Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/c60b1b-9b42-45eb-a582-92ddec6bd0a2/1/bs0hBYq7a4jo3DUdtiEDpk8iUQk.roa
File: bs0hBYq7a4jo3DUdtiEDpk8iUQk.roa (raw, json)
Hash identifier: OmBABEWq7YYBZPjIkr7QdJoQZpf0xs2qQwQai7FK4Uk=
Subject key identifier: 6E:CD:21:05:8A:BB:6B:88:E8:DC:35:1D:B6:21:03:A6:4F:22:51:09
Certificate issuer: /CN=4b4fbfcf5fdc48ab0bfb52854f7a04fc1cff1dbd
Certificate serial: 0193782EC06CCB081B12C58FE76D9CB877BB
Authority key identifier: 4B:4F:BF:CF:5F:DC:48:AB:0B:FB:52:85:4F:7A:04:FC:1C:FF:1D:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0-_z1_cSKsL-1KFT3oE_Bz_Hb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/c60b1b-9b42-45eb-a582-92ddec6bd0a2/1/bs0hBYq7a4jo3DUdtiEDpk8iUQk.roa
Signing time: Fri 29 Nov 2024 13:49:09 +0000
ROA not before: Fri 29 Nov 2024 13:49:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5609
IP address blocks: 163.162.0.0/16 maxlen: 24
185.57.208.0/22 maxlen: 22
2001:6b8::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:78:2e:c0:6c:cb:08:1b:12:c5:8f:e7:6d:9c:b8:77:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b4fbfcf5fdc48ab0bfb52854f7a04fc1cff1dbd
Validity
Not Before: Nov 29 13:49:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ecd21058abb6b88e8dc351db62103a64f225109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1e:a6:fc:6b:ca:70:03:3b:76:d1:c4:27:1f:
a1:d6:10:a4:f7:73:6e:6a:76:be:c2:b3:01:26:be:
42:9d:3d:69:65:17:40:1e:0e:bb:32:3b:cd:9d:83:
04:95:cd:64:f0:61:eb:ef:53:f1:4f:55:37:1d:6b:
83:08:ee:d0:04:59:c5:f7:bf:b8:68:65:97:70:e6:
82:f0:ea:ee:61:2b:15:e4:f1:ed:a7:1c:20:80:34:
42:37:72:44:f9:5d:c0:7e:33:7b:8b:22:a7:33:da:
71:d9:30:e3:13:f1:d6:35:a3:52:db:09:30:d0:3e:
2d:af:0b:7d:34:fc:2b:a1:e0:b2:6f:c0:a9:ec:7b:
d6:16:39:4a:cf:8d:df:c5:49:70:8b:c6:72:ec:17:
8b:ea:8c:64:db:a3:ca:c9:2d:6f:fc:b8:53:5d:90:
b7:5f:02:4e:0f:91:ae:0c:e4:49:68:e1:a6:f5:50:
67:16:1f:cb:10:32:62:1e:16:6d:72:01:38:6d:79:
e5:bd:71:2d:dc:54:9b:49:2e:ff:26:1b:5a:c0:05:
14:ce:52:52:11:10:80:d8:e0:9a:ed:62:00:24:f0:
57:5c:c3:6f:e0:97:85:13:16:91:1c:f6:6e:d3:2b:
f2:c3:66:de:18:8f:a0:85:5e:06:eb:55:a6:9f:c5:
c5:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:CD:21:05:8A:BB:6B:88:E8:DC:35:1D:B6:21:03:A6:4F:22:51:09
X509v3 Authority Key Identifier:
keyid:4B:4F:BF:CF:5F:DC:48:AB:0B:FB:52:85:4F:7A:04:FC:1C:FF:1D:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0-_z1_cSKsL-1KFT3oE_Bz_Hb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c60b1b-9b42-45eb-a582-92ddec6bd0a2/1/bs0hBYq7a4jo3DUdtiEDpk8iUQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c60b1b-9b42-45eb-a582-92ddec6bd0a2/1/S0-_z1_cSKsL-1KFT3oE_Bz_Hb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.162.0.0/16
