Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/BhmHKIoq9f10jENVIrYx0vYmJV8.roa
File: BhmHKIoq9f10jENVIrYx0vYmJV8.roa (raw, json)
Hash identifier: 6TyZ5EG1itX5O81TiYQN9CwSJZswuEg7a0E5rAnKIRo=
Subject key identifier: 06:19:87:28:8A:2A:F5:FD:74:8C:43:55:22:B6:31:D2:F6:26:25:5F
Certificate issuer: /CN=70fee176f51ce8fd81424ff73a5417341279c0f1
Certificate serial: 0192CD32945E2F82452EC8BC6B4B3AEEFB07
Authority key identifier: 70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/BhmHKIoq9f10jENVIrYx0vYmJV8.roa
Signing time: Sun 27 Oct 2024 08:58:16 +0000
ROA not before: Sun 27 Oct 2024 08:58:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 2a05:b100:1000::/36 maxlen: 36
2a05:b100:1000::/46 maxlen: 46
2a05:b100:1004::/46 maxlen: 46
2a05:b100:1008::/46 maxlen: 46
2a05:b100:1800::/39 maxlen: 39
2a05:b100:1a00::/39 maxlen: 39
2a05:b100:1c00::/39 maxlen: 39
Validation: Failed, certificate revoked on Mon 28 Oct 2024 18:39:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:cd:32:94:5e:2f:82:45:2e:c8:bc:6b:4b:3a:ee:fb:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70fee176f51ce8fd81424ff73a5417341279c0f1
Validity
Not Before: Oct 27 08:58:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=061987288a2af5fd748c435522b631d2f626255f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9d:60:de:02:de:fa:d8:e5:de:9e:a0:c2:7d:
f1:07:c6:1f:46:4b:54:4e:b0:06:a7:e6:24:3d:56:
44:63:d2:49:4a:d2:7f:07:ab:36:a4:ae:91:71:d0:
67:fe:c3:56:61:dc:3e:76:a9:6f:e3:0e:ee:c5:56:
eb:37:e7:80:0f:a9:ff:d8:b2:5e:62:a7:13:a6:75:
06:a0:fb:9f:07:84:2a:4c:86:a3:5b:e5:09:0e:cd:
c8:a6:6a:0f:59:29:f7:b8:2a:91:b7:04:32:33:99:
18:2f:78:a6:b6:fe:08:49:3b:01:be:c3:03:2f:7e:
12:36:da:a2:59:37:7c:e0:56:64:a9:b7:92:28:6e:
fd:0c:8d:cd:36:3b:06:56:a0:41:e9:98:6e:d2:ee:
45:02:1a:cd:7b:9e:10:00:62:4c:33:f4:75:e4:34:
4f:e2:1e:d5:91:e3:a7:f7:12:d6:05:87:e7:e6:e7:
38:d9:1b:b6:1c:0b:2d:5d:ee:eb:85:4a:9e:8a:08:
dd:6c:c1:75:2d:1e:2e:54:f7:a1:3d:d5:b4:6e:75:
73:aa:eb:4f:22:2f:23:5a:0f:22:f7:e9:85:23:aa:
66:66:0c:1c:86:71:c3:d0:58:a7:f9:67:26:21:7b:
39:02:00:3b:c2:8b:86:1a:3c:c8:23:b8:ea:a4:06:
99:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:19:87:28:8A:2A:F5:FD:74:8C:43:55:22:B6:31:D2:F6:26:25:5F
X509v3 Authority Key Identifier:
keyid:70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/BhmHKIoq9f10jENVIrYx0vYmJV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b100:1000::/36
