Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/2dab18-7bb7-4aa1-98ad-27c9d9114238/1/Bhk-VrHFU8ocyrH4tkA3az20GS0.roa
File: Bhk-VrHFU8ocyrH4tkA3az20GS0.roa (raw, json)
Hash identifier: UK1EJrnSNGNx1wC1v5br7m9wK8hnYJgjBa1lpTWmHxU=
Subject key identifier: 06:19:3E:56:B1:C5:53:CA:1C:CA:B1:F8:B6:40:37:6B:3D:B4:19:2D
Certificate issuer: /CN=a1a55bf2888753e44675b61dda30394d90156c0a
Certificate serial: 018F495C9A647B078669299A31014C866560
Authority key identifier: A1:A5:5B:F2:88:87:53:E4:46:75:B6:1D:DA:30:39:4D:90:15:6C:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oaVb8oiHU-RGdbYd2jA5TZAVbAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/2dab18-7bb7-4aa1-98ad-27c9d9114238/1/Bhk-VrHFU8ocyrH4tkA3az20GS0.roa
Signing time: Sun 05 May 2024 15:25:56 +0000
ROA not before: Sun 05 May 2024 15:25:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208919
IP address blocks: 194.147.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:49:5c:9a:64:7b:07:86:69:29:9a:31:01:4c:86:65:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1a55bf2888753e44675b61dda30394d90156c0a
Validity
Not Before: May 5 15:25:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06193e56b1c553ca1ccab1f8b640376b3db4192d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:21:2c:1a:5d:0b:7c:ba:a0:17:5d:d8:c6:c2:
91:6a:12:f1:fb:51:c6:ac:32:94:0a:a5:28:5c:c4:
f2:ce:60:aa:6e:0d:43:b1:1d:e6:7b:3f:70:b0:43:
b1:54:1f:73:1a:97:29:a9:ac:10:71:65:55:2f:38:
fc:f6:32:85:46:88:d9:57:64:4a:5f:5f:0b:f1:f1:
6d:4f:3d:9f:1a:3a:ef:12:4f:bd:ab:db:1b:26:9c:
66:3e:dd:a3:4b:2a:3e:31:ee:3d:1d:69:1a:6b:06:
99:c5:ee:a8:ec:4a:55:59:5f:fb:93:50:ea:ee:6e:
5b:bc:94:d0:c3:52:f0:3e:13:1a:18:8a:ba:09:c9:
09:35:f9:bb:c5:dd:ae:b2:32:54:89:f4:3c:7d:b1:
d4:15:10:0e:6e:6a:36:db:9d:55:d2:b6:56:d8:c8:
1d:7a:1b:72:ba:de:69:32:04:3b:12:55:2b:ea:b3:
0c:f3:1b:7b:36:7f:83:27:92:9a:81:b8:96:5b:e0:
4b:f9:c9:f9:10:fd:e4:e4:4e:62:40:95:68:ee:92:
62:ef:5c:61:1a:e3:c1:4a:83:f4:bd:05:7e:b0:b5:
b6:0d:f9:51:42:a4:5e:61:6d:87:7f:3d:20:4d:e7:
16:64:4c:d1:eb:70:e7:7a:a3:40:cb:56:d1:eb:4d:
6f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:19:3E:56:B1:C5:53:CA:1C:CA:B1:F8:B6:40:37:6B:3D:B4:19:2D
X509v3 Authority Key Identifier:
keyid:A1:A5:5B:F2:88:87:53:E4:46:75:B6:1D:DA:30:39:4D:90:15:6C:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oaVb8oiHU-RGdbYd2jA5TZAVbAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/2dab18-7bb7-4aa1-98ad-27c9d9114238/1/Bhk-VrHFU8ocyrH4tkA3az20GS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/2dab18-7bb7-4aa1-98ad-27c9d9114238/1/oaVb8oiHU-RGdbYd2jA5TZAVbAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.219.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:23:75:9b:55:9d:a5:63:ff:8e:1d:85:88:1e:e2:ec:ad:70:
