWGX8LVAXGI7a4G
xnVGvk6MJBlv0TvFALx7Auk6CatEqYXfEWo+Pu+00XV/lX+jaVZZuD643Xm4i700
0DDvUVPXPLnFhLRd17uFx9dU06dTDsU2/044GwKcBRO65gHC71+HfPrw8ajwHbUu
N6AYbI6qPvdY2KRzDc8aL36uJ2wKeUMxuneqRZujBSg1xq4KF+nkvwCda2Gy9CU8
9Y6+1dVrBndet+9JzO+Yq0w8/d4NBS+avpmCyymHMGLcdjUBPrkMH7rKpeIEKcEM
j40q8c3QuWak8SD19MSFjEoJerl4qSLEPy/3QfI1LvEU2yXPpQYGQXMShwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAXsZmjc5QVVHCQeUisdehChmV9pMB8GA1UdIwQY
MBaAFCa5zrEMLIwA0WCZYDzBG+0AVHvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnJuT3NRd3NqQURSWUpsZ1BNRWI3UUJVZS1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9iYzk4Y2ItOTcxZC00YjA0LWI4MWUt
YjYxMDU2ODQ2NmIzLzEvQmV4bWFOemxCVlVjSkI1U0t4MTZFS0daWDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9iYzk4Y2ItOTcxZC00YjA0LWI4MWUtYjYxMDU2ODQ2NmIz
LzEvSnJuT3NRd3NqQURSWUpsZ1BNRWI3UUJVZS1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGUmBAAwQG
Vb4AAwQCub/gMA0EAgACMAcDBQMgARvAMA0GCSqGSIb3DQEBCwUAA4IBAQA5C0L7
rn1oJgIAqUQlq4qc8YD+WKSYbk6m/3A/E5klMHKwsjyqYfllftbEcagXzjtxWE0D
70ZIzP2+gk1ef6Dj8i9D8ZBQr8+PM9jy+gp6Qw8Z13B8bOSk55UtZOyyB6We08Nm
MhJb8gI0gsOlz43UPaniHKgNARVLG94v2D+J84oDU5Qjf5CZwSd/3v7bREbaUQnh
IswnstE0nQ4g1eKXcXD97Dll+cLuaPeavwXTAmZup//WfD3GSDEW4CC4vpgudf+o
Jiwox9ov2eh3BkG8A/VRN3lYKJMRbaDMuLvR4b+MXnf+rwuMLvGTaaNIs/fRK6cC
0InRdR3u5Utp42WU
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:13:30 2024 by rpki-client on console.sobornost.net