Signature Algorithm: sha256WithRSAEncryption
5f:36:ba:95:c4:13:a6:19:73:c3:12:09:db:f6:a9:64:36:fe:
af:79:b1:aa:02:78:ef:d3:57:6a:56:4a:18:84:92:ec:39:02:
76:18:d7:19:9a:1a:87:53:f5:2b:2b:5c:bc:cb:1c:6d:52:c2:
9c:91:f7:fd:98:1e:a2:92:c3:45:95:bf:44:f7:20:55:44:d2:
f6:5e:a2:be:ca:52:5c:5f:c7:91:25:74:26:5a:34:63:7b:f9:
10:f6:ec:98:35:1c:0e:3b:1c:dc:3d:0c:3d:34:ae:6c:85:54:
00:9c:6d:dd:8d:20:3d:9f:e1:19:8b:94:e5:6f:b9:25:86:d8:
58:28:61:1a:1b:e2:c2:5f:dc:d2:3a:5d:c3:e0:a8:4a:dc:8c:
1d:79:54:1a:55:b3:06:69:79:46:1d:3d:a0:c2:64:85:68:a0:
b1:0e:ee:04:f5:0c:c7:13:c5:41:ae:51:17:c4:03:f0:a2:f9:
7d:73:7c:9a:1d:6f:1d:77:dc:13:ab:ef:f6:39:be:93:2a:2a:
62:7c:87:83:f4:35:48:90:68:76:c6:0f:66:71:b4:1a:41:6b:
40:7d:0b:cd:48:c4:2f:aa:cd:06:81:67:05:39:96:4b:05:8e:
77:6d:54:be:ea:1a:d7:04:bc:97:e8:5e:22:ce:4a:51:ef:76:
cb:bd:46:bd
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZLNMpReL4JFLsi8a0s67vsHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZmVlMTc2ZjUxY2U4ZmQ4MTQyNGZmNzNhNTQxNzM0MTI3
OWMwZjEwHhcNMjQxMDI3MDg1ODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjE5ODcyODhhMmFmNWZkNzQ4YzQzNTUyMmI2MzFkMmY2MjYyNTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZ1g3gLe+tjl3p6gwn3xB8YfRktU
TrAGp+YkPVZEY9JJStJ/B6s2pK6RcdBn/sNWYdw+dqlv4w7uxVbrN+eAD6n/2LJe
YqcTpnUGoPufB4QqTIajW+UJDs3IpmoPWSn3uCqRtwQyM5kYL3imtv4ISTsBvsMD
L34SNtqiWTd84FZkqbeSKG79DI3NNjsGVqBB6Zhu0u5FAhrNe54QAGJMM/R15DRP
4h7VkeOn9xLWBYfn5uc42Ru2HAstXe7rhUqeigjdbMF1LR4uVPehPdW0bnVzqutP
Ii8jWg8i9+mFI6pmZgwchnHD0Fin+WcmIXs5AgA7wouGGjzII7jqpAaZDQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFAYZhyiKKvX9dIxDVSK2MdL2JiVfMB8GA1UdIwQY
MBaAFHD+4Xb1HOj9gUJP9zpUFzQSecDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYt
NzUyZTliOGIwNzU2LzEvQmhtSEtJb3E5ZjEwakVOVklyWXgwdlltSlY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYtNzUyZTliOGIwNzU2
LzEvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgWxABAw
DQYJKoZIhvcNAQELBQADggEBAF82upXEE6YZc8MSCdv2qWQ2/q95saoCeO/TV2pW
ShiEkuw5AnYY1xmaGodT9SsrXLzLHG1SwpyR9/2YHqKSw0WVv0T3IFVE0vZeor7K
Ulxfx5EldCZaNGN7+RD27Jg1HA47HNw9DD00rmyFVACcbd2NID2f4RmLlOVvuSWG
2FgoYRob4sJf3NI6XcPgqErcjB15VBpVswZpeUYdPaDCZIVooLEO7gT1DMcTxUGu
URfEA/Ci+X1zfJodbx133BOr7/Y5vpMqKmJ8h4P0NUiQaHbGD2ZxtBpBa0B9C81I
xC+qzQaBZwU5lksFjndtVL7qGtcEvJfoXiLOSlHvdsu9Rr0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:39:46 2025 by rpki-client