Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bcATZzsrxGhAPcP9iFBo5UoUq98.roa
File: bcATZzsrxGhAPcP9iFBo5UoUq98.roa (raw, json)
Hash identifier: tRj93RZ7fudqt+Th6/mpFuc6RVWJ7qpA+58tPifk3Nc=
Subject key identifier: 6D:C0:13:67:3B:2B:C4:68:40:3D:C3:FD:88:50:68:E5:4A:14:AB:DF
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019567537E75032C8F14F5289E02E0FEF43C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bcATZzsrxGhAPcP9iFBo5UoUq98.roa
Signing time: Wed 05 Mar 2025 17:21:19 +0000
ROA not before: Wed 05 Mar 2025 17:21:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 45.9.117.0/24 maxlen: 24
45.118.248.0/24 maxlen: 24
45.130.60.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.140.13.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
45.152.208.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
185.126.66.0/24 maxlen: 24
193.23.245.0/24 maxlen: 24
194.33.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Mar 2025 18:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:67:53:7e:75:03:2c:8f:14:f5:28:9e:02:e0:fe:f4:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 5 17:21:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6dc013673b2bc468403dc3fd885068e54a14abdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fd:21:15:fb:40:c9:6f:30:91:5b:e5:71:5b:
e6:ae:5a:fd:64:ee:3b:94:d3:46:0d:80:34:26:8f:
ca:25:43:51:d4:5b:6d:d6:e7:6d:69:da:cd:28:dc:
b3:8e:0e:74:3a:9d:23:77:9c:f4:59:11:7e:ec:55:
4d:3b:46:1c:c4:b1:06:ef:8b:fa:6c:e8:50:f2:b1:
f2:dd:74:75:42:af:f2:87:ad:6d:d5:34:43:5b:23:
8c:ac:c0:c4:ff:cc:1a:6c:7f:a7:ef:5a:5c:86:14:
3f:a7:7e:70:73:92:5d:5b:aa:bd:96:cc:94:c4:26:
1f:7d:a5:e5:b6:46:20:7e:47:8e:c3:13:0f:30:5a:
35:67:8c:02:f9:93:32:58:e8:03:20:c1:e3:ab:d3:
8c:33:6c:7e:6a:34:1c:28:72:53:03:c9:53:ec:35:
91:56:2b:d8:ba:07:65:b0:db:eb:9c:5b:32:9b:69:
ef:00:9d:b0:5b:21:77:86:f6:e0:07:de:ac:0b:f1:
61:6b:45:5a:37:9f:7c:51:eb:9b:b3:03:9e:85:e2:
4f:21:32:5a:fc:c4:ed:be:45:0d:f2:7f:a0:b7:1e:
44:82:4f:91:a5:fd:e3:43:95:1e:f5:01:f5:d4:39:
8f:89:af:d6:81:63:18:5b:5c:b1:e7:94:bc:02:70:
22:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C0:13:67:3B:2B:C4:68:40:3D:C3:FD:88:50:68:E5:4A:14:AB:DF
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bcATZzsrxGhAPcP9iFBo5UoUq98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.118.248.0/24
45.130.60.0/24
45.131.215.0/24
45.137.81.0/24
45.140.13.0/24
45.141.177.0/24
45.152.208.0/24
85.209.128.0/24
103.114.43.0/24
185.122.171.0/24
185.126.64.0/24
185.126.66.0/24
193.23.245.0/24
194.33.29.0/24
Signature Algorithm: sha256WithRSAEncryption
90:45:9a:f5:05:ad:2b:9b:b7:51:7c:ec:cc:fb:a1:72:c7:9a:
cc:d9:77:36:8f:e2:77:d7:92:64:b4:27:df:9a:19:65:c7:23:
2d:d8:7d:e1:9e:db:8a:13:ce:12:0e:18:b5:8c:ef:56:87:ad:
70:59:04:d5:00:e3:f8:18:76:18:a0:c2:dc:95:bc:6f:79:20:
20:00:d8:f0:a3:dd:d4:e8:8b:f5:02:af:89:e2:13:d0:a5:6c:
46:27:4c:07:40:55:6e:d5:5c:7f:5b:99:33:04:b6:88:4f:59:
01:eb:34:03:e3:f2:7f:18:cb:b0:0a:68:cf:4a:f5:81:ba:c3:
ae:cb:37:44:25:e8:b4:f6:6d:a7:05:fa:16:53:11:bf:51:91:
81:3a:ab:26:db:e5:41:e7:e3:e9:cd:40:7b:91:ff:c8:b5:1e:
1a:d5:88:44:03:73:0a:8c:8d:d9:eb:da:f4:39:ba:99:9d:64:
c1:f8:c9:b8:4d:72:6e:c6:f6:bd:17:95:93:fd:96:c9:75:ab:
b1:3b:df:71:49:83:2d:8c:2d:c2:49:24:87:50:cf:ee:98:da:
fa:67:b6:04:00:c9:bf:c5:eb:d6:81:84:f7:ee:2f:df:d6:65:
c3:61:b3:1a:8e:65:93:60:f2:8c:cf:cf:9f:ee:74:c9:28:db:
37:a1:ed:68
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZVnU351AyyPFPUongLg/vQ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzA1MTcyMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGMwMTM2NzNiMmJjNDY4NDAzZGMzZmQ4ODUwNjhlNTRhMTRhYmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2v0hFftAyW8wkVvlcVvmrlr9ZO47
lNNGDYA0Jo/KJUNR1Ftt1udtadrNKNyzjg50Op0jd5z0WRF+7FVNO0YcxLEG74v6
bOhQ8rHy3XR1Qq/yh61t1TRDWyOMrMDE/8wabH+n71pchhQ/p35wc5JdW6q9lsyU
xCYffaXltkYgfkeOwxMPMFo1Z4wC+ZMyWOgDIMHjq9OMM2x+ajQcKHJTA8lT7DWR
VivYugdlsNvrnFsym2nvAJ2wWyF3hvbgB96sC/Fha0VaN598UeubswOeheJPITJa
/MTtvkUN8n+gtx5Egk+Rpf3jQ5Ue9QH11DmPia/WgWMYW1yx55S8AnAibwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFG3AE2c7K8RoQD3D/YhQaOVKFKvfMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYmNBVFp6c3J4R2hBUGNQOWlGQm81VW9VcTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQALQl1AwQA
LXb4AwQALYI8AwQALYPXAwQALYlRAwQALYwNAwQALY2xAwQALZjQAwQAVdGAAwQA
Z3IrAwQAuXqrAwQAuX5AAwQAuX5CAwQAwRf1AwQAwiEdMA0GCSqGSIb3DQEBCwUA
A4IBAQCQRZr1Ba0rm7dRfOzM+6Fyx5rM2Xc2j+J315JktCffmhllxyMt2H3hntuK
E84SDhi1jO9Wh61wWQTVAOP4GHYYoMLclbxveSAgANjwo93U6Iv1Aq+J4hPQpWxG
J0wHQFVu1Vx/W5kzBLaIT1kB6zQD4/J/GMuwCmjPSvWBusOuyzdEJei09m2nBfoW
UxG/UZGBOqsm2+VB5+PpzUB7kf/ItR4a1YhEA3MKjI3Z69r0ObqZnWTB+Mm4TXJu
xva9F5WT/ZbJdauxO99xSYMtjC3CSSSHUM/umNr6Z7YEAMm/xevWgYT37i/f1mXD
YbMajmWTYPKMz8+f7nTJKNs3oe1o
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:29 2025 by rpki-client