Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/BgTsQC8wJh80VNUegZ4pDvvwn8k.roa
File: BgTsQC8wJh80VNUegZ4pDvvwn8k.roa (raw, json)
Hash identifier: IQJATdROfr3jH0ApSpBfqfRA/EkEcLyKc0IIq3HW+6w=
Subject key identifier: 06:04:EC:40:2F:30:26:1F:34:54:D5:1E:81:9E:29:0E:FB:F0:9F:C9
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 01942797AD53E32A82850A7930CB84C6C226
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/BgTsQC8wJh80VNUegZ4pDvvwn8k.roa
Signing time: Thu 02 Jan 2025 15:17:19 +0000
ROA not before: Thu 02 Jan 2025 15:17:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204104
IP address blocks: 46.38.136.0/24 maxlen: 24
46.38.137.0/24 maxlen: 24
46.38.138.0/24 maxlen: 24
46.38.139.0/24 maxlen: 24
109.94.164.0/24 maxlen: 24
185.29.222.0/24 maxlen: 24
212.80.8.0/24 maxlen: 24
212.80.9.0/24 maxlen: 24
212.80.10.0/24 maxlen: 24
212.80.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 15:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:97:ad:53:e3:2a:82:85:0a:79:30:cb:84:c6:c2:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jan 2 15:17:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0604ec402f30261f3454d51e819e290efbf09fc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:89:47:fe:49:e5:72:aa:9d:dc:e0:cc:d3:91:
b7:83:7e:59:81:07:50:f0:77:23:45:9e:57:e1:1a:
7a:81:3d:e2:0a:0e:0d:23:38:2a:fd:c7:9c:7a:c1:
04:6e:b8:81:23:42:85:b3:a7:b0:35:e1:12:bd:dd:
6b:e9:71:2b:a8:37:a1:3b:00:28:27:a4:a9:da:5a:
74:50:bd:23:a3:4e:41:5d:bb:2b:5e:3d:49:4c:e7:
ca:76:b6:3e:0b:18:c0:e5:44:9b:2a:34:71:91:bb:
89:d8:ff:cb:bb:a2:8e:4f:69:3f:ab:17:55:b5:e2:
39:9d:d8:31:cc:4a:33:89:d7:85:18:26:a9:35:4b:
6e:c3:63:63:b1:05:2e:a9:4e:6f:5d:65:ea:c3:dd:
5b:2e:84:69:4a:7b:a5:fb:10:a2:9c:31:3c:c4:33:
e9:2b:ac:72:65:14:97:16:15:0d:96:bb:5f:0d:2d:
22:10:9f:21:4b:fc:b4:c4:9c:15:95:59:1b:e2:5d:
1a:36:18:cf:df:48:2d:ff:4f:63:dd:71:6a:65:1b:
fd:57:4c:7e:a4:d4:3b:d0:85:51:8a:e3:4b:aa:c7:
c3:76:39:1d:65:47:12:14:46:94:34:02:2b:b1:f7:
b4:83:6c:90:3b:28:3b:63:67:4d:64:28:7d:b9:8d:
3a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:04:EC:40:2F:30:26:1F:34:54:D5:1E:81:9E:29:0E:FB:F0:9F:C9
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/BgTsQC8wJh80VNUegZ4pDvvwn8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.136.0/22
109.94.164.0/24
185.29.222.0/24
212.80.8.0/22
Signature Algorithm: sha256WithRSAEncryption
03:37:93:60:5b:7d:a8:aa:aa:a6:c1:58:73:f1:7c:a3:9d:d9:
22:64:25:07:62:24:b4:00:7a:9b:ad:82:1e:49:90:70:8a:92:
0f:e2:2e:30:5b:a7:26:30:90:c5:7c:03:38:7d:3d:59:ff:f1:
61:c6:0d:5d:55:fa:8c:df:83:10:50:01:47:54:11:20:33:8f:
4c:6b:77:f8:bd:fc:0b:17:76:9e:2e:ef:54:73:f7:4f:4d:42:
9b:80:90:a4:b9:03:38:9d:e4:c7:b0:fc:8c:50:28:23:88:17:
82:46:b4:4a:1f:08:2a:2c:30:27:f0:ba:eb:9c:a4:e6:dc:a8:
bc:db:7a:d9:6b:e2:d7:78:da:14:3e:b5:b9:b2:73:16:3c:bb:
34:18:64:42:5b:c3:37:59:dc:c2:d2:bd:32:4f:f1:da:6e:4c:
18:0e:1a:bd:da:88:fc:ab:22:51:d9:6b:5f:ed:f9:30:77:19:
d3:15:45:cf:c0:4b:15:24:17:c4:19:37:89:23:56:52:b8:bf:
70:e1:a8:dd:5f:f7:a4:b7:a9:7b:42:fe:b4:fc:e9:40:e8:cb:
91:20:bb:21:51:6c:25:94:8e:3f:82:d3:5d:2a:b7:ef:fc:f9:
fb:39:67:72:40:1f:75:80:3a:07:90:48:3c:0c:8a:ad:f8:7a:
bc:b2:a6:5a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnl61T4yqChQp5MMuExsImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwMTAyMTUxNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjA0ZWM0MDJmMzAyNjFmMzQ1NGQ1MWU4MTllMjkwZWZiZjA5ZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04lH/knlcqqd3ODM05G3g35ZgQdQ
8HcjRZ5X4Rp6gT3iCg4NIzgq/cecesEEbriBI0KFs6ewNeESvd1r6XErqDehOwAo
J6Sp2lp0UL0jo05BXbsrXj1JTOfKdrY+CxjA5USbKjRxkbuJ2P/Lu6KOT2k/qxdV
teI5ndgxzEozideFGCapNUtuw2NjsQUuqU5vXWXqw91bLoRpSnul+xCinDE8xDPp
K6xyZRSXFhUNlrtfDS0iEJ8hS/y0xJwVlVkb4l0aNhjP30gt/09j3XFqZRv9V0x+
pNQ70IVRiuNLqsfDdjkdZUcSFEaUNAIrsfe0g2yQOyg7Y2dNZCh9uY06aQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAYE7EAvMCYfNFTVHoGeKQ778J/JMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvQmdUc1FDOHdKaDgwVk5VZWdaNHBEdnZ3bjhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLiaIAwQA
bV6kAwQAuR3eAwQC1FAIMA0GCSqGSIb3DQEBCwUAA4IBAQADN5NgW32oqqqmwVhz
8XyjndkiZCUHYiS0AHqbrYIeSZBwipIP4i4wW6cmMJDFfAM4fT1Z//Fhxg1dVfqM
34MQUAFHVBEgM49Ma3f4vfwLF3aeLu9Uc/dPTUKbgJCkuQM4neTHsPyMUCgjiBeC
RrRKHwgqLDAn8LrrnKTm3Ki823rZa+LXeNoUPrW5snMWPLs0GGRCW8M3WdzC0r0y
T/HabkwYDhq92oj8qyJR2Wtf7fkwdxnTFUXPwEsVJBfEGTeJI1ZSuL9w4ajdX/ek
t6l7Qv60/OlA6MuRILshUWwllI4/gtNdKrfv/Pn7OWdyQB91gDoHkEg8DIqt+Hq8
sqZa
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:42:30 2025 by rpki-client