Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/buaBo-ubKRxxsEpR5RUV6phbaLI.roa
File: buaBo-ubKRxxsEpR5RUV6phbaLI.roa (raw, json)
Hash identifier: nZPCdobCdgbHvtwFohgSiyeR/BH6BFsmGgpzyiVfGWA=
Subject key identifier: 6E:E6:81:A3:EB:9B:29:1C:71:B0:4A:51:E5:15:15:EA:98:5B:68:B2
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0196A1B3B454F41C8E98C0E769945EE2C3A0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/buaBo-ubKRxxsEpR5RUV6phbaLI.roa
Signing time: Mon 05 May 2025 18:27:10 +0000
ROA not before: Mon 05 May 2025 18:27:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214025
IP address blocks: 82.152.142.0/24 maxlen: 24
89.213.104.0/24 maxlen: 24
89.213.123.0/24 maxlen: 24
109.176.14.0/24 maxlen: 24
213.210.52.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
217.145.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 May 2025 20:54:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a1:b3:b4:54:f4:1c:8e:98:c0:e7:69:94:5e:e2:c3:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 5 18:27:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ee681a3eb9b291c71b04a51e51515ea985b68b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:93:b1:38:f3:5a:97:27:0f:56:ed:2b:51:03:
b1:89:47:76:bb:dd:83:6e:8a:96:86:4f:0e:26:92:
48:04:15:fa:7d:f1:f0:53:f9:ba:af:2d:e6:74:5c:
04:db:32:17:03:52:e3:48:fa:39:8c:22:d9:2b:ce:
b3:43:9c:45:89:cf:f7:61:e9:52:ea:65:d0:89:38:
7e:63:0a:0e:c3:43:29:6b:a6:26:8a:1e:1d:a7:a4:
bb:ba:33:b5:61:8a:9e:b2:d3:32:c5:61:fb:57:24:
e0:1a:31:ee:db:75:33:62:08:b6:ab:c0:f9:8c:e7:
8f:82:c1:c3:e3:65:c1:c4:41:17:61:f3:b5:70:8e:
6b:25:34:f6:a5:97:a7:0a:02:30:46:a2:5e:7d:4a:
00:c4:3d:6d:e4:57:7d:8c:7e:4a:d3:fe:d2:aa:72:
38:bb:89:2b:e9:59:98:90:64:90:71:f9:78:ea:93:
ee:98:9a:2d:ef:ec:7e:4d:58:13:d9:8d:60:f8:e5:
ec:1f:5c:a4:d9:73:52:3b:56:d4:f6:1b:de:cc:76:
2f:6a:b5:c7:91:79:b9:01:4c:1e:67:6d:26:8d:6b:
fc:ef:fa:19:8a:13:83:01:8e:55:a7:13:55:ee:72:
c0:49:6f:9d:4a:a9:dd:29:10:af:27:fa:c2:69:7e:
68:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:E6:81:A3:EB:9B:29:1C:71:B0:4A:51:E5:15:15:EA:98:5B:68:B2
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/buaBo-ubKRxxsEpR5RUV6phbaLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.142.0/24
89.213.104.0/24
89.213.123.0/24
109.176.14.0/24
213.210.52.0/23
213.218.239.0/24
217.145.75.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:9d:2b:9c:33:48:a6:5e:8b:79:0f:08:a7:e2:8b:db:ab:ab:
22:9a:a8:eb:a9:da:bc:66:0a:f1:34:de:96:b2:d0:ab:96:58:
4b:f9:d8:81:72:12:2a:2b:fc:61:df:d0:c8:bc:92:3b:dd:dc:
2e:44:b5:82:f5:93:d4:88:70:7f:1f:ff:e9:4e:2a:8f:0c:ba:
00:c3:43:64:09:89:bd:3a:82:e7:88:f2:55:70:97:39:8a:de:
f0:81:16:92:7f:22:a1:05:48:80:08:5e:d8:54:e2:1e:99:d5:
19:4e:14:4d:d3:82:d5:e4:3b:74:92:78:9c:74:15:aa:82:ea:
d2:e7:9e:4b:c3:2e:fc:c0:45:72:20:f6:7c:c5:b7:9b:4f:6f:
b0:41:28:fb:47:b1:a8:02:d7:56:06:cc:f8:92:7c:12:b0:95:
b8:23:99:b8:f4:89:35:2e:16:53:ac:9c:8a:ce:fc:13:5c:99:
ed:da:68:7a:d8:fd:40:06:57:9a:ac:06:79:c6:b7:63:55:eb:
82:65:55:0c:7e:2f:cb:58:71:69:f6:3c:39:8f:7c:da:30:7c:
ca:7f:e0:b7:cb:15:63:ee:52:45:71:d9:ce:68:2b:d4:71:5f:
f4:97:31:ce:b2:f7:f1:fa:a9:2b:c4:de:52:32:92:e8:d3:06:
79:eb:4a:fd
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZahs7RU9ByOmMDnaZRe4sOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNTA1MTgyNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWU2ODFhM2ViOWIyOTFjNzFiMDRhNTFlNTE1MTVlYTk4NWI2OGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5OxOPNalycPVu0rUQOxiUd2u92D
boqWhk8OJpJIBBX6ffHwU/m6ry3mdFwE2zIXA1LjSPo5jCLZK86zQ5xFic/3YelS
6mXQiTh+YwoOw0Mpa6Ymih4dp6S7ujO1YYqestMyxWH7VyTgGjHu23UzYgi2q8D5
jOePgsHD42XBxEEXYfO1cI5rJTT2pZenCgIwRqJefUoAxD1t5Fd9jH5K0/7SqnI4
u4kr6VmYkGSQcfl46pPumJot7+x+TVgT2Y1g+OXsH1yk2XNSO1bU9hvezHYvarXH
kXm5AUweZ20mjWv87/oZihODAY5VpxNV7nLASW+dSqndKRCvJ/rCaX5oIQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFG7mgaPrmykccbBKUeUVFeqYW2iyMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYnVhQm8tdWJLUnh4c0VwUjVSVVY2cGhiYUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUpiOAwQA
WdVoAwQAWdV7AwQAbbAOAwQB1dI0AwQA1drvAwQA2ZFLMA0GCSqGSIb3DQEBCwUA
A4IBAQBLnSucM0imXot5Dwin4ovbq6simqjrqdq8ZgrxNN6WstCrllhL+diBchIq
K/xh39DIvJI73dwuRLWC9ZPUiHB/H//pTiqPDLoAw0NkCYm9OoLniPJVcJc5it7w
gRaSfyKhBUiACF7YVOIemdUZThRN04LV5Dt0knicdBWqgurS555Lwy78wEVyIPZ8
xbebT2+wQSj7R7GoAtdWBsz4knwSsJW4I5m49Ik1LhZTrJyKzvwTXJnt2mh62P1A
BlearAZ5xrdjVeuCZVUMfi/LWHFp9jw5j3zaMHzKf+C3yxVj7lJFcdnOaCvUcV/0
lzHOsvfx+qkrxN5SMpLo0wZ560r9
-----END CERTIFICATE-----
Generated at Sat May 17 02:17:07 2025 by rpki-client