Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/b7fe75-30ee-4a6f-b528-fa3071c435f1/1/bmkhfpzln7pGH6_ZpRzl_FUcvfI.roa
File: bmkhfpzln7pGH6_ZpRzl_FUcvfI.roa (raw, json)
Hash identifier: 89MuOGK3OXzrjAVye9Wc4Jw/ur49sW8fJPosCRBvPOs=
Subject key identifier: 6E:69:21:7E:9C:E5:9F:BA:46:1F:AF:D9:A5:1C:E5:FC:55:1C:BD:F2
Certificate issuer: /CN=5c57b61611719ec7c8e0012b1aff7e81fc7689bd
Certificate serial: 018CC5DBF7F5E05FA387FABD6C8DF8FE3911
Authority key identifier: 5C:57:B6:16:11:71:9E:C7:C8:E0:01:2B:1A:FF:7E:81:FC:76:89:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XFe2FhFxnsfI4AErGv9-gfx2ib0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/b7fe75-30ee-4a6f-b528-fa3071c435f1/1/bmkhfpzln7pGH6_ZpRzl_FUcvfI.roa
Signing time: Mon 01 Jan 2024 16:29:36 +0000
ROA not before: Mon 01 Jan 2024 16:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28984
IP address blocks: 195.47.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:f7:f5:e0:5f:a3:87:fa:bd:6c:8d:f8:fe:39:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c57b61611719ec7c8e0012b1aff7e81fc7689bd
Validity
Not Before: Jan 1 16:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e69217e9ce59fba461fafd9a51ce5fc551cbdf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:cc:7d:cf:9e:ca:c9:35:59:3b:eb:1d:f9:1b:
73:c9:84:9d:39:75:57:5e:11:7d:61:17:9f:f7:2a:
e6:1f:74:08:b7:c1:34:8c:92:e6:11:48:7a:2f:b6:
08:8d:8f:fb:cb:9e:4d:fc:ab:a0:57:c0:87:4e:93:
6a:b7:6c:f4:78:6f:dd:b7:35:ba:2c:4e:ad:45:f6:
0a:2e:82:dc:82:a9:dd:ab:78:99:65:e2:22:5a:c9:
3b:a9:1b:c7:ff:ff:d1:52:08:9c:e5:24:8d:38:c0:
67:83:35:92:c6:bc:4b:01:78:d4:3f:df:69:fb:56:
94:03:73:bf:38:80:e0:84:13:51:96:dd:23:93:b2:
5e:e4:4d:80:ac:21:8d:c5:cc:a8:e3:b4:be:e1:e5:
86:b8:d6:02:0d:80:a6:cd:11:8a:98:55:d4:7b:88:
de:4c:ae:58:d3:97:e8:70:2e:83:2a:b5:99:c7:cd:
90:7a:46:b8:b6:ed:ea:ef:59:6f:b2:eb:5d:be:da:
18:37:c1:1e:01:1f:7e:2c:66:a4:57:08:23:8d:66:
d9:4d:1e:4e:ed:bc:ea:74:6d:2f:c5:27:81:14:e6:
e7:c6:1e:c6:2c:ac:f9:47:b2:a4:6c:ac:e3:52:bb:
24:ba:f2:1b:55:21:01:92:aa:fd:f1:7e:8f:17:aa:
9d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:69:21:7E:9C:E5:9F:BA:46:1F:AF:D9:A5:1C:E5:FC:55:1C:BD:F2
X509v3 Authority Key Identifier:
keyid:5C:57:B6:16:11:71:9E:C7:C8:E0:01:2B:1A:FF:7E:81:FC:76:89:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XFe2FhFxnsfI4AErGv9-gfx2ib0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/b7fe75-30ee-4a6f-b528-fa3071c435f1/1/bmkhfpzln7pGH6_ZpRzl_FUcvfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/b7fe75-30ee-4a6f-b528-fa3071c435f1/1/XFe2FhFxnsfI4AErGv9-gfx2ib0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.47.224.0/24
