Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/BpauDnbQhNiL1XCVDUp9Sfo_fjs.roa
File: BpauDnbQhNiL1XCVDUp9Sfo_fjs.roa (raw, json)
Hash identifier: 38A51isWDS21UeC5MO06lvPY9wKv52IDmbuFthCZEJo=
Subject key identifier: 06:96:AE:0E:76:D0:84:D8:8B:D5:70:95:0D:4A:7D:49:FA:3F:7E:3B
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 019743ACF5811BBC8D82DDD844AE0CCCCC2B
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/BpauDnbQhNiL1XCVDUp9Sfo_fjs.roa
Signing time: Fri 06 Jun 2025 05:18:17 +0000
ROA not before: Fri 06 Jun 2025 05:18:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9232
IP address blocks: 144.56.35.0/24 maxlen: 24
144.56.37.0/24 maxlen: 24
144.56.39.0/24 maxlen: 24
144.56.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Jun 2025 14:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:43:ac:f5:81:1b:bc:8d:82:dd:d8:44:ae:0c:cc:cc:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Jun 6 05:18:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0696ae0e76d084d88bd570950d4a7d49fa3f7e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:2a:9f:ce:82:a0:4d:4a:7d:de:0a:c9:06:ef:
ff:b8:a0:38:54:44:db:84:64:97:b6:a9:61:98:f9:
00:4f:97:fc:88:78:a0:cd:e1:94:41:15:02:c5:07:
e2:d4:16:22:09:c9:98:c6:97:02:32:fa:b6:7d:bb:
77:67:20:d9:c9:f2:d8:2e:64:c8:5a:9c:f4:ad:94:
20:4a:b6:c5:1f:fd:30:de:f2:e1:f4:96:04:41:37:
04:c1:7f:f9:0c:a8:cb:e0:19:83:d6:b5:0e:5b:f2:
c4:d9:db:e1:d3:84:d1:cd:ee:14:9c:93:63:e2:50:
9e:34:d8:41:98:0d:21:be:fe:db:66:ba:11:b4:3e:
4d:3e:96:91:20:1b:dc:93:a1:77:0d:dc:9d:ea:64:
26:11:e6:db:7d:ea:aa:9c:af:ac:7e:92:44:2d:37:
fa:c8:ac:78:20:f8:24:0d:05:80:ab:85:d1:d2:de:
42:24:da:b7:e0:c9:ca:6d:86:ad:31:60:97:a3:7f:
2c:d6:ab:ed:07:90:ac:62:cb:46:46:78:b6:c6:82:
dc:41:f2:d9:12:19:9f:76:42:a6:0e:86:e2:42:bc:
6d:d4:38:6d:aa:dc:68:29:4d:95:11:2b:40:9a:cd:
68:17:f0:d4:15:0b:0e:b1:2b:f5:45:7c:c6:3a:b9:
e4:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:96:AE:0E:76:D0:84:D8:8B:D5:70:95:0D:4A:7D:49:FA:3F:7E:3B
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/BpauDnbQhNiL1XCVDUp9Sfo_fjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.35.0/24
144.56.37.0/24
144.56.39.0/24
144.56.41.0/24
Signature Algorithm: sha256WithRSAEncryption
42:82:f1:ba:67:f9:1f:ea:23:76:32:09:f7:5c:01:44:2d:fa:
4a:40:f7:15:2f:97:cb:9d:4e:bf:c3:37:ee:e0:96:ee:c9:1f:
00:e0:0b:6d:62:ab:7c:f3:d1:3d:09:91:51:4c:57:5f:35:a1:
4d:ae:5a:33:60:bd:96:a7:9c:ac:e2:16:da:88:e2:e1:35:78:
48:e5:fc:25:4b:1a:ef:92:91:98:f8:f6:f7:47:52:4c:c7:9f:
aa:13:d6:2f:d3:e9:c8:21:20:a1:6b:ef:71:93:98:48:2f:a8:
21:4a:19:1d:85:12:6d:89:6d:08:27:ab:0e:6e:b8:84:57:02:
16:2c:91:86:7b:2b:1c:1f:b2:ac:05:8c:01:42:49:01:dd:a2:
58:2e:db:f8:ab:18:54:f2:a7:c0:81:f2:9b:d0:52:15:da:aa:
37:ab:bb:17:38:f0:d9:d8:8b:f0:c8:3c:d9:4e:1e:9b:0a:2b:
1b:cf:12:76:bf:f7:a5:89:bd:f0:a3:b5:5f:68:78:d3:96:3d:
7d:1d:f9:95:52:2d:43:48:df:eb:1b:c5:b8:ed:37:16:2c:08:
69:32:d2:66:5f:49:68:3a:0b:b4:39:07:84:4c:c5:fa:7f:1d:
9b:c9:c6:bb:a7:33:c9:ca:70:ab:26:12:f5:17:8b:3f:d9:63:
d6:8d:62:a2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZdDrPWBG7yNgt3YRK4MzMwrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNjA2MDUxODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjk2YWUwZTc2ZDA4NGQ4OGJkNTcwOTUwZDRhN2Q0OWZhM2Y3ZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5CqfzoKgTUp93grJBu//uKA4VETb
hGSXtqlhmPkAT5f8iHigzeGUQRUCxQfi1BYiCcmYxpcCMvq2fbt3ZyDZyfLYLmTI
Wpz0rZQgSrbFH/0w3vLh9JYEQTcEwX/5DKjL4BmD1rUOW/LE2dvh04TRze4UnJNj
4lCeNNhBmA0hvv7bZroRtD5NPpaRIBvck6F3Ddyd6mQmEebbfeqqnK+sfpJELTf6
yKx4IPgkDQWAq4XR0t5CJNq34MnKbYatMWCXo38s1qvtB5CsYstGRni2xoLcQfLZ
EhmfdkKmDobiQrxt1DhtqtxoKU2VEStAms1oF/DUFQsOsSv1RXzGOrnkHwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAaWrg520ITYi9VwlQ1KfUn6P347MB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvQnBhdURuYlFoTmlMMVhDVkRVcDlTZm9fZmpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAkDgjAwQA
kDglAwQAkDgnAwQAkDgpMA0GCSqGSIb3DQEBCwUAA4IBAQBCgvG6Z/kf6iN2Mgn3
XAFELfpKQPcVL5fLnU6/wzfu4JbuyR8A4AttYqt889E9CZFRTFdfNaFNrlozYL2W
p5ys4hbaiOLhNXhI5fwlSxrvkpGY+Pb3R1JMx5+qE9Yv0+nIISCha+9xk5hIL6gh
ShkdhRJtiW0IJ6sObriEVwIWLJGGeyscH7KsBYwBQkkB3aJYLtv4qxhU8qfAgfKb
0FIV2qo3q7sXOPDZ2IvwyDzZTh6bCisbzxJ2v/elib3wo7VfaHjTlj19HfmVUi1D
SN/rG8W47TcWLAhpMtJmX0loOgu0OQeETMX6fx2byca7pzPJynCrJhL1F4s/2WPW
jWKi
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:33:36 2025 by rpki-client