Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/c24ee1-2cb2-4907-8048-b0f4fbe26b61/1/bpZvU2Q1Ghj2ztwGLUb3AkPvUEs.roa
File: bpZvU2Q1Ghj2ztwGLUb3AkPvUEs.roa (raw, json)
Hash identifier: HbIBYT0GpUswScn/PM3UrO6NPxEk/cdbgAanzp7Eln0=
Subject key identifier: 6E:96:6F:53:64:35:1A:18:F6:CE:DC:06:2D:46:F7:02:43:EF:50:4B
Certificate issuer: /CN=01cf2a71b2c7bf541c6cc04151cd02078d369926
Certificate serial: 01927622E7B44B69441AF77786EF1AACB004
Authority key identifier: 01:CF:2A:71:B2:C7:BF:54:1C:6C:C0:41:51:CD:02:07:8D:36:99:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ac8qcbLHv1QcbMBBUc0CB402mSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/c24ee1-2cb2-4907-8048-b0f4fbe26b61/1/bpZvU2Q1Ghj2ztwGLUb3AkPvUEs.roa
Signing time: Thu 10 Oct 2024 11:14:11 +0000
ROA not before: Thu 10 Oct 2024 11:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42812
IP address blocks: 185.82.140.0/22 maxlen: 22
193.24.111.0/24 maxlen: 24
2a05:90c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:76:22:e7:b4:4b:69:44:1a:f7:77:86:ef:1a:ac:b0:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01cf2a71b2c7bf541c6cc04151cd02078d369926
Validity
Not Before: Oct 10 11:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e966f5364351a18f6cedc062d46f70243ef504b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2e:7e:cd:e6:8c:a0:41:fd:a5:50:93:92:d4:
22:11:c1:7f:cb:9d:84:6a:45:44:8b:88:4d:7a:ab:
41:87:c5:90:51:0c:e9:28:7e:02:9b:1a:96:15:d5:
c5:ab:3a:8c:db:c7:40:a0:1b:09:5e:de:2b:dc:c3:
8e:f7:2b:ad:7c:61:1d:9f:57:0b:8d:e7:e1:5a:42:
cf:ef:86:be:f5:c0:c7:a8:16:71:56:76:25:81:50:
d0:0c:99:8c:99:c1:7a:ff:8a:57:10:13:6c:93:3e:
89:8e:ef:6b:9e:67:49:97:a9:1b:bf:0c:55:bf:9a:
e8:2a:37:02:45:86:53:e9:0b:32:bc:14:d5:8a:95:
ed:b6:31:c7:9b:44:a1:68:5c:76:36:71:54:ee:58:
bb:e6:ee:16:2d:a0:1e:3c:34:46:d6:a4:ad:d5:0c:
50:1b:c6:7f:bb:3c:cb:65:98:e5:68:00:e4:12:0a:
97:1d:08:10:a4:b7:82:dd:62:21:4e:09:ee:17:fb:
83:6a:ae:a5:be:bc:f5:19:1a:22:30:6b:05:d5:f1:
25:a4:0d:48:e0:62:3f:48:8a:ae:9f:ff:33:f6:00:
24:86:7c:a5:bc:5e:b3:e3:47:c1:79:d8:f7:ba:46:
5e:c0:b5:e6:c9:54:bf:c1:7f:ef:ab:90:f6:43:22:
5c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:96:6F:53:64:35:1A:18:F6:CE:DC:06:2D:46:F7:02:43:EF:50:4B
X509v3 Authority Key Identifier:
keyid:01:CF:2A:71:B2:C7:BF:54:1C:6C:C0:41:51:CD:02:07:8D:36:99:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ac8qcbLHv1QcbMBBUc0CB402mSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/c24ee1-2cb2-4907-8048-b0f4fbe26b61/1/bpZvU2Q1Ghj2ztwGLUb3AkPvUEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/c24ee1-2cb2-4907-8048-b0f4fbe26b61/1/Ac8qcbLHv1QcbMBBUc0CB402mSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.140.0/22
