Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bvTDn4X1VJ6BuGZ0H6aa8abo8ns.roa
File: bvTDn4X1VJ6BuGZ0H6aa8abo8ns.roa (raw, json)
Hash identifier: 7TxNGTTTTn/4DdkBBW6DKnsUtKYsn/KgfG/zKkIs5G4=
Subject key identifier: 6E:F4:C3:9F:85:F5:54:9E:81:B8:66:74:1F:A6:9A:F1:A6:E8:F2:7B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01944B2986A85A79C0968E2AFDE46D4FEFA7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bvTDn4X1VJ6BuGZ0H6aa8abo8ns.roa
Signing time: Thu 09 Jan 2025 13:03:20 +0000
ROA not before: Thu 09 Jan 2025 13:03:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
93.88.200.0/21 maxlen: 24
94.177.122.0/24 maxlen: 24
185.232.117.0/24 maxlen: 24
193.33.94.0/23 maxlen: 24
193.163.86.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
2a04:ccc0:ffff::/48 maxlen: 48
2a04:ccc1::/32 maxlen: 48
2a04:ccc3::/32 maxlen: 48
2a04:ccc4::/32 maxlen: 48
2a04:ccc5::/32 maxlen: 48
2a04:ccc6::/32 maxlen: 48
2a04:ccc7::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0c:3b80::/32 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a0c:3b83::/32 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:97c0:260::/44 maxlen: 44
2a0e:97c1:200::/40 maxlen: 48
2a0e:97c3:110::/44 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0e:b107:1165::/48 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a0e:b107:2220::/45 maxlen: 48
2a0e:b107:2228::/45 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a10:2f00:193::/48 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a10:cc45:130::/44 maxlen: 44
Validation: Failed, certificate revoked on Wed 15 Jan 2025 14:56:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4b:29:86:a8:5a:79:c0:96:8e:2a:fd:e4:6d:4f:ef:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 9 13:03:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ef4c39f85f5549e81b866741fa69af1a6e8f27b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ab:a4:9e:13:c7:8a:2d:8d:c9:16:eb:c0:a6:
c3:a6:7c:5b:25:02:6a:1d:99:ca:bb:32:34:8b:e1:
01:c7:ae:b9:4a:c0:2e:fc:ae:6b:b9:16:21:e0:8a:
b2:2e:7f:ab:63:29:7a:df:97:8f:67:6b:9a:cf:00:
1f:38:4c:56:6d:db:5b:a5:e6:72:7f:3c:23:20:9e:
f8:ac:17:2d:5b:f5:7b:0b:fe:7e:38:25:c4:84:b4:
e8:b9:48:e4:ae:cf:ed:17:2f:50:5f:e8:e7:cf:1b:
28:31:52:ca:f0:1f:81:f5:23:38:df:ca:25:43:e4:
8e:52:ca:66:8f:dc:6c:85:d3:c9:f9:aa:d8:7e:9c:
15:90:82:9e:c0:41:1b:b2:a9:82:97:85:0d:50:bc:
ca:76:4a:14:cb:fa:ff:9b:39:2a:46:4d:10:2e:b0:
b4:1e:aa:82:e4:c7:ac:60:4c:42:03:51:58:c0:64:
e2:e7:de:9b:0e:a6:a7:5f:f6:3b:3e:d9:64:30:3f:
a7:32:a2:7d:fa:e8:0f:56:d3:65:83:99:2a:c6:a5:
36:38:a2:ae:16:db:24:69:0f:43:b5:e2:fa:c7:f5:
b4:0a:de:49:a8:61:b8:e6:c5:13:8b:e9:87:69:f8:
ee:c3:9a:d9:33:10:16:84:ea:10:d3:94:c5:ac:22:
5f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F4:C3:9F:85:F5:54:9E:81:B8:66:74:1F:A6:9A:F1:A6:E8:F2:7B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bvTDn4X1VJ6BuGZ0H6aa8abo8ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.136.0/22
93.88.200.0/21
94.177.122.0/24