185.57.208.0/22
IPv6:
2001:6b8::/32
Signature Algorithm: sha256WithRSAEncryption
81:ba:94:77:8e:bc:3a:65:9d:ad:b8:3f:08:0d:5d:8e:5c:ee:
b3:cc:14:f8:68:91:08:5e:11:76:10:10:30:6a:58:10:6c:1b:
33:d2:68:73:fb:79:18:5f:64:5b:d2:df:b0:56:94:ca:b7:15:
4c:1e:82:35:3d:79:4e:51:94:07:b7:d1:d0:b4:20:db:3c:26:
0e:1d:38:ce:de:9c:3b:a1:bd:19:c2:2a:e9:33:66:78:04:dc:
bd:ad:f0:53:43:3b:d1:7d:45:5c:f9:ee:72:ab:90:c3:d2:f3:
9a:53:37:d3:05:b7:7a:53:aa:1c:4a:50:ad:1f:37:ba:0b:1c:
1b:65:84:52:12:f1:48:8f:cc:f1:12:ef:40:b9:f2:d0:5b:55:
59:1c:fa:56:7d:4f:01:79:3f:b9:78:18:cc:34:e1:c2:3c:59:
d9:04:34:53:05:89:0b:05:cd:d0:94:30:41:24:64:fb:1b:aa:
ac:62:73:f0:34:f5:0f:60:5d:71:06:ca:46:a4:85:81:86:5d:
2f:d3:fd:a7:68:64:4c:78:4a:78:47:06:8b:16:d4:3b:aa:59:
25:25:93:00:b6:0b:17:f8:4a:b1:d6:28:2d:ed:46:c4:2a:d4:
7d:4a:7e:44:fd:87:80:38:a2:c9:ac:5c:03:2c:58:c6:f2:91:
10:de:5a:b4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZN4LsBsywgbEsWP522cuHe7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNGZiZmNmNWZkYzQ4YWIwYmZiNTI4NTRmN2EwNGZjMWNm
ZjFkYmQwHhcNMjQxMTI5MTM0OTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWNkMjEwNThhYmI2Yjg4ZThkYzM1MWRiNjIxMDNhNjRmMjI1MTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwR6m/GvKcAM7dtHEJx+h1hCk93Nu
ana+wrMBJr5CnT1pZRdAHg67MjvNnYMElc1k8GHr71PxT1U3HWuDCO7QBFnF97+4
aGWXcOaC8OruYSsV5PHtpxwggDRCN3JE+V3AfjN7iyKnM9px2TDjE/HWNaNS2wkw
0D4trwt9NPwroeCyb8Cp7HvWFjlKz43fxUlwi8Zy7BeL6oxk26PKyS1v/LhTXZC3
XwJOD5GuDORJaOGm9VBnFh/LEDJiHhZtcgE4bXnlvXEt3FSbSS7/JhtawAUUzlJS
ERCA2OCa7WIAJPBXXMNv4JeFExaRHPZu0yvyw2beGI+ghV4G61Wmn8XF9QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFG7NIQWKu2uI6Nw1HbYhA6ZPIlEJMB8GA1UdIwQY
MBaAFEtPv89f3EirC/tShU96BPwc/x29MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzAtX3oxX2NTS3NMLTFLRlQzb0VfQnpfSGIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9jNjBiMWItOWI0Mi00NWViLWE1ODIt
OTJkZGVjNmJkMGEyLzEvYnMwaEJZcTdhNGpvM0RVZHRpRURwazhpVVFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9jNjBiMWItOWI0Mi00NWViLWE1ODItOTJkZGVjNmJkMGEy
LzEvUzAtX3oxX2NTS3NMLTFLRlQzb0VfQnpfSGIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAo6IDBAK5
OdAwDQQCAAIwBwMFACABBrgwDQYJKoZIhvcNAQELBQADggEBAIG6lHeOvDplna24
PwgNXY5c7rPMFPhokQheEXYQEDBqWBBsGzPSaHP7eRhfZFvS37BWlMq3FUwegjU9
eU5RlAe30dC0INs8Jg4dOM7enDuhvRnCKukzZngE3L2t8FNDO9F9RVz57nKrkMPS
85pTN9MFt3pTqhxKUK0fN7oLHBtlhFIS8UiPzPES70C58tBbVVkc+lZ9TwF5P7l4
GMw04cI8WdkENFMFiQsFzdCUMEEkZPsbqqxic/A09Q9gXXEGykakhYGGXS/T/ado
ZEx4SnhHBosW1DuqWSUlkwC2Cxf4SrHWKC3tRsQq1H1KfkT9h4A4osmsXAMsWMby
kRDeWrQ=
-----END CERTIFICATE-----
Generated at Mon Apr 14 13:32:08 2025 by rpki-client