Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/bnmxVsSb_5yWM8J28ksSDsWjSqs.roa
File: bnmxVsSb_5yWM8J28ksSDsWjSqs.roa (raw, json)
Hash identifier: KrDa9k/sx2XhxX5I4pYyCUW7irH7pWa9hOc8eTY5H/o=
Subject key identifier: 6E:79:B1:56:C4:9B:FF:9C:96:33:C2:76:F2:4B:12:0E:C5:A3:4A:AB
Certificate issuer: /CN=49f093bb8e8ad11c4c834edfd2df54d41cb49f79
Certificate serial: 0196E8E259A4CFF68935BD614B165965DB62
Authority key identifier: 49:F0:93:BB:8E:8A:D1:1C:4C:83:4E:DF:D2:DF:54:D4:1C:B4:9F:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SfCTu46K0RxMg07f0t9U1By0n3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/bnmxVsSb_5yWM8J28ksSDsWjSqs.roa
Signing time: Mon 19 May 2025 14:11:10 +0000
ROA not before: Mon 19 May 2025 14:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198904
IP address blocks: 5.32.184.0/21 maxlen: 21
5.32.184.0/22 maxlen: 22
5.32.184.0/24 maxlen: 24
5.32.185.0/24 maxlen: 24
5.32.186.0/24 maxlen: 24
5.32.187.0/24 maxlen: 24
5.32.188.0/22 maxlen: 22
5.32.188.0/24 maxlen: 24
5.32.189.0/24 maxlen: 24
5.32.190.0/24 maxlen: 24
5.32.191.0/24 maxlen: 24
2a01:6ec0::/32 maxlen: 32
2a01:6ec0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 19 May 2025 16:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e8:e2:59:a4:cf:f6:89:35:bd:61:4b:16:59:65:db:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49f093bb8e8ad11c4c834edfd2df54d41cb49f79
Validity
Not Before: May 19 14:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e79b156c49bff9c9633c276f24b120ec5a34aab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1f:ab:6b:b7:44:65:7a:a8:43:04:17:c7:bb:
e2:8f:9b:13:1c:17:17:52:b9:d1:40:aa:6f:0a:e3:
0c:d4:99:40:fa:4b:ce:10:d1:75:04:98:d9:55:3e:
95:09:47:a1:a1:f3:72:46:72:7b:94:f3:ce:57:39:
3c:18:40:52:ce:13:f7:94:47:5c:68:d3:9c:60:a1:
28:98:4f:ff:08:12:2c:8d:a1:d2:d7:42:68:ae:e6:
ae:ee:c7:18:12:d5:a6:0a:bd:8c:13:df:5b:05:14:
fb:5e:88:8e:b5:9b:99:9e:d9:f8:83:cf:a4:3f:ab:
c7:e0:4d:2a:7d:81:f0:e9:57:15:6f:84:8a:1b:62:
70:1d:79:3f:9b:dd:67:40:18:ca:4a:af:c6:0a:80:
b8:02:9e:3e:ad:6c:f5:80:3a:7d:04:1c:af:63:db:
03:f9:f6:c0:7c:1f:bd:c1:3a:84:4e:91:af:f6:66:
48:d4:1c:ca:cb:09:3c:42:f8:5d:5e:14:cd:04:bb:
f8:34:e7:98:e7:06:42:56:a7:9c:3e:40:22:75:8b:
3f:d5:79:0b:51:7b:7b:10:40:d4:70:8d:3f:a9:17:
23:02:cd:64:94:1a:86:e5:e1:e8:d0:cf:63:e1:22:
5c:83:aa:78:2c:7e:c4:b6:9c:09:85:63:c6:45:b1:
d7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:79:B1:56:C4:9B:FF:9C:96:33:C2:76:F2:4B:12:0E:C5:A3:4A:AB
X509v3 Authority Key Identifier:
keyid:49:F0:93:BB:8E:8A:D1:1C:4C:83:4E:DF:D2:DF:54:D4:1C:B4:9F:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SfCTu46K0RxMg07f0t9U1By0n3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/bnmxVsSb_5yWM8J28ksSDsWjSqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/SfCTu46K0RxMg07f0t9U1By0n3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.184.0/21
