Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/813010-a96f-4510-9dbc-21f7751ca76c/1/bCKFiU5msrRwnLJjfedGdtT3E-U.roa
File: bCKFiU5msrRwnLJjfedGdtT3E-U.roa (raw, json)
Hash identifier: TEu/r205SBSw5/jdNeZrXZsPyVmD1DdjvOIXoPfIPO8=
Subject key identifier: 6C:22:85:89:4E:66:B2:B4:70:9C:B2:63:7D:E7:46:76:D4:F7:13:E5
Certificate issuer: /CN=98845584ac8094c1806b73a6f53e46b9a28e812b
Certificate serial: 018CC9BB9551C96C6AF700936FC2C9ACD447
Authority key identifier: 98:84:55:84:AC:80:94:C1:80:6B:73:A6:F5:3E:46:B9:A2:8E:81:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mIRVhKyAlMGAa3Om9T5GuaKOgSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/813010-a96f-4510-9dbc-21f7751ca76c/1/bCKFiU5msrRwnLJjfedGdtT3E-U.roa
Signing time: Tue 02 Jan 2024 10:32:42 +0000
ROA not before: Tue 02 Jan 2024 10:32:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59497
IP address blocks: 176.110.103.0/24 maxlen: 24
176.110.102.0/23 maxlen: 23
176.110.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:95:51:c9:6c:6a:f7:00:93:6f:c2:c9:ac:d4:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98845584ac8094c1806b73a6f53e46b9a28e812b
Validity
Not Before: Jan 2 10:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c2285894e66b2b4709cb2637de74676d4f713e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:5c:a3:19:e2:c8:07:85:f0:8a:df:42:7d:77:
c4:32:d7:29:92:63:84:63:83:29:45:4c:a6:b5:64:
77:79:d0:cb:fe:9e:6f:50:41:d7:5a:f9:c7:ae:96:
94:7b:ca:2d:de:5f:67:a5:2c:e2:5a:ae:a3:d6:3b:
08:35:cf:e2:b2:f3:5f:77:02:18:0d:02:5f:4c:28:
33:4e:7d:ad:f1:6c:69:2d:60:f1:dd:ac:bb:06:b8:
b7:b7:b6:24:57:7f:ab:b2:2c:24:77:90:f2:82:ce:
e1:64:c2:b7:fd:d3:02:87:7a:a5:b8:b6:d7:93:b3:
6e:e3:89:43:3e:f1:da:ed:0c:17:6f:e6:71:5d:a9:
19:f0:2c:eb:b4:2d:60:21:bb:01:cb:ba:32:3d:4b:
8f:a3:f0:25:f1:6e:e3:e5:ed:fb:46:e6:26:d2:61:
ae:b6:40:fd:0b:38:3d:3e:8f:db:d2:89:b5:c9:d9:
fd:36:cc:48:9b:51:08:be:4e:e8:03:05:b3:26:2e:
dd:d3:7b:19:15:94:90:13:4a:e2:b7:fc:73:99:55:
a4:34:f2:1d:68:05:19:96:3f:75:3d:33:4f:aa:1c:
0a:14:37:2f:3f:8c:7c:37:ba:0e:1d:32:99:82:b0:
06:0a:47:a5:5b:22:a7:10:1b:7a:69:4a:a3:12:06:
af:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:22:85:89:4E:66:B2:B4:70:9C:B2:63:7D:E7:46:76:D4:F7:13:E5
X509v3 Authority Key Identifier:
keyid:98:84:55:84:AC:80:94:C1:80:6B:73:A6:F5:3E:46:B9:A2:8E:81:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mIRVhKyAlMGAa3Om9T5GuaKOgSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/813010-a96f-4510-9dbc-21f7751ca76c/1/bCKFiU5msrRwnLJjfedGdtT3E-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/813010-a96f-4510-9dbc-21f7751ca76c/1/mIRVhKyAlMGAa3Om9T5GuaKOgSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.110.102.0/23
