Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/Bi8aPK7GvmzB1RDL3IH0F4vZVnY.roa
File: Bi8aPK7GvmzB1RDL3IH0F4vZVnY.roa (raw, json)
Hash identifier: ZKyqWvBBOSrxh5NfMQvDFkThcJPpi3RHCaF22xYd6E8=
Subject key identifier: 06:2F:1A:3C:AE:C6:BE:6C:C1:D5:10:CB:DC:81:F4:17:8B:D9:56:76
Certificate issuer: /CN=bf41addc9a4eea246d42f98c7c72b30b68d67a97
Certificate serial: 01941E64EFAB1783D4C0E8447F2A24AE4504
Authority key identifier: BF:41:AD:DC:9A:4E:EA:24:6D:42:F9:8C:7C:72:B3:0B:68:D6:7A:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/Bi8aPK7GvmzB1RDL3IH0F4vZVnY.roa
Signing time: Tue 31 Dec 2024 20:25:18 +0000
ROA not before: Tue 31 Dec 2024 20:25:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214025
IP address blocks: 45.87.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1e:64:ef:ab:17:83:d4:c0:e8:44:7f:2a:24:ae:45:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf41addc9a4eea246d42f98c7c72b30b68d67a97
Validity
Not Before: Dec 31 20:25:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=062f1a3caec6be6cc1d510cbdc81f4178bd95676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9e:56:e8:18:2e:03:85:e4:02:cc:4c:25:e1:
13:ad:58:38:5a:c7:33:4f:cb:a1:b7:b9:a9:ea:76:
e2:ba:8d:6a:39:d1:56:54:3b:38:2f:85:a6:34:f2:
ea:4e:5b:fa:0a:f0:31:fe:f9:2e:78:93:15:14:c1:
ca:95:85:1d:de:22:bc:d1:fd:4b:9e:e5:fa:b8:c9:
74:74:66:df:6c:56:08:44:a2:e9:db:74:5c:8f:cf:
27:87:3e:de:c5:10:22:5b:50:7a:27:b3:c4:ed:25:
9f:75:67:f5:f0:04:aa:12:fe:a5:9c:71:92:8f:f0:
ce:a2:90:c0:51:46:4c:55:9e:fc:80:29:1e:84:c3:
38:f1:33:09:2d:6c:51:b4:54:86:18:71:4d:99:51:
5e:c0:95:fd:e8:15:f3:8f:ce:f0:60:35:f6:80:eb:
4a:04:f7:50:c7:df:3c:f7:7e:c6:04:91:34:a0:6b:
5a:13:86:cd:3c:1e:0e:70:c9:41:87:5b:f2:24:a1:
3f:c8:6a:fa:76:9d:8f:ec:82:4f:e4:56:c1:18:fa:
22:99:b6:00:d2:b0:41:41:70:77:7d:f7:43:08:00:
3b:14:57:57:87:9e:b3:af:b1:33:3d:b6:64:c2:50:
8f:e0:e5:0e:43:8c:49:8d:49:2f:be:9d:d4:7e:e3:
91:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:2F:1A:3C:AE:C6:BE:6C:C1:D5:10:CB:DC:81:F4:17:8B:D9:56:76
X509v3 Authority Key Identifier:
keyid:BF:41:AD:DC:9A:4E:EA:24:6D:42:F9:8C:7C:72:B3:0B:68:D6:7A:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/Bi8aPK7GvmzB1RDL3IH0F4vZVnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/v0Gt3JpO6iRtQvmMfHKzC2jWepc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.101.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:c4:c9:a2:08:cb:db:b1:06:df:67:64:d2:3a:35:28:2a:7e:
10:1a:79:82:48:e9:14:b5:b0:dd:d9:9b:f0:71:db:01:8a:48:
6f:8d:27:44:9d:05:3e:0f:49:a4:00:0d:43:4e:c4:b1:16:f2:
37:5c:44:f0:57:bc:38:0e:d8:8d:8e:3b:1f:da:8f:fe:3d:a4:
dc:f1:ad:f6:5b:9f:84:df:90:aa:9b:4e:38:15:51:7b:56:c2:
6b:aa:df:d8:47:b3:fa:78:2d:95:7f:45:1d:26:1f:32:87:43:
ee:f3:0a:80:7c:72:7b:f6:41:dc:e0:ae:bd:39:c3:a5:9a:5c:
9a:6d:e6:f5:ec:ad:ec:89:ff:bf:ef:b3:90:a3:d6:ff:3f:9a:
cd:72:27:fb:02:c9:db:9a:1b:e8:a9:de:ce:7e:16:9e:f8:57:
aa:91:4c:6e:80:cb:06:b9:a0:0f:72:eb:81:3c:25:34:69:0d:
c4:98:6e:40:b2:48:89:b8:1d:f3:68:c5:1d:30:05:83:71:ba:
c6:26:3a:cc:e0:18:78:9f:7f:82:18:28:2a:48:6a:6d:5d:5c:
e8:ba:bf:45:ff:28:aa:9b:8d:f1:bc:5c:08:8b:cd:38:68:d8:
b0:ac:eb:9a:71:d0:f4:a2:c2:5c:32:56:8b:c3:7c:ee:61:6d:
78:2e:7a:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQeZO+rF4PUwOhEfyokrkUEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNDFhZGRjOWE0ZWVhMjQ2ZDQyZjk4YzdjNzJiMzBiNjhk
NjdhOTcwHhcNMjQxMjMxMjAyNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjJmMWEzY2FlYzZiZTZjYzFkNTEwY2JkYzgxZjQxNzhiZDk1Njc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr55W6BguA4XkAsxMJeETrVg4Wscz
T8uht7mp6nbiuo1qOdFWVDs4L4WmNPLqTlv6CvAx/vkueJMVFMHKlYUd3iK80f1L
nuX6uMl0dGbfbFYIRKLp23Rcj88nhz7exRAiW1B6J7PE7SWfdWf18ASqEv6lnHGS
j/DOopDAUUZMVZ78gCkehMM48TMJLWxRtFSGGHFNmVFewJX96BXzj87wYDX2gOtK
BPdQx988937GBJE0oGtaE4bNPB4OcMlBh1vyJKE/yGr6dp2P7IJP5FbBGPoimbYA
0rBBQXB3ffdDCAA7FFdXh56zr7EzPbZkwlCP4OUOQ4xJjUkvvp3UfuORKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAYvGjyuxr5swdUQy9yB9BeL2VZ2MB8GA1UdIwQY
MBaAFL9BrdyaTuokbUL5jHxyswto1nqXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjBHdDNKcE82aVJ0UXZtTWZIS3pDMmpXZXBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83MGZjYjMtODMwMi00MWU0LTgzNmEt
ZWVhZDUwOGJlNGVlLzEvQmk4YVBLN0d2bXpCMVJETDNJSDBGNHZaVm5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83MGZjYjMtODMwMi00MWU0LTgzNmEtZWVhZDUwOGJlNGVl
LzEvdjBHdDNKcE82aVJ0UXZtTWZIS3pDMmpXZXBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVdlMA0G
CSqGSIb3DQEBCwUAA4IBAQCPxMmiCMvbsQbfZ2TSOjUoKn4QGnmCSOkUtbDd2Zvw
cdsBikhvjSdEnQU+D0mkAA1DTsSxFvI3XETwV7w4DtiNjjsf2o/+PaTc8a32W5+E
35Cqm044FVF7VsJrqt/YR7P6eC2Vf0UdJh8yh0Pu8wqAfHJ79kHc4K69OcOlmlya
beb17K3sif+/77OQo9b/P5rNcif7Asnbmhvoqd7Ofhae+FeqkUxugMsGuaAPcuuB
PCU0aQ3EmG5AskiJuB3zaMUdMAWDcbrGJjrM4Bh4n3+CGCgqSGptXVzour9F/yiq
m43xvFwIi804aNiwrOuacdD0osJcMlaLw3zuYW14LnqW
-----END CERTIFICATE-----
Generated at Sun Apr 13 12:28:27 2025 by rpki-client