Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/bssALSGhUwZ5UW1VqMgm-tpn9wg.roa
File: bssALSGhUwZ5UW1VqMgm-tpn9wg.roa (raw, json)
Hash identifier: AKsViESUYGL5Sey88ke6mz2IalHrHug30u5tVVtS7tU=
Subject key identifier: 6E:CB:00:2D:21:A1:53:06:79:51:6D:55:A8:C8:26:FA:DA:67:F7:08
Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Certificate serial: 01939C0DFBBB1B2B56B6C8B1BA4F604B6C33
Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/bssALSGhUwZ5UW1VqMgm-tpn9wg.roa
Signing time: Fri 06 Dec 2024 12:59:42 +0000
ROA not before: Fri 06 Dec 2024 12:59:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198584
IP address blocks: 45.153.33.0/24 maxlen: 24
195.62.32.0/24 maxlen: 24
2a10:ca80::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 17 Dec 2024 14:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9c:0d:fb:bb:1b:2b:56:b6:c8:b1:ba:4f:60:4b:6c:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Validity
Not Before: Dec 6 12:59:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ecb002d21a1530679516d55a8c826fada67f708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d8:11:f9:53:56:51:50:9a:fe:94:9c:9e:a9:
56:dc:70:64:c6:86:96:61:e3:74:76:10:91:1e:c5:
36:ed:f8:44:7e:ea:63:c6:c3:03:93:6c:20:9c:b6:
75:35:cd:ed:07:fc:24:98:ac:6b:c1:3d:b2:87:5a:
4c:9f:df:0c:c0:e4:51:30:fd:0c:49:0c:02:b7:cb:
63:a3:e8:d7:12:e0:8d:34:ac:8b:ea:91:89:c2:06:
ac:72:d3:5c:67:ea:e4:fa:b3:3f:c9:af:af:58:9c:
d7:a2:a1:e2:fe:ea:61:07:07:a5:16:ba:7e:95:01:
80:41:1c:c1:c4:f6:10:e1:6a:4d:5e:9c:53:ca:d3:
0d:5b:ba:e4:a8:81:51:e6:a3:e2:80:96:8a:ae:3d:
63:57:69:13:24:c5:dd:d8:ac:26:19:50:b6:a4:35:
61:98:06:0c:a7:78:88:c0:d1:98:8d:91:7a:a2:32:
5d:17:6a:ce:e0:4c:b4:a6:25:15:f5:9f:1f:97:96:
fd:39:d1:ea:2f:b3:6b:fb:ff:c2:68:9c:7c:27:fd:
f2:18:6e:76:17:a1:0b:d0:ea:ed:1f:c1:bf:b9:ad:
56:fe:2b:1b:d4:f4:39:bc:0e:d3:c8:64:c6:34:c4:
07:8d:ba:3f:e9:08:84:4f:7a:17:7e:62:1a:54:91:
b9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:CB:00:2D:21:A1:53:06:79:51:6D:55:A8:C8:26:FA:DA:67:F7:08
X509v3 Authority Key Identifier:
keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/bssALSGhUwZ5UW1VqMgm-tpn9wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.33.0/24
195.62.32.0/24
IPv6:
2a10:ca80::/48
Signature Algorithm: sha256WithRSAEncryption
77:7b:8d:f2:4e:86:e0:ea:f7:55:13:b7:41:68:67:3a:cc:24:
88:c4:ee:e9:a9:4b:cb:47:6b:6e:21:1f:fc:b6:32:4f:d1:14:
aa:71:c1:ed:ad:7a:d8:5e:12:ae:33:22:39:6b:35:77:9f:20:
c1:63:9a:29:42:5c:db:aa:8d:17:20:93:72:6a:36:34:05:27:
fa:99:2b:e7:80:65:06:d0:0f:ef:70:01:7c:80:26:31:f1:1d:
99:68:16:5c:1f:4f:f4:48:55:1e:1a:3c:e8:13:c6:35:e9:30:
3b:06:af:c3:0a:9e:3b:78:04:00:4d:7b:3a:d8:e2:4e:04:e7:
d1:77:54:bc:01:ac:ec:f6:fe:20:8a:0b:f3:8d:83:2c:f8:a2:
53:7f:a0:63:22:ae:52:4a:60:0b:1c:d2:06:c4:6a:da:bf:28:
5b:cc:30:25:d6:9c:64:34:96:2f:78:f2:22:6b:48:14:a5:dc:
13:e4:d9:4c:3f:cf:31:d4:c1:4c:d2:3f:3c:b3:1a:9b:94:c1:
1a:fd:f2:00:6d:d8:ef:3f:4a:f1:de:de:8a:e8:d3:72:60:bd:
83:26:34:7d:87:6a:1d:11:45:4e:ed:9f:fc:3e:46:ae:b2:ab:
d4:32:fc:68:d9:ce:98:7a:8f:f9:05:ff:18:1e:63:f5:b0:37:
79:07:31:55
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZOcDfu7GytWtsixuk9gS2wzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5
ZTc1MzAwHhcNMjQxMjA2MTI1OTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWNiMDAyZDIxYTE1MzA2Nzk1MTZkNTVhOGM4MjZmYWRhNjdmNzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39gR+VNWUVCa/pScnqlW3HBkxoaW
YeN0dhCRHsU27fhEfupjxsMDk2wgnLZ1Nc3tB/wkmKxrwT2yh1pMn98MwORRMP0M
SQwCt8tjo+jXEuCNNKyL6pGJwgasctNcZ+rk+rM/ya+vWJzXoqHi/uphBwelFrp+
lQGAQRzBxPYQ4WpNXpxTytMNW7rkqIFR5qPigJaKrj1jV2kTJMXd2KwmGVC2pDVh
mAYMp3iIwNGYjZF6ojJdF2rO4Ey0piUV9Z8fl5b9OdHqL7Nr+//CaJx8J/3yGG52
F6EL0OrtH8G/ua1W/isb1PQ5vA7TyGTGNMQHjbo/6QiET3oXfmIaVJG5AQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFG7LAC0hoVMGeVFtVajIJvraZ/cIMB8GA1UdIwQY
MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt
NDg1MmM4ZmY4YWYyLzEvYnNzQUxTR2hVd1o1VVcxVnFNZ20tdHBuOXdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy
LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALZkhAwQA
wz4gMA8EAgACMAkDBwAqEMqAAAAwDQYJKoZIhvcNAQELBQADggEBAHd7jfJOhuDq
91UTt0FoZzrMJIjE7umpS8tHa24hH/y2Mk/RFKpxwe2tetheEq4zIjlrNXefIMFj
milCXNuqjRcgk3JqNjQFJ/qZK+eAZQbQD+9wAXyAJjHxHZloFlwfT/RIVR4aPOgT
xjXpMDsGr8MKnjt4BABNezrY4k4E59F3VLwBrOz2/iCKC/ONgyz4olN/oGMirlJK
YAsc0gbEatq/KFvMMCXWnGQ0li948iJrSBSl3BPk2Uw/zzHUwUzSPzyzGpuUwRr9
8gBt2O8/SvHe3oro03JgvYMmNH2Hah0RRU7tn/w+Rq6yq9Qy/GjZzph6j/kF/xge
Y/WwN3kHMVU=
-----END CERTIFICATE-----
Generated at Sun May 11 13:29:00 2025 by rpki-client