Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/b63337-35e3-4c5e-a3e2-181597c3107e/1/bvhM8p4wqV7SD89pqUv8ptu0sy8.roa
File: bvhM8p4wqV7SD89pqUv8ptu0sy8.roa (raw, json)
Hash identifier: bgwcHwN3zNhYdZzMVIU+g37CKpnHPRPFnSUTeDCcc6k=
Subject key identifier: 6E:F8:4C:F2:9E:30:A9:5E:D2:0F:CF:69:A9:4B:FC:A6:DB:B4:B3:2F
Certificate issuer: /CN=016dae23d2e2eb64c96853480e0778cbd3fd5624
Certificate serial: 0194258FC0D8BCACC7DAADE221218BC8FAED
Authority key identifier: 01:6D:AE:23:D2:E2:EB:64:C9:68:53:48:0E:07:78:CB:D3:FD:56:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AW2uI9Li62TJaFNIDgd4y9P9ViQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/b63337-35e3-4c5e-a3e2-181597c3107e/1/bvhM8p4wqV7SD89pqUv8ptu0sy8.roa
Signing time: Thu 02 Jan 2025 05:49:25 +0000
ROA not before: Thu 02 Jan 2025 05:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 680
IP address blocks: 139.30.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Mon 07 Apr 2025 11:51:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:c0:d8:bc:ac:c7:da:ad:e2:21:21:8b:c8:fa:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=016dae23d2e2eb64c96853480e0778cbd3fd5624
Validity
Not Before: Jan 2 05:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ef84cf29e30a95ed20fcf69a94bfca6dbb4b32f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a4:36:ea:0c:fe:32:52:22:12:50:13:90:4f:
ce:0e:a1:5f:37:fe:d0:2d:3b:96:ef:74:17:c4:2e:
fa:ef:06:67:18:82:b8:3d:1b:57:2e:4a:25:ca:21:
a0:d2:5e:fd:df:9d:86:55:d8:58:c1:fe:fc:f2:65:
de:38:ae:95:55:f3:3d:72:e8:8e:f0:e1:a6:89:3d:
db:c7:e3:93:41:4a:08:06:48:e1:34:91:2d:2f:87:
b2:e0:eb:d0:fb:6e:69:a3:7f:52:42:16:5b:73:43:
b4:71:73:f5:d2:7c:33:64:ae:5f:f3:2d:69:eb:2d:
75:6d:09:a7:68:8c:36:e0:40:7f:34:e9:ff:c3:f1:
5d:6c:bb:eb:48:79:44:41:1d:08:96:6d:0c:f6:d9:
67:ea:64:96:9d:23:35:e7:7d:9b:f5:2a:d0:8b:ec:
bc:db:30:76:f4:9b:27:91:25:5e:c4:0e:a1:df:25:
1e:b0:20:81:58:3f:9f:03:db:bc:43:79:f4:20:e1:
33:c9:21:14:5e:7a:11:d2:ba:92:24:56:4d:fe:fb:
31:62:83:9b:28:92:df:d3:1a:a0:e0:71:43:7d:dc:
8e:ce:12:4d:55:9f:a9:0a:31:a1:9c:22:23:ae:73:
7f:c1:45:a0:60:41:1f:4f:08:14:95:04:5a:5b:a6:
38:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F8:4C:F2:9E:30:A9:5E:D2:0F:CF:69:A9:4B:FC:A6:DB:B4:B3:2F
X509v3 Authority Key Identifier:
keyid:01:6D:AE:23:D2:E2:EB:64:C9:68:53:48:0E:07:78:CB:D3:FD:56:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AW2uI9Li62TJaFNIDgd4y9P9ViQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/b63337-35e3-4c5e-a3e2-181597c3107e/1/bvhM8p4wqV7SD89pqUv8ptu0sy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/b63337-35e3-4c5e-a3e2-181597c3107e/1/AW2uI9Li62TJaFNIDgd4y9P9ViQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.30.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:c1:01:5f:b2:83:17:78:3e:46:67:1a:5d:6b:5a:1d:3f:cd:
