Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/bNhPopXqt0sRi_D-8ZRL1Jj1e0s.roa
File: bNhPopXqt0sRi_D-8ZRL1Jj1e0s.roa (raw, json)
Hash identifier: 1UKU/tXJm6kC8qndloh8YYQozWKH8evQIGr4zqzuADs=
Subject key identifier: 6C:D8:4F:A2:95:EA:B7:4B:11:8B:F0:FE:F1:94:4B:D4:98:F5:7B:4B
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 0193A14C287A30DA0FE31B01B2350D858827
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/bNhPopXqt0sRi_D-8ZRL1Jj1e0s.roa
Signing time: Sat 07 Dec 2024 13:25:43 +0000
ROA not before: Sat 07 Dec 2024 13:25:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 45.150.65.0/24 maxlen: 24
138.124.180.0/24 maxlen: 24
138.124.183.0/24 maxlen: 24
138.124.184.0/24 maxlen: 24
138.124.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a1:4c:28:7a:30:da:0f:e3:1b:01:b2:35:0d:85:88:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Dec 7 13:25:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cd84fa295eab74b118bf0fef1944bd498f57b4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d0:3d:0a:7d:c5:a8:db:85:73:83:59:77:23:
99:39:75:65:1e:3e:e5:69:1f:9d:42:c1:f6:ea:ba:
0a:54:b1:12:2b:5b:f5:e8:31:28:90:50:3f:25:11:
5c:5b:e4:5e:98:70:8e:67:02:80:86:cb:4f:0c:2c:
f6:1d:a6:7d:cd:a0:37:f1:8b:0d:bd:1d:8e:f7:9d:
9c:6c:ac:9f:bf:dc:2a:98:97:11:36:81:73:0e:68:
79:3b:85:4b:41:05:d8:e2:c4:28:1e:54:eb:f5:d8:
23:59:78:a3:69:6a:6e:95:7f:69:1a:3c:14:6e:67:
62:fa:f0:6b:c3:90:07:cc:3f:77:d7:71:cb:cf:92:
a6:f7:bc:c9:eb:2d:aa:ce:26:15:8b:69:3b:81:e2:
6a:7c:53:9c:21:04:e1:58:f5:b3:61:05:84:2d:98:
70:1d:8b:64:3d:3f:a2:4e:8c:35:74:6c:8d:b4:20:
e8:c8:3a:23:7a:6b:37:6c:8f:1b:b5:26:15:8d:33:
e0:84:19:8c:bc:49:67:f6:6d:eb:5f:d2:3c:27:8b:
66:07:e5:9e:7b:f1:a4:4d:63:46:42:b5:21:e5:0e:
cf:d0:f2:e5:d7:26:c0:0d:f3:cd:b5:83:b7:a5:66:
cc:90:dc:80:d1:01:0e:fe:f4:3e:13:3b:69:f7:c4:
a9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:D8:4F:A2:95:EA:B7:4B:11:8B:F0:FE:F1:94:4B:D4:98:F5:7B:4B
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/bNhPopXqt0sRi_D-8ZRL1Jj1e0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.65.0/24
138.124.180.0/24
138.124.183.0-138.124.184.255
138.124.187.0/24
Signature Algorithm: sha256WithRSAEncryption
13:b0:db:46:40:d9:75:43:7d:29:bb:e8:24:23:cc:e8:1b:22:
97:6e:c5:31:47:aa:da:b9:a7:b4:ad:3a:53:3d:7a:2c:55:c0:
90:0e:38:fa:d9:3a:07:57:2e:d3:13:27:11:71:c0:ee:07:2c:
9c:0e:03:d6:fe:b5:22:db:41:e4:29:ab:c7:45:52:12:77:38:
8b:65:10:31:8c:06:a5:04:c9:6c:72:9e:05:4d:34:a9:9d:4b:
d9:f1:63:75:d2:da:03:fc:76:da:6e:32:c9:76:0d:9d:8d:19:
02:26:fd:9c:ec:74:91:5c:a5:ae:da:2e:5e:3c:01:8c:55:13:
93:1a:93:24:36:c3:b7:42:8f:ec:3c:9d:aa:c6:f9:8e:c9:d2:
cb:fe:fc:b0:b6:69:02:c4:f7:9c:8e:51:87:ed:7e:e3:77:b8:
79:d5:a6:49:ea:4a:ce:a5:7c:f9:64:c8:8c:ce:64:dc:62:58:
41:04:fe:19:8d:80:55:11:ba:fb:7d:a7:4b:1a:1c:de:8f:c4:
51:e2:5d:0e:fb:89:7e:ce:48:04:97:ac:65:85:49:f5:85:8a:
9f:f8:98:a7:cc:41:2b:93:9c:7b:69:71:a7:00:97:15:dc:06:
f7:f5:2a:b6:44:43:b5:de:53:cb:57:fc:5e:66:dd:ca:ea:83:
62:63:23:69
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZOhTCh6MNoP4xsBsjUNhYgnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjQxMjA3MTMyNTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Q4NGZhMjk1ZWFiNzRiMTE4YmYwZmVmMTk0NGJkNDk4ZjU3YjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNA9Cn3FqNuFc4NZdyOZOXVlHj7l
aR+dQsH26roKVLESK1v16DEokFA/JRFcW+RemHCOZwKAhstPDCz2HaZ9zaA38YsN
vR2O952cbKyfv9wqmJcRNoFzDmh5O4VLQQXY4sQoHlTr9dgjWXijaWpulX9pGjwU
bmdi+vBrw5AHzD9313HLz5Km97zJ6y2qziYVi2k7geJqfFOcIQThWPWzYQWELZhw
HYtkPT+iTow1dGyNtCDoyDojems3bI8btSYVjTPghBmMvEln9m3rX9I8J4tmB+We
e/GkTWNGQrUh5Q7P0PLl1ybADfPNtYO3pWbMkNyA0QEO/vQ+Eztp98SpLwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGzYT6KV6rdLEYvw/vGUS9SY9XtLMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvYk5oUG9wWHF0MHNSaV9ELThaUkwxSmoxZTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALZZBAwQA
iny0MAwDBACKfLcDBACKfLgDBACKfLswDQYJKoZIhvcNAQELBQADggEBABOw20ZA
2XVDfSm76CQjzOgbIpduxTFHqtq5p7StOlM9eixVwJAOOPrZOgdXLtMTJxFxwO4H
LJwOA9b+tSLbQeQpq8dFUhJ3OItlEDGMBqUEyWxyngVNNKmdS9nxY3XS2gP8dtpu
Msl2DZ2NGQIm/ZzsdJFcpa7aLl48AYxVE5MakyQ2w7dCj+w8narG+Y7J0sv+/LC2
aQLE95yOUYftfuN3uHnVpknqSs6lfPlkyIzOZNxiWEEE/hmNgFURuvt9p0saHN6P
xFHiXQ77iX7OSASXrGWFSfWFip/4mKfMQSuTnHtpcacAlxXcBvf1KrZEQ7XeU8tX
/F5m3crqg2JjI2k=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:27:38 2025 by rpki-client