Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/bfniN3EqGUV6Pu_Cl251stXF1to.roa
File: bfniN3EqGUV6Pu_Cl251stXF1to.roa (raw, json)
Hash identifier: 6R3cxxo5MgCQ0Ers6/F/a3/w24xYmjbtphz6y+vec3s=
Subject key identifier: 6D:F9:E2:37:71:2A:19:45:7A:3E:EF:C2:97:6E:75:B2:D5:C5:D6:DA
Certificate issuer: /CN=580dddb511603e41c2b7abba3d249d5ef5ed4d11
Certificate serial: 0194214450124E932F47CE7D3D8906EF1C92
Authority key identifier: 58:0D:DD:B5:11:60:3E:41:C2:B7:AB:BA:3D:24:9D:5E:F5:ED:4D:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WA3dtRFgPkHCt6u6PSSdXvXtTRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/bfniN3EqGUV6Pu_Cl251stXF1to.roa
Signing time: Wed 01 Jan 2025 09:48:32 +0000
ROA not before: Wed 01 Jan 2025 09:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201119
IP address blocks: 185.195.145.0/24 maxlen: 24
185.195.147.0/24 maxlen: 24
2a0a:5bc0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 05 Jan 2025 09:40:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:50:12:4e:93:2f:47:ce:7d:3d:89:06:ef:1c:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=580dddb511603e41c2b7abba3d249d5ef5ed4d11
Validity
Not Before: Jan 1 09:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6df9e237712a19457a3eefc2976e75b2d5c5d6da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:94:3d:b0:13:6b:4b:65:f1:c0:1d:a3:20:fc:
38:57:8d:52:76:0b:b2:37:64:ea:60:6a:aa:bd:f2:
f9:d6:00:f1:f2:68:6d:d0:ed:58:a2:65:87:b7:e5:
52:70:b9:3c:f7:6d:ad:4e:12:5a:32:fb:fe:04:8a:
37:3d:55:b9:77:2f:12:ef:88:88:36:fa:c7:1c:f9:
a7:47:85:75:91:b5:7a:0e:8d:b1:53:8c:6c:7a:19:
4f:3b:9f:71:1a:14:ed:5a:f0:ea:98:02:fa:07:25:
25:ad:93:c2:12:18:c2:64:00:de:ed:22:5c:c6:46:
d7:dd:bc:68:5e:8f:e7:58:a2:7d:7f:7a:b0:e2:28:
e6:33:8e:e0:21:45:bc:25:d3:bb:47:1f:89:0d:64:
eb:5a:c9:ab:1d:2c:54:bb:bd:9b:35:f1:6e:54:9d:
b7:f2:cd:a7:00:ea:53:71:0b:35:28:0b:88:f9:19:
02:20:8d:28:bf:38:a1:d3:7c:bb:d8:3b:57:24:56:
10:79:5c:4a:d8:4a:64:52:1b:00:72:d3:50:7d:ae:
fa:2b:1d:02:e1:f8:dc:02:f6:44:11:e6:d5:75:63:
ef:c4:f7:9a:b9:cf:26:72:d9:1a:e8:ec:7d:bf:a8:
7d:0f:85:ad:14:c6:df:48:7e:8a:48:d1:1f:bf:53:
50:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F9:E2:37:71:2A:19:45:7A:3E:EF:C2:97:6E:75:B2:D5:C5:D6:DA
X509v3 Authority Key Identifier:
keyid:58:0D:DD:B5:11:60:3E:41:C2:B7:AB:BA:3D:24:9D:5E:F5:ED:4D:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WA3dtRFgPkHCt6u6PSSdXvXtTRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/bfniN3EqGUV6Pu_Cl251stXF1to.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/WA3dtRFgPkHCt6u6PSSdXvXtTRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.145.0/24
