Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/bM6JcSLvZTbWymvQtlNUSTC-YQE.roa
File: bM6JcSLvZTbWymvQtlNUSTC-YQE.roa (raw, json)
Hash identifier: blh2g3MOHuE7diQXZaL19DvSv4YFmYBce9/KMbKvYE4=
Subject key identifier: 6C:CE:89:71:22:EF:65:36:D6:CA:6B:D0:B6:53:54:49:30:BE:61:01
Certificate issuer: /CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Certificate serial: 0193E4773E0968A682ADFAD99D14E2D4C05D
Authority key identifier: B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/bM6JcSLvZTbWymvQtlNUSTC-YQE.roa
Signing time: Fri 20 Dec 2024 14:27:20 +0000
ROA not before: Fri 20 Dec 2024 14:27:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 153.112.128.0/24 maxlen: 24
153.112.195.0/24 maxlen: 24
153.112.200.0/24 maxlen: 24
153.112.205.0/24 maxlen: 24
153.112.216.0/24 maxlen: 24
153.112.217.0/24 maxlen: 24
153.112.223.0/24 maxlen: 24
153.112.224.0/24 maxlen: 24
153.112.225.0/24 maxlen: 24
153.112.226.0/24 maxlen: 24
153.112.227.0/24 maxlen: 24
153.112.228.0/24 maxlen: 24
153.112.229.0/24 maxlen: 24
153.112.230.0/24 maxlen: 24
153.112.231.0/24 maxlen: 24
192.131.25.0/24 maxlen: 24
192.157.12.0/23 maxlen: 23
192.157.12.0/24 maxlen: 24
192.157.14.0/24 maxlen: 24
192.157.15.0/24 maxlen: 24
192.157.16.0/23 maxlen: 23
193.53.25.0/24 maxlen: 24
193.53.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Dec 2024 14:28:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e4:77:3e:09:68:a6:82:ad:fa:d9:9d:14:e2:d4:c0:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Validity
Not Before: Dec 20 14:27:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cce897122ef6536d6ca6bd0b653544930be6101
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:06:f9:f3:5f:56:01:99:62:ef:2b:21:ed:df:
2a:b1:f3:ac:f9:31:26:ec:98:b6:69:30:3c:c1:fe:
3d:2b:ea:da:61:cb:ef:ff:80:2e:d7:51:a6:01:2f:
ee:e9:5a:c7:2b:91:39:e0:d2:2a:01:49:4f:2e:4f:
1c:8b:2d:a8:91:a4:93:65:76:a3:c1:75:56:ee:73:
fe:92:93:4c:d5:ed:c3:6b:88:10:8a:af:70:5d:52:
d6:25:ea:be:90:2c:04:0c:bf:10:8d:bf:bc:18:81:
8b:52:b3:fe:2a:a4:7e:d0:c5:ee:6d:d2:91:84:fb:
e0:b1:7f:4b:23:30:1c:66:ef:4a:41:db:6c:fa:8d:
5d:03:8d:14:fa:7f:54:7f:dc:5f:9f:b1:fc:c8:ce:
c5:ec:17:75:42:80:d6:05:89:ff:4d:ed:50:d1:c6:
b1:95:a0:db:61:28:13:f1:41:69:26:34:f4:09:b2:
67:86:e4:9b:67:cf:2d:03:7e:69:a7:b3:ad:d0:73:
e9:e0:25:a5:c0:4e:e7:57:81:c5:4b:76:31:6d:a0:
9b:29:ea:f3:35:cc:36:20:43:6b:c2:e5:94:86:fb:
46:82:79:e7:30:48:31:bb:03:3e:39:0a:5b:fd:30:
8e:0e:8a:72:6a:cc:aa:5c:43:6c:77:81:5f:1e:44:
a3:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:CE:89:71:22:EF:65:36:D6:CA:6B:D0:B6:53:54:49:30:BE:61:01
X509v3 Authority Key Identifier:
keyid:B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/bM6JcSLvZTbWymvQtlNUSTC-YQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.112.128.0/24