Signature Algorithm: sha256WithRSAEncryption
84:31:bc:ec:ca:98:f3:80:a1:f0:3c:cd:e0:aa:b2:48:33:6d:
53:92:4d:80:8a:d2:29:96:01:43:a1:6c:ee:92:6e:03:2e:3d:
62:53:f1:c2:c1:29:ec:9a:1d:2f:46:d8:b4:5a:ac:34:c9:fb:
30:1a:6a:dc:6f:e2:48:8d:87:87:09:bf:1d:05:89:f0:c5:5b:
cb:57:9e:3b:c7:70:4c:d0:a7:ad:86:1d:79:d3:83:15:cd:12:
6a:ee:6e:e3:bf:c6:5e:df:d8:0a:46:2d:b2:d7:22:ae:10:ce:
01:fa:ff:0f:f5:26:78:1a:27:e9:43:69:d9:a3:7f:15:28:0d:
be:72:05:6c:92:0e:32:09:e1:ce:66:16:02:7b:c8:61:4e:9a:
8b:cf:a7:15:07:27:c8:e8:d2:83:18:d6:56:f9:89:87:e3:bb:
af:87:57:2f:c8:3a:28:cf:8a:43:26:40:ea:da:0e:8d:96:a9:
dd:5a:b4:54:fa:a9:00:1f:42:4a:48:b7:f4:12:6b:74:46:46:
b5:ce:d9:aa:7c:64:c7:6d:23:af:2e:07:e4:44:cd:98:c3:00:
9b:8c:23:cf:8d:f2:69:e3:e5:88:95:c7:e6:3b:88:37:84:df:
87:c1:a6:ff:ea:6e:a5:26:a6:7d:ba:16:e8:99:5a:0e:d7:8e:
e5:d4:9e:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu5VRyWxq9wCTb8LJrNRHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ODQ1NTg0YWM4MDk0YzE4MDZiNzNhNmY1M2U0NmI5YTI4
ZTgxMmIwHhcNMjQwMTAyMTAzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzIyODU4OTRlNjZiMmI0NzA5Y2IyNjM3ZGU3NDY3NmQ0ZjcxM2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31yjGeLIB4Xwit9CfXfEMtcpkmOE
Y4MpRUymtWR3edDL/p5vUEHXWvnHrpaUe8ot3l9npSziWq6j1jsINc/isvNfdwIY
DQJfTCgzTn2t8WxpLWDx3ay7Bri3t7YkV3+rsiwkd5Dygs7hZMK3/dMCh3qluLbX
k7Nu44lDPvHa7QwXb+ZxXakZ8CzrtC1gIbsBy7oyPUuPo/Al8W7j5e37RuYm0mGu
tkD9Czg9Po/b0om1ydn9NsxIm1EIvk7oAwWzJi7d03sZFZSQE0rit/xzmVWkNPId
aAUZlj91PTNPqhwKFDcvP4x8N7oOHTKZgrAGCkelWyKnEBt6aUqjEgaviQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGwihYlOZrK0cJyyY33nRnbU9xPlMB8GA1UdIwQY
MBaAFJiEVYSsgJTBgGtzpvU+RrmijoErMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUlSVmhLeUFsTUdBYTNPbTlUNUd1YUtPZ1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84MTMwMTAtYTk2Zi00NTEwLTlkYmMt
MjFmNzc1MWNhNzZjLzEvYkNLRmlVNW1zclJ3bkxKamZlZEdkdFQzRS1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84MTMwMTAtYTk2Zi00NTEwLTlkYmMtMjFmNzc1MWNhNzZj
LzEvbUlSVmhLeUFsTUdBYTNPbTlUNUd1YUtPZ1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsG5mMA0G
CSqGSIb3DQEBCwUAA4IBAQCEMbzsypjzgKHwPM3gqrJIM21Tkk2AitIplgFDoWzu
km4DLj1iU/HCwSnsmh0vRti0Wqw0yfswGmrcb+JIjYeHCb8dBYnwxVvLV547x3BM
0Kethh1504MVzRJq7m7jv8Ze39gKRi2y1yKuEM4B+v8P9SZ4GifpQ2nZo38VKA2+
cgVskg4yCeHOZhYCe8hhTpqLz6cVByfI6NKDGNZW+YmH47uvh1cvyDooz4pDJkDq
2g6NlqndWrRU+qkAH0JKSLf0Emt0Rka1ztmqfGTHbSOvLgfkRM2YwwCbjCPPjfJp
4+WIlcfmO4g3hN+Hwab/6m6lJqZ9uhbomVoO147l1J6L
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:45 2025 by rpki-client