Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/bLL1UMbPM8e2AEitJ1jrsmxElaA.roa
File: bLL1UMbPM8e2AEitJ1jrsmxElaA.roa (raw, json)
Hash identifier: SqZAwg6pbolsTEjyQwbjWMY7Wu/Uu95zpr5QT1y6Lso=
Subject key identifier: 6C:B2:F5:50:C6:CF:33:C7:B6:00:48:AD:27:58:EB:B2:6C:44:95:A0
Certificate issuer: /CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Certificate serial: 018CC86F7EB79CCC9A7CA49889B2269CFB82
Authority key identifier: 64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/bLL1UMbPM8e2AEitJ1jrsmxElaA.roa
Signing time: Tue 02 Jan 2024 04:29:59 +0000
ROA not before: Tue 02 Jan 2024 04:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34432
IP address blocks: 194.34.225.0/24 maxlen: 24
2a0d:f9c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 27 Jun 2024 12:06:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:7e:b7:9c:cc:9a:7c:a4:98:89:b2:26:9c:fb:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Validity
Not Before: Jan 2 04:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cb2f550c6cf33c7b60048ad2758ebb26c4495a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:28:9f:06:94:30:cb:0f:f6:38:e9:ae:69:35:
ed:1c:09:df:33:f7:a6:66:00:bb:0e:7c:15:37:b0:
d2:0c:04:0b:5c:2b:19:66:b1:8f:79:9f:f8:42:d0:
cf:4e:66:b5:2e:2b:93:5a:bf:ca:13:55:1d:6b:0a:
7e:24:fc:64:ae:48:bf:99:1d:9b:a5:56:2e:ac:d0:
ba:96:50:6d:8e:23:51:63:68:3c:f1:87:eb:48:a7:
fa:79:d3:62:0d:41:f9:f1:7a:0d:21:67:bf:36:28:
a1:9a:71:f3:6d:b2:95:aa:89:41:66:d2:24:6f:bf:
57:64:02:ad:e8:db:ff:8b:04:ae:68:f8:8d:e2:dc:
f1:5b:34:ba:8a:43:5c:25:66:b2:07:60:4e:d4:8e:
eb:bf:e3:e2:ad:04:bd:8f:68:a9:1d:aa:53:a4:7f:
49:c4:49:ff:f1:f3:a4:a7:87:31:18:3c:7b:4b:b4:
6f:ad:82:05:11:e5:1a:78:29:ba:20:ee:14:fe:5c:
92:42:8d:42:6e:42:b6:fb:44:f0:c6:f3:74:ed:da:
24:32:9c:45:dd:45:3c:e4:82:b1:39:15:c4:d2:5b:
8b:3f:f8:9c:93:c8:ac:f9:a6:dc:62:fa:40:c5:c7:
59:1e:cc:fc:cc:9b:23:1b:7e:dd:bd:55:81:fb:6f:
b0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:B2:F5:50:C6:CF:33:C7:B6:00:48:AD:27:58:EB:B2:6C:44:95:A0
X509v3 Authority Key Identifier:
keyid:64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/bLL1UMbPM8e2AEitJ1jrsmxElaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.225.0/24
IPv6:
2a0d:f9c1::/32
Signature Algorithm: sha256WithRSAEncryption
86:95:e1:82:90:6f:aa:a1:34:de:d1:7d:ef:78:08:14:9a:86:
d7:c0:f5:97:7a:e9:d1:f8:b3:5b:d9:93:b4:6e:4c:68:10:e9:
37:52:77:00:af:de:84:60:33:6c:d1:d9:ad:23:7d:0d:d1:30:
bf:b4:a2:cf:e6:64:7e:ab:ed:19:cd:d6:04:8a:ce:d6:63:c0:
70:77:da:1b:37:5e:9c:57:fa:1b:c8:d4:b9:25:10:55:e6:7f:
bb:55:be:0f:9a:cf:97:52:f7:18:25:4f:a9:eb:d4:6b:45:2e:
18:91:f1:aa:29:6e:ff:52:c5:18:0f:1a:29:45:74:a3:a4:bd:
79:ac:73:5e:43:23:29:12:dd:e0:57:f5:e9:4b:12:32:1b:5b:
1a:62:40:33:2d:cd:f7:28:6a:55:9c:c1:2a:37:90:05:f4:5b:
ef:70:59:eb:64:73:12:fa:0c:f8:5a:f0:df:d4:29:68:71:3d:
b2:a8:8a:5a:b6:48:03:df:02:6f:6a:af:e6:e1:43:fe:10:b7:
64:81:59:f9:ad:3c:56:65:7c:23:5d:21:12:03:1f:00:54:48:
fb:d1:1c:74:e3:e6:eb:47:dd:28:13:53:9a:cb:a0:9c:9d:6d:
9b:f5:a5:b2:24:39:2a:96:4a:e2:33:93:08:a3:a4:de:50:88:
8c:52:93:78
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIb363nMyafKSYibImnPuCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0M2UxYmE5MWM1NjlhOGIyMWE2ZDJkNjdmNWRiYmQ2YzA0
ZTQzZWEwHhcNMjQwMTAyMDQyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2IyZjU1MGM2Y2YzM2M3YjYwMDQ4YWQyNzU4ZWJiMjZjNDQ5NWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyifBpQwyw/2OOmuaTXtHAnfM/em
ZgC7DnwVN7DSDAQLXCsZZrGPeZ/4QtDPTma1LiuTWr/KE1Udawp+JPxkrki/mR2b
pVYurNC6llBtjiNRY2g88YfrSKf6edNiDUH58XoNIWe/NiihmnHzbbKVqolBZtIk
b79XZAKt6Nv/iwSuaPiN4tzxWzS6ikNcJWayB2BO1I7rv+PirQS9j2ipHapTpH9J
xEn/8fOkp4cxGDx7S7RvrYIFEeUaeCm6IO4U/lySQo1CbkK2+0TwxvN07dokMpxF
3UU85IKxORXE0luLP/ick8is+abcYvpAxcdZHsz8zJsjG37dvVWB+2+wbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGyy9VDGzzPHtgBIrSdY67JsRJWgMB8GA1UdIwQY
MBaAFGQ+G6kcVpqLIabS1n9du9bATkPqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAt
ZmVhMGFmZjM1OWY1LzEvYkxMMVVNYlBNOGUyQUVpdEoxanJzbXhFbGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAtZmVhMGFmZjM1OWY1
LzEvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwiLhMA0E
AgACMAcDBQAqDfnBMA0GCSqGSIb3DQEBCwUAA4IBAQCGleGCkG+qoTTe0X3veAgU
mobXwPWXeunR+LNb2ZO0bkxoEOk3UncAr96EYDNs0dmtI30N0TC/tKLP5mR+q+0Z
zdYEis7WY8Bwd9obN16cV/obyNS5JRBV5n+7Vb4Pms+XUvcYJU+p69RrRS4YkfGq
KW7/UsUYDxopRXSjpL15rHNeQyMpEt3gV/XpSxIyG1saYkAzLc33KGpVnMEqN5AF
9FvvcFnrZHMS+gz4WvDf1ClocT2yqIpatkgD3wJvaq/m4UP+ELdkgVn5rTxWZXwj
XSESAx8AVEj70Rx04+brR90oE1Oay6CcnW2b9aWyJDkqlkriM5MIo6TeUIiMUpN4
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:34:12 2025 by rpki-client