Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/BYr6wAVCq8zFunQVSpCL8BJbpI0.roa
File: BYr6wAVCq8zFunQVSpCL8BJbpI0.roa (raw, json)
Hash identifier: 323EEjEYyI/5eCdrCNV5lJGjeS/mmWNVB/tO+pXECr4=
Subject key identifier: 05:8A:FA:C0:05:42:AB:CC:C5:BA:74:15:4A:90:8B:F0:12:5B:A4:8D
Certificate issuer: /CN=7938dfb9eb924079bb706cb616eda572864a9e13
Certificate serial: 018CC9BCAB7FE990BC5A82C0D91AE8333FA5
Authority key identifier: 79:38:DF:B9:EB:92:40:79:BB:70:6C:B6:16:ED:A5:72:86:4A:9E:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eTjfueuSQHm7cGy2Fu2lcoZKnhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/BYr6wAVCq8zFunQVSpCL8BJbpI0.roa
Signing time: Tue 02 Jan 2024 10:33:54 +0000
ROA not before: Tue 02 Jan 2024 10:33:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51235
IP address blocks: 185.51.42.0/24 maxlen: 24
185.51.43.0/24 maxlen: 24
2a04:c147:4000::/34 maxlen: 34
2a04:c147::/34 maxlen: 34
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ab:7f:e9:90:bc:5a:82:c0:d9:1a:e8:33:3f:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7938dfb9eb924079bb706cb616eda572864a9e13
Validity
Not Before: Jan 2 10:33:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=058afac00542abccc5ba74154a908bf0125ba48d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:bd:a6:cc:42:24:91:cc:c0:2e:cf:ad:b9:5d:
eb:90:f3:67:6e:74:66:70:16:02:f0:69:ce:3a:11:
c9:fe:21:22:ac:21:13:dd:bd:06:c3:9f:55:19:31:
aa:be:91:c4:f5:78:16:e8:24:4c:40:d0:b9:12:55:
1d:53:54:bb:c4:54:e5:12:29:48:3b:6a:69:c7:14:
a4:e1:b9:91:39:df:53:00:ea:92:bb:2b:d6:79:ef:
59:fc:e0:44:54:df:6a:c4:a1:62:37:d6:17:2d:22:
98:08:ac:66:1f:d6:66:8c:61:a2:62:23:65:db:f5:
2d:f8:87:35:75:eb:e4:f0:ea:3a:26:5d:16:30:cc:
3a:19:2d:c7:a2:41:da:65:33:32:5a:49:12:80:a0:
48:99:ec:4e:55:43:a7:0b:6d:72:1c:fa:2d:78:83:
ac:5f:0c:0f:23:b6:b2:cf:fc:83:01:c4:8f:9e:86:
7f:c9:d9:e8:38:0d:08:dc:b3:3a:4d:ac:48:c4:ce:
e3:01:16:aa:bd:e6:2c:cd:8d:fd:83:5a:7e:49:de:
ba:96:2c:a2:6a:d7:72:78:82:09:b1:52:a1:ca:ae:
ac:e0:25:12:bb:52:49:e4:a4:91:23:32:fc:75:90:
12:6a:56:5d:49:fa:99:19:56:a6:41:a0:f4:f2:b7:
26:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:8A:FA:C0:05:42:AB:CC:C5:BA:74:15:4A:90:8B:F0:12:5B:A4:8D
X509v3 Authority Key Identifier:
keyid:79:38:DF:B9:EB:92:40:79:BB:70:6C:B6:16:ED:A5:72:86:4A:9E:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eTjfueuSQHm7cGy2Fu2lcoZKnhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/BYr6wAVCq8zFunQVSpCL8BJbpI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/eTjfueuSQHm7cGy2Fu2lcoZKnhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.42.0/23
