Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/ce876c-2c02-4775-8095-78d4a64d22d9/1/bvazcZgPnff4-IRbY0vSQckaULI.roa
File: bvazcZgPnff4-IRbY0vSQckaULI.roa (raw, json)
Hash identifier: 9IWRN2rpOPieEFQHWVf0Hujx2sgtnDNNpDSZlVONpR0=
Subject key identifier: 6E:F6:B3:71:98:0F:9D:F7:F8:F8:84:5B:63:4B:D2:41:C9:1A:50:B2
Certificate issuer: /CN=4e2d20f2de4d57e1bc645cb6287ff810d0f5a4bf
Certificate serial: 018F3DC775CDAFCB61C77CB334911FC63DE6
Authority key identifier: 4E:2D:20:F2:DE:4D:57:E1:BC:64:5C:B6:28:7F:F8:10:D0:F5:A4:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ti0g8t5NV-G8ZFy2KH_4END1pL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/ce876c-2c02-4775-8095-78d4a64d22d9/1/bvazcZgPnff4-IRbY0vSQckaULI.roa
Signing time: Fri 03 May 2024 09:27:13 +0000
ROA not before: Fri 03 May 2024 09:27:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50676
IP address blocks: 192.162.40.0/24 maxlen: 24
192.162.41.0/24 maxlen: 24
192.162.42.0/24 maxlen: 24
192.162.43.0/24 maxlen: 24
195.191.82.0/24 maxlen: 24
195.191.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jun 2024 13:32:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3d:c7:75:cd:af:cb:61:c7:7c:b3:34:91:1f:c6:3d:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e2d20f2de4d57e1bc645cb6287ff810d0f5a4bf
Validity
Not Before: May 3 09:27:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ef6b371980f9df7f8f8845b634bd241c91a50b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7a:24:1b:22:7d:86:4b:6b:77:26:85:fc:f8:
e5:aa:11:3f:29:04:d7:0b:60:01:79:92:41:8f:4a:
6e:1e:75:55:2a:6f:7c:c7:1e:da:0e:d9:dd:ad:16:
c1:49:11:3a:cd:db:ab:41:80:87:46:6b:fc:ed:37:
ab:7f:46:1a:24:ce:99:4d:c5:93:8b:5e:6c:7f:5a:
a0:32:4f:c5:24:9f:cd:bc:52:66:fe:8a:03:fc:16:
42:31:a3:63:3e:50:13:d9:12:68:d6:d6:26:38:e0:
22:d0:52:49:4a:3a:42:15:f2:be:1c:cf:ff:84:0a:
b2:a1:63:22:a0:ab:8b:e2:a8:92:f6:4f:64:ad:92:
95:a2:e3:cd:15:d9:4c:3e:29:6a:d0:58:93:38:6c:
c7:7c:f5:c3:45:25:a3:26:ff:20:dd:75:36:3a:1b:
7d:4a:04:30:81:62:8b:ec:a3:00:32:e4:70:50:c4:
63:b9:c4:3a:ab:8d:79:3d:c4:e9:c6:6d:63:1f:94:
0c:d9:ba:3a:a4:9e:77:be:0c:93:01:2b:0a:de:55:
73:f0:ef:fc:32:af:4b:2a:ac:80:cd:93:06:a2:6f:
77:78:2f:35:a4:e5:1c:3a:81:5c:e1:19:d0:89:d3:
13:18:70:92:00:b7:d2:1e:94:8e:6b:27:77:ae:26:
63:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F6:B3:71:98:0F:9D:F7:F8:F8:84:5B:63:4B:D2:41:C9:1A:50:B2
X509v3 Authority Key Identifier:
keyid:4E:2D:20:F2:DE:4D:57:E1:BC:64:5C:B6:28:7F:F8:10:D0:F5:A4:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ti0g8t5NV-G8ZFy2KH_4END1pL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/ce876c-2c02-4775-8095-78d4a64d22d9/1/bvazcZgPnff4-IRbY0vSQckaULI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/ce876c-2c02-4775-8095-78d4a64d22d9/1/Ti0g8t5NV-G8ZFy2KH_4END1pL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.40.0/22
