Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/642897-530e-4613-af84-0da300c7c63d/1/bPRPIkl5-0BJcskAboiO7yjppiU.roa
File: bPRPIkl5-0BJcskAboiO7yjppiU.roa (raw, json)
Hash identifier: EQAU5DcCJnwjbfO72/G68JOWRIhHifqDud00fyWF7LY=
Subject key identifier: 6C:F4:4F:22:49:79:FB:40:49:72:C9:00:6E:88:8E:EF:28:E9:A6:25
Certificate issuer: /CN=4bf3d18336642b6a9ac8aedffbf7aee6e5e629f4
Certificate serial: 018CCA2AA4CAA076F9B4CF137A7FB8C0F081
Authority key identifier: 4B:F3:D1:83:36:64:2B:6A:9A:C8:AE:DF:FB:F7:AE:E6:E5:E6:29:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S_PRgzZkK2qayK7f-_eu5uXmKfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/642897-530e-4613-af84-0da300c7c63d/1/bPRPIkl5-0BJcskAboiO7yjppiU.roa
Signing time: Tue 02 Jan 2024 12:34:01 +0000
ROA not before: Tue 02 Jan 2024 12:34:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43989
IP address blocks: 195.216.202.0/23 maxlen: 23
185.181.136.0/22 maxlen: 22
79.98.40.0/21 maxlen: 21
109.234.56.0/21 maxlen: 21
93.188.96.0/21 maxlen: 21
2a01:b600::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 27 Nov 2024 13:41:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:a4:ca:a0:76:f9:b4:cf:13:7a:7f:b8:c0:f0:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bf3d18336642b6a9ac8aedffbf7aee6e5e629f4
Validity
Not Before: Jan 2 12:34:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cf44f224979fb404972c9006e888eef28e9a625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:63:ae:4d:96:82:03:04:1a:c0:05:0a:1d:96:
74:f1:da:b5:f7:3c:a9:47:cf:f5:01:16:f1:1f:e7:
39:12:63:1a:27:b8:26:39:ea:09:e3:12:e3:b2:0f:
0d:a1:cc:e2:a8:1e:99:77:db:80:61:39:e0:81:f5:
9d:78:1d:04:ae:9d:1f:03:26:89:17:d9:64:69:ed:
1c:c9:74:cf:07:5a:f7:81:ee:93:75:e9:33:1a:59:
16:f4:c3:7b:77:06:57:72:ef:01:1d:45:d7:05:9c:
11:7e:75:db:f5:e0:75:1e:5f:e1:ec:32:62:eb:e8:
c4:3e:f3:0a:61:60:cd:3f:85:72:20:e2:43:cb:d4:
ab:48:41:cd:0b:11:ce:f4:7c:24:4a:10:dc:0d:b8:
1e:17:c9:17:7f:47:fe:2b:06:2e:bc:08:d0:e4:b2:
80:41:a2:41:8d:60:92:f3:50:b0:a7:be:e2:c7:33:
40:1e:f6:b2:54:f8:6a:68:e8:88:88:5b:8d:04:26:
6d:9b:ae:fb:8f:fb:9d:71:14:9b:e0:07:0d:c5:d0:
f9:80:c7:a5:f3:99:83:2c:cb:ba:5b:83:fd:16:3e:
dc:2f:21:2e:9b:58:52:b6:98:77:55:73:18:bb:38:
41:b7:ce:b5:5a:8b:89:6e:cf:a7:2e:83:27:0a:4a:
dd:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F4:4F:22:49:79:FB:40:49:72:C9:00:6E:88:8E:EF:28:E9:A6:25
X509v3 Authority Key Identifier:
keyid:4B:F3:D1:83:36:64:2B:6A:9A:C8:AE:DF:FB:F7:AE:E6:E5:E6:29:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S_PRgzZkK2qayK7f-_eu5uXmKfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/642897-530e-4613-af84-0da300c7c63d/1/bPRPIkl5-0BJcskAboiO7yjppiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/642897-530e-4613-af84-0da300c7c63d/1/S_PRgzZkK2qayK7f-_eu5uXmKfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.40.0/21
