Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c96247-e979-4e58-89f6-eebdcbd3aee8/1/a1yTuIfdjI6HN-GUTaMkz_bdx-A.roa
File: a1yTuIfdjI6HN-GUTaMkz_bdx-A.roa (raw, json)
Hash identifier: ac3G8kfSeXLTjRxyKwmQVc1boKO8SS1dvSr4hEVpSo8=
Subject key identifier: 6B:5C:93:B8:87:DD:8C:8E:87:37:E1:94:4D:A3:24:CF:F6:DD:C7:E0
Certificate issuer: /CN=6b1a57f06ef72007dd6193f960a616344b73301f
Certificate serial: 018CC2DB4FB13027AE20F8E587112D4D428F
Authority key identifier: 6B:1A:57:F0:6E:F7:20:07:DD:61:93:F9:60:A6:16:34:4B:73:30:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/axpX8G73IAfdYZP5YKYWNEtzMB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/c96247-e979-4e58-89f6-eebdcbd3aee8/1/a1yTuIfdjI6HN-GUTaMkz_bdx-A.roa
Signing time: Mon 01 Jan 2024 02:30:01 +0000
ROA not before: Mon 01 Jan 2024 02:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203052
IP address blocks: 185.146.140.0/22 maxlen: 22
2a07:5100::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:4f:b1:30:27:ae:20:f8:e5:87:11:2d:4d:42:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b1a57f06ef72007dd6193f960a616344b73301f
Validity
Not Before: Jan 1 02:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b5c93b887dd8c8e8737e1944da324cff6ddc7e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5b:94:37:d3:c2:1c:ea:84:f0:b0:54:26:91:
17:57:4c:22:5a:cf:ba:c4:b8:ab:a1:50:e0:4d:6c:
36:2a:5e:e2:dd:1b:ca:3e:df:ce:c5:a8:7d:6a:a9:
64:b0:02:d6:84:2e:7d:3c:87:ac:3c:bc:c5:cf:2a:
f5:df:7e:be:1b:ef:04:d1:45:39:af:00:70:24:43:
4f:ed:a4:9f:ec:2f:c4:80:c6:d4:8e:9c:4f:d6:8a:
14:0d:a2:7e:7b:1f:68:60:43:8a:64:ca:9c:b1:33:
52:56:fd:d7:56:fe:a3:1d:7d:c8:9d:e9:79:98:5b:
df:03:5f:92:29:5a:cd:a5:b4:6c:5c:19:aa:ff:f1:
43:89:20:a9:89:b5:0b:e5:9c:05:51:ee:bc:6a:70:
c1:28:1a:41:c7:38:be:15:b3:c1:04:1f:4d:4b:2b:
0b:d8:b0:9e:8e:52:4e:31:7b:c2:2a:d0:e7:3b:f2:
c2:0a:9e:27:36:35:d8:44:d7:77:86:d5:dd:6e:01:
0a:c8:85:b3:16:ab:08:11:8e:68:9c:f7:f4:25:90:
e7:b3:39:85:03:09:73:ce:06:3a:8c:2f:8a:0b:8a:
e5:ff:9c:68:b6:12:e6:fd:6f:5f:14:e0:3b:2d:27:
c8:8c:37:39:12:49:8e:7d:e0:09:0d:9f:07:d7:e6:
5f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:5C:93:B8:87:DD:8C:8E:87:37:E1:94:4D:A3:24:CF:F6:DD:C7:E0
X509v3 Authority Key Identifier:
keyid:6B:1A:57:F0:6E:F7:20:07:DD:61:93:F9:60:A6:16:34:4B:73:30:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/axpX8G73IAfdYZP5YKYWNEtzMB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c96247-e979-4e58-89f6-eebdcbd3aee8/1/a1yTuIfdjI6HN-GUTaMkz_bdx-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c96247-e979-4e58-89f6-eebdcbd3aee8/1/axpX8G73IAfdYZP5YKYWNEtzMB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.140.0/22
