Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/BgVadIvrRwSLBxsKApWrflGthcY.roa
File: BgVadIvrRwSLBxsKApWrflGthcY.roa (raw, json)
Hash identifier: qhZoRkhxKXbF8dn9y9/XpjvkI+NoKTDAte1t2Owk4Cw=
Subject key identifier: 06:05:5A:74:8B:EB:47:04:8B:07:1B:0A:02:95:AB:7E:51:AD:85:C6
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0196E90E4CE2A9FCDCA83454192032B8A79E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/BgVadIvrRwSLBxsKApWrflGthcY.roa
Signing time: Mon 19 May 2025 14:59:10 +0000
ROA not before: Mon 19 May 2025 14:59:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 45.9.117.0/24 maxlen: 24
45.95.96.0/24 maxlen: 24
45.118.248.0/24 maxlen: 24
45.130.60.0/24 maxlen: 24
45.131.212.0/24 maxlen: 24
45.131.213.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.135.39.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.140.13.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
45.145.56.0/24 maxlen: 24
45.146.131.0/24 maxlen: 24
45.152.208.0/24 maxlen: 24
45.153.22.0/24 maxlen: 24
45.155.69.0/24 maxlen: 24
45.158.185.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
185.126.66.0/24 maxlen: 24
185.155.200.0/24 maxlen: 24
185.242.244.0/24 maxlen: 24
185.242.245.0/24 maxlen: 24
192.153.171.0/24 maxlen: 24
193.8.215.0/24 maxlen: 24
193.23.245.0/24 maxlen: 24
193.23.253.0/24 maxlen: 24
193.27.10.0/24 maxlen: 24
193.27.19.0/24 maxlen: 24
193.27.21.0/24 maxlen: 24
194.33.29.0/24 maxlen: 24
194.33.61.0/24 maxlen: 24
195.158.192.0/24 maxlen: 24
2a0c:7886:105::/48 maxlen: 48
2a0f:e7c6:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 20 May 2025 06:39:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e9:0e:4c:e2:a9:fc:dc:a8:34:54:19:20:32:b8:a7:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 19 14:59:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06055a748beb47048b071b0a0295ab7e51ad85c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:68:09:23:aa:22:95:07:61:31:9a:86:b4:cb:
6a:4b:69:ec:ce:5c:95:cc:2b:90:93:da:48:21:d6:
47:55:74:d1:7c:fe:00:e6:9c:ba:c5:df:f5:f5:c5:
8d:f2:5a:40:4a:59:b3:68:4d:d1:c8:37:fc:1e:90:
e3:70:13:57:c2:cc:21:ed:ec:52:de:a8:55:29:e2:
ab:f1:5a:78:d9:c2:b0:e8:4c:7b:cd:d0:e5:c5:2f:
f9:dc:bf:a3:22:b0:8b:94:3c:f2:7b:f3:1f:22:df:
0c:b3:3e:30:2f:39:82:37:b6:31:ff:7f:67:c5:37:
60:57:02:b4:2c:4a:af:0b:44:06:c0:6d:6c:2d:13:
6e:e4:93:62:b4:35:b1:91:e0:d6:42:48:07:9d:2d:
fe:44:71:9f:71:fa:33:54:01:3a:85:5e:11:8b:b4:
48:68:d7:c5:91:50:46:80:e9:3e:f7:ab:60:ea:0b:
8e:c8:83:29:7f:ad:b4:47:fb:1b:60:e2:4c:1b:7d:
80:9f:c6:6d:1a:91:a9:ff:5c:aa:97:2e:21:67:b7:
e0:92:2d:61:08:23:f8:7d:65:a8:6d:7d:c2:7f:27:
a2:14:68:4b:78:eb:58:d7:f1:70:79:97:55:90:fb:
b1:92:77:85:34:24:cb:da:34:8d:48:e9:36:a9:be:
28:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:05:5A:74:8B:EB:47:04:8B:07:1B:0A:02:95:AB:7E:51:AD:85:C6
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/BgVadIvrRwSLBxsKApWrflGthcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.95.96.0/24
45.118.248.0/24
45.130.60.0/24
