Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/25651d-ee73-48ed-af68-29f420752d5e/1/byhMTIP1u6l_hbSujoWKLpFM8WM.roa
File: byhMTIP1u6l_hbSujoWKLpFM8WM.roa (raw, json)
Hash identifier: t228Q2PXjShTUPgRuYydA/lDXY/yqmuImQ/aRuwYNUY=
Subject key identifier: 6F:28:4C:4C:83:F5:BB:A9:7F:85:B4:AE:8E:85:8A:2E:91:4C:F1:63
Certificate issuer: /CN=b6b6af4ddf8316fbf101c93644e6594146570762
Certificate serial: 0195C87CFFC030C89362FC20511C252B29B6
Authority key identifier: B6:B6:AF:4D:DF:83:16:FB:F1:01:C9:36:44:E6:59:41:46:57:07:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/travTd-DFvvxAck2ROZZQUZXB2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/25651d-ee73-48ed-af68-29f420752d5e/1/byhMTIP1u6l_hbSujoWKLpFM8WM.roa
Signing time: Mon 24 Mar 2025 14:09:49 +0000
ROA not before: Mon 24 Mar 2025 14:09:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214406
IP address blocks: 194.39.246.0/24 maxlen: 24
212.125.136.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Mar 2025 15:56:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c8:7c:ff:c0:30:c8:93:62:fc:20:51:1c:25:2b:29:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6b6af4ddf8316fbf101c93644e6594146570762
Validity
Not Before: Mar 24 14:09:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f284c4c83f5bba97f85b4ae8e858a2e914cf163
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:69:8c:90:dd:18:6c:d0:95:22:0a:5e:6e:a7:
ab:7b:d0:4c:26:77:4d:86:31:5d:dd:bb:a9:88:e9:
ad:0a:56:9f:d6:df:e2:fe:6f:0c:10:a3:d9:57:ea:
8d:88:9e:aa:46:f9:83:ad:43:43:06:b6:f8:64:af:
6f:71:aa:23:26:c4:78:ad:7c:b9:55:ce:22:f1:2e:
10:5f:35:46:c5:17:c0:16:f8:94:c1:2e:d6:e7:94:
a4:16:55:8d:8c:cb:41:95:1b:17:70:34:c2:c6:75:
88:ab:49:1b:91:00:95:ba:51:17:c9:68:1e:88:af:
41:eb:9f:82:7e:86:ed:66:3c:9c:73:e4:89:27:f7:
68:6d:47:ca:0d:30:bc:e7:58:35:47:fe:d8:71:cb:
89:51:c4:5b:21:f9:08:6b:85:ca:45:a1:1b:3a:98:
91:b8:81:cf:2a:2a:7e:47:54:ac:4e:1f:5e:0b:27:
66:80:6b:28:ca:74:13:ab:37:1b:01:73:13:d9:e4:
6c:2e:6e:eb:d7:35:3c:6d:c1:26:2d:a2:39:c0:5c:
b7:17:b2:97:93:89:ef:06:92:df:9d:7d:9e:7c:e9:
8d:22:4e:98:56:f4:4c:7f:f6:6e:c3:a6:28:62:64:
ee:96:72:f7:43:ec:f6:e7:08:2b:7a:f8:64:6f:8d:
03:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:28:4C:4C:83:F5:BB:A9:7F:85:B4:AE:8E:85:8A:2E:91:4C:F1:63
X509v3 Authority Key Identifier:
keyid:B6:B6:AF:4D:DF:83:16:FB:F1:01:C9:36:44:E6:59:41:46:57:07:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/travTd-DFvvxAck2ROZZQUZXB2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/25651d-ee73-48ed-af68-29f420752d5e/1/byhMTIP1u6l_hbSujoWKLpFM8WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/25651d-ee73-48ed-af68-29f420752d5e/1/travTd-DFvvxAck2ROZZQUZXB2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.246.0/24
