Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/bPVbtuX1nm4L0RKQGjMdvby4qjI.roa
File: bPVbtuX1nm4L0RKQGjMdvby4qjI.roa (raw, json)
Hash identifier: aM2dv+y7Ex84ekHWGTdDzG+tNEiUmoWcTwodQJjArjo=
Subject key identifier: 6C:F5:5B:B6:E5:F5:9E:6E:0B:D1:12:90:1A:33:1D:BD:BC:B8:AA:32
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 018D8371829F747121A5B47A650909CA91F6
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/bPVbtuX1nm4L0RKQGjMdvby4qjI.roa
Signing time: Wed 07 Feb 2024 12:01:10 +0000
ROA not before: Wed 07 Feb 2024 12:01:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48276
IP address blocks: 176.96.184.0/22 maxlen: 22
176.96.186.0/24 maxlen: 24
176.96.187.0/24 maxlen: 24
176.96.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Feb 2024 16:16:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:71:82:9f:74:71:21:a5:b4:7a:65:09:09:ca:91:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: Feb 7 12:01:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cf55bb6e5f59e6e0bd112901a331dbdbcb8aa32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4d:f0:1c:1c:c7:fc:a6:f2:a6:1f:a4:92:dc:
ec:c3:bf:c9:34:7b:64:2f:20:33:6c:85:4d:8b:a7:
3d:2b:fd:d4:ba:e3:b5:e0:66:32:11:5e:4c:08:64:
f6:b9:38:d6:7f:c6:9d:0d:c2:3b:69:51:51:9d:14:
78:46:05:b7:d3:40:23:cc:b3:24:56:b4:b4:14:f3:
05:bd:7c:c1:02:a1:df:a1:48:0b:2d:41:59:5b:8e:
76:ad:a4:89:3f:6e:89:fb:fe:7d:e9:f2:62:e1:ed:
96:c4:30:48:d1:21:b3:bc:4a:2f:6f:97:ce:21:6b:
27:d4:55:d9:92:17:af:a2:d5:44:5d:38:2f:2d:55:
13:96:02:1b:5f:e2:ff:a4:eb:fb:a0:84:12:a4:eb:
c5:06:bc:38:3e:7f:9b:fe:3e:49:fc:31:f6:15:3c:
47:0e:69:c3:46:0d:60:21:4b:e0:66:5b:e7:ba:2c:
1c:b4:99:39:79:11:7c:3d:73:95:58:a3:79:5d:16:
46:84:0a:44:02:ab:a8:66:80:0b:c2:bb:f5:70:97:
ce:b7:5b:78:2f:f0:83:5a:80:36:b1:7c:3e:c2:05:
e3:b8:2f:5a:d1:a7:42:14:c7:2e:cc:5e:8c:ce:00:
8d:85:42:4e:49:e5:c3:73:a2:72:32:d5:09:53:6f:
95:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F5:5B:B6:E5:F5:9E:6E:0B:D1:12:90:1A:33:1D:BD:BC:B8:AA:32
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/bPVbtuX1nm4L0RKQGjMdvby4qjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.96.184.0-176.96.188.255
Signature Algorithm: sha256WithRSAEncryption
8d:41:fe:0d:89:3b:49:1a:96:c4:7c:ac:78:b5:10:43:15:70:
c3:b5:c6:1d:a6:af:2e:5d:5a:88:1c:eb:5f:00:f9:99:ec:37:
29:82:c5:1b:8e:3e:91:9c:18:cf:e7:47:a8:d6:d8:7e:ed:54:
58:a2:84:2d:ec:28:53:3b:71:e9:43:0f:5e:46:d2:17:29:ce:
bc:cf:b1:aa:2f:56:9a:65:75:c7:65:91:64:b3:69:21:29:51:
f9:a6:ad:8c:13:94:27:8c:c9:a3:06:25:c1:7a:1c:3b:8f:7d:
77:ee:10:be:b6:3a:b7:4e:cf:a4:25:e4:b7:b0:32:82:7a:2f:
0a:7e:ec:51:7b:fb:d1:1b:22:e4:30:79:9d:77:84:3b:09:93:
a7:16:5d:b3:7b:64:1f:e6:cf:18:74:07:e9:df:60:e8:ca:0b:
a3:0c:a2:bf:2f:65:ed:f2:97:80:8d:04:7f:92:b6:19:ca:2c:
7e:e9:fc:7b:a8:48:00:0f:f8:ac:bb:c6:e9:b9:d1:a1:37:b6:
5d:d6:d5:08:e0:eb:8e:62:a1:9d:78:01:5b:80:3f:fc:f7:39:
e3:c7:e7:72:63:f7:42:7e:c2:ce:c4:f6:7f:42:3c:1c:b5:11:
e2:9b:e2:36:87:54:69:1d:7c:83:5b:7c:37:64:df:e5:65:60:
b5:a7:c3:ec
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY2DcYKfdHEhpbR6ZQkJypH2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx
ZGRhMTYwHhcNMjQwMjA3MTIwMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Y1NWJiNmU1ZjU5ZTZlMGJkMTEyOTAxYTMzMWRiZGJjYjhhYTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjk3wHBzH/Kbyph+kktzsw7/JNHtk
LyAzbIVNi6c9K/3UuuO14GYyEV5MCGT2uTjWf8adDcI7aVFRnRR4RgW300AjzLMk
VrS0FPMFvXzBAqHfoUgLLUFZW452raSJP26J+/596fJi4e2WxDBI0SGzvEovb5fO
IWsn1FXZkhevotVEXTgvLVUTlgIbX+L/pOv7oIQSpOvFBrw4Pn+b/j5J/DH2FTxH
DmnDRg1gIUvgZlvnuiwctJk5eRF8PXOVWKN5XRZGhApEAquoZoALwrv1cJfOt1t4
L/CDWoA2sXw+wgXjuC9a0adCFMcuzF6MzgCNhUJOSeXDc6JyMtUJU2+VYQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGz1W7bl9Z5uC9ESkBozHb28uKoyMB8GA1UdIwQY
MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt
ZmVlOGYzNzkwNTY3LzEvYlBWYnR1WDFubTRMMFJLUUdqTWR2Ynk0cWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3
LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOwYLgD
BACwYLwwDQYJKoZIhvcNAQELBQADggEBAI1B/g2JO0kalsR8rHi1EEMVcMO1xh2m
ry5dWogc618A+ZnsNymCxRuOPpGcGM/nR6jW2H7tVFiihC3sKFM7celDD15G0hcp
zrzPsaovVppldcdlkWSzaSEpUfmmrYwTlCeMyaMGJcF6HDuPfXfuEL62OrdOz6Ql
5LewMoJ6Lwp+7FF7+9EbIuQweZ13hDsJk6cWXbN7ZB/mzxh0B+nfYOjKC6MMor8v
Ze3yl4CNBH+SthnKLH7p/HuoSAAP+Ky7xum50aE3tl3W1Qjg645ioZ14AVuAP/z3
OePH53Jj90J+ws7E9n9CPBy1EeKb4jaHVGkdfINbfDdk3+VlYLWnw+w=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:45:48 2025 by rpki-client