Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/BaY5J_rigNIWISyUaov34kFuYvI.roa
File: BaY5J_rigNIWISyUaov34kFuYvI.roa (raw, json)
Hash identifier: tV3wguCsfInRkjKxiJJzV0t40djuHsJjPjiD21qbcQ8=
Subject key identifier: 05:A6:39:27:FA:E2:80:D2:16:21:2C:94:6A:8B:F7:E2:41:6E:62:F2
Certificate issuer: /CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Certificate serial: 018CC56ECEFB9E6981DEA784462A8C2DB1CF
Authority key identifier: A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/BaY5J_rigNIWISyUaov34kFuYvI.roa
Signing time: Mon 01 Jan 2024 14:30:22 +0000
ROA not before: Mon 01 Jan 2024 14:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60456
IP address blocks: 185.231.168.0/22 maxlen: 22
45.81.204.0/22 maxlen: 22
2a0e:5f80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ce:fb:9e:69:81:de:a7:84:46:2a:8c:2d:b1:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Validity
Not Before: Jan 1 14:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05a63927fae280d216212c946a8bf7e2416e62f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:43:e2:8f:61:2c:33:fc:5b:64:0a:09:e9:93:
7a:c4:ca:cb:09:d4:cf:cd:3e:ce:f1:76:d5:96:32:
d9:9b:3b:c5:67:39:3d:d8:37:a0:d9:2e:52:01:d2:
e9:23:26:26:d0:00:4c:18:8c:67:1e:36:f7:f1:16:
20:25:60:b2:d8:d7:3d:15:42:a8:35:00:e4:03:fc:
33:d5:f3:40:9c:9a:9c:dd:26:d8:d8:3e:60:fb:28:
e2:37:c6:89:c0:ad:d5:f7:1d:84:08:92:a1:9b:50:
da:48:db:98:55:d6:69:c8:29:70:79:05:12:ce:58:
67:80:a3:80:1e:b8:5e:ca:e1:49:40:03:5c:5f:a5:
9e:59:25:88:f9:68:22:f9:7c:e6:77:de:b5:f9:39:
a8:45:77:e6:9a:b6:62:66:5f:98:a7:08:69:e8:d9:
fe:d9:ed:c7:d9:04:e3:30:ff:7f:a9:46:9e:09:68:
c2:dc:05:28:1a:ad:a2:09:62:f2:02:1f:b2:1e:f2:
78:bc:f5:37:98:07:68:61:d4:7c:e7:32:ab:83:49:
30:34:ee:ce:3a:7b:d7:6c:0b:5c:78:21:81:c7:a0:
e7:38:b6:51:1a:0e:09:13:34:13:30:f0:a1:ee:03:
7d:61:04:ec:f2:4c:7e:6a:75:17:1c:7c:cf:23:01:
a6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A6:39:27:FA:E2:80:D2:16:21:2C:94:6A:8B:F7:E2:41:6E:62:F2
X509v3 Authority Key Identifier:
keyid:A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/BaY5J_rigNIWISyUaov34kFuYvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.204.0/22
185.231.168.0/22
IPv6:
2a0e:5f80::/29
Signature Algorithm: sha256WithRSAEncryption
31:b6:5f:43:e6:d6:19:eb:6c:64:ff:4a:a9:de:90:a8:f4:a7:
d0:c2:c5:bb:f1:65:37:81:97:00:32:df:e8:29:6f:d5:b3:53:
21:34:cb:34:8f:97:7e:01:2e:66:90:f5:2f:61:74:8b:b4:c6:
ec:ec:93:ee:e3:3f:22:23:a4:b6:4d:83:32:e6:b0:c8:bd:36:
23:97:14:c2:c9:1e:22:dd:ee:30:ad:aa:79:71:fe:a6:bd:6f:
68:1c:18:26:31:c8:9f:b2:e1:2c:50:3d:e5:c2:dc:d4:27:f5:
33:b0:58:cf:54:75:91:ac:0e:fa:35:d8:ff:4e:09:d7:78:a0:
34:b1:db:d1:4d:33:ea:12:53:4f:a8:d3:00:1b:c6:a2:a7:6d:
e1:95:82:80:0b:dd:9d:67:ee:d0:b5:d4:1c:da:17:5b:51:50:
16:fc:47:f5:92:a0:92:08:f3:84:e7:21:b0:ee:59:cc:55:0f:
e1:6d:5a:e3:f8:9a:83:23:bf:78:7a:e3:fd:5b:05:04:76:07:
a7:0e:3b:4e:52:a0:de:0b:51:cb:5f:e9:40:10:6f:ee:a8:0d:
30:a3:21:93:c6:88:bf:5b:80:db:a9:37:f4:5e:15:b3:33:aa:
3e:e9:6d:54:91:83:25:f6:ba:e8:a9:06:be:12:09:c0:4e:ac:
a1:43:de:e0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFbs77nmmB3qeERiqMLbHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzUzNjliMmQ0YmIyZTJkZWRlNjY4NjQ1MzEzZTM0NGU2
ZjFjYzAwHhcNMjQwMTAxMTQzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWE2MzkyN2ZhZTI4MGQyMTYyMTJjOTQ2YThiZjdlMjQxNmU2MmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkPij2EsM/xbZAoJ6ZN6xMrLCdTP
zT7O8XbVljLZmzvFZzk92Deg2S5SAdLpIyYm0ABMGIxnHjb38RYgJWCy2Nc9FUKo
NQDkA/wz1fNAnJqc3SbY2D5g+yjiN8aJwK3V9x2ECJKhm1DaSNuYVdZpyClweQUS
zlhngKOAHrheyuFJQANcX6WeWSWI+Wgi+Xzmd961+TmoRXfmmrZiZl+Ypwhp6Nn+
2e3H2QTjMP9/qUaeCWjC3AUoGq2iCWLyAh+yHvJ4vPU3mAdoYdR85zKrg0kwNO7O
OnvXbAtceCGBx6DnOLZRGg4JEzQTMPCh7gN9YQTs8kx+anUXHHzPIwGmBwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAWmOSf64oDSFiEslGqL9+JBbmLyMB8GA1UdIwQY
MBaAFKN1NpstS7Li3t5mhkUxPjRObxzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQt
MjhiZWM3Yjk5OTI5LzEvQmFZNUpfcmlnTklXSVN5VWFvdjM0a0Z1WXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQtMjhiZWM3Yjk5OTI5
LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVHMAwQC
ueeoMA0EAgACMAcDBQMqDl+AMA0GCSqGSIb3DQEBCwUAA4IBAQAxtl9D5tYZ62xk
/0qp3pCo9KfQwsW78WU3gZcAMt/oKW/Vs1MhNMs0j5d+AS5mkPUvYXSLtMbs7JPu
4z8iI6S2TYMy5rDIvTYjlxTCyR4i3e4wrap5cf6mvW9oHBgmMcifsuEsUD3lwtzU
J/UzsFjPVHWRrA76Ndj/TgnXeKA0sdvRTTPqElNPqNMAG8aip23hlYKAC92dZ+7Q
tdQc2hdbUVAW/Ef1kqCSCPOE5yGw7lnMVQ/hbVrj+JqDI794euP9WwUEdgenDjtO
UqDeC1HLX+lAEG/uqA0woyGTxoi/W4DbqTf0XhWzM6o+6W1UkYMl9rroqQa+EgnA
TqyhQ97g
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:26:36 2025 by rpki-client