Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4faaff-384f-402e-8b8c-45f77dfa2636/1/BMExmCFLZVtAOX5fHdx_KvWvFJk.roa
File: BMExmCFLZVtAOX5fHdx_KvWvFJk.roa (raw, json)
Hash identifier: 0csthLL8BWMwKxU78R53OFnBDF/fmKFP+B9jhkb4sQo=
Subject key identifier: 04:C1:31:98:21:4B:65:5B:40:39:7E:5F:1D:DC:7F:2A:F5:AF:14:99
Certificate issuer: /CN=bbf3a257f99528c3a924d269d1af438185c2006d
Certificate serial: 0193B015B8355F7D73F8A8D053C5EAF50053
Authority key identifier: BB:F3:A2:57:F9:95:28:C3:A9:24:D2:69:D1:AF:43:81:85:C2:00:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u_OiV_mVKMOpJNJp0a9DgYXCAG0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/4faaff-384f-402e-8b8c-45f77dfa2636/1/BMExmCFLZVtAOX5fHdx_KvWvFJk.roa
Signing time: Tue 10 Dec 2024 10:20:33 +0000
ROA not before: Tue 10 Dec 2024 10:20:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16145
IP address blocks: 80.87.240.0/21 maxlen: 21
185.150.192.0/23 maxlen: 23
185.150.194.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b0:15:b8:35:5f:7d:73:f8:a8:d0:53:c5:ea:f5:00:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbf3a257f99528c3a924d269d1af438185c2006d
Validity
Not Before: Dec 10 10:20:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04c13198214b655b40397e5f1ddc7f2af5af1499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:9d:a0:e7:ba:04:5d:aa:7a:39:e7:42:14:1f:
98:29:26:ce:0e:e6:f4:13:43:69:e9:df:3b:15:32:
76:df:95:6f:12:d6:a7:d0:60:da:33:18:f1:6c:71:
81:51:26:2e:3c:bf:27:46:ce:52:96:b3:90:7a:49:
30:09:fb:c6:60:d9:c2:f9:05:90:05:81:9f:70:12:
66:13:44:07:bc:50:77:8d:36:80:4c:a7:c7:ea:5d:
c2:fc:bd:74:2f:9c:a5:8f:f0:d7:bc:7b:24:2d:d9:
ef:a5:93:cf:c2:8f:8e:b6:81:7a:27:d8:3d:3e:8b:
f3:39:53:52:63:7d:4d:2b:54:7a:59:d4:89:25:6f:
9a:0f:30:a4:f0:89:fb:68:d6:71:a0:bc:66:8c:e7:
af:a2:c8:55:62:39:db:ad:73:dc:66:00:b6:a8:55:
0c:e6:43:75:a9:ee:c1:51:77:9e:1a:05:e7:61:a2:
4c:68:4f:a8:35:7c:d8:74:e3:68:ae:7f:c4:8d:48:
64:41:c3:92:b3:ea:23:f2:31:27:2f:bb:1c:36:35:
5c:6e:74:2e:17:cb:9f:70:72:46:b8:f5:2b:01:1e:
8f:d3:c0:9c:ba:c3:cb:96:34:d9:07:aa:a4:a9:6e:
b6:0f:ad:ce:5e:97:c3:d3:af:4f:51:74:de:ff:de:
a7:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:C1:31:98:21:4B:65:5B:40:39:7E:5F:1D:DC:7F:2A:F5:AF:14:99
X509v3 Authority Key Identifier:
keyid:BB:F3:A2:57:F9:95:28:C3:A9:24:D2:69:D1:AF:43:81:85:C2:00:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u_OiV_mVKMOpJNJp0a9DgYXCAG0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4faaff-384f-402e-8b8c-45f77dfa2636/1/BMExmCFLZVtAOX5fHdx_KvWvFJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4faaff-384f-402e-8b8c-45f77dfa2636/1/u_OiV_mVKMOpJNJp0a9DgYXCAG0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.87.240.0/21
