Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/9c6546-5811-4194-bfeb-2ab9046ebc11/1/BP4hTioMt5assvWs26x3qcwrdbA.roa
File: BP4hTioMt5assvWs26x3qcwrdbA.roa (raw, json)
Hash identifier: Nw7cses+oOrM5GuBRBZucjYzPBYqJfB81fFk0Cufu3g=
Subject key identifier: 04:FE:21:4E:2A:0C:B7:96:AC:B2:F5:AC:DB:AC:77:A9:CC:2B:75:B0
Certificate issuer: /CN=524e5f7961225fbfe341f6bfd6be8e1a21ef8c0f
Certificate serial: 018CC2DADF0DB3A22FCFBF160CA96960C5B7
Authority key identifier: 52:4E:5F:79:61:22:5F:BF:E3:41:F6:BF:D6:BE:8E:1A:21:EF:8C:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uk5feWEiX7_jQfa_1r6OGiHvjA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/9c6546-5811-4194-bfeb-2ab9046ebc11/1/BP4hTioMt5assvWs26x3qcwrdbA.roa
Signing time: Mon 01 Jan 2024 02:29:33 +0000
ROA not before: Mon 01 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204515
IP address blocks: 185.230.76.0/22 maxlen: 22
2a0c:700::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:df:0d:b3:a2:2f:cf:bf:16:0c:a9:69:60:c5:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=524e5f7961225fbfe341f6bfd6be8e1a21ef8c0f
Validity
Not Before: Jan 1 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04fe214e2a0cb796acb2f5acdbac77a9cc2b75b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ce:21:ae:f2:1e:84:25:a0:39:b1:e5:82:cc:
a1:d3:ba:07:7b:15:d1:72:f2:d2:79:ec:3a:05:4c:
1f:69:4c:26:06:4e:6f:7f:e1:96:7d:2e:e2:e8:3d:
ae:88:12:26:9e:5c:e2:2e:85:f8:8e:a3:06:21:40:
ce:0f:3c:9b:31:45:c9:6c:61:5e:25:9f:db:0f:d7:
7b:73:9a:d3:91:3a:4f:e1:53:a6:f0:e3:13:1c:8b:
4d:98:10:4a:c6:ff:c1:36:cf:34:57:eb:d2:39:ed:
44:f8:99:6d:e6:57:22:bf:f8:38:f9:cd:73:9d:d2:
2b:60:13:04:87:ad:3c:4d:75:5f:77:4d:74:f4:75:
e2:39:a8:a3:39:46:fe:06:48:5a:56:50:a8:9a:e9:
67:44:a8:13:d8:df:d3:0e:b9:26:71:40:7d:36:29:
3d:2e:af:7a:08:de:f3:4e:ab:54:48:6b:12:01:39:
07:13:e0:86:61:f9:84:b1:d9:e3:6f:a2:a7:7e:63:
0d:5c:df:88:20:9f:98:0c:05:eb:bf:61:81:4a:12:
b3:42:33:46:46:39:ef:34:66:1c:56:bc:3f:06:42:
74:31:de:f1:ff:73:10:b2:f2:e7:59:02:4f:a5:4a:
16:89:58:65:42:9c:33:a8:9c:9c:ed:50:92:6d:68:
c8:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:FE:21:4E:2A:0C:B7:96:AC:B2:F5:AC:DB:AC:77:A9:CC:2B:75:B0
X509v3 Authority Key Identifier:
keyid:52:4E:5F:79:61:22:5F:BF:E3:41:F6:BF:D6:BE:8E:1A:21:EF:8C:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uk5feWEiX7_jQfa_1r6OGiHvjA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/9c6546-5811-4194-bfeb-2ab9046ebc11/1/BP4hTioMt5assvWs26x3qcwrdbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/9c6546-5811-4194-bfeb-2ab9046ebc11/1/Uk5feWEiX7_jQfa_1r6OGiHvjA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.76.0/22
