Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bcax920hZX2kw8_psOO06Uonmls.roa
File: bcax920hZX2kw8_psOO06Uonmls.roa (raw, json)
Hash identifier: a3tji44QyEL+lVf23v5TSE+ddkDvfPFjJ9ipDW9WPBo=
Subject key identifier: 6D:C6:B1:F7:6D:21:65:7D:A4:C3:CF:E9:B0:E3:B4:E9:4A:27:9A:5B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F331470F6FAAC7598923D40B34D452DCC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bcax920hZX2kw8_psOO06Uonmls.roa
Signing time: Wed 01 May 2024 07:35:28 +0000
ROA not before: Wed 01 May 2024 07:35:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210164
IP address blocks: 109.176.16.0/24 maxlen: 24
213.218.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 07:37:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:33:14:70:f6:fa:ac:75:98:92:3d:40:b3:4d:45:2d:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 1 07:35:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dc6b1f76d21657da4c3cfe9b0e3b4e94a279a5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:29:9c:69:39:a5:ea:df:61:b8:f5:2c:a1:5d:
eb:66:95:e9:96:78:25:25:33:dc:21:80:e4:e0:ce:
23:bf:6f:2d:39:4b:62:08:08:1f:75:54:5c:b0:7f:
24:a6:c6:2e:bb:8d:9d:bb:b6:97:21:de:71:6e:ce:
ef:80:5f:9a:f4:4e:ec:3d:f0:c3:f0:b1:e0:58:f6:
49:06:62:c0:28:8e:79:50:e0:fc:f2:22:10:71:c8:
ad:95:52:2f:b0:ad:15:62:e3:e8:80:49:b0:ba:e5:
cb:2f:7a:70:90:be:f0:d7:64:42:f7:a1:a0:0a:49:
77:2c:05:42:c5:da:77:d0:9e:55:64:a0:5d:b4:7b:
06:f0:21:8c:ae:78:4b:27:b5:5a:7f:c3:c5:7f:76:
df:fe:0d:07:aa:cb:91:8f:07:cc:b8:33:63:f1:be:
94:88:45:c5:f9:2b:b5:b6:ec:6a:12:3c:04:6d:80:
98:2c:1a:a3:e2:80:4f:27:cc:1d:e8:a0:a8:94:d3:
62:69:b1:6d:64:d3:7e:4b:3b:04:f8:36:9c:b4:33:
9e:b5:4c:e0:eb:7c:73:58:44:82:d4:9f:c1:99:ca:
16:84:b1:99:e3:2c:c9:d6:4e:78:6d:ac:60:30:72:
ea:4f:f6:1c:c4:ed:a3:aa:f7:92:ca:b7:06:0f:15:
ac:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C6:B1:F7:6D:21:65:7D:A4:C3:CF:E9:B0:E3:B4:E9:4A:27:9A:5B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bcax920hZX2kw8_psOO06Uonmls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.16.0/24
213.218.236.0/24
Signature Algorithm: sha256WithRSAEncryption
29:43:33:37:c2:cc:79:1a:8b:ee:61:17:7c:cd:b2:3c:29:a8:
34:ad:37:06:a8:44:5a:0b:5c:57:e4:39:21:1d:10:e4:83:fc:
c3:e6:09:4d:b6:85:00:cd:2a:40:2e:78:e8:e7:a5:f5:3c:24:
b0:e0:31:cb:90:af:73:fb:fe:05:7f:f2:0e:6c:a1:02:8d:8a:
68:3d:13:f2:41:f8:86:4b:24:92:42:81:c0:ef:93:3c:5a:9d:
53:27:24:9c:1e:21:3f:4b:c6:c2:9e:a5:63:99:b2:2f:4c:e5:
07:b5:46:7d:ce:dc:64:dd:4f:49:58:df:68:35:76:f3:64:0d:
b1:ac:1c:e9:52:26:e1:b2:83:cf:06:17:93:45:5e:73:c5:95:
e4:a3:75:63:df:e7:ff:c4:1d:14:6e:d4:0c:b2:d4:14:a5:6c:
6f:a9:b6:5a:a8:ab:06:f3:ee:ee:e8:10:ef:a7:0a:b5:e0:50:
87:16:df:cf:3f:16:96:fe:23:08:57:da:0a:a2:59:bd:10:20:
7d:56:6b:e4:79:c1:60:09:b2:a9:09:5d:54:c7:db:98:11:c4:
26:2f:ce:9c:99:9c:37:63:a8:55:fd:27:b5:5d:5a:31:a9:02:
de:00:49:14:14:f1:bf:16:cc:3c:45:eb:e1:3d:4d:67:15:ac:
8d:f4:36:d1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8zFHD2+qx1mJI9QLNNRS3MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTAxMDczNTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGM2YjFmNzZkMjE2NTdkYTRjM2NmZTliMGUzYjRlOTRhMjc5YTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ymcaTml6t9huPUsoV3rZpXplngl
JTPcIYDk4M4jv28tOUtiCAgfdVRcsH8kpsYuu42du7aXId5xbs7vgF+a9E7sPfDD
8LHgWPZJBmLAKI55UOD88iIQccitlVIvsK0VYuPogEmwuuXLL3pwkL7w12RC96Gg
Ckl3LAVCxdp30J5VZKBdtHsG8CGMrnhLJ7Vaf8PFf3bf/g0HqsuRjwfMuDNj8b6U
iEXF+Su1tuxqEjwEbYCYLBqj4oBPJ8wd6KColNNiabFtZNN+SzsE+DactDOetUzg
63xzWESC1J/BmcoWhLGZ4yzJ1k54baxgMHLqT/YcxO2jqveSyrcGDxWsYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG3GsfdtIWV9pMPP6bDjtOlKJ5pbMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYmNheDkyMGhaWDJrdzhfcHNPTzA2VW9ubWxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbbAQAwQA
1drsMA0GCSqGSIb3DQEBCwUAA4IBAQApQzM3wsx5GovuYRd8zbI8Kag0rTcGqERa
C1xX5DkhHRDkg/zD5glNtoUAzSpALnjo56X1PCSw4DHLkK9z+/4Ff/IObKECjYpo
PRPyQfiGSySSQoHA75M8Wp1TJyScHiE/S8bCnqVjmbIvTOUHtUZ9ztxk3U9JWN9o
NXbzZA2xrBzpUibhsoPPBheTRV5zxZXko3Vj3+f/xB0UbtQMstQUpWxvqbZaqKsG
8+7u6BDvpwq14FCHFt/PPxaW/iMIV9oKolm9ECB9VmvkecFgCbKpCV1Ux9uYEcQm
L86cmZw3Y6hV/Se1XVoxqQLeAEkUFPG/Fsw8RevhPU1nFayN9DbR
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:32:17 2025 by rpki-client