45.131.212.0/23
45.131.215.0/24
45.135.39.0/24
45.137.81.0/24
45.140.13.0/24
45.141.177.0/24
45.145.56.0/24
45.146.131.0/24
45.152.208.0/24
45.153.22.0/24
45.155.69.0/24
45.158.185.0/24
85.209.128.0/24
103.114.43.0/24
113.30.154.0/24
185.122.171.0/24
185.126.64.0/24
185.126.66.0/24
185.155.200.0/24
185.242.244.0/23
192.153.171.0/24
193.8.215.0/24
193.23.245.0/24
193.23.253.0/24
193.27.10.0/24
193.27.19.0/24
193.27.21.0/24
194.33.29.0/24
194.33.61.0/24
195.158.192.0/24
IPv6:
2a0c:7886:105::/48
2a0f:e7c6:1000::/48
Signature Algorithm: sha256WithRSAEncryption
74:66:c1:58:cb:42:a5:0f:0d:b1:54:72:8f:cf:f0:0d:ef:46:
54:11:5a:f4:95:bb:5a:91:28:2f:0e:3b:7d:17:84:73:56:c9:
2a:2c:8d:3b:bd:c4:94:68:7f:83:c8:5b:fe:5f:5d:dc:e6:37:
29:83:ea:66:0b:f7:08:22:08:5d:1b:2f:a7:0d:2a:6a:e0:3a:
19:aa:57:3f:e0:48:c4:4c:0b:ca:18:e2:96:5e:3c:27:01:bb:
4f:d0:c4:f8:b3:ce:05:c0:ed:b8:8d:33:7f:3a:05:13:a7:83:
4a:3b:f4:25:3e:21:d1:c1:b1:d4:95:e5:51:89:1b:e5:f8:74:
ad:3f:18:15:9b:a0:f3:45:c9:c3:9e:be:c5:22:2e:97:e6:a8:
b2:59:4c:1f:73:f1:65:b6:93:1d:27:01:97:78:00:af:a8:d9:
79:0c:f0:20:92:b6:ae:9a:8b:61:b5:c2:80:70:9c:a6:29:2e:
72:28:a5:c3:9a:79:c7:84:28:bd:f3:0f:8a:05:bd:61:1f:e5:
e6:da:b9:43:0a:00:79:ef:6e:34:e0:00:64:c9:d8:e2:d4:d6:
49:5b:41:9e:8a:89:67:03:02:ef:52:97:80:5e:19:41:da:3b:
74:ee:3f:76:ec:a7:e2:f8:bf:56:77:96:18:7a:92:02:d3:d8:
0c:1a:89:b8
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgISAZbpDkziqfzcqDRUGSAyuKeeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTE5MTQ1OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjA1NWE3NDhiZWI0NzA0OGIwNzFiMGEwMjk1YWI3ZTUxYWQ4NWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6WgJI6oilQdhMZqGtMtqS2nszlyV
zCuQk9pIIdZHVXTRfP4A5py6xd/19cWN8lpASlmzaE3RyDf8HpDjcBNXwswh7exS
3qhVKeKr8Vp42cKw6Ex7zdDlxS/53L+jIrCLlDzye/MfIt8Msz4wLzmCN7Yx/39n
xTdgVwK0LEqvC0QGwG1sLRNu5JNitDWxkeDWQkgHnS3+RHGfcfozVAE6hV4Ri7RI
aNfFkVBGgOk+96tg6guOyIMpf620R/sbYOJMG32An8ZtGpGp/1yqly4hZ7fgki1h
CCP4fWWobX3CfyeiFGhLeOtY1/FweZdVkPuxkneFNCTL2jSNSOk2qb4oCwIDAQAB
o4IC7zCCAuswHQYDVR0OBBYEFAYFWnSL60cEiwcbCgKVq35RrYXGMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQmdWYWRJdnJSd1NMQnhzS0FwV3JmbEd0aGNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwgdMEAgABMIHMAwQA
LQl1AwQALV9gAwQALXb4AwQALYI8AwQBLYPUAwQALYPXAwQALYcnAwQALYlRAwQA
LYwNAwQALY2xAwQALZE4AwQALZKDAwQALZjQAwQALZkWAwQALZtFAwQALZ65AwQA
VdGAAwQAZ3IrAwQAcR6aAwQAuXqrAwQAuX5AAwQAuX5CAwQAuZvIAwQBufL0AwQA
wJmrAwQAwQjXAwQAwRf1AwQAwRf9AwQAwRsKAwQAwRsTAwQAwRsVAwQAwiEdAwQA
wiE9AwQAw57AMBgEAgACMBIDBwAqDHiGAQUDBwAqD+fGEAAwDQYJKoZIhvcNAQEL
BQADggEBAHRmwVjLQqUPDbFUco/P8A3vRlQRWvSVu1qRKC8OO30XhHNWySosjTu9
xJRof4PIW/5fXdzmNymD6mYL9wgiCF0bL6cNKmrgOhmqVz/gSMRMC8oY4pZePCcB
u0/QxPizzgXA7biNM386BROng0o79CU+IdHBsdSV5VGJG+X4dK0/GBWboPNFycOe
vsUiLpfmqLJZTB9z8WW2kx0nAZd4AK+o2XkM8CCStq6ai2G1woBwnKYpLnIopcOa
eceEKL3zD4oFvWEf5ebauUMKAHnvbjTgAGTJ2OLU1klbQZ6KiWcDAu9Sl4BeGUHa
O3TuP3bsp+L4v1Z3lhh6kgLT2Awaibg=
-----END CERTIFICATE-----
Generated at Mon Jun 9 04:53:06 2025 by rpki-client