05:db:ee:36:e8:38:6a:c1:9d:b9:b9:c5:7e:20:ae:6e:21:da:
49:b0:99:4d:e6:39:3e:fd:4d:29:55:e4:b4:7f:26:71:af:6d:
89:8c:df:03:1a:33:ba:64:51:e6:88:51:01:b5:9a:9e:b8:4c:
a7:5f:90:ba:c3:13:8f:d0:f9:0d:9c:2e:0f:a3:6e:7b:a6:72:
5e:c8:20:6b:21:6d:cb:64:69:2c:df:8e:96:c1:02:15:84:9a:
eb:25:bd:ca:56:cd:1b:f1:86:e9:b0:f8:b3:6b:6c:24:49:e0:
99:42:a0:07:eb:82:4b:40:42:a5:97:a4:c9:b5:1f:8e:25:30:
f4:43:e4:59:1f:e7:21:75:0b:d6:0a:85:71:8f:3f:b7:46:70:
1c:ea:02:97:bf:63:63:62:86:d6:5f:83:10:d5:1e:99:59:94:
db:16:d2:cd:8a:cf:fc:8e:c2:3b:45:b9:e6:f2:84:86:9e:fb:
57:5b:63:c1:bb:2f:76:b2:23:08:75:58:83:57:f3:e0:62:dc:
ba:65:66:b1:04:b2:a7:7f:b4:73:26:8d:78:f0:88:e0:76:bf:
fb:5f:d9:d2:f5:92:fb:b5:64:f1:f1:df:44:73:af:ad:0d:3f:
e4:e5:cb:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9JXJpkeweGaSmaMQFMhmVgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYTU1YmYyODg4NzUzZTQ0Njc1YjYxZGRhMzAzOTRkOTAx
NTZjMGEwHhcNMjQwNTA1MTUyNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjE5M2U1NmIxYzU1M2NhMWNjYWIxZjhiNjQwMzc2YjNkYjQxOTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSEsGl0LfLqgF13YxsKRahLx+1HG
rDKUCqUoXMTyzmCqbg1DsR3mez9wsEOxVB9zGpcpqawQcWVVLzj89jKFRojZV2RK
X18L8fFtTz2fGjrvEk+9q9sbJpxmPt2jSyo+Me49HWkaawaZxe6o7EpVWV/7k1Dq
7m5bvJTQw1LwPhMaGIq6CckJNfm7xd2usjJUifQ8fbHUFRAObmo2251V0rZW2Mgd
ehtyut5pMgQ7ElUr6rMM8xt7Nn+DJ5KagbiWW+BL+cn5EP3k5E5iQJVo7pJi71xh
GuPBSoP0vQV+sLW2DflRQqReYW2Hfz0gTecWZEzR63DneqNAy1bR601v8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAYZPlaxxVPKHMqx+LZAN2s9tBktMB8GA1UdIwQY
MBaAFKGlW/KIh1PkRnW2HdowOU2QFWwKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2FWYjhvaUhVLVJHZGJZZDJqQTVUWkFWYkFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yZGFiMTgtN2JiNy00YWExLTk4YWQt
MjdjOWQ5MTE0MjM4LzEvQmhrLVZySEZVOG9jeXJINHRrQTNhejIwR1MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yZGFiMTgtN2JiNy00YWExLTk4YWQtMjdjOWQ5MTE0MjM4
LzEvb2FWYjhvaUhVLVJHZGJZZDJqQTVUWkFWYkFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpPbMA0G
CSqGSIb3DQEBCwUAA4IBAQCqI3WbVZ2lY/+OHYWIHuLsrXAF2+426DhqwZ25ucV+
IK5uIdpJsJlN5jk+/U0pVeS0fyZxr22JjN8DGjO6ZFHmiFEBtZqeuEynX5C6wxOP
0PkNnC4Po257pnJeyCBrIW3LZGks346WwQIVhJrrJb3KVs0b8YbpsPiza2wkSeCZ
QqAH64JLQEKll6TJtR+OJTD0Q+RZH+chdQvWCoVxjz+3RnAc6gKXv2NjYobWX4MQ
1R6ZWZTbFtLNis/8jsI7Rbnm8oSGnvtXW2PBuy92siMIdViDV/PgYty6ZWaxBLKn
f7RzJo148Ijgdr/7X9nS9ZL7tWTx8d9Ec6+tDT/k5csS
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:10:38 2025 by rpki-client