195.191.82.0/23
Signature Algorithm: sha256WithRSAEncryption
91:7b:c7:2a:da:23:98:ec:8e:83:a3:d6:a8:37:9b:9e:b0:02:
2a:8d:90:57:9b:07:30:cb:fd:4b:d8:6f:fe:0d:88:03:33:cb:
98:49:9b:7a:42:37:ab:f0:77:b8:c1:ed:dc:66:58:86:04:af:
07:5f:ec:5b:3d:19:17:eb:ab:82:73:bb:69:54:b3:25:9a:41:
4f:e7:ef:2b:98:a3:40:06:8b:21:36:61:c4:3f:06:6e:91:7c:
6f:f2:59:0e:e9:be:67:4c:19:f6:e6:5b:29:57:06:af:16:d8:
d0:a8:65:3a:f4:dc:da:ba:a7:f6:d8:0b:6b:bb:eb:55:25:24:
68:16:2a:bb:a7:b8:ea:b0:d4:74:88:8f:aa:53:12:74:37:ea:
83:73:89:c8:98:e4:85:53:65:48:1d:84:8b:43:61:ec:17:75:
a4:24:99:d6:c9:45:ad:9b:72:7f:f2:74:14:ec:11:f9:72:68:
3e:0f:bb:f4:fc:3c:db:c2:1a:b8:a9:43:9b:24:65:ce:01:c6:
15:fb:4a:45:ef:c0:1a:cb:3a:fc:89:e8:d4:a1:c8:57:41:07:
98:05:35:b9:14:e2:a2:0a:9f:11:ab:6a:fd:b2:78:9b:3a:dd:
15:ec:5f:b0:20:22:1e:c6:22:40:eb:6d:d3:0c:c2:7e:09:78:
b4:46:69:84
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY89x3XNr8thx3yzNJEfxj3mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMmQyMGYyZGU0ZDU3ZTFiYzY0NWNiNjI4N2ZmODEwZDBm
NWE0YmYwHhcNMjQwNTAzMDkyNzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWY2YjM3MTk4MGY5ZGY3ZjhmODg0NWI2MzRiZDI0MWM5MWE1MGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHokGyJ9hktrdyaF/PjlqhE/KQTX
C2ABeZJBj0puHnVVKm98xx7aDtndrRbBSRE6zdurQYCHRmv87Terf0YaJM6ZTcWT
i15sf1qgMk/FJJ/NvFJm/ooD/BZCMaNjPlAT2RJo1tYmOOAi0FJJSjpCFfK+HM//
hAqyoWMioKuL4qiS9k9krZKVouPNFdlMPilq0FiTOGzHfPXDRSWjJv8g3XU2Oht9
SgQwgWKL7KMAMuRwUMRjucQ6q415PcTpxm1jH5QM2bo6pJ53vgyTASsK3lVz8O/8
Mq9LKqyAzZMGom93eC81pOUcOoFc4RnQidMTGHCSALfSHpSOayd3riZjywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG72s3GYD533+PiEW2NL0kHJGlCyMB8GA1UdIwQY
MBaAFE4tIPLeTVfhvGRctih/+BDQ9aS/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGkwZzh0NU5WLUc4WkZ5MktIXzRFTkQxcEw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9jZTg3NmMtMmMwMi00Nzc1LTgwOTUt
NzhkNGE2NGQyMmQ5LzEvYnZhemNaZ1BuZmY0LUlSYlkwdlNRY2thVUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9jZTg3NmMtMmMwMi00Nzc1LTgwOTUtNzhkNGE2NGQyMmQ5
LzEvVGkwZzh0NU5WLUc4WkZ5MktIXzRFTkQxcEw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwKIoAwQB
w79SMA0GCSqGSIb3DQEBCwUAA4IBAQCRe8cq2iOY7I6Do9aoN5uesAIqjZBXmwcw
y/1L2G/+DYgDM8uYSZt6Qjer8He4we3cZliGBK8HX+xbPRkX66uCc7tpVLMlmkFP
5+8rmKNABoshNmHEPwZukXxv8lkO6b5nTBn25lspVwavFtjQqGU69Nzauqf22Atr
u+tVJSRoFiq7p7jqsNR0iI+qUxJ0N+qDc4nImOSFU2VIHYSLQ2HsF3WkJJnWyUWt
m3J/8nQU7BH5cmg+D7v0/Dzbwhq4qUObJGXOAcYV+0pF78Aayzr8iejUochXQQeY
BTW5FOKiCp8Rq2r9snibOt0V7F+wICIexiJA623TDMJ+CXi0RmmE
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:33:20 2025 by rpki-client