IPv6:
2a01:6ec0::/32
Signature Algorithm: sha256WithRSAEncryption
69:f6:15:19:60:5b:92:52:dd:6c:70:b3:2d:c1:ce:9d:34:9a:
a8:33:1d:22:a7:8c:7e:b5:fb:c2:69:8b:98:cd:ee:f3:13:5f:
66:90:ef:be:71:eb:c6:7a:80:8c:d3:51:ce:62:b5:5c:d7:4b:
09:10:50:cc:dd:7a:07:31:cb:60:00:64:bc:7d:a4:06:d4:bc:
5d:86:30:45:94:45:36:d8:4b:4c:5d:cf:2f:90:ff:0a:64:5e:
88:bb:55:02:57:ea:fe:2d:7d:64:30:ea:c5:a7:44:e7:f3:be:
0a:d3:c1:15:56:1e:0c:ab:76:55:9e:07:36:26:fd:c8:12:60:
21:ea:21:ab:38:e5:54:36:a9:4a:26:4d:9d:cd:b4:c7:e8:96:
0b:71:1b:97:df:c8:84:81:0c:2e:0e:bb:5e:32:9b:a1:04:c8:
85:3e:b9:e0:87:a4:d6:e8:49:98:46:06:e8:43:8f:3e:a8:a1:
d8:63:be:fd:4b:c3:5f:ca:0e:31:01:44:48:8b:73:fe:5a:24:
40:a1:4b:f3:0e:46:14:34:cf:4a:93:63:be:42:b3:ac:5f:fe:
6a:6c:eb:90:43:80:60:5f:d9:a9:16:36:70:0e:36:85:d6:5f:
c5:f7:be:82:d9:cc:36:1b:22:7c:6f:c4:2d:c2:1a:c5:33:be:
1e:66:7d:40
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZbo4lmkz/aJNb1hSxZZZdtiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZjA5M2JiOGU4YWQxMWM0YzgzNGVkZmQyZGY1NGQ0MWNi
NDlmNzkwHhcNMjUwNTE5MTQxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTc5YjE1NmM0OWJmZjljOTYzM2MyNzZmMjRiMTIwZWM1YTM0YWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwB+ra7dEZXqoQwQXx7vij5sTHBcX
UrnRQKpvCuMM1JlA+kvOENF1BJjZVT6VCUehofNyRnJ7lPPOVzk8GEBSzhP3lEdc
aNOcYKEomE//CBIsjaHS10Joruau7scYEtWmCr2ME99bBRT7XoiOtZuZntn4g8+k
P6vH4E0qfYHw6VcVb4SKG2JwHXk/m91nQBjKSq/GCoC4Ap4+rWz1gDp9BByvY9sD
+fbAfB+9wTqETpGv9mZI1BzKywk8QvhdXhTNBLv4NOeY5wZCVqecPkAidYs/1XkL
UXt7EEDUcI0/qRcjAs1klBqG5eHo0M9j4SJcg6p4LH7EtpwJhWPGRbHXywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG55sVbEm/+cljPCdvJLEg7Fo0qrMB8GA1UdIwQY
MBaAFEnwk7uOitEcTINO39LfVNQctJ95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2ZDVHU0NkswUnhNZzA3ZjB0OVUxQnkwbjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80ZmZlOTItMDBjZS00ZmFhLTg4NWMt
ZTk2MTdkNjZhNzRiLzEvYm5teFZzU2JfNXlXTThKMjhrc1NEc1dqU3FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80ZmZlOTItMDBjZS00ZmFhLTg4NWMtZTk2MTdkNjZhNzRi
LzEvU2ZDVHU0NkswUnhNZzA3ZjB0OVUxQnkwbjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBSC4MA0E
AgACMAcDBQAqAW7AMA0GCSqGSIb3DQEBCwUAA4IBAQBp9hUZYFuSUt1scLMtwc6d
NJqoMx0ip4x+tfvCaYuYze7zE19mkO++cevGeoCM01HOYrVc10sJEFDM3XoHMctg
AGS8faQG1LxdhjBFlEU22EtMXc8vkP8KZF6Iu1UCV+r+LX1kMOrFp0Tn874K08EV
Vh4Mq3ZVngc2Jv3IEmAh6iGrOOVUNqlKJk2dzbTH6JYLcRuX38iEgQwuDrteMpuh
BMiFPrngh6TW6EmYRgboQ48+qKHYY779S8Nfyg4xAURIi3P+WiRAoUvzDkYUNM9K
k2O+QrOsX/5qbOuQQ4BgX9mpFjZwDjaF1l/F976C2cw2GyJ8b8QtwhrFM74eZn1A
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:02:54 2025 by rpki-client