Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/BjWk4KNxvyDKYlpm51dvTb86gtc.roa
File: BjWk4KNxvyDKYlpm51dvTb86gtc.roa (raw, json)
Hash identifier: +c8l4UB0bvOUN3feGvGWsfuzeYI2DTjyabKDQ/fjw5I=
Subject key identifier: 06:35:A4:E0:A3:71:BF:20:CA:62:5A:66:E7:57:6F:4D:BF:3A:82:D7
Certificate issuer: /CN=4d7683d6ea539fef1b6b6dbdd74a31d05e5f0a23
Certificate serial: 018CC34939AE869D58CA82884577855D2216
Authority key identifier: 4D:76:83:D6:EA:53:9F:EF:1B:6B:6D:BD:D7:4A:31:D0:5E:5F:0A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXaD1upTn-8ba22910ox0F5fCiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/BjWk4KNxvyDKYlpm51dvTb86gtc.roa
Signing time: Mon 01 Jan 2024 04:30:05 +0000
ROA not before: Mon 01 Jan 2024 04:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39605
IP address blocks: 193.84.18.0/24 maxlen: 24
78.40.120.0/21 maxlen: 24
185.60.92.0/22 maxlen: 24
158.58.176.0/21 maxlen: 24
2a02:4b8::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 22 Jul 2024 11:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:39:ae:86:9d:58:ca:82:88:45:77:85:5d:22:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d7683d6ea539fef1b6b6dbdd74a31d05e5f0a23
Validity
Not Before: Jan 1 04:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0635a4e0a371bf20ca625a66e7576f4dbf3a82d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:34:c6:c1:9d:af:c7:cf:13:ee:44:37:6d:8a:
0f:5a:ff:0f:5e:af:38:3d:d7:e8:6f:ae:3a:f8:18:
b5:73:40:6a:75:00:24:ca:57:cb:56:fd:8c:84:79:
be:82:4b:94:ac:b6:b9:7f:bd:8b:73:f2:51:4c:f8:
d9:7d:a7:8e:13:ff:5c:f1:14:8e:bf:f7:b8:04:fb:
2e:f6:3b:5b:18:0c:ec:53:8d:8d:8c:bb:c8:d6:fe:
0a:81:0c:b2:d0:41:45:a1:7c:f4:7b:6a:da:01:f5:
94:65:c0:4b:28:f0:f0:41:e5:37:5b:8d:27:0f:be:
1d:85:58:34:30:d0:2f:69:da:a6:93:d0:a8:03:3a:
e8:8a:02:b2:0f:dd:57:c9:47:f8:2a:9e:34:95:ba:
b7:10:b2:b5:26:0e:d0:64:f9:2c:1b:85:07:f6:7e:
f3:be:44:ce:2c:03:68:d9:78:17:e3:b2:c6:e0:b0:
c8:1b:20:aa:39:38:5e:00:c0:1e:8a:be:53:72:2e:
ef:4a:dd:60:fb:81:95:e3:ff:75:2f:31:ae:c8:97:
a3:1c:c3:3a:01:47:73:19:1f:aa:55:38:7d:e4:eb:
9d:13:44:80:5d:f3:4e:ef:39:2b:8a:22:60:10:51:
a8:33:18:ac:7a:f7:f6:f8:f3:28:9e:20:33:29:73:
69:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:35:A4:E0:A3:71:BF:20:CA:62:5A:66:E7:57:6F:4D:BF:3A:82:D7
X509v3 Authority Key Identifier:
keyid:4D:76:83:D6:EA:53:9F:EF:1B:6B:6D:BD:D7:4A:31:D0:5E:5F:0A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXaD1upTn-8ba22910ox0F5fCiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/BjWk4KNxvyDKYlpm51dvTb86gtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/TXaD1upTn-8ba22910ox0F5fCiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.120.0/21
