Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/bmaNUvCGPZCofdef1RKXXBctcEk.roa
File: bmaNUvCGPZCofdef1RKXXBctcEk.roa (raw, json)
Hash identifier: tP+kIFZtjUkhBdTqxaqWm08TvKqWeca1ykHiMqF3jNc=
Subject key identifier: 6E:66:8D:52:F0:86:3D:90:A8:7D:D7:9F:D5:12:97:5C:17:2D:70:49
Certificate issuer: /CN=6f4773f240cd6269c251b65170aa7e298ae8c41f
Certificate serial: 0196E8F52139AA5A6577D4073A5993A46651
Authority key identifier: 6F:47:73:F2:40:CD:62:69:C2:51:B6:51:70:AA:7E:29:8A:E8:C4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b0dz8kDNYmnCUbZRcKp-KYroxB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/bmaNUvCGPZCofdef1RKXXBctcEk.roa
Signing time: Mon 19 May 2025 14:31:40 +0000
ROA not before: Mon 19 May 2025 14:31:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197731
IP address blocks: 185.67.224.0/22 maxlen: 22
185.67.224.0/24 maxlen: 24
185.67.225.0/24 maxlen: 24
185.67.226.0/24 maxlen: 24
185.67.227.0/24 maxlen: 24
185.148.20.0/22 maxlen: 22
185.148.20.0/24 maxlen: 24
185.148.21.0/24 maxlen: 24
185.148.22.0/24 maxlen: 24
185.148.23.0/24 maxlen: 24
2a03:27a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 20 May 2025 15:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e8:f5:21:39:aa:5a:65:77:d4:07:3a:59:93:a4:66:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f4773f240cd6269c251b65170aa7e298ae8c41f
Validity
Not Before: May 19 14:31:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e668d52f0863d90a87dd79fd512975c172d7049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:7a:3f:a0:8a:70:ed:2c:8d:9e:7d:11:7b:cf:
47:69:ab:b2:06:f1:32:78:b1:0c:94:08:a4:70:8a:
2f:45:5e:18:a1:9a:f2:cf:35:44:7a:64:f3:5d:82:
e7:86:72:6c:63:c5:cf:3c:27:c9:e1:8a:65:84:b6:
dd:34:92:89:96:f8:57:b5:bd:c2:8e:71:cc:99:2b:
c9:af:d4:6b:ca:5a:54:2b:cb:90:3c:6d:7b:26:36:
18:c7:53:ab:bd:b8:07:a5:e8:32:a1:14:55:e6:5b:
5f:23:9d:a1:82:1d:af:42:d6:6e:ac:ae:68:6d:05:
8d:c1:cb:0e:b2:10:2e:87:df:80:af:b7:0d:45:2e:
0d:16:e9:cb:52:8e:db:3f:30:c1:c1:ff:99:f4:64:
12:1c:ea:c8:37:f9:a4:95:d4:09:b6:32:ed:f8:e4:
b7:94:33:7b:27:d6:c8:29:4b:be:99:f1:a0:86:f1:
8e:8b:89:b5:6e:ef:ce:53:fa:98:5d:16:79:71:f5:
24:76:35:19:67:79:11:56:3a:48:4d:d3:7a:ff:10:
69:fe:29:82:9e:e1:9d:59:fa:b9:7c:b7:90:1f:59:
e1:b6:72:ba:df:79:7b:77:f3:e8:4e:b5:80:3b:62:
11:81:da:ba:31:06:be:85:af:bf:0e:51:5a:13:4d:
26:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:66:8D:52:F0:86:3D:90:A8:7D:D7:9F:D5:12:97:5C:17:2D:70:49
X509v3 Authority Key Identifier:
keyid:6F:47:73:F2:40:CD:62:69:C2:51:B6:51:70:AA:7E:29:8A:E8:C4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0dz8kDNYmnCUbZRcKp-KYroxB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/bmaNUvCGPZCofdef1RKXXBctcEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/b0dz8kDNYmnCUbZRcKp-KYroxB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.224.0/22