93.188.96.0/21
109.234.56.0/21
185.181.136.0/22
195.216.202.0/23
IPv6:
2a01:b600::/32
Signature Algorithm: sha256WithRSAEncryption
1c:8c:42:89:a7:15:32:50:9f:6e:96:d5:e4:e3:e3:51:d3:42:
55:a3:d7:02:81:59:ad:54:70:67:a1:1c:80:ff:6a:8e:cb:3b:
f2:18:0b:7c:b7:88:1f:72:f8:98:0d:6c:31:dc:f8:a6:99:7a:
6a:4c:aa:1c:9e:52:0c:ea:f4:b1:c2:ea:bb:0d:85:80:81:e5:
88:b9:40:f8:39:89:06:8d:aa:8d:52:1f:0c:a9:f7:9a:40:e8:
93:d2:ef:a1:38:f5:1f:c7:4a:da:50:76:5e:d7:d0:0a:2a:82:
68:2d:e9:c9:45:dd:29:f9:39:4f:1b:8f:e6:31:da:da:4e:f5:
b7:d8:1e:ef:90:8d:b3:77:94:89:6e:dc:72:67:9e:06:e9:ba:
11:2b:70:6f:99:60:1d:c1:39:7c:b8:4f:82:89:28:b6:cf:b5:
f3:88:01:cb:04:67:08:f0:49:27:a5:0a:7c:f4:27:55:49:8d:
01:dc:fb:dc:49:a5:85:fc:7f:52:40:32:46:3d:04:5d:df:74:
a4:94:cb:68:4d:dd:e0:d8:50:15:b0:b8:96:10:3a:db:cf:85:
12:d9:f1:03:0e:0a:c8:c8:f9:32:80:34:45:59:59:49:ff:70:
b8:c4:4c:7c:68:6e:8b:b2:08:15:cc:b3:bb:c6:fd:f6:70:f8:
1f:e1:26:3b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzKKqTKoHb5tM8Ten+4wPCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZjNkMTgzMzY2NDJiNmE5YWM4YWVkZmZiZjdhZWU2ZTVl
NjI5ZjQwHhcNMjQwMTAyMTIzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Y0NGYyMjQ5NzlmYjQwNDk3MmM5MDA2ZTg4OGVlZjI4ZTlhNjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWOuTZaCAwQawAUKHZZ08dq19zyp
R8/1ARbxH+c5EmMaJ7gmOeoJ4xLjsg8NocziqB6Zd9uAYTnggfWdeB0Erp0fAyaJ
F9lkae0cyXTPB1r3ge6TdekzGlkW9MN7dwZXcu8BHUXXBZwRfnXb9eB1Hl/h7DJi
6+jEPvMKYWDNP4VyIOJDy9SrSEHNCxHO9HwkShDcDbgeF8kXf0f+KwYuvAjQ5LKA
QaJBjWCS81Cwp77ixzNAHvayVPhqaOiIiFuNBCZtm677j/udcRSb4AcNxdD5gMel
85mDLMu6W4P9Fj7cLyEum1hStph3VXMYuzhBt861WouJbs+nLoMnCkrdpQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGz0TyJJeftASXLJAG6Iju8o6aYlMB8GA1UdIwQY
MBaAFEvz0YM2ZCtqmsiu3/v3rubl5in0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU19QUmd6WmtLMnFheUs3Zi1fZXU1dVhtS2ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82NDI4OTctNTMwZS00NjEzLWFmODQt
MGRhMzAwYzdjNjNkLzEvYlBSUElrbDUtMEJKY3NrQWJvaU83eWpwcGlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82NDI4OTctNTMwZS00NjEzLWFmODQtMGRhMzAwYzdjNjNk
LzEvU19QUmd6WmtLMnFheUs3Zi1fZXU1dVhtS2ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDT2IoAwQD
XbxgAwQDbeo4AwQCubWIAwQBw9jKMA0EAgACMAcDBQAqAbYAMA0GCSqGSIb3DQEB
CwUAA4IBAQAcjEKJpxUyUJ9ultXk4+NR00JVo9cCgVmtVHBnoRyA/2qOyzvyGAt8
t4gfcviYDWwx3PimmXpqTKocnlIM6vSxwuq7DYWAgeWIuUD4OYkGjaqNUh8Mqfea
QOiT0u+hOPUfx0raUHZe19AKKoJoLenJRd0p+TlPG4/mMdraTvW32B7vkI2zd5SJ
btxyZ54G6boRK3BvmWAdwTl8uE+CiSi2z7XziAHLBGcI8EknpQp89CdVSY0B3Pvc
SaWF/H9SQDJGPQRd33SklMtoTd3g2FAVsLiWEDrbz4US2fEDDgrIyPkygDRFWVlJ
/3C4xEx8aG6LsggVzLO7xv32cPgf4SY7
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:13:17 2025 by rpki-client