Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/95cd2d-0d52-4b07-b76b-d853e7842b3a/1/BpYgfk3-41r-12o106KRT2kT9RI.roa
File: BpYgfk3-41r-12o106KRT2kT9RI.roa (raw, json)
Hash identifier: 8Gf1OvvavvUeVCfHG7QnneJlS0dIPjqoWoG7ePHtK98=
Subject key identifier: 06:96:20:7E:4D:FE:E3:5A:FE:D7:6A:35:D3:A2:91:4F:69:13:F5:12
Certificate issuer: /CN=1cf31e958a6fa85dfd517ea5a2167a359ce02691
Certificate serial: 018CC56E500153A373D05DD02E57B7B1ED49
Authority key identifier: 1C:F3:1E:95:8A:6F:A8:5D:FD:51:7E:A5:A2:16:7A:35:9C:E0:26:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HPMelYpvqF39UX6lohZ6NZzgJpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/95cd2d-0d52-4b07-b76b-d853e7842b3a/1/BpYgfk3-41r-12o106KRT2kT9RI.roa
Signing time: Mon 01 Jan 2024 14:29:50 +0000
ROA not before: Mon 01 Jan 2024 14:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34724
IP address blocks: 62.182.152.0/22 maxlen: 22
139.28.12.0/22 maxlen: 22
185.31.32.0/22 maxlen: 22
185.68.60.0/22 maxlen: 22
95.214.204.0/22 maxlen: 22
193.34.64.0/22 maxlen: 22
2a05:9300::/29 maxlen: 29
2a00:b720::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:50:01:53:a3:73:d0:5d:d0:2e:57:b7:b1:ed:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cf31e958a6fa85dfd517ea5a2167a359ce02691
Validity
Not Before: Jan 1 14:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0696207e4dfee35afed76a35d3a2914f6913f512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:81:9f:c1:f3:dc:3c:2b:ea:47:3d:92:b4:5f:
66:ae:4c:a9:bd:76:97:80:91:7a:66:ff:8e:f2:cc:
d6:e0:2b:31:ad:fe:44:f9:d5:72:a0:9e:92:f8:ca:
d6:81:1e:eb:b7:c2:45:68:f6:85:93:ae:08:5a:93:
e7:da:69:d8:33:67:48:cc:0c:3e:17:9f:9c:5b:6b:
bb:45:5c:b2:b3:e8:95:96:e7:c1:0b:2a:37:04:9c:
22:f6:bb:99:f4:53:7e:92:d0:bc:b6:53:00:01:96:
c5:d8:ff:57:fa:6f:3d:57:b8:55:00:a8:fa:b0:78:
86:f9:1a:1d:c1:1b:bb:27:2c:72:ba:63:5f:df:55:
ed:f2:5f:6a:74:57:98:02:5e:7b:f9:32:cd:45:d8:
b8:0c:d8:d0:51:39:fa:04:38:c6:4e:80:82:b1:60:
3e:a6:a3:62:dc:58:90:ff:2d:3e:9f:76:5f:25:17:
4e:a5:58:18:4a:59:71:5f:82:ea:42:7d:e4:79:48:
c1:a6:01:a1:35:ab:4b:5b:05:a3:ef:99:97:90:16:
68:e9:c8:8f:f6:e5:40:58:54:5e:f7:f9:60:5a:83:
d2:b6:a6:56:89:9d:6a:f1:5b:a2:ae:4a:84:23:10:
49:60:57:cd:d5:26:e9:b3:49:aa:e4:54:dc:f1:05:
2d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:96:20:7E:4D:FE:E3:5A:FE:D7:6A:35:D3:A2:91:4F:69:13:F5:12
X509v3 Authority Key Identifier:
keyid:1C:F3:1E:95:8A:6F:A8:5D:FD:51:7E:A5:A2:16:7A:35:9C:E0:26:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPMelYpvqF39UX6lohZ6NZzgJpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/95cd2d-0d52-4b07-b76b-d853e7842b3a/1/BpYgfk3-41r-12o106KRT2kT9RI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/95cd2d-0d52-4b07-b76b-d853e7842b3a/1/HPMelYpvqF39UX6lohZ6NZzgJpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.152.0/22
