Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/bFKuzVJ7XUgYspchMdoR3Uj9gRk.roa
File: bFKuzVJ7XUgYspchMdoR3Uj9gRk.roa (raw, json)
Hash identifier: zpzRO3aKHvWhvcl4jdikS6hF1KVJfIZ5wCWWf4DcHcM=
Subject key identifier: 6C:52:AE:CD:52:7B:5D:48:18:B2:97:21:31:DA:11:DD:48:FD:81:19
Certificate issuer: /CN=d002fbe9f0a413603edefb733a531f2e2c0e9c06
Certificate serial: 018CC801E0D379722C40D3C3B1AEDC172C43
Authority key identifier: D0:02:FB:E9:F0:A4:13:60:3E:DE:FB:73:3A:53:1F:2E:2C:0E:9C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/bFKuzVJ7XUgYspchMdoR3Uj9gRk.roa
Signing time: Tue 02 Jan 2024 02:30:15 +0000
ROA not before: Tue 02 Jan 2024 02:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15951
IP address blocks: 185.94.177.0/24 maxlen: 24
185.94.176.0/24 maxlen: 24
185.94.178.0/24 maxlen: 24
193.41.164.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:e0:d3:79:72:2c:40:d3:c3:b1:ae:dc:17:2c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d002fbe9f0a413603edefb733a531f2e2c0e9c06
Validity
Not Before: Jan 2 02:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c52aecd527b5d4818b2972131da11dd48fd8119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b9:2e:17:60:e3:2a:be:6b:b8:54:1f:af:06:
9f:98:96:da:d9:d5:b3:38:fe:74:fc:cb:40:4f:bf:
bf:91:f0:fc:a8:66:f0:5c:15:ed:3e:72:62:50:b8:
b4:b6:36:37:6a:ff:8e:81:05:bc:b5:55:6e:98:86:
a2:12:5e:a8:43:40:04:89:1b:3b:fa:67:24:2f:33:
dc:c3:ab:2f:bc:8c:77:e6:36:91:01:5d:43:98:d9:
05:a1:63:8d:62:94:e5:f5:ad:02:64:ea:d3:ec:57:
c0:99:46:8e:78:1a:e3:00:4d:e5:54:61:74:2f:ce:
d6:96:f7:4f:28:72:c4:62:6b:14:ac:50:fb:18:6e:
ac:1c:3e:c5:89:ea:a3:73:49:8e:41:dc:1e:b8:00:
85:58:0c:5c:41:ee:82:af:68:57:3d:47:95:f2:bd:
aa:2c:a5:7e:ce:1e:5a:7e:89:37:ec:87:d7:37:5e:
bb:6e:26:f8:b2:6f:5e:ef:ef:3f:53:17:b3:b0:31:
09:91:09:e8:fb:9e:88:58:f2:38:bd:74:78:ef:da:
a4:99:2d:93:d2:08:25:09:4b:b7:d2:54:8d:83:e5:
6a:49:40:b9:6f:ab:bf:97:48:49:9b:b3:3c:66:ad:
69:ff:9a:97:d1:b3:eb:5b:69:4b:dd:8b:7b:e1:97:
8a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:52:AE:CD:52:7B:5D:48:18:B2:97:21:31:DA:11:DD:48:FD:81:19
X509v3 Authority Key Identifier:
keyid:D0:02:FB:E9:F0:A4:13:60:3E:DE:FB:73:3A:53:1F:2E:2C:0E:9C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/bFKuzVJ7XUgYspchMdoR3Uj9gRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.176.0-185.94.178.255
193.41.164.0/23
Signature Algorithm: sha256WithRSAEncryption
