Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/BOp9ixHh7cmgGmuAq1ikRR7K-2I.roa
File: BOp9ixHh7cmgGmuAq1ikRR7K-2I.roa (raw, json)
Hash identifier: LAq5SftJAYWesXelx7o20aUC5vis0pqqbpMqVBvIQEc=
Subject key identifier: 04:EA:7D:8B:11:E1:ED:C9:A0:1A:6B:80:AB:58:A4:45:1E:CA:FB:62
Certificate issuer: /CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Certificate serial: 01942220055DD9E412E78C19935613334C39
Authority key identifier: D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/BOp9ixHh7cmgGmuAq1ikRR7K-2I.roa
Signing time: Wed 01 Jan 2025 13:48:31 +0000
ROA not before: Wed 01 Jan 2025 13:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47638
IP address blocks: 91.235.56.0/22 maxlen: 24
185.66.205.0/24 maxlen: 24
185.66.206.0/24 maxlen: 24
185.149.208.0/24 maxlen: 24
185.149.210.0/23 maxlen: 24
185.161.132.0/22 maxlen: 24
194.0.116.0/22 maxlen: 24
2a04:1840::/29 maxlen: 48
2a0b:8640::/29 maxlen: 48
2a0f:cd40::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 01 Apr 2025 08:59:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:05:5d:d9:e4:12:e7:8c:19:93:56:13:33:4c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Validity
Not Before: Jan 1 13:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04ea7d8b11e1edc9a01a6b80ab58a4451ecafb62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8e:ab:c6:e1:8b:4a:42:30:ba:04:17:9f:e4:
e9:86:65:16:78:f3:4f:6a:76:c8:a7:4b:d7:cc:7b:
2e:2e:aa:1c:51:cd:78:e9:cd:54:3f:a3:3f:6e:84:
cc:6f:8d:54:95:f2:a3:13:f6:fc:50:80:ba:bc:91:
08:3a:c0:fd:49:51:86:38:95:cf:10:43:88:01:04:
04:8c:f0:86:54:1c:e4:cf:0d:d4:89:80:45:5c:d5:
03:19:7f:02:94:d6:a6:b1:00:90:d6:32:9c:f5:0c:
45:a4:fb:38:9b:45:57:78:54:15:13:70:8a:87:77:
f2:e9:f0:db:4b:3c:81:ea:04:9d:e5:3e:12:b3:c1:
ae:f9:20:58:ea:06:b4:57:58:08:16:0a:e7:f9:ed:
62:83:ea:e9:a3:ed:81:ec:6d:0a:8e:06:06:d4:19:
06:64:6d:19:36:9b:38:10:38:1e:a1:78:e5:d3:65:
b9:c2:67:06:e3:23:55:fd:a3:91:3c:bf:ce:1f:36:
73:3e:dc:36:03:41:7c:e2:d5:5e:05:64:6d:9b:10:
62:24:89:bb:65:cd:40:85:6a:23:1b:b6:3c:44:2c:
34:b2:2d:a0:9f:ec:5f:6a:72:64:e9:e6:77:a7:50:
3c:e2:61:4d:85:4f:8d:0a:43:5c:27:10:a0:47:b7:
f6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:EA:7D:8B:11:E1:ED:C9:A0:1A:6B:80:AB:58:A4:45:1E:CA:FB:62
X509v3 Authority Key Identifier:
keyid:D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/BOp9ixHh7cmgGmuAq1ikRR7K-2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.56.0/22
185.66.205.0-185.66.206.255
185.149.208.0/24
185.149.210.0/23
185.161.132.0/22
194.0.116.0/22
IPv6:
2a04:1840::/29
2a0b:8640::/29
2a0f:cd40::/29
Signature Algorithm: sha256WithRSAEncryption
69:68:87:5c:e1:49:bd:d7:a0:9b:81:00:d6:f9:6e:3b:a9:ae:
0f:c1:40:64:7c:bc:f8:fc:99:bf:b8:39:01:fa:aa:df:65:f0:
46:73:98:16:7e:57:a0:da:53:39:ed:6d:10:c8:73:ce:93:87:
16:d8:75:8a:69:a7:c8:88:71:4d:05:36:19:bf:81:8b:5f:b2:
fd:df:18:ad:59:86:6b:66:48:42:32:06:0c:f4:29:39:55:bc:
10:60:0b:78:64:d7:1a:6b:2b:e1:c2:5c:52:b7:04:e0:88:13:
d5:16:5f:ef:14:5b:57:03:2f:e7:8b:1a:74:d9:67:5f:5f:cd:
40:c4:03:bf:68:17:28:61:0e:89:69:fd:6e:f2:9f:bb:21:06:
93:b8:af:1b:03:ed:4a:e7:ab:06:aa:21:2f:f5:28:3b:8e:8b:
16:9e:d6:2d:09:fd:81:96:a7:de:35:c7:53:83:92:e2:21:b8:
a6:63:18:aa:36:d7:27:50:5a:1a:04:6f:8e:c4:07:3c:6c:f6:
cf:35:cf:49:56:f4:24:1d:ed:70:77:12:25:03:65:d4:39:75:
00:f7:01:6f:4b:d3:83:82:8f:9b:6f:c0:10:16:fd:d1:43:3a:
50:a2:c5:a8:b9:97:48:f5:f7:5f:66:11:32:4d:ff:64:af:2f:
d7:2b:59:95
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZQiIAVd2eQS54wZk1YTM0w5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDA3OWJiNzA3MGVkMGVlZWEzYTFhNDY3Yzc5NDYyYmNj
NTQ1NWYwHhcNMjUwMTAxMTM0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGVhN2Q4YjExZTFlZGM5YTAxYTZiODBhYjU4YTQ0NTFlY2FmYjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Y6rxuGLSkIwugQXn+TphmUWePNP
anbIp0vXzHsuLqocUc146c1UP6M/boTMb41UlfKjE/b8UIC6vJEIOsD9SVGGOJXP
EEOIAQQEjPCGVBzkzw3UiYBFXNUDGX8ClNamsQCQ1jKc9QxFpPs4m0VXeFQVE3CK
h3fy6fDbSzyB6gSd5T4Ss8Gu+SBY6ga0V1gIFgrn+e1ig+rpo+2B7G0KjgYG1BkG
ZG0ZNps4EDgeoXjl02W5wmcG4yNV/aORPL/OHzZzPtw2A0F84tVeBWRtmxBiJIm7
Zc1AhWojG7Y8RCw0si2gn+xfanJk6eZ3p1A84mFNhU+NCkNcJxCgR7f2nQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFATqfYsR4e3JoBprgKtYpEUeyvtiMB8GA1UdIwQY
MBaAFNBAebtwcO0O7qOhpGfHlGK8xUVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTkt
NjIwOThkMWVjMWU2LzEvQk9wOWl4SGg3Y21nR211QXExaWtSUjdLLTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTktNjIwOThkMWVjMWU2
LzEvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTAyBAIAATAsAwQCW+s4MAwD
BAC5Qs0DBAC5Qs4DBAC5ldADBAG5ldIDBAK5oYQDBALCAHQwGwQCAAIwFQMFAyoE
GEADBQMqC4ZAAwUDKg/NQDANBgkqhkiG9w0BAQsFAAOCAQEAaWiHXOFJvdegm4EA
1vluO6muD8FAZHy8+PyZv7g5Afqq32XwRnOYFn5XoNpTOe1tEMhzzpOHFth1immn
yIhxTQU2Gb+Bi1+y/d8YrVmGa2ZIQjIGDPQpOVW8EGALeGTXGmsr4cJcUrcE4IgT
1RZf7xRbVwMv54sadNlnX1/NQMQDv2gXKGEOiWn9bvKfuyEGk7ivGwPtSuerBqoh
L/UoO46LFp7WLQn9gZan3jXHU4OS4iG4pmMYqjbXJ1BaGgRvjsQHPGz2zzXPSVb0
JB3tcHcSJQNl1Dl1APcBb0vTg4KPm2/AEBb90UM6UKLFqLmXSPX3X2YRMk3/ZK8v
1ytZlQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:31 2025 by rpki-client