185.195.147.0/24
IPv6:
2a0a:5bc0::/48
Signature Algorithm: sha256WithRSAEncryption
a7:b1:1e:31:69:98:a2:78:14:f2:06:58:de:d9:0e:89:27:7f:
1d:3f:f1:eb:7e:36:c1:0a:80:6a:67:61:4d:bc:bb:25:7f:5a:
8d:6a:40:4f:72:42:a6:58:db:fe:de:19:63:f5:0b:69:94:db:
72:f2:f6:42:27:04:a7:93:1f:0b:3d:6e:60:44:46:06:d9:40:
2d:22:58:c3:6d:ac:c3:8f:d1:39:fb:ff:8a:91:ac:cb:22:39:
6f:23:3e:88:6f:93:7b:1f:00:96:03:13:9a:aa:35:6a:16:97:
a1:53:3e:e5:7b:86:7c:83:d5:37:2e:a5:13:8f:98:81:27:30:
44:28:a8:30:d7:87:4c:e5:a0:af:4f:f9:53:99:6e:69:0b:0c:
9e:3d:fd:f3:ae:49:c1:a5:90:c6:18:1c:0b:a3:87:7c:e8:31:
52:0e:1e:79:d2:f8:3c:4d:cb:3d:80:6d:8b:36:ca:14:ab:b2:
e7:88:88:fe:51:0f:2d:d6:83:e1:8e:26:44:78:e0:1b:4a:58:
1c:37:8b:fa:ba:0e:fd:d0:e7:33:d0:da:36:2e:ee:47:ef:8d:
09:f9:bd:60:8a:29:8f:0a:63:5e:2f:07:d5:da:d3:d1:5b:cc:
16:1c:88:19:42:6b:83:3d:b3:b3:6b:0f:b9:19:d5:d0:3a:ea:
59:b4:02:63
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQhRFASTpMvR859PYkG7xySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MGRkZGI1MTE2MDNlNDFjMmI3YWJiYTNkMjQ5ZDVlZjVl
ZDRkMTEwHhcNMjUwMTAxMDk0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGY5ZTIzNzcxMmExOTQ1N2EzZWVmYzI5NzZlNzViMmQ1YzVkNmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZQ9sBNrS2XxwB2jIPw4V41Sdguy
N2TqYGqqvfL51gDx8mht0O1YomWHt+VScLk8922tThJaMvv+BIo3PVW5dy8S74iI
NvrHHPmnR4V1kbV6Do2xU4xsehlPO59xGhTtWvDqmAL6ByUlrZPCEhjCZADe7SJc
xkbX3bxoXo/nWKJ9f3qw4ijmM47gIUW8JdO7Rx+JDWTrWsmrHSxUu72bNfFuVJ23
8s2nAOpTcQs1KAuI+RkCII0ovzih03y72DtXJFYQeVxK2EpkUhsActNQfa76Kx0C
4fjcAvZEEebVdWPvxPeauc8mctka6Ox9v6h9D4WtFMbfSH6KSNEfv1NQvQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFG354jdxKhlFej7vwpdudbLVxdbaMB8GA1UdIwQY
MBaAFFgN3bURYD5Bwreruj0knV717U0RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0EzZHRSRmdQa0hDdDZ1NlBTU2RYdlh0VFJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9mYzk2YTQtMzZkMS00YzNkLTg1MGIt
M2NkNDE3YWVlOWNlLzEvYmZuaU4zRXFHVVY2UHVfQ2wyNTFzdFhGMXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9mYzk2YTQtMzZkMS00YzNkLTg1MGItM2NkNDE3YWVlOWNl
LzEvV0EzZHRSRmdQa0hDdDZ1NlBTU2RYdlh0VFJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAucORAwQA
ucOTMA8EAgACMAkDBwAqClvAAAAwDQYJKoZIhvcNAQELBQADggEBAKexHjFpmKJ4
FPIGWN7ZDoknfx0/8et+NsEKgGpnYU28uyV/Wo1qQE9yQqZY2/7eGWP1C2mU23Ly
9kInBKeTHws9bmBERgbZQC0iWMNtrMOP0Tn7/4qRrMsiOW8jPohvk3sfAJYDE5qq
NWoWl6FTPuV7hnyD1TcupROPmIEnMEQoqDDXh0zloK9P+VOZbmkLDJ49/fOuScGl
kMYYHAujh3zoMVIOHnnS+DxNyz2AbYs2yhSrsueIiP5RDy3Wg+GOJkR44BtKWBw3
i/q6Dv3Q5zPQ2jYu7kfvjQn5vWCKKY8KY14vB9Xa09FbzBYciBlCa4M9s7NrD7kZ
1dA66lm0AmM=
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:07:22 2025 by rpki-client