185.150.192.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:c4:e3:99:9b:4d:4d:37:0f:80:e1:35:e9:4c:ac:35:58:fa:
31:9e:c7:17:b2:08:12:e5:f7:21:63:f1:4d:e1:38:a1:a8:98:
c7:81:ba:78:b3:89:7e:92:2f:69:e9:0a:f5:66:be:00:cf:67:
5d:01:3b:6b:83:96:f4:3e:91:d6:d2:4c:d7:0a:62:31:e7:79:
e9:51:a4:a8:db:67:a6:3d:1d:60:f5:f8:bb:2d:5b:66:51:26:
52:c8:68:ca:e6:16:80:86:88:b8:c0:0d:6f:a6:01:fa:9b:91:
9a:c4:fe:10:27:67:95:75:59:61:b9:90:93:f7:47:10:ed:35:
53:5c:89:ba:fc:df:01:2a:98:88:ef:c9:88:19:5e:00:1c:03:
94:3f:bc:54:27:73:65:5e:a3:0c:cd:80:15:51:13:0b:c7:46:
93:05:20:2c:24:57:cd:f6:f9:c6:96:50:1f:02:f1:5a:1d:c2:
98:9d:fa:5c:b9:56:8c:77:9a:8c:05:e9:f4:05:73:10:b9:a8:
ae:0d:19:78:2f:ef:de:00:06:56:9c:61:4f:b9:16:17:e6:a9:
2e:a5:fb:1f:71:0c:94:3a:73:2e:8e:ff:f8:53:44:6c:d6:61:
cd:5d:a6:cc:fb:65:d6:e2:32:1b:9e:4f:43:2a:83:2c:5a:b5:
96:ca:7c:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOwFbg1X31z+KjQU8Xq9QBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZjNhMjU3Zjk5NTI4YzNhOTI0ZDI2OWQxYWY0MzgxODVj
MjAwNmQwHhcNMjQxMjEwMTAyMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGMxMzE5ODIxNGI2NTViNDAzOTdlNWYxZGRjN2YyYWY1YWYxNDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnp2g57oEXap6OedCFB+YKSbODub0
E0Np6d87FTJ235VvEtan0GDaMxjxbHGBUSYuPL8nRs5SlrOQekkwCfvGYNnC+QWQ
BYGfcBJmE0QHvFB3jTaATKfH6l3C/L10L5ylj/DXvHskLdnvpZPPwo+OtoF6J9g9
PovzOVNSY31NK1R6WdSJJW+aDzCk8In7aNZxoLxmjOevoshVYjnbrXPcZgC2qFUM
5kN1qe7BUXeeGgXnYaJMaE+oNXzYdONorn/EjUhkQcOSs+oj8jEnL7scNjVcbnQu
F8ufcHJGuPUrAR6P08CcusPLljTZB6qkqW62D63OXpfD069PUXTe/96nlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFATBMZghS2VbQDl+Xx3cfyr1rxSZMB8GA1UdIwQY
MBaAFLvzolf5lSjDqSTSadGvQ4GFwgBtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdV9PaVZfbVZLTU9wSk5KcDBhOURnWVhDQUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80ZmFhZmYtMzg0Zi00MDJlLThiOGMt
NDVmNzdkZmEyNjM2LzEvQk1FeG1DRkxaVnRBT1g1ZkhkeF9Ldld2RkprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80ZmFhZmYtMzg0Zi00MDJlLThiOGMtNDVmNzdkZmEyNjM2
LzEvdV9PaVZfbVZLTU9wSk5KcDBhOURnWVhDQUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDUFfwAwQC
uZbAMA0GCSqGSIb3DQEBCwUAA4IBAQAaxOOZm01NNw+A4TXpTKw1WPoxnscXsggS
5fchY/FN4TihqJjHgbp4s4l+ki9p6Qr1Zr4Az2ddATtrg5b0PpHW0kzXCmIx53np
UaSo22emPR1g9fi7LVtmUSZSyGjK5haAhoi4wA1vpgH6m5GaxP4QJ2eVdVlhuZCT
90cQ7TVTXIm6/N8BKpiI78mIGV4AHAOUP7xUJ3NlXqMMzYAVURMLx0aTBSAsJFfN
9vnGllAfAvFaHcKYnfpcuVaMd5qMBen0BXMQuaiuDRl4L+/eAAZWnGFPuRYX5qku
pfsfcQyUOnMujv/4U0Rs1mHNXabM+2XW4jIbnk9DKoMsWrWWynxj
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:27:08 2025 by rpki-client