Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/bwCJcd9zFE8BrUhi591ieSk8Lbs.roa
File: bwCJcd9zFE8BrUhi591ieSk8Lbs.roa (raw, json)
Hash identifier: 6qP9Jj6MJuqo/RoraE7qSg04aYeIqOuytcHkOoshRhw=
Subject key identifier: 6F:00:89:71:DF:73:14:4F:01:AD:48:62:E7:DD:62:79:29:3C:2D:BB
Certificate issuer: /CN=7df0897eab3eed6e24eddd676e8bf9377fb4480c
Certificate serial: 018CC79515CE31FA961B8C9BBA25BD39D270
Authority key identifier: 7D:F0:89:7E:AB:3E:ED:6E:24:ED:DD:67:6E:8B:F9:37:7F:B4:48:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffCJfqs-7W4k7d1nbov5N3-0SAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/bwCJcd9zFE8BrUhi591ieSk8Lbs.roa
Signing time: Tue 02 Jan 2024 00:31:25 +0000
ROA not before: Tue 02 Jan 2024 00:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35313
IP address blocks: 188.137.168.0/21 maxlen: 24
188.137.203.0/24 maxlen: 24
188.137.200.0/24 maxlen: 24
188.137.201.0/24 maxlen: 24
188.137.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:15:ce:31:fa:96:1b:8c:9b:ba:25:bd:39:d2:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df0897eab3eed6e24eddd676e8bf9377fb4480c
Validity
Not Before: Jan 2 00:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f008971df73144f01ad4862e7dd6279293c2dbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a3:f9:b0:d5:01:2e:38:db:30:cf:2a:5c:66:
43:58:73:0f:c5:f9:ef:13:b8:7f:79:c9:6e:2f:91:
3b:9f:fb:91:37:05:14:66:6b:20:ce:9c:34:e7:d0:
7a:a0:e0:bc:e7:8f:6a:d8:48:3e:5f:09:b9:64:42:
f9:b1:b3:ba:1c:17:9b:63:9f:19:b6:85:04:0e:8c:
98:6c:8e:6e:4e:b1:21:36:76:f1:86:42:52:85:4d:
60:5a:3e:64:46:83:cc:d4:7f:50:67:30:01:c8:c4:
d2:f7:0c:f7:b2:0d:a5:52:32:0c:d8:ed:2c:8e:25:
d2:41:8e:8a:5b:cf:e3:f4:f8:7d:c0:c0:c0:70:ed:
dc:6a:e0:cf:93:a2:35:92:91:99:e2:56:73:09:65:
9c:57:fd:4b:3e:20:1b:68:30:c2:b9:cd:d6:df:67:
f7:33:20:f0:2a:dd:d3:59:7d:ce:37:07:78:3d:7d:
bf:43:33:03:3b:bc:f7:a5:87:2c:39:3f:b5:f9:60:
67:f2:25:9c:82:6f:06:17:83:c0:03:54:db:5b:6d:
38:18:b6:2e:c8:43:1d:b7:3c:32:44:1f:d9:2d:89:
6b:3e:3f:d3:f9:85:19:56:e6:69:ca:50:70:7d:d1:
c6:27:ca:1f:61:fd:89:f0:23:b7:74:3d:8d:b3:01:
02:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:00:89:71:DF:73:14:4F:01:AD:48:62:E7:DD:62:79:29:3C:2D:BB
X509v3 Authority Key Identifier:
keyid:7D:F0:89:7E:AB:3E:ED:6E:24:ED:DD:67:6E:8B:F9:37:7F:B4:48:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffCJfqs-7W4k7d1nbov5N3-0SAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/bwCJcd9zFE8BrUhi591ieSk8Lbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/ffCJfqs-7W4k7d1nbov5N3-0SAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.137.168.0/21
