Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/baNoBrnAucQh1O2jIS5IQryGE-c.roa
File: baNoBrnAucQh1O2jIS5IQryGE-c.roa (raw, json)
Hash identifier: I47FRrNkr5Qw25U7vdTv3akfAuvW58v9cFKSsi2Ajgs=
Subject key identifier: 6D:A3:68:06:B9:C0:B9:C4:21:D4:ED:A3:21:2E:48:42:BC:86:13:E7
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018E77F84F096C29A1B5B94BC03607F92C74
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/baNoBrnAucQh1O2jIS5IQryGE-c.roa
Signing time: Mon 25 Mar 2024 23:35:45 +0000
ROA not before: Mon 25 Mar 2024 23:35:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39249
IP address blocks: 95.164.12.0/22 maxlen: 22
95.164.71.0/24 maxlen: 24
195.149.96.0/24 maxlen: 24
195.214.212.0/24 maxlen: 24
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:8000::/33 maxlen: 33
2a01:d0:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 Apr 2024 21:29:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:77:f8:4f:09:6c:29:a1:b5:b9:4b:c0:36:07:f9:2c:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Mar 25 23:35:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6da36806b9c0b9c421d4eda3212e4842bc8613e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8e:6f:99:93:61:f0:32:66:ae:f2:98:cc:5b:
be:f2:d3:ca:2d:2b:ff:37:fb:e3:c1:74:86:fd:01:
66:46:67:ac:9f:41:37:10:10:f5:3d:81:06:2a:bf:
77:71:62:9d:e3:eb:d8:70:ff:99:57:87:90:d3:a3:
1a:8e:63:e8:e7:f7:60:72:46:3c:83:ea:4f:22:02:
61:9e:89:d8:7a:7e:5f:43:be:cf:d2:14:4d:61:61:
c7:de:b9:a3:55:17:be:87:24:45:3c:0a:1c:69:6c:
0a:35:e3:70:6a:45:d7:97:b4:59:39:7e:79:4b:d9:
e0:2c:58:2f:42:1c:45:dd:e2:19:4c:ce:94:c0:41:
b4:9c:9a:eb:e7:35:19:f3:86:d1:49:05:ce:79:c1:
f5:1e:3d:2f:07:60:b4:9b:21:cd:15:f0:81:5c:78:
f5:c0:52:f8:23:43:c6:b0:13:46:62:12:44:30:d0:
25:65:48:7f:52:61:d1:07:dc:d5:35:ee:bd:26:99:
d8:80:7e:79:e8:e8:4d:fb:89:c3:9d:fc:28:0f:9d:
72:6b:6e:74:47:e7:9a:73:b2:67:b4:80:62:b7:96:
30:83:1d:a2:c0:34:d0:38:67:d1:d3:08:cb:bd:8c:
4c:d6:30:50:26:fc:42:b7:2c:bf:08:e7:8f:30:21:
6b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A3:68:06:B9:C0:B9:C4:21:D4:ED:A3:21:2E:48:42:BC:86:13:E7
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/baNoBrnAucQh1O2jIS5IQryGE-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.12.0/22
95.164.71.0/24
195.149.96.0/24
195.214.212.0/24
IPv6:
2a01:d0:7fff::-2a01:d0:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a0:f5:80:bf:fb:b8:3a:fa:ce:b0:22:c9:64:a5:35:15:4f:94:
ac:4f:64:44:19:b5:cb:f7:77:d6:b9:68:fc:bf:d5:9a:e2:c7:
9a:bf:fe:49:39:29:3e:2c:3a:e6:1e:ad:3b:ce:36:cf:d5:c4:
17:5a:96:c8:d7:44:04:cf:1a:90:3a:3b:4f:2b:04:7e:6d:43:
62:8d:af:76:ca:08:d4:04:b5:3b:0c:0a:33:3e:49:ff:f6:da:
26:61:17:d5:ed:79:1a:35:8e:8a:d4:d6:86:c3:d9:a3:01:7e:
a0:dd:27:d8:15:b5:17:7b:32:95:af:a0:e3:43:d2:ef:1c:16:
bf:9d:1d:52:d9:4a:a2:4d:e3:53:7e:52:b9:c5:15:a3:f8:15:
c8:99:79:eb:a7:31:ea:cc:36:04:44:83:0a:f4:54:68:84:5a:
fa:6a:7d:64:cf:74:07:79:7e:7d:77:de:bf:61:de:c9:e3:ab:
02:b5:66:ec:a5:00:f6:53:fd:dc:e8:4b:6f:a5:86:b8:84:ff:
9e:e7:45:ca:f1:3e:26:f5:84:84:66:86:63:02:2c:d5:30:f4:
77:39:18:43:9d:bc:e8:9e:24:e1:68:1e:85:df:22:a4:eb:ca:
4c:9a:69:f8:50:23:82:58:ac:9b:95:94:28:f4:16:d8:91:a8:
65:20:54:4f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY53+E8JbCmhtblLwDYH+Sx0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwMzI1MjMzNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGEzNjgwNmI5YzBiOWM0MjFkNGVkYTMyMTJlNDg0MmJjODYxM2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkI5vmZNh8DJmrvKYzFu+8tPKLSv/
N/vjwXSG/QFmRmesn0E3EBD1PYEGKr93cWKd4+vYcP+ZV4eQ06MajmPo5/dgckY8
g+pPIgJhnonYen5fQ77P0hRNYWHH3rmjVRe+hyRFPAocaWwKNeNwakXXl7RZOX55
S9ngLFgvQhxF3eIZTM6UwEG0nJrr5zUZ84bRSQXOecH1Hj0vB2C0myHNFfCBXHj1
wFL4I0PGsBNGYhJEMNAlZUh/UmHRB9zVNe69JpnYgH556OhN+4nDnfwoD51ya250
R+eac7JntIBit5Ywgx2iwDTQOGfR0wjLvYxM1jBQJvxCtyy/COePMCFr8QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFG2jaAa5wLnEIdTtoyEuSEK8hhPnMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvYmFOb0JybkF1Y1FoMU8yaklTNUlRcnlHRS1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQCX6QMAwQA
X6RHAwQAw5VgAwQAw9bUMBgEAgACMBIwEAMHACoBANB//wMFACoBANAwDQYJKoZI
hvcNAQELBQADggEBAKD1gL/7uDr6zrAiyWSlNRVPlKxPZEQZtcv3d9a5aPy/1Zri
x5q//kk5KT4sOuYerTvONs/VxBdalsjXRATPGpA6O08rBH5tQ2KNr3bKCNQEtTsM
CjM+Sf/22iZhF9XteRo1jorU1obD2aMBfqDdJ9gVtRd7MpWvoOND0u8cFr+dHVLZ
SqJN41N+UrnFFaP4FciZeeunMerMNgREgwr0VGiEWvpqfWTPdAd5fn133r9h3snj
qwK1ZuylAPZT/dzoS2+lhriE/57nRcrxPib1hIRmhmMCLNUw9Hc5GEOdvOieJOFo
HoXfIqTrykyaafhQI4JYrJuVlCj0FtiRqGUgVE8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:32:39 2025 by rpki-client