Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/bNx0TjNkuppwhqIKYEFyV2yFYAs.roa
File: bNx0TjNkuppwhqIKYEFyV2yFYAs.roa (raw, json)
Hash identifier: B3fPtcEzenwiJr5EU6L1VBAovIMnYQZtj8S1tU65/Zc=
Subject key identifier: 6C:DC:74:4E:33:64:BA:9A:70:86:A2:0A:60:41:72:57:6C:85:60:0B
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019427473A9C6CCB251335937885A0A59D6A
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/bNx0TjNkuppwhqIKYEFyV2yFYAs.roa
Signing time: Thu 02 Jan 2025 13:49:26 +0000
ROA not before: Thu 02 Jan 2025 13:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215340
IP address blocks: 109.236.49.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:26:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:3a:9c:6c:cb:25:13:35:93:78:85:a0:a5:9d:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 2 13:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6cdc744e3364ba9a7086a20a604172576c85600b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:85:36:41:36:40:d8:70:c9:b5:4a:a9:a1:9d:
7c:ca:20:11:17:57:38:f1:89:20:18:67:b2:4e:95:
67:70:0a:29:a1:83:f3:93:72:6a:c3:d6:1a:a6:59:
b7:0d:79:59:8b:49:7c:55:9d:ab:e8:f1:15:18:2d:
5b:01:1c:9b:d7:35:1e:df:87:e9:b2:6b:f4:b2:63:
85:c2:78:69:70:73:3f:92:77:4b:e6:f3:9c:47:11:
f4:9f:84:08:31:c6:c3:4f:44:71:78:77:cb:da:8f:
24:a6:0a:dd:15:76:ba:48:9c:ae:2d:58:32:c3:ec:
64:34:64:9a:1d:c4:89:c4:3e:c6:38:e1:c7:69:09:
84:13:9e:c7:bd:6e:e8:3d:21:39:ec:21:67:aa:1f:
c2:0b:f0:b2:ba:0a:52:69:f7:c3:16:46:28:5a:b3:
49:b6:35:69:de:db:0b:f2:58:e4:e3:f8:56:dd:c4:
50:a5:0d:11:9f:af:21:40:8b:72:2f:4d:54:f0:06:
41:83:6f:95:34:6e:5d:52:0f:d1:dd:93:71:7c:ce:
65:b0:54:cf:04:23:c9:e7:1c:d5:9e:44:f5:d5:30:
4f:39:d4:b5:05:23:30:20:58:12:8c:e7:38:8d:4e:
c0:a6:13:ee:ee:20:ba:8f:4d:d9:a0:39:72:96:29:
ec:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:DC:74:4E:33:64:BA:9A:70:86:A2:0A:60:41:72:57:6C:85:60:0B
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/bNx0TjNkuppwhqIKYEFyV2yFYAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.49.0-109.236.50.255
185.86.6.0/24
Signature Algorithm: sha256WithRSAEncryption
33:72:89:76:80:ce:c9:94:3a:8e:83:6a:20:13:93:c4:64:00:
6b:42:1e:7c:6b:4c:f2:8b:64:18:51:33:01:78:c3:e6:e4:d2:
f2:dc:87:44:06:2c:de:57:d1:29:d7:33:58:f0:43:a2:34:c7:
99:a0:3d:5f:e2:5c:c8:58:94:b7:9c:81:5b:f5:8a:0f:4b:d3:
54:b8:1a:e9:f9:69:4c:66:06:97:94:fd:d1:73:63:15:9f:5d:
c1:e3:8a:ca:5d:5c:94:0a:60:85:6e:fe:7f:24:73:0b:64:4b:
e9:d5:94:88:9b:39:c1:ef:38:fc:1e:4d:4d:b1:59:af:c2:cb:
99:a1:d7:bc:73:a0:51:ae:72:11:33:61:e4:dd:b4:70:76:54:
d7:67:31:f1:82:77:ab:32:7e:64:ef:48:5c:90:f2:b3:15:57:
8b:e5:b0:73:ed:c8:49:56:26:96:88:fa:93:06:f4:4c:7b:fc:
31:84:89:f2:15:ab:44:34:d0:ac:c3:b0:fa:03:81:23:96:2d:
f4:ac:94:e4:ff:53:8c:38:ce:fb:f5:86:62:20:20:6a:df:ad:
5d:15:35:9a:6a:43:ee:14:ed:fc:4c:fe:a2:fe:ae:da:92:a8:
71:de:53:93:64:f0:7d:52:65:d0:65:50:48:3e:8e:89:a4:05:
3a:93:54:c8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQnRzqcbMslEzWTeIWgpZ1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMTAyMTM0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2RjNzQ0ZTMzNjRiYTlhNzA4NmEyMGE2MDQxNzI1NzZjODU2MDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYU2QTZA2HDJtUqpoZ18yiARF1c4
8YkgGGeyTpVncAopoYPzk3Jqw9Yaplm3DXlZi0l8VZ2r6PEVGC1bARyb1zUe34fp
smv0smOFwnhpcHM/kndL5vOcRxH0n4QIMcbDT0RxeHfL2o8kpgrdFXa6SJyuLVgy
w+xkNGSaHcSJxD7GOOHHaQmEE57HvW7oPSE57CFnqh/CC/CyugpSaffDFkYoWrNJ
tjVp3tsL8ljk4/hW3cRQpQ0Rn68hQItyL01U8AZBg2+VNG5dUg/R3ZNxfM5lsFTP
BCPJ5xzVnkT11TBPOdS1BSMwIFgSjOc4jU7AphPu7iC6j03ZoDlylinsXwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGzcdE4zZLqacIaiCmBBcldshWALMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvYk54MFRqTmt1cHB3aHFJS1lFRnlWMnlGWUFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABt7DED
BABt7DIDBAC5VgYwDQYJKoZIhvcNAQELBQADggEBADNyiXaAzsmUOo6DaiATk8Rk
AGtCHnxrTPKLZBhRMwF4w+bk0vLch0QGLN5X0SnXM1jwQ6I0x5mgPV/iXMhYlLec
gVv1ig9L01S4Gun5aUxmBpeU/dFzYxWfXcHjispdXJQKYIVu/n8kcwtkS+nVlIib
OcHvOPweTU2xWa/Cy5mh17xzoFGuchEzYeTdtHB2VNdnMfGCd6syfmTvSFyQ8rMV
V4vlsHPtyElWJpaI+pMG9Ex7/DGEifIVq0Q00KzDsPoDgSOWLfSslOT/U4w4zvv1
hmIgIGrfrV0VNZpqQ+4U7fxM/qL+rtqSqHHeU5Nk8H1SZdBlUEg+jomkBTqTVMg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:56:30 2025 by rpki-client