185.148.20.0/22
IPv6:
2a03:27a0::/32
Signature Algorithm: sha256WithRSAEncryption
1c:1d:2b:90:a2:0d:15:11:0d:8f:2d:ee:86:ab:3e:27:5b:43:
63:d1:5e:4b:8e:75:70:43:2a:80:24:53:6f:a7:57:eb:d5:f4:
6a:f7:c7:73:ec:a0:4c:b7:60:b2:5f:eb:ba:e7:dc:ad:ba:b2:
43:d1:c4:8c:42:64:58:00:3c:e1:a8:f2:14:3b:39:33:6a:94:
97:4f:73:71:ce:03:2e:a1:eb:05:10:91:46:38:07:6c:13:5f:
73:e6:ec:95:b1:4c:58:38:2c:3f:6f:4a:f4:3d:c8:5b:85:bd:
b2:41:37:ec:9d:ac:a9:14:ee:0b:9c:3c:a5:57:5d:79:87:48:
a5:35:0b:42:30:50:4e:ab:97:e6:93:c7:9b:c4:d2:5d:cf:61:
be:07:e9:0f:82:c2:7f:75:13:6e:5a:04:e6:bb:7f:26:f0:97:
36:61:c2:d8:10:ee:27:dc:df:0f:71:11:e7:d9:b1:8a:c4:34:
d7:05:74:be:29:c9:87:6e:fe:20:48:b5:3f:5b:30:7c:72:5f:
53:bf:a8:cf:16:19:04:32:16:62:4a:1c:50:83:27:e0:58:75:
bc:31:6d:67:cf:32:9c:3b:d9:b4:b1:5f:f4:f9:7d:0d:2b:bf:
d3:0c:53:b5:70:ad:17:8b:94:03:08:88:d5:7d:b5:04:1c:10:
cb:37:50:13
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZbo9SE5qlpld9QHOlmTpGZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNDc3M2YyNDBjZDYyNjljMjUxYjY1MTcwYWE3ZTI5OGFl
OGM0MWYwHhcNMjUwNTE5MTQzMTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTY2OGQ1MmYwODYzZDkwYTg3ZGQ3OWZkNTEyOTc1YzE3MmQ3MDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjno/oIpw7SyNnn0Re89HaauyBvEy
eLEMlAikcIovRV4YoZryzzVEemTzXYLnhnJsY8XPPCfJ4YplhLbdNJKJlvhXtb3C
jnHMmSvJr9RrylpUK8uQPG17JjYYx1OrvbgHpegyoRRV5ltfI52hgh2vQtZurK5o
bQWNwcsOshAuh9+Ar7cNRS4NFunLUo7bPzDBwf+Z9GQSHOrIN/mkldQJtjLt+OS3
lDN7J9bIKUu+mfGghvGOi4m1bu/OU/qYXRZ5cfUkdjUZZ3kRVjpITdN6/xBp/imC
nuGdWfq5fLeQH1nhtnK633l7d/PoTrWAO2IRgdq6MQa+ha+/DlFaE00mZQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFG5mjVLwhj2QqH3Xn9USl1wXLXBJMB8GA1UdIwQY
MBaAFG9Hc/JAzWJpwlG2UXCqfimK6MQfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjBkejhrRE5ZbW5DVWJaUmNLcC1LWXJveEI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS85ZWQ0YjItMzJiOS00OThhLWI4ZGMt
NzY5Y2Q3ZGNjOTM4LzEvYm1hTlV2Q0dQWkNvZmRlZjFSS1hYQmN0Y0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS85ZWQ0YjItMzJiOS00OThhLWI4ZGMtNzY5Y2Q3ZGNjOTM4
LzEvYjBkejhrRE5ZbW5DVWJaUmNLcC1LWXJveEI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUPgAwQC
uZQUMA0EAgACMAcDBQAqAyegMA0GCSqGSIb3DQEBCwUAA4IBAQAcHSuQog0VEQ2P
Le6Gqz4nW0Nj0V5LjnVwQyqAJFNvp1fr1fRq98dz7KBMt2CyX+u659yturJD0cSM
QmRYADzhqPIUOzkzapSXT3NxzgMuoesFEJFGOAdsE19z5uyVsUxYOCw/b0r0Pchb
hb2yQTfsnaypFO4LnDylV115h0ilNQtCMFBOq5fmk8ebxNJdz2G+B+kPgsJ/dRNu
WgTmu38m8Jc2YcLYEO4n3N8PcRHn2bGKxDTXBXS+KcmHbv4gSLU/WzB8cl9Tv6jP
FhkEMhZiShxQgyfgWHW8MW1nzzKcO9m0sV/0+X0NK7/TDFO1cK0Xi5QDCIjVfbUE
HBDLN1AT
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:50:45 2025 by rpki-client