Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/d8e68e-ad38-44e1-9a2c-74aa3c0faee0/1/1BuvoaNargJ-r4mL9gPVglXePfk.roa
File: 1BuvoaNargJ-r4mL9gPVglXePfk.roa (raw, json)
Hash identifier: s3RfstUutsLwKsYcJRlwroFgHnNtFZR+4USr3UK26oQ=
Subject key identifier: D4:1B:AF:A1:A3:5A:AE:02:7E:AF:89:8B:F6:03:D5:82:55:DE:3D:F9
Certificate issuer: /CN=987b6812cf7a074580f5942be762f477f67c9500
Certificate serial: 01900151F91C87E03A754B6D6DD2BC6696F7
Authority key identifier: 98:7B:68:12:CF:7A:07:45:80:F5:94:2B:E7:62:F4:77:F6:7C:95:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mHtoEs96B0WA9ZQr52L0d_Z8lQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/d8e68e-ad38-44e1-9a2c-74aa3c0faee0/1/1BuvoaNargJ-r4mL9gPVglXePfk.roa
Signing time: Mon 10 Jun 2024 08:44:27 +0000
ROA not before: Mon 10 Jun 2024 08:44:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8365
IP address blocks: 82.195.64.0/19 maxlen: 24
91.243.70.0/24 maxlen: 24
185.55.124.0/22 maxlen: 24
2001:41b8::/29 maxlen: 29
2001:41b8::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 24 Jul 2024 11:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:01:51:f9:1c:87:e0:3a:75:4b:6d:6d:d2:bc:66:96:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=987b6812cf7a074580f5942be762f477f67c9500
Validity
Not Before: Jun 10 08:44:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d41bafa1a35aae027eaf898bf603d58255de3df9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:50:97:e4:b4:3f:a0:de:b4:1c:ac:21:e5:a0:
0f:16:d6:48:61:6d:79:3b:7d:a7:a3:e5:e7:b2:bb:
65:0e:ca:a8:b2:2a:16:b1:c3:9c:82:14:6a:89:df:
df:10:28:f2:ea:9a:2b:da:00:7e:63:0b:4c:b5:0c:
3b:7f:59:97:03:fa:27:bc:8f:5b:dc:d6:05:d8:ed:
51:7f:ad:ea:a7:82:e7:f1:5b:8a:5a:f8:2a:38:01:
c4:46:32:93:a6:05:a8:e1:43:d5:7d:48:c3:1e:ed:
3f:83:17:dd:62:9c:f4:74:eb:99:8d:79:36:5e:4b:
7c:c9:f6:80:21:9e:47:68:54:ac:a9:a5:90:a4:2a:
74:0d:00:2c:1c:a5:17:91:db:d5:5c:62:69:7b:a4:
84:f6:6b:4c:d7:4d:13:f8:f3:26:7b:29:9e:56:e6:
38:b6:40:3b:b6:f2:79:34:e5:2e:0c:23:c7:ca:c8:
46:60:42:8a:8d:1d:8c:e9:67:fc:ee:92:3b:1b:d5:
8c:a2:5b:ce:9e:44:36:d9:d7:91:9f:4f:04:16:14:
a0:30:bb:e9:8a:bd:0b:d6:93:c4:13:08:ad:27:1a:
df:32:03:6d:5f:ca:65:a7:f4:73:6f:fa:4a:3b:3a:
c5:e8:b2:d5:4e:df:df:f0:2c:e0:9a:15:73:91:4c:
19:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:1B:AF:A1:A3:5A:AE:02:7E:AF:89:8B:F6:03:D5:82:55:DE:3D:F9
X509v3 Authority Key Identifier:
keyid:98:7B:68:12:CF:7A:07:45:80:F5:94:2B:E7:62:F4:77:F6:7C:95:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mHtoEs96B0WA9ZQr52L0d_Z8lQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d8e68e-ad38-44e1-9a2c-74aa3c0faee0/1/1BuvoaNargJ-r4mL9gPVglXePfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d8e68e-ad38-44e1-9a2c-74aa3c0faee0/1/mHtoEs96B0WA9ZQr52L0d_Z8lQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.195.64.0/19
