Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BMJq_KUOe5h0VniIq38y12A5COo.roa
File: BMJq_KUOe5h0VniIq38y12A5COo.roa (raw, json)
Hash identifier: 7i2jM8HtdumaSgtxq89rlmMeiTBpD39ztAzJ4BRXHkE=
Subject key identifier: 04:C2:6A:FC:A5:0E:7B:98:74:56:78:88:AB:7F:32:D7:60:39:08:EA
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 01955B0B92655CFEC75313371F6C5A561A89
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BMJq_KUOe5h0VniIq38y12A5COo.roa
Signing time: Mon 03 Mar 2025 08:07:19 +0000
ROA not before: Mon 03 Mar 2025 08:07:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.65.114.0/24 maxlen: 24
45.154.156.0/22 maxlen: 24
185.83.200.0/22 maxlen: 24
188.209.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 11:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:0b:92:65:5c:fe:c7:53:13:37:1f:6c:5a:56:1a:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Mar 3 08:07:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04c26afca50e7b9874567888ab7f32d7603908ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:46:10:9d:de:77:f2:63:e2:55:75:18:5b:97:
15:b4:b0:05:28:bc:b6:32:5c:51:1a:10:48:25:27:
9e:09:ff:b7:12:85:1f:21:6d:a9:70:6d:75:d7:04:
94:63:b6:17:51:bb:53:46:2f:9c:18:ac:e8:7c:71:
b3:e0:93:68:a2:5d:15:19:18:36:df:8d:41:25:78:
c7:3a:05:b0:f3:85:ab:4c:e8:e0:2f:ca:a0:4d:44:
6a:36:0e:e4:b0:98:aa:25:80:8c:40:31:ff:d4:4f:
d3:83:d6:c4:ec:4b:32:db:aa:5a:e8:58:75:d4:1f:
7f:3c:95:09:c8:8f:68:ac:0c:70:d0:ce:03:7d:52:
c2:fc:46:95:20:28:82:9e:f8:52:e2:98:55:6a:90:
53:7a:0e:40:d9:4e:c8:72:04:ba:bc:00:f2:e8:90:
e7:bb:fb:7c:04:d4:f0:8b:3a:29:a0:e8:a1:fa:0b:
de:37:c6:95:e3:d2:13:e6:86:44:16:4a:7e:a0:24:
2c:bd:b8:39:d8:c3:ce:b3:62:f6:33:94:c4:b8:7a:
51:0f:58:8b:0c:25:fd:b2:8e:fd:09:4c:d3:41:86:
98:b9:29:fb:4d:54:14:4a:1c:01:6a:ee:18:72:b7:
c3:1b:c5:4b:ac:51:ff:a7:c9:4b:72:6f:bc:22:3f:
80:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:C2:6A:FC:A5:0E:7B:98:74:56:78:88:AB:7F:32:D7:60:39:08:EA
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BMJq_KUOe5h0VniIq38y12A5COo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.114.0/24
45.154.156.0/22
185.83.200.0/22
188.209.131.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:c6:a9:26:9b:4c:19:ba:b0:fd:b1:62:a3:72:70:2e:e1:c7:
bd:37:f1:6b:0d:eb:c8:b1:a8:4e:4e:35:18:d8:8a:e5:bc:31:
93:33:19:59:0a:bc:53:e3:78:12:6e:17:d2:82:ca:54:3d:73:
07:88:6b:11:d0:37:32:14:86:e3:21:24:ec:af:24:86:46:41:
f3:25:fe:c1:27:fd:82:c9:45:1b:50:78:39:a1:0b:8f:23:16:
7d:67:2e:ff:1b:59:dd:0a:b1:51:94:55:7f:aa:fa:74:22:95:
e7:34:d3:1d:7c:09:65:ee:07:0b:0b:5d:04:c4:b9:81:42:53:
ce:dc:fe:f3:5a:c4:77:8c:c4:72:8b:51:cf:6b:fd:8e:c8:26:
aa:ae:ed:27:27:bf:99:a1:32:c6:a6:6e:0e:75:34:75:c1:ad:
66:f8:3c:39:d5:d1:9c:eb:ca:a8:25:a4:12:d7:e0:5b:73:c3:
86:20:e7:45:a8:f2:a1:73:31:2e:c3:86:9f:87:6d:e1:20:54:
d4:36:ce:8b:3f:ab:6a:f3:1f:ec:2b:3e:d5:a5:7a:8a:07:fb:
6f:aa:58:68:8b:a9:6b:a7:16:93:33:6d:44:b9:49:ad:c5:d8:
33:2a:a1:29:79:7a:25:4f:5b:ab:45:13:78:be:85:ef:1a:ac:
ed:99:95:fb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZVbC5JlXP7HUxM3H2xaVhqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwMzAzMDgwNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGMyNmFmY2E1MGU3Yjk4NzQ1Njc4ODhhYjdmMzJkNzYwMzkwOGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0YQnd538mPiVXUYW5cVtLAFKLy2
MlxRGhBIJSeeCf+3EoUfIW2pcG111wSUY7YXUbtTRi+cGKzofHGz4JNool0VGRg2
341BJXjHOgWw84WrTOjgL8qgTURqNg7ksJiqJYCMQDH/1E/Tg9bE7Esy26pa6Fh1
1B9/PJUJyI9orAxw0M4DfVLC/EaVICiCnvhS4phVapBTeg5A2U7IcgS6vADy6JDn
u/t8BNTwizopoOih+gveN8aV49IT5oZEFkp+oCQsvbg52MPOs2L2M5TEuHpRD1iL
DCX9so79CUzTQYaYuSn7TVQUShwBau4YcrfDG8VLrFH/p8lLcm+8Ij+AHwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFATCavylDnuYdFZ4iKt/MtdgOQjqMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvQk1KcV9LVU9lNWgwVm5pSXEzOHkxMkE1Q09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALUFyAwQC
LZqcAwQCuVPIAwQAvNGDMA0GCSqGSIb3DQEBCwUAA4IBAQBqxqkmm0wZurD9sWKj
cnAu4ce9N/FrDevIsahOTjUY2IrlvDGTMxlZCrxT43gSbhfSgspUPXMHiGsR0Dcy
FIbjISTsrySGRkHzJf7BJ/2CyUUbUHg5oQuPIxZ9Zy7/G1ndCrFRlFV/qvp0IpXn
NNMdfAll7gcLC10ExLmBQlPO3P7zWsR3jMRyi1HPa/2OyCaqru0nJ7+ZoTLGpm4O
dTR1wa1m+Dw51dGc68qoJaQS1+Bbc8OGIOdFqPKhczEuw4afh23hIFTUNs6LP6tq
8x/sKz7VpXqKB/tvqlhoi6lrpxaTM21EuUmtxdgzKqEpeXolT1urRRN4voXvGqzt
mZX7
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:42:33 2025 by rpki-client