47:af:d0:50:4d:66:39:7e:bc:63:47:ea:37:a8:b5:a9:f2:1d:
bf:76:65:88:31:90:66:ac:14:9e:7c:83:04:9c:30:b6:a1:fc:
0e:a2:1d:8d:04:16:dd:9c:a6:21:5c:e0:60:9b:55:01:7f:aa:
99:c2:28:0b:88:52:da:69:da:df:76:f1:1a:6a:5e:ed:d3:5a:
e7:bb:10:fc:08:aa:f7:9f:05:1d:af:dc:20:87:72:32:6c:59:
f5:d6:95:e7:f8:f6:d9:14:74:f8:47:e9:0b:ac:60:09:8e:db:
b3:59:f3:0f:4d:fd:eb:87:ad:39:3d:95:85:4c:64:4f:29:84:
2b:85:7d:84:07:f1:b0:85:7e:33:be:f2:4a:66:f7:4b:15:2a:
a0:f9:32:59:a8:92:e6:5e:40:30:51:10:0b:a9:e2:4d:61:ca:
4c:f9:31:cf:e3:14:34:67:32:4d:d3:30:3f:e0:d5:ae:c3:01:
b6:b7:42:90:99:a4:db:84:92:d9:5a:0b:ab:91:ca:bd:0e:a0:
38:f0:cd:ec:1c:8c:87:34:f6:64:c8:e5:d4:dd:3c:5b:68:42:
d2:23:3c:74:a3:c7:d5:fc:85:c0:cc:17:82:7c:da:4c:6c:93:
5c:9b:df:87:69:28:50:0b:6e:f6:34:77:40:30:c1:69:0a:f3:
77:06:9e:bc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzIAeDTeXIsQNPDsa7cFyxDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMDJmYmU5ZjBhNDEzNjAzZWRlZmI3MzNhNTMxZjJlMmMw
ZTljMDYwHhcNMjQwMTAyMDIzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzUyYWVjZDUyN2I1ZDQ4MThiMjk3MjEzMWRhMTFkZDQ4ZmQ4MTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbkuF2DjKr5ruFQfrwafmJba2dWz
OP50/MtAT7+/kfD8qGbwXBXtPnJiULi0tjY3av+OgQW8tVVumIaiEl6oQ0AEiRs7
+mckLzPcw6svvIx35jaRAV1DmNkFoWONYpTl9a0CZOrT7FfAmUaOeBrjAE3lVGF0
L87WlvdPKHLEYmsUrFD7GG6sHD7Fieqjc0mOQdweuACFWAxcQe6Cr2hXPUeV8r2q
LKV+zh5afok37IfXN167bib4sm9e7+8/UxezsDEJkQno+56IWPI4vXR479qkmS2T
0gglCUu30lSNg+VqSUC5b6u/l0hJm7M8Zq1p/5qX0bPrW2lL3Yt74ZeKvQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGxSrs1Se11IGLKXITHaEd1I/YEZMB8GA1UdIwQY
MBaAFNAC++nwpBNgPt77czpTHy4sDpwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85YmFmYjEtMGM0Mi00MjViLWFhMjkt
MTljMDQ1YzZhMTRmLzEvYkZLdXpWSjdYVWdZc3BjaE1kb1IzVWo5Z1JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85YmFmYjEtMGM0Mi00MjViLWFhMjktMTljMDQ1YzZhMTRm
LzEvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAS5XrAD
BAC5XrIDBAHBKaQwDQYJKoZIhvcNAQELBQADggEBAEev0FBNZjl+vGNH6jeotany
Hb92ZYgxkGasFJ58gwScMLah/A6iHY0EFt2cpiFc4GCbVQF/qpnCKAuIUtpp2t92
8RpqXu3TWue7EPwIqvefBR2v3CCHcjJsWfXWlef49tkUdPhH6QusYAmO27NZ8w9N
/euHrTk9lYVMZE8phCuFfYQH8bCFfjO+8kpm90sVKqD5MlmokuZeQDBREAup4k1h
ykz5Mc/jFDRnMk3TMD/g1a7DAba3QpCZpNuEktlaC6uRyr0OoDjwzewcjIc09mTI
5dTdPFtoQtIjPHSjx9X8hcDMF4J82kxsk1yb34dpKFALbvY0d0AwwWkK83cGnrw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:40 2025 by rpki-client