Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/bhB__aQPvUM_1uv2UBu9-GZ3TEE.roa
File: bhB__aQPvUM_1uv2UBu9-GZ3TEE.roa (raw, json)
Hash identifier: dwqrGLoW/Im5XesywMM3QVNQCuAYeiZ63mipHs9S6Q4=
Subject key identifier: 6E:10:7F:FD:A4:0F:BD:43:3F:D6:EB:F6:50:1B:BD:F8:66:77:4C:41
Certificate issuer: /CN=c8c2c7314593042cf74210f7f03be7106c224f89
Certificate serial: 0197EA1C8B9F8032BEE64F810666CF46B9E5
Authority key identifier: C8:C2:C7:31:45:93:04:2C:F7:42:10:F7:F0:3B:E7:10:6C:22:4F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yMLHMUWTBCz3QhD38DvnEGwiT4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/bhB__aQPvUM_1uv2UBu9-GZ3TEE.roa
Signing time: Tue 08 Jul 2025 12:57:08 +0000
ROA not before: Tue 08 Jul 2025 12:57:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208972
IP address blocks: 185.107.135.0/24 maxlen: 24
185.233.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Jul 2025 08:58:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ea:1c:8b:9f:80:32:be:e6:4f:81:06:66:cf:46:b9:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8c2c7314593042cf74210f7f03be7106c224f89
Validity
Not Before: Jul 8 12:57:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e107ffda40fbd433fd6ebf6501bbdf866774c41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:db:c6:44:1b:4d:5c:e5:15:60:b0:55:61:7f:
12:37:04:9b:37:70:66:db:fc:6f:ae:f7:41:9d:e1:
11:77:22:33:b1:17:46:35:7c:be:e8:b0:d1:42:3b:
05:91:39:51:06:9c:7b:9a:1e:b9:56:0c:76:ac:63:
75:99:67:cc:e1:ab:fc:63:83:02:79:1c:fe:80:28:
93:be:b8:71:66:12:02:e1:1e:f8:dc:7a:01:34:bb:
3f:39:4a:fd:26:b9:41:57:68:48:b0:c0:00:e3:3a:
81:c7:b3:e8:56:74:36:ef:64:2b:92:1f:d5:d5:78:
d7:37:e1:a6:aa:24:5c:55:99:5a:39:c6:e7:5b:65:
8c:ed:bf:04:cf:d7:28:96:09:22:14:22:80:ad:e6:
28:3d:a8:fa:35:ba:c9:cb:97:53:25:45:14:cd:7f:
21:85:ae:d0:ae:80:47:02:09:f0:5f:20:eb:73:ac:
58:0b:d6:35:06:20:b2:00:f6:b3:6e:31:c0:62:57:
2c:1a:94:3d:df:ad:d2:9c:2c:06:dd:47:65:e2:14:
55:f6:7d:f5:75:ea:36:e2:5e:13:f3:d7:26:73:0f:
66:90:44:47:a2:c9:07:49:f2:b2:ff:41:b1:0f:26:
78:3d:31:1d:7f:9f:4d:6f:d9:0c:99:e6:8a:09:99:
99:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:10:7F:FD:A4:0F:BD:43:3F:D6:EB:F6:50:1B:BD:F8:66:77:4C:41
X509v3 Authority Key Identifier:
keyid:C8:C2:C7:31:45:93:04:2C:F7:42:10:F7:F0:3B:E7:10:6C:22:4F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yMLHMUWTBCz3QhD38DvnEGwiT4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/bhB__aQPvUM_1uv2UBu9-GZ3TEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/yMLHMUWTBCz3QhD38DvnEGwiT4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.135.0/24