212.125.136.0/23
Signature Algorithm: sha256WithRSAEncryption
12:dd:db:da:6c:7c:1a:ec:fd:69:9e:d2:38:ff:81:95:5a:75:
71:81:1e:82:a8:a4:e7:a8:01:56:5e:20:8e:43:4c:3b:eb:3f:
2d:81:b5:dc:0f:59:84:05:2a:1f:89:d8:f7:bd:36:08:17:31:
5c:36:fe:13:32:cc:43:9f:09:1f:c8:a0:ad:cb:8c:25:65:78:
8e:22:8d:ee:a9:84:6c:98:9b:29:32:6a:9f:98:3a:fd:ad:0d:
99:13:9f:b3:5c:0f:29:1c:42:4f:0a:8f:5d:1f:56:18:d9:f9:
82:85:81:34:19:49:fb:d5:ac:85:e0:29:06:c6:df:fc:e6:29:
8f:e3:d7:43:0a:4a:e7:f8:d1:45:e1:2e:a9:51:0a:55:dd:31:
39:d5:19:37:4f:5d:7e:40:6f:5b:6c:8a:d0:1c:d1:0c:f1:77:
cc:4e:ec:2a:d6:37:33:ff:78:06:a3:12:85:88:7a:ca:e5:22:
ae:4a:eb:f6:51:63:16:3a:89:2b:94:09:b9:b7:1a:83:af:69:
44:eb:08:1b:67:5b:6d:a6:42:65:0e:fe:c4:f5:c1:a1:26:ca:
77:62:f5:6d:78:28:c7:2c:66:9f:0f:50:ee:c9:fc:54:f1:10:
c0:11:94:b7:5e:9f:71:f5:b3:e2:e6:e1:36:d5:ff:d9:19:d4:
21:6b:64:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZXIfP/AMMiTYvwgURwlKym2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YjZhZjRkZGY4MzE2ZmJmMTAxYzkzNjQ0ZTY1OTQxNDY1
NzA3NjIwHhcNMjUwMzI0MTQwOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjI4NGM0YzgzZjViYmE5N2Y4NWI0YWU4ZTg1OGEyZTkxNGNmMTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWmMkN0YbNCVIgpebqere9BMJndN
hjFd3bupiOmtClaf1t/i/m8MEKPZV+qNiJ6qRvmDrUNDBrb4ZK9vcaojJsR4rXy5
Vc4i8S4QXzVGxRfAFviUwS7W55SkFlWNjMtBlRsXcDTCxnWIq0kbkQCVulEXyWge
iK9B65+CfobtZjycc+SJJ/dobUfKDTC851g1R/7YccuJUcRbIfkIa4XKRaEbOpiR
uIHPKip+R1SsTh9eCydmgGsoynQTqzcbAXMT2eRsLm7r1zU8bcEmLaI5wFy3F7KX
k4nvBpLfnX2efOmNIk6YVvRMf/Zuw6YoYmTulnL3Q+z25wgrevhkb40DEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG8oTEyD9bupf4W0ro6Fii6RTPFjMB8GA1UdIwQY
MBaAFLa2r03fgxb78QHJNkTmWUFGVwdiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHJhdlRkLURGdnZ4QWNrMlJPWlpRVVpYQjJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8yNTY1MWQtZWU3My00OGVkLWFmNjgt
MjlmNDIwNzUyZDVlLzEvYnloTVRJUDF1NmxfaGJTdWpvV0tMcEZNOFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8yNTY1MWQtZWU3My00OGVkLWFmNjgtMjlmNDIwNzUyZDVl
LzEvdHJhdlRkLURGdnZ4QWNrMlJPWlpRVVpYQjJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwif2AwQB
1H2IMA0GCSqGSIb3DQEBCwUAA4IBAQAS3dvabHwa7P1pntI4/4GVWnVxgR6CqKTn
qAFWXiCOQ0w76z8tgbXcD1mEBSofidj3vTYIFzFcNv4TMsxDnwkfyKCty4wlZXiO
Io3uqYRsmJspMmqfmDr9rQ2ZE5+zXA8pHEJPCo9dH1YY2fmChYE0GUn71ayF4CkG
xt/85imP49dDCkrn+NFF4S6pUQpV3TE51Rk3T11+QG9bbIrQHNEM8XfMTuwq1jcz
/3gGoxKFiHrK5SKuSuv2UWMWOokrlAm5txqDr2lE6wgbZ1ttpkJlDv7E9cGhJsp3
YvVteCjHLGafD1DuyfxU8RDAEZS3Xp9x9bPi5uE21f/ZGdQha2St
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:29:30 2025 by rpki-client