Signature Algorithm: sha256WithRSAEncryption
98:e3:5c:49:98:d5:3d:46:f8:24:46:90:55:f8:a5:ba:14:1c:
92:f9:35:f4:7e:9a:91:68:e5:2d:76:29:96:67:b4:2f:bb:2c:
a5:b0:b2:d0:cf:3b:e7:6e:fc:59:ee:3d:ab:38:80:1f:1a:ed:
11:7d:7f:ce:9e:79:6a:58:92:9d:a7:19:6b:6c:4c:14:f6:20:
8a:9e:23:41:6f:0a:1c:00:1f:3f:b5:6b:2a:ab:0d:ed:62:f9:
1c:b3:1d:aa:a5:f8:38:86:9a:7f:84:de:dd:6c:3a:ee:2b:28:
fa:ff:1b:86:06:52:ba:5c:c8:ea:a2:35:77:8f:58:56:43:7f:
33:bc:4e:e5:4f:e1:03:8e:ae:28:fc:6f:de:a1:e1:0b:70:a3:
5e:39:6d:f9:84:bc:21:c1:b5:38:23:61:62:59:71:8b:7e:1e:
ea:8c:8e:ec:8c:70:21:08:62:c2:b5:cc:b6:f5:cf:97:36:8e:
38:6c:dd:71:67:ae:05:eb:ac:f3:15:ea:82:4f:a5:f6:14:ae:
8f:66:d3:70:38:39:99:65:e9:35:c1:57:2d:19:fc:35:e4:6b:
fa:7c:e9:66:97:b1:ce:a2:84:e4:94:59:a5:92:88:c2:04:eb:
4c:f7:38:4e:7d:a9:a0:f6:ab:d5:2b:1d:5b:95:cf:0e:ca:3c:
19:d5:11:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF2/f14F+jh/q9bI34/jkRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNTdiNjE2MTE3MTllYzdjOGUwMDEyYjFhZmY3ZTgxZmM3
Njg5YmQwHhcNMjQwMTAxMTYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTY5MjE3ZTljZTU5ZmJhNDYxZmFmZDlhNTFjZTVmYzU1MWNiZGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8x9z57KyTVZO+sd+RtzyYSdOXVX
XhF9YRef9yrmH3QIt8E0jJLmEUh6L7YIjY/7y55N/KugV8CHTpNqt2z0eG/dtzW6
LE6tRfYKLoLcgqndq3iZZeIiWsk7qRvH///RUgic5SSNOMBngzWSxrxLAXjUP99p
+1aUA3O/OIDghBNRlt0jk7Je5E2ArCGNxcyo47S+4eWGuNYCDYCmzRGKmFXUe4je
TK5Y05focC6DKrWZx82Qeka4tu3q71lvsutdvtoYN8EeAR9+LGakVwgjjWbZTR5O
7bzqdG0vxSeBFObnxh7GLKz5R7KkbKzjUrskuvIbVSEBkqr98X6PF6qdawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5pIX6c5Z+6Rh+v2aUc5fxVHL3yMB8GA1UdIwQY
MBaAFFxXthYRcZ7HyOABKxr/foH8dom9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEZlMkZoRnhuc2ZJNEFFckd2OS1nZngyaWIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iN2ZlNzUtMzBlZS00YTZmLWI1Mjgt
ZmEzMDcxYzQzNWYxLzEvYm1raGZwemxuN3BHSDZfWnBSemxfRlVjdmZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iN2ZlNzUtMzBlZS00YTZmLWI1MjgtZmEzMDcxYzQzNWYx
LzEvWEZlMkZoRnhuc2ZJNEFFckd2OS1nZngyaWIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwy/gMA0G
CSqGSIb3DQEBCwUAA4IBAQCY41xJmNU9RvgkRpBV+KW6FByS+TX0fpqRaOUtdimW
Z7QvuyylsLLQzzvnbvxZ7j2rOIAfGu0RfX/OnnlqWJKdpxlrbEwU9iCKniNBbwoc
AB8/tWsqqw3tYvkcsx2qpfg4hpp/hN7dbDruKyj6/xuGBlK6XMjqojV3j1hWQ38z
vE7lT+EDjq4o/G/eoeELcKNeOW35hLwhwbU4I2FiWXGLfh7qjI7sjHAhCGLCtcy2
9c+XNo44bN1xZ64F66zzFeqCT6X2FK6PZtNwODmZZek1wVctGfw15Gv6fOlml7HO
ooTklFmlkojCBOtM9zhOfamg9qvVKx1blc8OyjwZ1RHS
-----END CERTIFICATE-----
Generated at Sat Apr 12 23:55:33 2025 by rpki-client