185.233.219.0/24
Signature Algorithm: sha256WithRSAEncryption
48:9f:9a:d5:1c:d9:62:ff:ef:22:79:3e:08:7a:9a:bb:3c:af:
7d:7a:15:db:b4:62:42:ef:37:5f:d7:39:e3:b3:b7:4e:94:ec:
c4:3a:25:09:0f:af:45:b5:0c:d9:46:bd:e5:ea:81:77:01:ca:
78:0b:80:11:c3:de:60:f0:2c:3e:73:07:02:c2:05:01:08:d8:
38:76:a3:2f:d8:78:77:f3:9d:e0:9e:d1:ad:29:7f:27:02:5f:
eb:7b:f4:24:c5:c7:13:2b:4f:fb:14:81:2d:14:3e:a3:7e:11:
1a:28:3b:dc:16:c7:3b:93:2d:0c:89:94:35:42:03:5c:06:95:
08:5d:21:af:ff:2a:b5:b0:7f:4d:a0:f7:81:54:60:67:39:55:
81:a2:6f:29:84:93:86:47:6a:fb:77:4d:2a:9b:75:56:59:8f:
a5:11:3d:78:bc:8d:9c:64:75:41:0b:00:65:eb:7c:fb:1f:11:
e2:6f:c2:26:55:e5:67:1b:d3:73:63:21:e4:de:1a:26:c4:e6:
53:86:4b:53:45:5d:03:ff:6a:c0:9d:63:60:f9:4d:91:9b:e7:
0e:08:52:02:9a:ee:24:00:61:28:cf:58:6c:c7:9e:98:9b:9a:
8f:86:a3:2a:01:c0:af:58:b5:60:52:69:3b:98:14:28:5e:7b:
ea:29:15:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZfqHIufgDK+5k+BBmbPRrnlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YzJjNzMxNDU5MzA0MmNmNzQyMTBmN2YwM2JlNzEwNmMy
MjRmODkwHhcNMjUwNzA4MTI1NzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTEwN2ZmZGE0MGZiZDQzM2ZkNmViZjY1MDFiYmRmODY2Nzc0YzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtvGRBtNXOUVYLBVYX8SNwSbN3Bm
2/xvrvdBneERdyIzsRdGNXy+6LDRQjsFkTlRBpx7mh65Vgx2rGN1mWfM4av8Y4MC
eRz+gCiTvrhxZhIC4R743HoBNLs/OUr9JrlBV2hIsMAA4zqBx7PoVnQ272Qrkh/V
1XjXN+GmqiRcVZlaOcbnW2WM7b8Ez9colgkiFCKAreYoPaj6NbrJy5dTJUUUzX8h
ha7QroBHAgnwXyDrc6xYC9Y1BiCyAPazbjHAYlcsGpQ9363SnCwG3Udl4hRV9n31
deo24l4T89cmcw9mkERHoskHSfKy/0GxDyZ4PTEdf59Nb9kMmeaKCZmZSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG4Qf/2kD71DP9br9lAbvfhmd0xBMB8GA1UdIwQY
MBaAFMjCxzFFkwQs90IQ9/A75xBsIk+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU1MSE1VV1RCQ3ozUWhEMzhEdm5FR3dpVDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMmRiZTAtMDRjNS00MWJhLWFjNjIt
M2E1M2QwZWY4YjVhLzEvYmhCX19hUVB2VU1fMXV2MlVCdTktR1ozVEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iMmRiZTAtMDRjNS00MWJhLWFjNjItM2E1M2QwZWY4YjVh
LzEveU1MSE1VV1RCQ3ozUWhEMzhEdm5FR3dpVDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWuHAwQA
uenbMA0GCSqGSIb3DQEBCwUAA4IBAQBIn5rVHNli/+8ieT4Iepq7PK99ehXbtGJC
7zdf1znjs7dOlOzEOiUJD69FtQzZRr3l6oF3Acp4C4ARw95g8Cw+cwcCwgUBCNg4
dqMv2Hh3853gntGtKX8nAl/re/QkxccTK0/7FIEtFD6jfhEaKDvcFsc7ky0MiZQ1
QgNcBpUIXSGv/yq1sH9NoPeBVGBnOVWBom8phJOGR2r7d00qm3VWWY+lET14vI2c
ZHVBCwBl63z7HxHib8ImVeVnG9NzYyHk3homxOZThktTRV0D/2rAnWNg+U2Rm+cO
CFICmu4kAGEoz1hsx56Ym5qPhqMqAcCvWLVgUmk7mBQoXnvqKRX9
-----END CERTIFICATE-----
Generated at Wed Jul 23 18:43:42 2025 by rpki-client