188.137.200.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:4f:20:af:b9:7a:4e:04:af:2a:49:96:d1:8f:1f:fb:da:8c:
41:35:bf:36:98:d2:d4:af:44:cd:12:57:07:cd:97:75:2d:a4:
12:42:f7:9c:d4:a5:81:02:78:5f:a1:ba:28:8c:a8:ee:68:a4:
dd:e7:c6:58:d9:fd:d4:fa:ee:6e:eb:d1:9f:78:12:b2:a5:9b:
f5:b8:dd:4a:5f:a9:02:75:66:81:19:b5:08:b4:b7:b5:ea:8d:
c4:2b:98:fa:7d:8b:1a:7b:0e:72:67:a7:05:94:1b:40:79:4a:
b9:70:d5:57:1d:2f:84:70:d3:31:0c:e8:3e:98:fa:fa:41:fe:
86:4d:f6:9d:39:9c:00:3f:0d:29:1f:cf:07:45:c8:67:5a:34:
e7:7e:dd:c5:58:d3:9a:a9:c0:cb:57:8b:24:44:8b:ec:03:ae:
f7:9b:2e:32:ae:a9:20:60:4c:81:dd:1a:65:59:77:5c:9a:30:
53:dd:1c:ac:84:7d:e9:40:23:f7:ca:9f:a5:dc:a4:b1:7c:d2:
95:1d:6b:1d:6a:13:3f:c3:99:39:61:cc:5c:b6:22:d2:21:5a:
1c:f3:f8:b9:82:54:4b:96:ec:a7:77:9e:42:02:e2:76:22:ba:
4a:69:f4:01:60:de:ac:d7:9d:96:86:26:96:1e:6c:86:a5:f7:
ac:be:50:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlRXOMfqWG4ybuiW9OdJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjA4OTdlYWIzZWVkNmUyNGVkZGQ2NzZlOGJmOTM3N2Zi
NDQ4MGMwHhcNMjQwMTAyMDAzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjAwODk3MWRmNzMxNDRmMDFhZDQ4NjJlN2RkNjI3OTI5M2MyZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6P5sNUBLjjbMM8qXGZDWHMPxfnv
E7h/ecluL5E7n/uRNwUUZmsgzpw059B6oOC8549q2Eg+Xwm5ZEL5sbO6HBebY58Z
toUEDoyYbI5uTrEhNnbxhkJShU1gWj5kRoPM1H9QZzAByMTS9wz3sg2lUjIM2O0s
jiXSQY6KW8/j9Ph9wMDAcO3cauDPk6I1kpGZ4lZzCWWcV/1LPiAbaDDCuc3W32f3
MyDwKt3TWX3ONwd4PX2/QzMDO7z3pYcsOT+1+WBn8iWcgm8GF4PAA1TbW204GLYu
yEMdtzwyRB/ZLYlrPj/T+YUZVuZpylBwfdHGJ8ofYf2J8CO3dD2NswECowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG8AiXHfcxRPAa1IYufdYnkpPC27MB8GA1UdIwQY
MBaAFH3wiX6rPu1uJO3dZ26L+Td/tEgMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZDSmZxcy03VzRrN2QxbmJvdjVOMy0wU0F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8zOTI1ZTktNjVlYS00NjJlLWFlMjgt
ZDJjMjlkYzA0MmU3LzEvYndDSmNkOXpGRThCclVoaTU5MWllU2s4TGJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8zOTI1ZTktNjVlYS00NjJlLWFlMjgtZDJjMjlkYzA0MmU3
LzEvZmZDSmZxcy03VzRrN2QxbmJvdjVOMy0wU0F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDvImoAwQC
vInIMA0GCSqGSIb3DQEBCwUAA4IBAQCcTyCvuXpOBK8qSZbRjx/72oxBNb82mNLU
r0TNElcHzZd1LaQSQvec1KWBAnhfoboojKjuaKTd58ZY2f3U+u5u69GfeBKypZv1
uN1KX6kCdWaBGbUItLe16o3EK5j6fYsaew5yZ6cFlBtAeUq5cNVXHS+EcNMxDOg+
mPr6Qf6GTfadOZwAPw0pH88HRchnWjTnft3FWNOaqcDLV4skRIvsA673my4yrqkg
YEyB3RplWXdcmjBT3RyshH3pQCP3yp+l3KSxfNKVHWsdahM/w5k5YcxctiLSIVoc
8/i5glRLluynd55CAuJ2IrpKafQBYN6s152WhiaWHmyGpfesvlCo
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:34:18 2025 by rpki-client