IPv6:
2a07:5100::/29
Signature Algorithm: sha256WithRSAEncryption
87:d9:32:17:1c:73:a6:6e:f3:34:db:a1:4e:63:f8:f2:64:46:
44:bb:b6:50:55:ee:0f:ec:5d:c9:c2:9f:39:f6:b1:aa:df:26:
6a:17:69:0e:5e:10:bf:fe:c6:38:d5:25:ca:78:b0:3b:66:a7:
23:ac:3b:ae:a7:ee:34:59:a8:83:2a:3b:be:a9:85:95:51:d0:
88:0f:56:ea:ff:8f:27:35:8c:af:ea:2d:0b:95:f0:0c:ba:1f:
4c:42:af:a1:75:a4:72:44:c1:7a:39:c7:20:ff:e7:06:ef:b9:
17:81:44:2b:5a:c7:37:18:5e:0b:ba:cf:60:fb:3c:47:90:93:
a2:fe:f6:f7:3e:c6:30:31:02:4c:f3:d7:be:69:a0:f1:7d:b9:
58:60:51:77:3e:a7:3a:bc:63:44:56:af:a7:75:d5:55:48:48:
bd:72:8a:6e:6a:12:c5:8f:44:e3:ed:bd:7f:20:9d:09:81:cb:
45:75:b0:b7:40:15:93:a9:2d:42:f9:5e:f7:ab:62:25:a1:6b:
ff:64:45:62:46:c1:90:c9:16:37:ce:06:0f:45:89:9d:40:13:
cf:07:d4:bf:61:a4:65:b4:e3:67:de:84:12:b3:39:47:37:4e:
f7:94:d2:54:e9:4b:d8:ac:27:3a:ea:23:ee:aa:a5:f0:bd:dd:
86:c8:73:b1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC20+xMCeuIPjlhxEtTUKPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMWE1N2YwNmVmNzIwMDdkZDYxOTNmOTYwYTYxNjM0NGI3
MzMwMWYwHhcNMjQwMTAxMDIzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjVjOTNiODg3ZGQ4YzhlODczN2UxOTQ0ZGEzMjRjZmY2ZGRjN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFuUN9PCHOqE8LBUJpEXV0wiWs+6
xLiroVDgTWw2Kl7i3RvKPt/Oxah9aqlksALWhC59PIesPLzFzyr1336+G+8E0UU5
rwBwJENP7aSf7C/EgMbUjpxP1ooUDaJ+ex9oYEOKZMqcsTNSVv3XVv6jHX3Inel5
mFvfA1+SKVrNpbRsXBmq//FDiSCpibUL5ZwFUe68anDBKBpBxzi+FbPBBB9NSysL
2LCejlJOMXvCKtDnO/LCCp4nNjXYRNd3htXdbgEKyIWzFqsIEY5onPf0JZDnszmF
AwlzzgY6jC+KC4rl/5xothLm/W9fFOA7LSfIjDc5EkmOfeAJDZ8H1+ZfsQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGtck7iH3YyOhzfhlE2jJM/23cfgMB8GA1UdIwQY
MBaAFGsaV/Bu9yAH3WGT+WCmFjRLczAfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXhwWDhHNzNJQWZkWVpQNVlLWVdORXR6TUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jOTYyNDctZTk3OS00ZTU4LTg5ZjYt
ZWViZGNiZDNhZWU4LzEvYTF5VHVJZmRqSTZITi1HVVRhTWt6X2JkeC1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9jOTYyNDctZTk3OS00ZTU4LTg5ZjYtZWViZGNiZDNhZWU4
LzEvYXhwWDhHNzNJQWZkWVpQNVlLWVdORXR6TUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZKMMA0E
AgACMAcDBQMqB1EAMA0GCSqGSIb3DQEBCwUAA4IBAQCH2TIXHHOmbvM026FOY/jy
ZEZEu7ZQVe4P7F3Jwp859rGq3yZqF2kOXhC//sY41SXKeLA7ZqcjrDuup+40WaiD
Kju+qYWVUdCID1bq/48nNYyv6i0LlfAMuh9MQq+hdaRyRMF6Occg/+cG77kXgUQr
Wsc3GF4Lus9g+zxHkJOi/vb3PsYwMQJM89e+aaDxfblYYFF3Pqc6vGNEVq+nddVV
SEi9copuahLFj0Tj7b1/IJ0JgctFdbC3QBWTqS1C+V73q2IloWv/ZEViRsGQyRY3
zgYPRYmdQBPPB9S/YaRltONn3oQSszlHN073lNJU6UvYrCc66iPuqqXwvd2GyHOx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:47 2025 by rpki-client