193.24.111.0/24
IPv6:
2a05:90c0::/29
Signature Algorithm: sha256WithRSAEncryption
76:5b:1e:23:43:08:4d:76:26:9c:b5:04:92:9f:80:ed:ec:48:
36:84:e0:ae:94:1a:22:f3:37:3c:57:6a:8f:af:2a:f4:ce:d3:
67:b6:09:69:94:97:0a:20:44:b8:51:f7:37:e0:eb:6e:c6:6e:
ec:97:f0:72:3c:74:14:f4:b0:a7:74:23:e2:bb:ab:dd:65:24:
12:9c:25:c1:f1:0e:ca:4a:e2:79:ff:a3:61:20:3b:df:74:43:
c3:ed:1e:85:f7:1e:56:0a:8e:29:b9:3c:f0:d5:5c:ce:28:7d:
f4:c3:3e:1b:3a:0c:d7:ab:09:c3:27:2d:ed:e5:e2:c1:d1:8e:
32:ca:30:7a:0b:d0:ce:a3:c2:25:5e:fe:89:7f:db:85:c3:96:
3d:da:a1:42:fe:4b:8b:e5:d3:ba:6d:4e:a0:fd:12:ad:98:a3:
6e:81:e3:3e:f7:a7:fd:46:16:95:c1:4b:6b:1e:8b:57:7c:d2:
29:3e:3f:19:1c:a5:4e:1a:ac:b7:58:cc:a0:d3:40:9b:44:01:
71:9c:a7:4b:fa:13:57:d5:2e:5e:b9:81:ac:f3:de:dd:8a:ce:
f6:b1:de:1b:81:b1:a9:01:77:58:45:c2:78:89:11:76:56:df:
cf:61:eb:56:97:67:87:c7:15:7c:c0:94:18:51:32:1c:c6:04:
09:04:b8:3d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZJ2Iue0S2lEGvd3hu8arLAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxY2YyYTcxYjJjN2JmNTQxYzZjYzA0MTUxY2QwMjA3OGQz
Njk5MjYwHhcNMjQxMDEwMTExNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTk2NmY1MzY0MzUxYTE4ZjZjZWRjMDYyZDQ2ZjcwMjQzZWY1MDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC5+zeaMoEH9pVCTktQiEcF/y52E
akVEi4hNeqtBh8WQUQzpKH4CmxqWFdXFqzqM28dAoBsJXt4r3MOO9yutfGEdn1cL
jefhWkLP74a+9cDHqBZxVnYlgVDQDJmMmcF6/4pXEBNskz6Jju9rnmdJl6kbvwxV
v5roKjcCRYZT6QsyvBTVipXttjHHm0ShaFx2NnFU7li75u4WLaAePDRG1qSt1QxQ
G8Z/uzzLZZjlaADkEgqXHQgQpLeC3WIhTgnuF/uDaq6lvrz1GRoiMGsF1fElpA1I
4GI/SIqun/8z9gAkhnylvF6z40fBedj3ukZewLXmyVS/wX/vq5D2QyJcYwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFG6Wb1NkNRoY9s7cBi1G9wJD71BLMB8GA1UdIwQY
MBaAFAHPKnGyx79UHGzAQVHNAgeNNpkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWM4cWNiTEh2MVFjYk1CQlVjMENCNDAybVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9jMjRlZTEtMmNiMi00OTA3LTgwNDgt
YjBmNGZiZTI2YjYxLzEvYnBadlUyUTFHaGoyenR3R0xVYjNBa1B2VUVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9jMjRlZTEtMmNiMi00OTA3LTgwNDgtYjBmNGZiZTI2YjYx
LzEvQWM4cWNiTEh2MVFjYk1CQlVjMENCNDAybVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVKMAwQA
wRhvMA0EAgACMAcDBQMqBZDAMA0GCSqGSIb3DQEBCwUAA4IBAQB2Wx4jQwhNdiac
tQSSn4Dt7Eg2hOCulBoi8zc8V2qPryr0ztNntglplJcKIES4Ufc34Otuxm7sl/By
PHQU9LCndCPiu6vdZSQSnCXB8Q7KSuJ5/6NhIDvfdEPD7R6F9x5WCo4puTzw1VzO
KH30wz4bOgzXqwnDJy3t5eLB0Y4yyjB6C9DOo8IlXv6Jf9uFw5Y92qFC/kuL5dO6
bU6g/RKtmKNugeM+96f9RhaVwUtrHotXfNIpPj8ZHKVOGqy3WMyg00CbRAFxnKdL
+hNX1S5euYGs897dis72sd4bgbGpAXdYRcJ4iRF2Vt/PYetWl2eHxxV8wJQYUTIc
xgQJBLg9
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:00 2025 by rpki-client