IPv6:
2a04:c147::/33
Signature Algorithm: sha256WithRSAEncryption
5f:2a:e3:bb:02:86:b0:53:73:be:56:8b:9a:b6:e3:4a:e1:08:
f1:85:33:95:eb:8a:ad:ce:39:16:7e:05:2f:6f:f0:6d:7e:bc:
a5:b2:a7:03:d4:d3:52:1c:60:87:58:4a:e6:85:45:41:03:59:
0f:9a:27:92:c0:39:50:26:e4:87:21:aa:9f:e7:41:77:6b:d7:
75:f1:fc:73:14:46:08:81:95:c2:2a:08:f4:9c:89:d7:01:9a:
67:cc:42:c7:97:ca:ad:b4:e1:0d:8c:ed:2b:b5:c9:1a:72:1a:
9c:48:ce:d2:9f:c4:08:d3:43:d5:e8:a0:c1:14:56:05:8f:58:
31:87:d8:59:55:de:22:8b:c1:64:13:0d:a1:28:1b:41:a5:12:
25:6f:7f:06:d7:31:9f:2a:72:79:4f:b9:4f:37:bc:09:04:fd:
43:45:12:4c:ec:c7:b0:38:0a:7d:a9:82:97:70:00:50:f2:06:
34:a4:89:b9:87:ce:e7:2d:e3:12:b0:57:f5:22:04:01:02:2e:
f7:32:cd:cd:3b:39:df:8b:f5:ee:bd:f1:d0:0c:96:97:5b:14:
0e:ca:d4:0d:ce:48:13:4f:5f:83:4d:0e:20:d1:14:ed:cd:5a:
e8:36:c7:9f:dc:c2:8c:38:85:0b:a4:53:35:e2:c7:5e:f8:7c:
88:27:80:78
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzJvKt/6ZC8WoLA2RroMz+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5MzhkZmI5ZWI5MjQwNzliYjcwNmNiNjE2ZWRhNTcyODY0
YTllMTMwHhcNMjQwMTAyMTAzMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNThhZmFjMDA1NDJhYmNjYzViYTc0MTU0YTkwOGJmMDEyNWJhNDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnL2mzEIkkczALs+tuV3rkPNnbnRm
cBYC8GnOOhHJ/iEirCET3b0Gw59VGTGqvpHE9XgW6CRMQNC5ElUdU1S7xFTlEilI
O2ppxxSk4bmROd9TAOqSuyvWee9Z/OBEVN9qxKFiN9YXLSKYCKxmH9ZmjGGiYiNl
2/Ut+Ic1devk8Oo6Jl0WMMw6GS3HokHaZTMyWkkSgKBImexOVUOnC21yHPoteIOs
XwwPI7ayz/yDAcSPnoZ/ydnoOA0I3LM6TaxIxM7jARaqveYszY39g1p+Sd66liyi
atdyeIIJsVKhyq6s4CUSu1JJ5KSRIzL8dZASalZdSfqZGVamQaD08rcmawIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFAWK+sAFQqvMxbp0FUqQi/ASW6SNMB8GA1UdIwQY
MBaAFHk437nrkkB5u3BsthbtpXKGSp4TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVRqZnVldVNRSG03Y0d5MkZ1Mmxjb1pLbmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81ZjUzZWUtZmIwMC00ZGY0LTk3NjQt
MDZkYTJiYjA2MDcxLzEvQllyNndBVkNxOHpGdW5RVlNwQ0w4QkpicEkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81ZjUzZWUtZmIwMC00ZGY0LTk3NjQtMDZkYTJiYjA2MDcx
LzEvZVRqZnVldVNRSG03Y0d5MkZ1Mmxjb1pLbmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuTMqMA4E
AgACMAgDBgcqBMFHADANBgkqhkiG9w0BAQsFAAOCAQEAXyrjuwKGsFNzvlaLmrbj
SuEI8YUzleuKrc45Fn4FL2/wbX68pbKnA9TTUhxgh1hK5oVFQQNZD5onksA5UCbk
hyGqn+dBd2vXdfH8cxRGCIGVwioI9JyJ1wGaZ8xCx5fKrbThDYztK7XJGnIanEjO
0p/ECNND1eigwRRWBY9YMYfYWVXeIovBZBMNoSgbQaUSJW9/BtcxnypyeU+5Tze8
CQT9Q0USTOzHsDgKfamCl3AAUPIGNKSJuYfO5y3jErBX9SIEAQIu9zLNzTs534v1
7r3x0AyWl1sUDsrUDc5IE09fg00OINEU7c1a6DbHn9zCjDiFC6RTNeLHXvh8iCeA
eA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:13:12 2025 by rpki-client