IPv6:
2a0c:700::/32
Signature Algorithm: sha256WithRSAEncryption
83:08:af:b2:e5:77:f5:96:eb:f9:00:6e:b4:63:b4:dd:a1:aa:
f8:8d:fe:78:24:44:2a:cc:a3:d7:aa:0f:6c:ab:58:6b:77:3e:
4d:2d:61:7e:6a:6f:b6:c2:85:b8:fc:50:cc:4f:ec:8d:ad:1b:
e5:50:33:64:74:1c:a3:60:0d:fa:3b:b8:44:5a:8e:9e:d7:b0:
1d:32:5e:3a:10:a2:a6:fc:ea:a2:3f:68:39:42:5d:7f:50:88:
de:52:aa:25:ed:4b:52:25:73:7c:b0:76:8f:52:ab:e3:a2:4e:
1d:a6:c9:d2:65:96:51:57:08:11:83:9b:8d:81:9a:c2:af:67:
d8:49:5d:78:40:6b:9b:cb:53:ea:a5:ca:d0:91:37:58:1b:51:
67:dc:90:ae:81:4c:e0:cb:b7:47:6e:ae:a9:1e:73:89:fc:cc:
4a:71:95:1c:2e:a1:d6:f9:47:2b:85:c0:9b:30:f5:c1:b5:ea:
3a:1e:c9:13:03:ff:b9:54:e9:b1:c5:ab:33:7b:a2:36:40:57:
d5:5a:5c:53:d7:99:2b:c6:c4:a2:cb:99:2b:ec:47:15:3c:85:
13:9c:2f:ba:1e:93:7a:ee:5e:81:c6:54:7f:52:75:dd:f2:dc:
c4:2c:7f:73:4b:05:6a:e2:19:e6:c9:39:1e:4c:3d:e7:05:77:
d6:d3:0f:c3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2t8Ns6Ivz78WDKlpYMW3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNGU1Zjc5NjEyMjVmYmZlMzQxZjZiZmQ2YmU4ZTFhMjFl
ZjhjMGYwHhcNMjQwMTAxMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGZlMjE0ZTJhMGNiNzk2YWNiMmY1YWNkYmFjNzdhOWNjMmI3NWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5c4hrvIehCWgObHlgsyh07oHexXR
cvLSeew6BUwfaUwmBk5vf+GWfS7i6D2uiBImnlziLoX4jqMGIUDODzybMUXJbGFe
JZ/bD9d7c5rTkTpP4VOm8OMTHItNmBBKxv/BNs80V+vSOe1E+Jlt5lciv/g4+c1z
ndIrYBMEh608TXVfd0109HXiOaijOUb+BkhaVlComulnRKgT2N/TDrkmcUB9Nik9
Lq96CN7zTqtUSGsSATkHE+CGYfmEsdnjb6KnfmMNXN+IIJ+YDAXrv2GBShKzQjNG
RjnvNGYcVrw/BkJ0Md7x/3MQsvLnWQJPpUoWiVhlQpwzqJyc7VCSbWjIxQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAT+IU4qDLeWrLL1rNusd6nMK3WwMB8GA1UdIwQY
MBaAFFJOX3lhIl+/40H2v9a+jhoh74wPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWs1ZmVXRWlYN19qUWZhXzFyNk9HaUh2akE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi85YzY1NDYtNTgxMS00MTk0LWJmZWIt
MmFiOTA0NmViYzExLzEvQlA0aFRpb010NWFzc3ZXczI2eDNxY3dyZGJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi85YzY1NDYtNTgxMS00MTk0LWJmZWItMmFiOTA0NmViYzEx
LzEvVWs1ZmVXRWlYN19qUWZhXzFyNk9HaUh2akE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueZMMA0E
AgACMAcDBQAqDAcAMA0GCSqGSIb3DQEBCwUAA4IBAQCDCK+y5Xf1luv5AG60Y7Td
oar4jf54JEQqzKPXqg9sq1hrdz5NLWF+am+2woW4/FDMT+yNrRvlUDNkdByjYA36
O7hEWo6e17AdMl46EKKm/OqiP2g5Ql1/UIjeUqol7UtSJXN8sHaPUqvjok4dpsnS
ZZZRVwgRg5uNgZrCr2fYSV14QGuby1PqpcrQkTdYG1Fn3JCugUzgy7dHbq6pHnOJ
/MxKcZUcLqHW+UcrhcCbMPXBteo6HskTA/+5VOmxxasze6I2QFfVWlxT15krxsSi
y5kr7EcVPIUTnC+6HpN67l6BxlR/UnXd8tzELH9zSwVq4hnmyTkeTD3nBXfW0w/D
-----END CERTIFICATE-----
Generated at Tue May 13 18:42:31 2025 by rpki-client