Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/BMus53ro2Bc3N9_AOJt_LOqhD8Y.roa
File: BMus53ro2Bc3N9_AOJt_LOqhD8Y.roa (raw, json)
Hash identifier: 2XCGLeaWuRM7UUsbx1XxfT06guddg91b/l7j2qyQKFE=
Subject key identifier: 04:CB:AC:E7:7A:E8:D8:17:37:37:DF:C0:38:9B:7F:2C:EA:A1:0F:C6
Certificate issuer: /CN=dbd7c951348bd2e09ccaf76f57b8385f15df44e4
Certificate serial: 018CCA2BAC7B76EA6FE5F487A1B744B9771D
Authority key identifier: DB:D7:C9:51:34:8B:D2:E0:9C:CA:F7:6F:57:B8:38:5F:15:DF:44:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29fJUTSL0uCcyvdvV7g4XxXfROQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/BMus53ro2Bc3N9_AOJt_LOqhD8Y.roa
Signing time: Tue 02 Jan 2024 12:35:08 +0000
ROA not before: Tue 02 Jan 2024 12:35:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201766
IP address blocks: 176.124.253.0/24 maxlen: 24
185.64.32.0/22 maxlen: 24
2a04:f7c1::/32 maxlen: 32
2a04:f7c0::/32 maxlen: 32
2a04:f7c2::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:ac:7b:76:ea:6f:e5:f4:87:a1:b7:44:b9:77:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd7c951348bd2e09ccaf76f57b8385f15df44e4
Validity
Not Before: Jan 2 12:35:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04cbace77ae8d8173737dfc0389b7f2ceaa10fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a8:2c:0e:0e:0f:03:1d:08:87:84:58:1c:fb:
6b:4c:ea:e7:3a:a5:cd:6f:ab:5f:e8:01:6b:d7:0d:
53:fb:28:86:7e:56:b2:d4:9a:d3:c4:01:4d:f0:90:
f4:04:c8:18:37:3b:a7:cf:84:23:d7:21:f8:4c:5d:
91:4a:2e:45:6d:8f:b4:f2:ba:d8:a9:8d:a1:71:0a:
db:cb:2e:da:c9:51:63:13:4d:1e:14:6f:ad:fd:d1:
b5:ca:a5:4d:7c:1c:f2:b8:85:18:17:71:c4:59:d8:
43:9f:2d:e4:16:ce:a2:a3:0f:a6:a3:5b:91:2e:26:
3b:89:07:ce:e5:2b:86:c9:e9:3c:29:ba:f2:f3:5d:
bc:c9:d5:d8:f1:f2:31:90:46:14:d1:dc:4d:f2:d2:
93:1b:ea:3a:da:65:11:5f:87:e1:b0:1b:ff:bb:47:
f9:8d:ff:73:f8:f9:24:c8:73:d0:db:5a:d6:5b:a8:
64:09:4e:e2:7b:fc:03:27:fc:22:9a:ef:75:3d:fc:
f1:69:8e:9e:21:d2:2f:e8:1b:e2:fa:51:93:4f:30:
41:3d:91:78:2b:13:71:6b:76:8e:d9:60:1d:42:b0:
d5:c2:00:60:ab:be:3c:b5:38:81:84:41:07:f3:cd:
4a:b8:41:c2:7b:20:db:78:f6:bc:40:cf:29:46:0d:
c8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:CB:AC:E7:7A:E8:D8:17:37:37:DF:C0:38:9B:7F:2C:EA:A1:0F:C6
X509v3 Authority Key Identifier:
keyid:DB:D7:C9:51:34:8B:D2:E0:9C:CA:F7:6F:57:B8:38:5F:15:DF:44:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29fJUTSL0uCcyvdvV7g4XxXfROQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/BMus53ro2Bc3N9_AOJt_LOqhD8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/29fJUTSL0uCcyvdvV7g4XxXfROQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.253.0/24
185.64.32.0/22
IPv6:
2a04:f7c0::-2a04:f7c2:0:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
45:69:10:f9:35:f1:94:a6:72:4d:60:fc:a3:78:6c:51:47:16:
ea:a7:ed:a5:7d:b1:2c:01:0e:23:3b:ce:10:3d:42:80:96:49:
b3:5b:24:bc:d2:b4:0b:c4:4c:b1:40:fa:3f:ee:e7:27:cc:9f:
fd:b7:21:d7:b3:33:a7:66:7b:21:d6:5c:bc:3b:45:b2:ba:55:
de:76:c3:cb:c3:4e:cd:e6:f4:59:c2:35:50:8c:c5:cf:f9:db:
89:86:f1:e3:1d:9b:24:8c:52:01:a5:a3:7c:ab:28:31:9f:df:
fd:f4:ca:25:f1:11:ae:dd:ab:f3:4f:06:b2:68:f6:f1:4b:0e:
1d:9c:86:42:e6:ac:48:e8:a0:35:90:30:64:7b:92:1c:93:30:
92:8f:0a:57:3f:00:87:4f:a3:4a:a7:4e:67:de:25:84:f5:63:
e4:aa:5e:62:1c:91:90:0f:76:40:8c:80:36:88:07:ea:43:bb:
69:76:d8:e8:e8:af:6c:21:33:9a:37:ad:d0:d1:49:1d:6a:90:
03:68:21:67:5a:6a:64:86:49:e8:42:a4:09:19:0d:28:6b:97:
f4:04:66:3b:ac:dd:39:c1:d4:ec:e6:50:15:fa:4b:f9:3e:a8:
d9:d6:b0:0b:e1:8e:74:6d:ac:3d:25:cd:d8:60:d6:a3:7e:1e:
25:c7:09:70
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzKK6x7dupv5fSHobdEuXcdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDdjOTUxMzQ4YmQyZTA5Y2NhZjc2ZjU3YjgzODVmMTVk
ZjQ0ZTQwHhcNMjQwMTAyMTIzNTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGNiYWNlNzdhZThkODE3MzczN2RmYzAzODliN2YyY2VhYTEwZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqgsDg4PAx0Ih4RYHPtrTOrnOqXN
b6tf6AFr1w1T+yiGflay1JrTxAFN8JD0BMgYNzunz4Qj1yH4TF2RSi5FbY+08rrY
qY2hcQrbyy7ayVFjE00eFG+t/dG1yqVNfBzyuIUYF3HEWdhDny3kFs6iow+mo1uR
LiY7iQfO5SuGyek8Kbry8128ydXY8fIxkEYU0dxN8tKTG+o62mURX4fhsBv/u0f5
jf9z+PkkyHPQ21rWW6hkCU7ie/wDJ/wimu91PfzxaY6eIdIv6Bvi+lGTTzBBPZF4
KxNxa3aO2WAdQrDVwgBgq748tTiBhEEH881KuEHCeyDbePa8QM8pRg3IuQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFATLrOd66NgXNzffwDibfyzqoQ/GMB8GA1UdIwQY
MBaAFNvXyVE0i9LgnMr3b1e4OF8V30TkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlmSlVUU0wwdUNjeXZkdlY3ZzRYeFhmUk9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84NTNjNzYtYTM5OC00MzVhLWJlNDEt
N2QwYWM1MjgxNWE2LzEvQk11czUzcm8yQmMzTjlfQU9KdF9MT3FoRDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84NTNjNzYtYTM5OC00MzVhLWJlNDEtN2QwYWM1MjgxNWE2
LzEvMjlmSlVUU0wwdUNjeXZkdlY3ZzRYeFhmUk9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAsHz9AwQC
uUAgMBgEAgACMBIwEAMFBioE98ADBwAqBPfCAAAwDQYJKoZIhvcNAQELBQADggEB
AEVpEPk18ZSmck1g/KN4bFFHFuqn7aV9sSwBDiM7zhA9QoCWSbNbJLzStAvETLFA
+j/u5yfMn/23IdezM6dmeyHWXLw7RbK6Vd52w8vDTs3m9FnCNVCMxc/524mG8eMd
mySMUgGlo3yrKDGf3/30yiXxEa7dq/NPBrJo9vFLDh2chkLmrEjooDWQMGR7khyT
MJKPClc/AIdPo0qnTmfeJYT1Y+SqXmIckZAPdkCMgDaIB+pDu2l22Ojor2whM5o3
rdDRSR1qkANoIWdaamSGSehCpAkZDShrl/QEZjus3TnB1OzmUBX6S/k+qNnWsAvh
jnRtrD0lzdhg1qN+HiXHCXA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:26 2025 by rpki-client