158.58.176.0/21
185.60.92.0/22
193.84.18.0/24
IPv6:
2a02:4b8::/29
Signature Algorithm: sha256WithRSAEncryption
69:c6:64:3d:91:b7:a5:28:48:74:21:10:cb:21:c0:49:af:71:
71:3b:1d:c2:93:bc:f2:f3:3f:a9:22:58:f5:1f:72:90:b6:2a:
2a:12:fc:76:32:1b:bf:0c:1c:47:d3:f3:32:43:dc:84:cb:20:
ea:25:f4:24:8e:e3:d8:82:1c:7e:98:f4:4c:36:4b:77:15:e5:
c2:64:d7:c2:7c:c5:d0:25:43:0d:cf:9e:39:71:c3:d9:85:41:
86:f8:92:17:9c:b4:97:6c:46:15:3d:6a:e9:13:75:ab:60:f9:
3f:67:32:cc:73:a4:32:ce:2f:b0:41:df:cf:ca:da:e1:8f:43:
91:a7:3c:55:c0:3e:d7:3e:fa:87:ca:7f:3f:60:a0:c5:6d:08:
a8:54:14:91:93:02:1b:9e:da:fc:52:5b:af:6b:38:16:ff:a0:
d8:85:8c:e8:71:d4:2a:d4:de:61:fa:b8:2a:28:8d:cb:71:0c:
a7:8a:c1:d9:92:46:a3:b9:0a:9a:4d:c5:01:ba:68:bc:9d:f9:
b8:50:af:0e:06:82:f9:99:10:ae:99:3b:94:f0:7b:8b:40:60:
96:47:b7:9c:69:f9:ea:3e:56:40:21:98:2d:14:de:84:03:56:
99:8d:2d:19:29:14:fa:c2:e8:b9:c6:b7:00:54:ab:d5:d9:26:
45:17:ee:0d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDSTmuhp1YyoKIRXeFXSIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNzY4M2Q2ZWE1MzlmZWYxYjZiNmRiZGQ3NGEzMWQwNWU1
ZjBhMjMwHhcNMjQwMTAxMDQzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjM1YTRlMGEzNzFiZjIwY2E2MjVhNjZlNzU3NmY0ZGJmM2E4MmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjTGwZ2vx88T7kQ3bYoPWv8PXq84
Pdfob646+Bi1c0BqdQAkylfLVv2MhHm+gkuUrLa5f72Lc/JRTPjZfaeOE/9c8RSO
v/e4BPsu9jtbGAzsU42NjLvI1v4KgQyy0EFFoXz0e2raAfWUZcBLKPDwQeU3W40n
D74dhVg0MNAvadqmk9CoAzroigKyD91XyUf4Kp40lbq3ELK1Jg7QZPksG4UH9n7z
vkTOLANo2XgX47LG4LDIGyCqOTheAMAeir5Tci7vSt1g+4GV4/91LzGuyJejHMM6
AUdzGR+qVTh95OudE0SAXfNO7zkriiJgEFGoMxisevf2+PMoniAzKXNpeQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAY1pOCjcb8gymJaZudXb02/OoLXMB8GA1UdIwQY
MBaAFE12g9bqU5/vG2ttvddKMdBeXwojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFhhRDF1cFRuLThiYTIyOTEwb3gwRjVmQ2lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNTE5NWQtNjY5OC00NjA0LTkxMTQt
NjhiMzc2OGY1MGRjLzEvQmpXazRLTnh2eURLWWxwbTUxZHZUYjg2Z3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lNTE5NWQtNjY5OC00NjA0LTkxMTQtNjhiMzc2OGY1MGRj
LzEvVFhhRDF1cFRuLThiYTIyOTEwb3gwRjVmQ2lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDTih4AwQD
njqwAwQCuTxcAwQAwVQSMA0EAgACMAcDBQMqAgS4MA0GCSqGSIb3DQEBCwUAA4IB
AQBpxmQ9kbelKEh0IRDLIcBJr3FxOx3Ck7zy8z+pIlj1H3KQtioqEvx2Mhu/DBxH
0/MyQ9yEyyDqJfQkjuPYghx+mPRMNkt3FeXCZNfCfMXQJUMNz545ccPZhUGG+JIX
nLSXbEYVPWrpE3WrYPk/ZzLMc6Qyzi+wQd/Pytrhj0ORpzxVwD7XPvqHyn8/YKDF
bQioVBSRkwIbntr8UluvazgW/6DYhYzocdQq1N5h+rgqKI3LcQynisHZkkajuQqa
TcUBumi8nfm4UK8OBoL5mRCumTuU8HuLQGCWR7ecafnqPlZAIZgtFN6EA1aZjS0Z
KRT6wui5xrcAVKvV2SZFF+4N
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:22:42 2025 by rpki-client