Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/bv_eJpfWInwr_fJcXGgPEuCm_lA.roa
File: bv_eJpfWInwr_fJcXGgPEuCm_lA.roa (raw, json)
Hash identifier: rosw+fGb3OW30rsoZq8eAs9XPGDyHaGaGc+6gNKpXc0=
Subject key identifier: 6E:FF:DE:26:97:D6:22:7C:2B:FD:F2:5C:5C:68:0F:12:E0:A6:FE:50
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01958AD80D11C2B65DE1D7246C74E2B5868A
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/bv_eJpfWInwr_fJcXGgPEuCm_lA.roa
Signing time: Wed 12 Mar 2025 14:52:49 +0000
ROA not before: Wed 12 Mar 2025 14:52:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 85.239.156.0/24 maxlen: 24
92.62.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Mar 2025 07:27:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:d8:0d:11:c2:b6:5d:e1:d7:24:6c:74:e2:b5:86:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Mar 12 14:52:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6effde2697d6227c2bfdf25c5c680f12e0a6fe50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ae:99:54:9b:61:90:00:3c:96:3c:3c:49:4f:
a2:7e:38:40:94:c4:9c:10:8b:10:54:88:ae:2c:23:
80:23:f2:c8:bd:47:85:e9:70:0d:41:ad:30:d1:c5:
b3:31:31:63:5b:50:69:57:5b:72:29:bb:28:03:de:
12:73:a3:8e:91:48:9f:df:93:0c:8c:4d:c0:75:d1:
4a:9a:7c:29:ae:c3:61:1b:94:3c:db:24:26:87:98:
08:09:90:86:76:23:56:a4:20:17:68:96:b2:0e:93:
e2:07:83:16:f0:8d:19:a4:9e:8e:58:ff:62:7e:d6:
b3:29:7f:a9:1b:c3:3d:68:73:52:71:6a:6c:9a:96:
bf:88:e9:ec:a2:3a:db:64:5d:90:d5:30:3b:f3:2f:
5d:48:92:7f:4c:0f:9f:1b:f0:5b:2e:51:db:71:5b:
14:9d:cf:a4:30:ee:85:03:56:7d:b9:97:63:30:06:
f8:3d:c4:e1:9b:29:46:c3:34:34:eb:93:56:a8:fd:
35:df:dc:78:02:58:a4:1b:da:c4:9f:92:97:74:fe:
20:ce:df:40:55:a1:70:ea:c6:82:58:fa:17:16:98:
5b:be:72:a2:77:95:ca:58:d2:5f:b6:4c:f7:4f:42:
b5:c7:8f:b3:a4:6c:79:7b:ba:8e:0e:3d:6d:a5:ee:
94:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:FF:DE:26:97:D6:22:7C:2B:FD:F2:5C:5C:68:0F:12:E0:A6:FE:50
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/bv_eJpfWInwr_fJcXGgPEuCm_lA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.156.0/24
92.62.253.0/24
Signature Algorithm: sha256WithRSAEncryption
05:6c:40:68:3f:f9:d5:3a:04:ee:07:76:74:ea:df:18:d8:a5:
46:05:5f:26:fc:a8:ab:c1:1e:a2:1d:48:24:d5:dd:4e:be:14:
2b:6c:ed:43:fc:b5:33:f9:bf:3c:cb:2d:4a:a4:05:69:08:4d:
8e:40:ea:6d:bd:22:29:62:a0:d6:55:c5:ae:45:37:18:f7:5e:
17:98:cd:13:27:48:a0:57:6d:79:9a:0a:f2:07:a8:07:90:79:
af:2c:9f:dd:ae:0c:6b:52:e8:f2:45:f9:96:42:44:ff:dd:f7:
a3:c3:ad:82:bc:f9:28:71:bb:41:e5:bc:01:5c:8a:84:c8:0c:
0f:1e:9c:eb:da:2c:5b:3d:45:86:9d:28:fb:57:e2:f4:2d:7d:
89:89:13:45:05:56:4b:b6:0d:8b:25:f2:57:c0:61:85:c2:98:
39:68:45:aa:b1:7f:04:8e:14:cf:da:1f:5d:25:c5:01:6b:24:
2e:7c:51:2c:5a:ea:d6:6b:72:53:5f:77:91:c2:f7:d1:34:58:
fb:5d:74:48:8d:41:87:67:fb:e6:c1:b5:85:7e:c3:9e:e2:44:
4d:e4:14:95:6b:51:c3:b9:f6:c2:7e:da:02:b2:d6:4a:58:21:
89:cc:9c:b1:02:ea:37:03:96:a4:80:e9:70:de:c5:86:f7:06:
18:e7:33:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWK2A0RwrZd4dckbHTitYaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMzEyMTQ1MjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWZmZGUyNjk3ZDYyMjdjMmJmZGYyNWM1YzY4MGYxMmUwYTZmZTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzq6ZVJthkAA8ljw8SU+ifjhAlMSc
EIsQVIiuLCOAI/LIvUeF6XANQa0w0cWzMTFjW1BpV1tyKbsoA94Sc6OOkUif35MM
jE3AddFKmnwprsNhG5Q82yQmh5gICZCGdiNWpCAXaJayDpPiB4MW8I0ZpJ6OWP9i
ftazKX+pG8M9aHNScWpsmpa/iOnsojrbZF2Q1TA78y9dSJJ/TA+fG/BbLlHbcVsU
nc+kMO6FA1Z9uZdjMAb4PcThmylGwzQ065NWqP0139x4AlikG9rEn5KXdP4gzt9A
VaFw6saCWPoXFphbvnKid5XKWNJftkz3T0K1x4+zpGx5e7qODj1tpe6UsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG7/3iaX1iJ8K/3yXFxoDxLgpv5QMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvYnZfZUpwZldJbndyX2ZKY1hHZ1BFdUNtX2xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVe+cAwQA
XD79MA0GCSqGSIb3DQEBCwUAA4IBAQAFbEBoP/nVOgTuB3Z06t8Y2KVGBV8m/Kir
wR6iHUgk1d1OvhQrbO1D/LUz+b88yy1KpAVpCE2OQOptvSIpYqDWVcWuRTcY914X
mM0TJ0igV215mgryB6gHkHmvLJ/drgxrUujyRfmWQkT/3fejw62CvPkocbtB5bwB
XIqEyAwPHpzr2ixbPUWGnSj7V+L0LX2JiRNFBVZLtg2LJfJXwGGFwpg5aEWqsX8E
jhTP2h9dJcUBayQufFEsWurWa3JTX3eRwvfRNFj7XXRIjUGHZ/vmwbWFfsOe4kRN
5BSVa1HDufbCftoCstZKWCGJzJyxAuo3A5akgOlw3sWG9wYY5zNp
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:08:30 2025 by rpki-client