91.243.70.0/24
185.55.124.0/22
IPv6:
2001:41b8::/29
Signature Algorithm: sha256WithRSAEncryption
4c:69:56:c3:de:8c:f2:33:6c:bb:ae:d4:9b:cf:d6:e9:cd:a0:
2a:49:31:49:96:de:5c:e4:be:d0:6f:3b:0b:f8:80:65:df:90:
16:8f:86:89:76:86:af:90:52:3d:19:8f:cb:ca:4c:33:35:87:
3b:0e:d3:bd:5c:ca:81:75:5b:c8:af:10:44:f2:2f:64:b6:2e:
6d:0e:70:6b:0c:80:00:d7:a8:c3:bf:c8:17:4d:91:7a:c0:e8:
a2:f9:af:ff:db:f0:86:5b:01:fd:f0:91:38:a9:0b:1e:60:50:
1c:2f:ec:d8:7a:2a:05:3f:3b:54:da:92:4c:d0:a7:f3:3a:ec:
73:a7:85:af:47:02:b9:61:6d:21:f1:b0:20:c3:bb:56:21:d7:
46:26:6b:57:5b:75:ae:36:02:a9:98:41:7e:11:a9:67:d3:b4:
79:da:0d:fc:60:ab:66:ce:46:9c:1a:bd:56:7a:3f:1f:ff:c3:
37:e8:68:85:58:c2:e8:27:62:aa:ac:46:0a:29:dd:8b:2b:66:
8a:9a:0c:b2:f4:54:53:b0:2e:f9:04:e7:c5:c8:4a:61:2a:21:
de:54:f6:6f:df:50:2a:6c:57:2a:8c:0a:19:7e:18:8d:54:ab:
69:86:8a:09:e0:80:f7:e5:65:12:e0:a1:f7:62:68:b5:79:78:
e3:3e:09:c3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZABUfkch+A6dUttbdK8Zpb3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4N2I2ODEyY2Y3YTA3NDU4MGY1OTQyYmU3NjJmNDc3ZjY3
Yzk1MDAwHhcNMjQwNjEwMDg0NDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDFiYWZhMWEzNWFhZTAyN2VhZjg5OGJmNjAzZDU4MjU1ZGUzZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlCX5LQ/oN60HKwh5aAPFtZIYW15
O32no+XnsrtlDsqosioWscOcghRqid/fECjy6por2gB+YwtMtQw7f1mXA/onvI9b
3NYF2O1Rf63qp4Ln8VuKWvgqOAHERjKTpgWo4UPVfUjDHu0/gxfdYpz0dOuZjXk2
Xkt8yfaAIZ5HaFSsqaWQpCp0DQAsHKUXkdvVXGJpe6SE9mtM100T+PMmeymeVuY4
tkA7tvJ5NOUuDCPHyshGYEKKjR2M6Wf87pI7G9WMolvOnkQ22deRn08EFhSgMLvp
ir0L1pPEEwitJxrfMgNtX8plp/Rzb/pKOzrF6LLVTt/f8CzgmhVzkUwZdwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNQbr6GjWq4Cfq+Ji/YD1YJV3j35MB8GA1UdIwQY
MBaAFJh7aBLPegdFgPWUK+di9Hf2fJUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUh0b0VzOTZCMFdBOVpRcjUyTDBkX1o4bFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9kOGU2OGUtYWQzOC00NGUxLTlhMmMt
NzRhYTNjMGZhZWUwLzEvMUJ1dm9hTmFyZ0otcjRtTDlnUFZnbFhlUGZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9kOGU2OGUtYWQzOC00NGUxLTlhMmMtNzRhYTNjMGZhZWUw
LzEvbUh0b0VzOTZCMFdBOVpRcjUyTDBkX1o4bFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFUsNAAwQA
W/NGAwQCuTd8MA0EAgACMAcDBQMgAUG4MA0GCSqGSIb3DQEBCwUAA4IBAQBMaVbD
3ozyM2y7rtSbz9bpzaAqSTFJlt5c5L7QbzsL+IBl35AWj4aJdoavkFI9GY/Lykwz
NYc7DtO9XMqBdVvIrxBE8i9kti5tDnBrDIAA16jDv8gXTZF6wOii+a//2/CGWwH9
8JE4qQseYFAcL+zYeioFPztU2pJM0KfzOuxzp4WvRwK5YW0h8bAgw7tWIddGJmtX
W3WuNgKpmEF+Ealn07R52g38YKtmzkacGr1Wej8f/8M36GiFWMLoJ2KqrEYKKd2L
K2aKmgyy9FRTsC75BOfFyEphKiHeVPZv31AqbFcqjAoZfhiNVKtphooJ4ID35WUS
4KH3Ymi1eXjjPgnD
-----END CERTIFICATE-----
Generated at Sun Apr 20 01:57:53 2025 by rpki-client