153.112.195.0/24
153.112.200.0/24
153.112.205.0/24
153.112.216.0/23
153.112.223.0-153.112.231.255
192.131.25.0/24
192.157.12.0-192.157.17.255
193.53.25.0/24
193.53.29.0/24
Signature Algorithm: sha256WithRSAEncryption
76:82:08:93:95:f8:df:15:52:df:e2:3c:d9:6f:d6:fe:84:e3:
f7:4f:85:00:f4:89:f5:c8:41:6e:7a:fa:81:3c:16:7f:60:8c:
a7:85:ed:3f:92:c2:cb:33:ea:92:3e:ef:03:f3:67:ca:a9:3e:
4f:3b:d9:98:a9:c8:42:f6:c0:93:22:db:6a:f1:aa:79:f5:39:
d0:4b:c0:f6:e1:05:0c:5c:a3:48:e1:4b:c3:38:73:cd:fe:ee:
df:07:3d:b8:b8:2b:1b:b1:cf:cc:f4:4e:75:03:c6:7f:47:64:
00:6a:93:50:84:8c:57:8b:82:29:c1:15:b2:80:ba:bd:55:4d:
9e:fa:96:7f:03:e9:df:d2:c8:2f:c5:5c:15:3b:ac:54:bd:fb:
34:d6:45:12:00:c4:d9:07:55:fa:f7:b5:57:05:25:a4:5d:c0:
77:ec:de:7d:a2:62:b9:7e:6b:46:7c:83:f0:d1:4b:68:55:ba:
57:2e:62:18:5f:69:ad:7d:cd:ef:89:74:94:65:38:bd:36:32:
6c:90:15:65:ad:23:ce:b5:d2:16:be:b3:8d:c9:89:e2:0c:1d:
9b:60:fb:10:f7:66:11:ec:4d:eb:c0:b8:a3:49:8f:df:34:8e:
c5:51:31:9b:98:55:e3:be:e9:54:94:75:78:e6:2b:af:0b:e7:
93:b6:da:ea
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZPkdz4JaKaCrfrZnRTi1MBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODUyZmZiYTdkNTdjNWE4YWZiYjZlYTViZWFmN2RmZWMw
YzE0NWEwHhcNMjQxMjIwMTQyNzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2NlODk3MTIyZWY2NTM2ZDZjYTZiZDBiNjUzNTQ0OTMwYmU2MTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4gb5819WAZli7ysh7d8qsfOs+TEm
7Ji2aTA8wf49K+raYcvv/4Au11GmAS/u6VrHK5E54NIqAUlPLk8ciy2okaSTZXaj
wXVW7nP+kpNM1e3Da4gQiq9wXVLWJeq+kCwEDL8Qjb+8GIGLUrP+KqR+0MXubdKR
hPvgsX9LIzAcZu9KQdts+o1dA40U+n9Uf9xfn7H8yM7F7Bd1QoDWBYn/Te1Q0cax
laDbYSgT8UFpJjT0CbJnhuSbZ88tA35pp7Ot0HPp4CWlwE7nV4HFS3YxbaCbKerz
Ncw2IENrwuWUhvtGgnnnMEgxuwM+OQpb/TCODopyasyqXENsd4FfHkSjhwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFGzOiXEi72U21spr0LZTVEkwvmEBMB8GA1UdIwQY
MBaAFLSFL/un1Xxaivu26lvq99/sDBRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQt
ZjcxMDM4ZTk2N2E0LzEvYk02SmNTTHZaVGJXeW12UXRsTlVTVEMtWVFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQtZjcxMDM4ZTk2N2E0
LzEvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAmXCAAwQA
mXDDAwQAmXDIAwQAmXDNAwQBmXDYMAwDBACZcN8DBAOZcOADBADAgxkwDAMEAsCd
DAMEAcCdEAMEAME1GQMEAME1HTANBgkqhkiG9w0BAQsFAAOCAQEAdoIIk5X43xVS
3+I82W/W/oTj90+FAPSJ9chBbnr6gTwWf2CMp4XtP5LCyzPqkj7vA/Nnyqk+TzvZ
mKnIQvbAkyLbavGqefU50EvA9uEFDFyjSOFLwzhzzf7u3wc9uLgrG7HPzPROdQPG
f0dkAGqTUISMV4uCKcEVsoC6vVVNnvqWfwPp39LIL8VcFTusVL37NNZFEgDE2QdV
+ve1VwUlpF3Ad+zefaJiuX5rRnyD8NFLaFW6Vy5iGF9prX3N74l0lGU4vTYybJAV
Za0jzrXSFr6zjcmJ4gwdm2D7EPdmEexN68C4o0mP3zSOxVExm5hV477pVJR1eOYr
rwvnk7ba6g==
-----END CERTIFICATE-----
Generated at Sat Jun 7 18:30:03 2025 by rpki-client