Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/BOmqib2nF6-P-X891N3YCBLsSQ4.roa
File: BOmqib2nF6-P-X891N3YCBLsSQ4.roa (raw, json)
Hash identifier: hQ48xCaVL6Uq+2EvAfOfndcB1u3oaMwwnnAn5z1aAVo=
Subject key identifier: 04:E9:AA:89:BD:A7:17:AF:8F:F9:7F:3D:D4:DD:D8:08:12:EC:49:0E
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0195AF5F4052A294E7E417C0F99C03636B5F
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/BOmqib2nF6-P-X891N3YCBLsSQ4.roa
Signing time: Wed 19 Mar 2025 17:06:49 +0000
ROA not before: Wed 19 Mar 2025 17:06:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213893
IP address blocks: 77.239.127.0/24 maxlen: 24
193.23.218.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Mar 2025 18:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:af:5f:40:52:a2:94:e7:e4:17:c0:f9:9c:03:63:6b:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Mar 19 17:06:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04e9aa89bda717af8ff97f3dd4ddd80812ec490e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:39:4f:93:fc:de:a8:01:41:9e:c1:71:04:17:
0a:ba:01:56:47:4e:b2:bc:12:39:bf:62:56:ca:3b:
c4:c4:f9:b1:93:0e:08:65:f4:80:22:a2:91:38:eb:
7a:f1:7a:c2:b7:4c:71:dc:d8:d9:0f:0a:d7:e0:31:
25:09:7d:96:9d:5b:95:b6:cf:ec:cb:74:91:29:08:
c7:88:62:73:49:a7:26:f3:f2:73:07:1a:79:49:78:
62:31:64:3b:6a:f6:26:e9:6e:c8:0c:7b:53:8e:13:
01:b4:b5:a4:48:53:44:bd:c0:bc:d4:ee:29:2a:48:
d4:30:0f:9c:e0:9f:9a:b1:c4:e3:5a:89:bf:71:f2:
cc:e1:d8:30:49:04:87:cc:30:6a:ff:df:37:aa:9a:
b4:ae:1a:dc:a2:05:95:9a:9b:e2:39:14:f1:4b:10:
86:f2:05:2f:d4:d3:09:fa:5c:ac:6b:9b:2e:06:6c:
6f:ca:9e:17:63:ef:a3:ef:1b:1e:62:93:ec:3c:27:
63:7b:b0:0e:d7:80:6b:9b:a3:9f:bb:cb:e2:1e:84:
04:4d:8e:6a:93:4c:97:28:2b:46:54:e3:20:05:eb:
af:9f:7d:3b:3d:6e:a5:03:3b:74:de:4d:9d:44:de:
8d:87:6b:e1:80:b3:32:66:d8:2b:ba:67:42:40:65:
ad:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E9:AA:89:BD:A7:17:AF:8F:F9:7F:3D:D4:DD:D8:08:12:EC:49:0E
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/BOmqib2nF6-P-X891N3YCBLsSQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.239.127.0/24
193.23.218.0/23
Signature Algorithm: sha256WithRSAEncryption
96:c6:9b:e5:c6:28:55:cf:28:0b:6d:67:da:5c:28:ff:56:31:
37:a5:5e:f5:d7:0a:40:a8:ea:15:5c:13:b5:0e:a9:2b:f1:3a:
a9:16:67:d5:25:6b:3e:42:27:56:dd:a7:f8:cb:2b:7d:d7:66:
3e:f8:37:52:0b:69:44:e5:38:5a:35:94:b9:fa:22:42:ff:0c:
dc:00:c6:70:b8:55:1a:5f:72:3f:e8:f8:98:62:f0:fd:e7:fa:
e4:9d:fc:f8:9d:f4:1f:3c:96:d7:7f:07:47:c9:68:d1:ad:fd:
8e:c7:b7:9e:a6:61:75:83:10:6f:82:7a:69:11:ce:6f:c5:73:
38:8b:b2:45:2b:86:23:79:02:aa:2a:f0:b7:44:a7:d6:a3:24:
02:30:2c:bc:ae:dd:a1:c7:47:84:7e:49:d5:49:66:3b:80:68:
6c:e8:be:73:04:a6:13:90:a5:45:a1:2b:c3:14:95:51:19:26:
19:b0:97:57:57:21:84:cb:67:e6:af:fb:cc:c4:3d:6d:b7:ac:
82:9b:73:44:4a:71:92:48:1d:65:d8:2b:56:55:30:54:6b:9a:
ba:78:ab:ac:c3:61:84:a8:b6:f7:0b:ee:60:f9:1e:6c:81:b3:
77:2f:da:d3:24:b3:d1:ce:29:c4:44:2d:7d:f5:98:f5:4a:4f:
86:df:01:fe
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWvX0BSopTn5BfA+ZwDY2tfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMzE5MTcwNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGU5YWE4OWJkYTcxN2FmOGZmOTdmM2RkNGRkZDgwODEyZWM0OTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDlPk/zeqAFBnsFxBBcKugFWR06y
vBI5v2JWyjvExPmxkw4IZfSAIqKROOt68XrCt0xx3NjZDwrX4DElCX2WnVuVts/s
y3SRKQjHiGJzSacm8/JzBxp5SXhiMWQ7avYm6W7IDHtTjhMBtLWkSFNEvcC81O4p
KkjUMA+c4J+ascTjWom/cfLM4dgwSQSHzDBq/983qpq0rhrcogWVmpviORTxSxCG
8gUv1NMJ+lysa5suBmxvyp4XY++j7xseYpPsPCdje7AO14Brm6Ofu8viHoQETY5q
k0yXKCtGVOMgBeuvn307PW6lAzt03k2dRN6Nh2vhgLMyZtgrumdCQGWt2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFATpqom9pxevj/l/PdTd2AgS7EkOMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvQk9tcWliMm5GNi1QLVg4OTFOM1lDQkxzU1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATe9/AwQB
wRfaMA0GCSqGSIb3DQEBCwUAA4IBAQCWxpvlxihVzygLbWfaXCj/VjE3pV711wpA
qOoVXBO1Dqkr8TqpFmfVJWs+QidW3af4yyt912Y++DdSC2lE5ThaNZS5+iJC/wzc
AMZwuFUaX3I/6PiYYvD95/rknfz4nfQfPJbXfwdHyWjRrf2Ox7eepmF1gxBvgnpp
Ec5vxXM4i7JFK4YjeQKqKvC3RKfWoyQCMCy8rt2hx0eEfknVSWY7gGhs6L5zBKYT
kKVFoSvDFJVRGSYZsJdXVyGEy2fmr/vMxD1tt6yCm3NESnGSSB1l2CtWVTBUa5q6
eKusw2GEqLb3C+5g+R5sgbN3L9rTJLPRzinERC199Zj1Sk+G3wH+
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:36:29 2025 by rpki-client