44:9b:ba:15:04:7a:c3:d3:4a:7b:0b:38:f3:4d:bd:22:df:78:
2f:b8:3d:a6:9f:f9:d3:f2:40:40:30:ff:e3:c0:12:85:95:ec:
f6:ea:68:3b:1f:21:85:46:f1:18:d3:90:68:7f:6b:3a:ac:ba:
98:88:fc:1e:82:49:e0:00:84:19:1d:a3:98:1d:40:54:12:d2:
a5:be:84:fb:92:0e:d2:18:76:55:3d:fa:ac:90:f6:d4:ce:9c:
75:7b:0d:7a:61:55:05:92:4c:9f:e5:3d:c3:1e:33:c1:26:69:
40:53:74:d5:b6:2c:10:12:7b:fa:24:91:dd:6d:f7:a5:90:28:
b4:15:18:99:6c:45:f6:1a:45:4f:f8:59:05:eb:6c:f9:57:aa:
27:3d:d3:e3:20:41:65:97:b9:97:11:16:52:08:c9:21:0c:42:
76:ee:d8:8b:99:77:4e:7b:38:86:e6:07:9b:c4:d3:38:c7:91:
a8:53:e9:53:1a:ec:84:48:78:c0:f6:db:0e:98:eb:b0:c8:81:
db:31:f1:7a:2c:c6:1f:01:e0:3a:0f:05:db:11:77:b5:63:7d:
6c:c1:a3:cf:2d:1a:9e:69:d6:ca:c1:2d:02:7a:20:f9:05:ba:
d4:94:ee:cb
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQlj8DYvKzH2q3iISGLyPrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNmRhZTIzZDJlMmViNjRjOTY4NTM0ODBlMDc3OGNiZDNm
ZDU2MjQwHhcNMjUwMTAyMDU0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWY4NGNmMjllMzBhOTVlZDIwZmNmNjlhOTRiZmNhNmRiYjRiMzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6Q26gz+MlIiElATkE/ODqFfN/7Q
LTuW73QXxC767wZnGIK4PRtXLkolyiGg0l79352GVdhYwf788mXeOK6VVfM9cuiO
8OGmiT3bx+OTQUoIBkjhNJEtL4ey4OvQ+25po39SQhZbc0O0cXP10nwzZK5f8y1p
6y11bQmnaIw24EB/NOn/w/FdbLvrSHlEQR0Ilm0M9tln6mSWnSM1532b9SrQi+y8
2zB29JsnkSVexA6h3yUesCCBWD+fA9u8Q3n0IOEzySEUXnoR0rqSJFZN/vsxYoOb
KJLf0xqg4HFDfdyOzhJNVZ+pCjGhnCIjrnN/wUWgYEEfTwgUlQRaW6Y4awIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFG74TPKeMKle0g/PaalL/KbbtLMvMB8GA1UdIwQY
MBaAFAFtriPS4utkyWhTSA4HeMvT/VYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVcydUk5TGk2MlRKYUZOSURnZDR5OVA5VmlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9iNjMzMzctMzVlMy00YzVlLWEzZTIt
MTgxNTk3YzMxMDdlLzEvYnZoTThwNHdxVjdTRDg5cHFVdjhwdHUwc3k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9iNjMzMzctMzVlMy00YzVlLWEzZTItMTgxNTk3YzMxMDdl
LzEvQVcydUk5TGk2MlRKYUZOSURnZDR5OVA5VmlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAix4wDQYJ
KoZIhvcNAQELBQADggEBAJLBAV+ygxd4PkZnGl1rWh0/zUSbuhUEesPTSnsLOPNN
vSLfeC+4Paaf+dPyQEAw/+PAEoWV7PbqaDsfIYVG8RjTkGh/azqsupiI/B6CSeAA
hBkdo5gdQFQS0qW+hPuSDtIYdlU9+qyQ9tTOnHV7DXphVQWSTJ/lPcMeM8EmaUBT
dNW2LBASe/okkd1t96WQKLQVGJlsRfYaRU/4WQXrbPlXqic90+MgQWWXuZcRFlII
ySEMQnbu2IuZd057OIbmB5vE0zjHkahT6VMa7IRIeMD22w6Y67DIgdsx8Xosxh8B
4DoPBdsRd7VjfWzBo88tGp5p1srBLQJ6IPkFutSU7ss=
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:22:24 2025 by rpki-client