185.232.117.0/24
193.33.94.0/23
193.163.86.0/24
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2a04:ccc0:ffff::-2a04:ccc1:ffff:ffff:ffff:ffff:ffff:ffff
2a04:ccc3::-2a04:ccc7:ffff:ffff:ffff:ffff:ffff:ffff
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0e:b107:2220::/44
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:2f00:193::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
Signature Algorithm: sha256WithRSAEncryption
3f:b0:2d:2c:aa:52:fd:5e:55:b0:2a:c9:d7:e9:6f:0a:03:d3:
1c:56:09:70:92:0a:40:c1:f7:ad:ff:83:a4:cd:9c:65:29:ee:
31:5e:a0:16:b2:d3:35:82:ff:a8:4e:f9:48:c7:4a:4d:88:cb:
0d:39:79:d8:d1:d2:1d:45:8d:45:15:01:73:f0:54:b0:30:2b:
fc:62:31:0b:dd:53:7b:1c:18:74:01:99:fe:ef:68:66:a8:03:
2a:a7:63:c2:d7:e1:56:6a:99:f2:e8:ab:9e:41:77:49:27:18:
7f:fa:38:55:5a:7d:67:9c:92:d7:b9:3f:b9:1c:d1:30:82:85:
33:17:64:22:b9:62:fc:74:c7:01:7a:8d:64:91:e3:d2:2c:07:
e5:9e:ea:9c:49:e4:2b:53:ce:4e:95:a3:13:c6:fc:ac:37:68:
69:ee:c2:63:c5:01:01:da:c6:df:68:7d:52:7f:6a:fd:58:2e:
3c:58:d5:7d:61:07:7b:9d:9f:ae:db:bd:5b:a6:61:07:06:37:
89:de:a1:9a:03:53:68:de:a4:d3:04:8c:9a:a1:0c:a6:c1:c9:
19:bb:4b:2f:d5:19:94:79:7a:7a:37:44:0f:a7:87:be:4d:58:
46:94:f9:6f:18:f6:b8:92:f2:3d:9a:39:bc:0e:c9:6e:87:52:
63:70:ed:33
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgISAZRLKYaoWnnAlo4q/eRtT++nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTA5MTMwMzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWY0YzM5Zjg1ZjU1NDllODFiODY2NzQxZmE2OWFmMWE2ZThmMjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6uknhPHii2NyRbrwKbDpnxbJQJq
HZnKuzI0i+EBx665SsAu/K5ruRYh4IqyLn+rYyl635ePZ2uazwAfOExWbdtbpeZy
fzwjIJ74rBctW/V7C/5+OCXEhLTouUjkrs/tFy9QX+jnzxsoMVLK8B+B9SM438ol
Q+SOUspmj9xshdPJ+arYfpwVkIKewEEbsqmCl4UNULzKdkoUy/r/mzkqRk0QLrC0
HqqC5MesYExCA1FYwGTi596bDqanX/Y7PtlkMD+nMqJ9+ugPVtNlg5kqxqU2OKKu
FtskaQ9DteL6x/W0Ct5JqGG45sUTi+mHafjuw5rZMxAWhOoQ05TFrCJfjwIDAQAB
o4IDETCCAw0wHQYDVR0OBBYEFG70w5+F9VSegbhmdB+mmvGm6PJ7MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYnZURG40WDFWSjZCdUdaMEg2YWE4YWJvOG5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJQYIKwYBBQUHAQcBAf8EggEUMIIBEDA8BAIAATA2AwQC
LYiIAwQDXVjIAwQAXrF6AwQAueh1AwQBwSFeAwQAwaNWAwQAwjJcAwQAwjJeAwQA
wjJvMIHPBAIAAjCByDAQAwcAKgTMwP//AwUBKgTMwDAOAwUAKgTMwwMFAyoEzMAD
BQMqCQTAMA4DBQcqDDuAAwUAKgw7hgMHBCoOl8AB0AMHBCoOl8ACYAMGACoOl8EC
AwcEKg6XwwEQAwcEKg6XxAEgAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcD
Kg6xByHAAwcEKg6xByIgAwcAKg/kBAECAwcAKhAvAAGNAwcAKhAvAAGPAwcAKhAv
AAGTAwcEKhDMQAJQAwcEKhDMRQEwMA0GCSqGSIb3DQEBCwUAA4IBAQA/sC0sqlL9
XlWwKsnX6W8KA9McVglwkgpAwfet/4OkzZxlKe4xXqAWstM1gv+oTvlIx0pNiMsN
OXnY0dIdRY1FFQFz8FSwMCv8YjEL3VN7HBh0AZn+72hmqAMqp2PC1+FWapny6Kue
QXdJJxh/+jhVWn1nnJLXuT+5HNEwgoUzF2QiuWL8dMcBeo1kkePSLAflnuqcSeQr
U85OlaMTxvysN2hp7sJjxQEB2sbfaH1Sf2r9WC48WNV9YQd7nZ+u271bpmEHBjeJ
3qGaA1No3qTTBIyaoQymwckZu0sv1RmUeXp6N0QPp4e+TVhGlPlvGPa4kvI9mjm8
Dsluh1JjcO0z
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:24:45 2025 by rpki-client