Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/BhceoU4Kfy64LOHtp-VxESUo-8M.roa
File: BhceoU4Kfy64LOHtp-VxESUo-8M.roa (raw, json)
Hash identifier: hCzvecIOuYUyTLeA0sOM0ZsVD3iVpleGkkpNBxJH/S0=
Subject key identifier: 06:17:1E:A1:4E:0A:7F:2E:B8:2C:E1:ED:A7:E5:71:11:25:28:FB:C3
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0195D6CEC5295535064D63C81D5DA21AF8FB
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/BhceoU4Kfy64LOHtp-VxESUo-8M.roa
Signing time: Thu 27 Mar 2025 08:53:49 +0000
ROA not before: Thu 27 Mar 2025 08:53:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14576
IP address blocks: 2a0f:2840::/29 maxlen: 29
2a0f:9e00::/29 maxlen: 29
2a10:7f00::/29 maxlen: 29
2a11:5c80::/29 maxlen: 29
2a12:4b00::/29 maxlen: 29
2a12:d5c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 03 Apr 2025 14:14:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d6:ce:c5:29:55:35:06:4d:63:c8:1d:5d:a2:1a:f8:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 27 08:53:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06171ea14e0a7f2eb82ce1eda7e571112528fbc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:05:35:5a:a5:bc:a6:2d:1d:a8:70:ea:12:3b:
35:93:38:5f:ee:0f:45:34:f5:35:65:18:2f:3a:7c:
bd:18:34:87:14:29:9e:9c:ca:cc:c5:33:a8:0e:bc:
36:3f:29:c3:fb:d8:79:20:f8:ee:2b:2f:34:7b:5e:
48:41:9d:b6:32:8c:f5:4c:66:61:6a:e7:f9:10:ca:
08:31:e5:f3:f7:5e:3b:10:df:35:4a:52:87:f2:3e:
83:9d:58:34:87:f2:20:3e:7d:70:ac:3f:da:5d:84:
ab:f6:de:28:ae:6d:0b:76:b6:f9:ee:33:1e:ee:c5:
7b:ab:89:e1:76:72:f3:3d:c5:ba:92:c2:54:bf:c4:
f9:c1:13:75:51:1a:57:62:d2:11:38:ed:e6:4e:42:
7a:52:50:8c:8f:1e:47:7e:fc:d1:a3:b6:e1:e5:50:
a7:66:d1:7a:f2:e4:59:2f:15:bd:ac:d8:1a:02:c6:
1c:85:41:c6:ec:86:50:8a:33:0e:e9:db:b6:80:96:
45:a2:80:4b:bc:33:11:d7:84:49:06:2f:f2:e6:d9:
5c:59:88:47:83:db:53:6c:a4:ba:ce:f1:b0:31:0d:
90:ac:5e:4b:e0:45:63:e0:43:4d:3c:5f:9b:08:a3:
1e:67:4f:1e:3c:27:91:b8:62:a4:df:58:2d:cb:5c:
1a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:17:1E:A1:4E:0A:7F:2E:B8:2C:E1:ED:A7:E5:71:11:25:28:FB:C3
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/BhceoU4Kfy64LOHtp-VxESUo-8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2840::/29
2a0f:9e00::/29
2a10:7f00::/29
2a11:5c80::/29
2a12:4b00::/29
2a12:d5c0::/29
Signature Algorithm: sha256WithRSAEncryption
91:35:e0:56:12:cb:60:e5:29:a6:5d:1a:f3:7e:e3:7f:7a:d3:
e5:03:02:42:5e:d0:55:e2:08:7c:cb:2f:df:64:c9:a8:58:56:
17:ca:c2:91:df:ed:0b:77:64:9d:7c:0b:5d:39:4f:a2:f6:69:
72:17:27:26:33:cb:df:38:af:86:5c:ed:16:2f:f6:99:a5:5b:
d1:17:b4:ae:4b:48:79:88:73:a7:51:ae:c3:97:75:cf:37:12:
1b:04:36:a4:37:61:ae:84:19:f1:7f:04:b7:76:0d:91:3b:93:
2e:c9:6f:80:3a:92:bc:c8:26:8c:ad:f3:9f:bf:7c:b6:99:9e:
37:d5:56:7a:de:30:81:cd:eb:c3:6e:6e:25:00:9c:3b:0e:ab:
62:94:69:d7:71:51:07:4f:1a:85:82:8e:94:8d:0f:22:24:8d:
20:de:f5:59:4d:6d:b3:27:ce:51:ba:92:15:36:15:d1:48:5c:
23:cb:0e:2f:ba:6d:87:88:eb:2d:5b:af:3e:bb:ab:48:e0:b6:
13:eb:35:d7:38:8f:57:3d:79:4e:ab:44:7d:96:d2:e2:61:12:
4a:ce:d8:76:c6:a1:69:42:46:5e:2e:a3:37:d4:1d:bf:d5:a0:
92:ab:33:62:25:f2:37:28:82:62:03:b4:43:51:8b:c6:f9:4f:
de:77:c3:0b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZXWzsUpVTUGTWPIHV2iGvj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzI3MDg1MzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjE3MWVhMTRlMGE3ZjJlYjgyY2UxZWRhN2U1NzExMTI1MjhmYmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwU1WqW8pi0dqHDqEjs1kzhf7g9F
NPU1ZRgvOny9GDSHFCmenMrMxTOoDrw2PynD+9h5IPjuKy80e15IQZ22Moz1TGZh
auf5EMoIMeXz9147EN81SlKH8j6DnVg0h/IgPn1wrD/aXYSr9t4orm0Ldrb57jMe
7sV7q4nhdnLzPcW6ksJUv8T5wRN1URpXYtIROO3mTkJ6UlCMjx5HfvzRo7bh5VCn
ZtF68uRZLxW9rNgaAsYchUHG7IZQijMO6du2gJZFooBLvDMR14RJBi/y5tlcWYhH
g9tTbKS6zvGwMQ2QrF5L4EVj4ENNPF+bCKMeZ08ePCeRuGKk31gty1wa1wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAYXHqFOCn8uuCzh7aflcRElKPvDMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQmhjZW9VNEtmeTY0TE9IdHAtVnhFU1VvLThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKg8oQAMF
AyoPngADBQMqEH8AAwUDKhFcgAMFAyoSSwADBQMqEtXAMA0GCSqGSIb3DQEBCwUA
A4IBAQCRNeBWEstg5SmmXRrzfuN/etPlAwJCXtBV4gh8yy/fZMmoWFYXysKR3+0L
d2SdfAtdOU+i9mlyFycmM8vfOK+GXO0WL/aZpVvRF7SuS0h5iHOnUa7Dl3XPNxIb
BDakN2GuhBnxfwS3dg2RO5MuyW+AOpK8yCaMrfOfv3y2mZ431VZ63jCBzevDbm4l
AJw7DqtilGnXcVEHTxqFgo6UjQ8iJI0g3vVZTW2zJ85RupIVNhXRSFwjyw4vum2H
iOstW68+u6tI4LYT6zXXOI9XPXlOq0R9ltLiYRJKzth2xqFpQkZeLqM31B2/1aCS
qzNiJfI3KIJiA7RDUYvG+U/ed8ML
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:49:21 2025 by rpki-client