Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/bvLCM05E42m-3bdS3hqvhnwJfG8.roa
File: bvLCM05E42m-3bdS3hqvhnwJfG8.roa (raw, json)
Hash identifier: sHKHI491dv8T/R5gqt5lpoyDYRzvvaMXhjhPhsUqVuw=
Subject key identifier: 6E:F2:C2:33:4E:44:E3:69:BE:DD:B7:52:DE:1A:AF:86:7C:09:7C:6F
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 01942521DD18BDD836E23D43F9663542801D
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/bvLCM05E42m-3bdS3hqvhnwJfG8.roa
Signing time: Thu 02 Jan 2025 03:49:23 +0000
ROA not before: Thu 02 Jan 2025 03:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199605
IP address blocks: 2a0a:280:1800::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Jan 2025 09:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:dd:18:bd:d8:36:e2:3d:43:f9:66:35:42:80:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jan 2 03:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ef2c2334e44e369beddb752de1aaf867c097c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:dc:cf:c4:e5:f5:f7:0f:60:1a:fa:7f:78:e3:
3e:55:38:d4:ae:5b:2f:12:0d:fd:af:74:9e:d1:9a:
1d:d4:f9:d4:a8:68:ea:9e:d9:cb:8b:5b:ef:c0:ab:
4e:c5:c0:7e:ee:55:1d:41:ee:c9:12:c6:66:b4:aa:
9a:f0:8b:15:52:b9:58:64:48:37:af:a1:2d:5a:ff:
d6:90:ce:91:ce:01:be:03:4a:f3:91:cd:32:61:2e:
0a:aa:8a:8e:9b:d0:b1:d6:38:13:8a:ec:8b:e0:79:
30:15:35:f7:28:82:d3:6b:06:38:62:fc:e2:34:01:
6c:63:be:89:9d:3a:02:99:47:85:c6:38:64:76:17:
33:1b:e0:c9:5f:37:58:30:04:c8:cd:31:f0:3b:7a:
6d:a1:93:88:4e:2f:a5:3e:f2:9c:21:79:3e:5d:15:
f1:7c:65:bf:51:ce:b6:c6:20:ca:49:0e:51:6a:7e:
d9:77:03:88:0b:a8:f5:cd:9f:c0:68:b4:e5:d5:97:
ac:58:d0:18:37:4a:21:44:42:d7:fd:d8:c0:9b:f1:
b8:a3:4f:d6:e5:70:df:3a:8d:70:78:6e:7e:ab:f7:
85:5d:60:52:ef:5f:7f:2e:76:6b:37:86:54:56:1f:
83:7d:c0:47:d8:e6:cd:30:bc:09:36:12:52:14:2a:
69:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F2:C2:33:4E:44:E3:69:BE:DD:B7:52:DE:1A:AF:86:7C:09:7C:6F
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/bvLCM05E42m-3bdS3hqvhnwJfG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:1800::/40
Signature Algorithm: sha256WithRSAEncryption
93:da:30:02:8c:e0:01:16:8b:74:8f:db:0a:fd:65:73:4e:c1:
bf:83:5c:9f:a1:d4:0f:90:b9:1a:19:2a:98:cd:83:fd:29:37:
56:73:11:04:bf:f7:70:f3:96:e1:c1:33:ae:1d:75:eb:80:6d:
d1:b6:5f:cd:f9:af:ee:67:6c:35:fa:f3:85:94:20:84:55:30:
51:cd:c0:f3:f8:2b:df:a8:56:b5:a6:6b:a8:a1:09:e0:d7:84:
a3:e0:96:46:2d:dc:12:b9:80:99:17:72:73:9d:67:c0:98:02:
6c:61:df:52:64:50:e0:b3:34:fd:a9:ad:54:f9:42:e7:38:b6:
87:bd:68:df:bd:6c:bd:93:b3:2c:76:12:67:c1:95:86:76:a6:
d3:2a:99:b0:9f:28:13:b6:52:e8:06:ef:42:67:10:75:0c:71:
ae:d9:f2:86:bf:e4:72:1a:76:d6:4b:52:25:24:45:1d:1b:15:
d9:9d:1e:0f:3a:da:1e:97:6b:5c:69:54:2d:b4:48:70:b4:1d:
24:38:92:e8:6d:36:21:4e:63:75:cc:a3:de:80:10:25:01:b2:
04:84:17:15:23:06:88:77:46:12:a0:bd:f2:ba:0c:a0:db:19:
36:c0:af:a3:91:36:bd:0a:13:8c:b9:23:17:43:e5:76:a7:64:
75:57:bc:ea
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQlId0Yvdg24j1D+WY1QoAdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjUwMTAyMDM0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWYyYzIzMzRlNDRlMzY5YmVkZGI3NTJkZTFhYWY4NjdjMDk3YzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdzPxOX19w9gGvp/eOM+VTjUrlsv
Eg39r3Se0Zod1PnUqGjqntnLi1vvwKtOxcB+7lUdQe7JEsZmtKqa8IsVUrlYZEg3
r6EtWv/WkM6RzgG+A0rzkc0yYS4KqoqOm9Cx1jgTiuyL4HkwFTX3KILTawY4Yvzi
NAFsY76JnToCmUeFxjhkdhczG+DJXzdYMATIzTHwO3ptoZOITi+lPvKcIXk+XRXx
fGW/Uc62xiDKSQ5Ran7ZdwOIC6j1zZ/AaLTl1ZesWNAYN0ohRELX/djAm/G4o0/W
5XDfOo1weG5+q/eFXWBS719/LnZrN4ZUVh+DfcBH2ObNMLwJNhJSFCpp1QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFG7ywjNORONpvt23Ut4ar4Z8CXxvMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvYnZMQ00wNUU0Mm0tM2JkUzNocXZobndKZkc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgBgw
DQYJKoZIhvcNAQELBQADggEBAJPaMAKM4AEWi3SP2wr9ZXNOwb+DXJ+h1A+QuRoZ
KpjNg/0pN1ZzEQS/93DzluHBM64ddeuAbdG2X835r+5nbDX684WUIIRVMFHNwPP4
K9+oVrWma6ihCeDXhKPglkYt3BK5gJkXcnOdZ8CYAmxh31JkUOCzNP2prVT5Quc4
toe9aN+9bL2Tsyx2EmfBlYZ2ptMqmbCfKBO2UugG70JnEHUMca7Z8oa/5HIadtZL
UiUkRR0bFdmdHg862h6Xa1xpVC20SHC0HSQ4kuhtNiFOY3XMo96AECUBsgSEFxUj
Boh3RhKgvfK6DKDbGTbAr6ORNr0KE4y5IxdD5XanZHVXvOo=
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:41:39 2025 by rpki-client