95.214.204.0/22
139.28.12.0/22
185.31.32.0/22
185.68.60.0/22
193.34.64.0/22
IPv6:
2a00:b720::/29
2a05:9300::/29
Signature Algorithm: sha256WithRSAEncryption
62:56:59:c0:40:7e:8a:c3:09:dc:56:27:68:e2:cd:ca:af:af:
50:ad:43:be:56:7c:ae:37:46:d3:f8:11:64:9a:ab:53:36:8c:
75:bf:02:56:0d:86:38:34:0a:8b:04:a0:8e:94:b7:0a:9e:7f:
c7:b7:65:99:5c:04:a0:b9:09:8d:98:d2:a6:eb:26:f8:2f:98:
12:c6:30:82:bc:65:04:a3:05:8f:a4:e3:3c:b1:60:b6:27:b6:
8f:83:a7:a9:21:43:b3:a2:9d:d0:f9:ca:6c:ed:e1:28:a0:6c:
51:2b:33:6b:f7:f7:58:f5:99:09:cf:38:82:92:cd:83:c3:d3:
c4:bf:19:75:3a:49:46:f5:da:a3:33:41:ea:4a:ae:9f:45:60:
43:3a:34:e2:0d:53:01:63:2b:81:02:44:ab:13:33:6b:c8:52:
ef:ca:9f:a7:1b:5b:b8:3b:f4:31:25:ec:ca:b4:8a:d3:ae:21:
37:cb:7d:e1:6c:cb:cc:f5:26:e4:27:39:7c:09:77:8a:ac:ec:
f0:ab:cb:26:30:7c:b9:e3:1a:4b:82:e2:36:fe:d0:81:12:92:
95:b2:65:c0:80:cc:76:76:4d:18:27:29:ae:96:0e:91:44:5f:
e9:2a:e6:5d:d2:ba:0e:61:5a:e5:ae:2d:d1:7d:c3:63:b3:af:
3b:28:df:1a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzFblABU6Nz0F3QLle3se1JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZjMxZTk1OGE2ZmE4NWRmZDUxN2VhNWEyMTY3YTM1OWNl
MDI2OTEwHhcNMjQwMTAxMTQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjk2MjA3ZTRkZmVlMzVhZmVkNzZhMzVkM2EyOTE0ZjY5MTNmNTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIGfwfPcPCvqRz2StF9mrkypvXaX
gJF6Zv+O8szW4Csxrf5E+dVyoJ6S+MrWgR7rt8JFaPaFk64IWpPn2mnYM2dIzAw+
F5+cW2u7RVyys+iVlufBCyo3BJwi9ruZ9FN+ktC8tlMAAZbF2P9X+m89V7hVAKj6
sHiG+RodwRu7JyxyumNf31Xt8l9qdFeYAl57+TLNRdi4DNjQUTn6BDjGToCCsWA+
pqNi3FiQ/y0+n3ZfJRdOpVgYSllxX4LqQn3keUjBpgGhNatLWwWj75mXkBZo6ciP
9uVAWFRe9/lgWoPStqZWiZ1q8VuirkqEIxBJYFfN1Sbps0mq5FTc8QUtlQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFAaWIH5N/uNa/tdqNdOikU9pE/USMB8GA1UdIwQY
MBaAFBzzHpWKb6hd/VF+paIWejWc4CaRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBNZWxZcHZxRjM5VVg2bG9oWjZOWnpnSnBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85NWNkMmQtMGQ1Mi00YjA3LWI3NmIt
ZDg1M2U3ODQyYjNhLzEvQnBZZ2ZrMy00MXItMTJvMTA2S1JUMmtUOVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85NWNkMmQtMGQ1Mi00YjA3LWI3NmItZDg1M2U3ODQyYjNh
LzEvSFBNZWxZcHZxRjM5VVg2bG9oWjZOWnpnSnBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCPraYAwQC
X9bMAwQCixwMAwQCuR8gAwQCuUQ8AwQCwSJAMBQEAgACMA4DBQMqALcgAwUDKgWT
ADANBgkqhkiG9w0BAQsFAAOCAQEAYlZZwEB+isMJ3FYnaOLNyq+vUK1DvlZ8rjdG
0/gRZJqrUzaMdb8CVg2GODQKiwSgjpS3Cp5/x7dlmVwEoLkJjZjSpusm+C+YEsYw
grxlBKMFj6TjPLFgtie2j4OnqSFDs6Kd0PnKbO3hKKBsUSsza/f3WPWZCc84gpLN
g8PTxL8ZdTpJRvXaozNB6kqun0VgQzo04g1TAWMrgQJEqxMza8hS78qfpxtbuDv0
MSXsyrSK064hN8t94WzLzPUm5Cc5fAl3iqzs8KvLJjB8ueMaS4LiNv7QgRKSlbJl
wIDMdnZNGCcprpYOkURf6SrmXdK6DmFa5a4t0X3DY7OvOyjfGg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:00:04 2025 by rpki-client