Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/bp7l68XHMmItGN6A5EZM0AXoaSA.roa
File: bp7l68XHMmItGN6A5EZM0AXoaSA.roa (raw, json)
Hash identifier: fjmOaIyuHCn7hGx30Lc37BGAdOgQ+MO5eqzTQ1uJaKY=
Subject key identifier: 6E:9E:E5:EB:C5:C7:32:62:2D:18:DE:80:E4:46:4C:D0:05:E8:69:20
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018CC8DFA4A12764B6BA10236EDF1422FA9D
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/bp7l68XHMmItGN6A5EZM0AXoaSA.roa
Signing time: Tue 02 Jan 2024 06:32:29 +0000
ROA not before: Tue 02 Jan 2024 06:32:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201231
IP address blocks: 91.103.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:a4:a1:27:64:b6:ba:10:23:6e:df:14:22:fa:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 06:32:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e9ee5ebc5c732622d18de80e4464cd005e86920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:5b:8c:09:e4:28:db:59:ca:02:a2:3c:83:da:
be:a8:87:7a:cb:3b:bf:f0:5c:e9:98:05:2c:a7:95:
ae:7c:6c:ab:b3:59:43:f1:cc:5a:79:9e:33:7c:9b:
fa:91:b3:04:6b:26:4c:6e:13:9d:20:83:1d:b8:51:
c2:45:c8:38:95:a0:cd:2e:93:37:17:58:1c:bb:af:
19:69:ab:2c:7e:72:e0:8f:97:aa:48:f5:7e:ed:f9:
4e:9b:05:f9:46:e1:18:e3:1c:22:e6:d4:2b:2e:b2:
ea:f2:13:00:41:71:d5:11:7c:64:cb:c2:f1:f2:b3:
13:4f:c5:c4:c8:1c:d8:09:87:b5:c4:45:ee:2a:92:
17:b8:14:06:24:da:12:83:c3:19:44:15:38:0a:17:
35:ae:0e:84:8a:b8:b5:df:d2:73:b2:91:37:25:15:
dc:5f:3b:41:ec:25:b6:42:61:34:bb:61:eb:35:13:
d2:67:05:c6:54:bf:fd:7e:e7:cb:44:b2:b0:3b:d6:
f4:d9:4d:25:80:12:f6:b4:5e:78:c4:82:5e:f6:7e:
e1:c2:47:ee:76:1b:44:fb:2f:1a:63:f1:1f:55:e2:
0d:16:1c:9e:5f:4d:a4:e4:8f:10:c4:fd:35:07:fc:
e9:eb:66:eb:36:ef:96:bd:82:53:8d:a1:20:1d:3b:
10:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:9E:E5:EB:C5:C7:32:62:2D:18:DE:80:E4:46:4C:D0:05:E8:69:20
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/bp7l68XHMmItGN6A5EZM0AXoaSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.254.0/24
Signature Algorithm: sha256WithRSAEncryption
30:49:d0:d8:26:5f:9f:c9:50:77:9b:98:4d:77:5f:2a:7d:62:
e8:ad:da:e8:5b:1f:39:f3:cf:3e:c4:2c:ca:09:85:85:82:45:
4b:67:6d:40:e5:58:2b:aa:3a:69:cf:90:6b:cb:7e:ea:cc:18:
a3:ba:2b:ba:c1:8a:df:bf:26:a7:a9:a6:07:1d:ac:b0:b5:77:
e7:15:b3:1f:0e:55:a7:32:62:73:5d:58:ce:8c:b8:e8:74:e9:
68:3a:d6:4b:91:51:c5:25:10:b9:7c:c8:80:5a:5d:28:2b:fc:
20:06:39:51:05:92:87:5f:2c:0c:94:2c:a3:d3:ca:9f:df:45:
0d:6f:55:d3:8b:36:b0:67:10:f0:23:c1:19:3b:da:b6:aa:e5:
a6:38:f5:ae:a8:30:d9:39:f0:08:f9:00:12:b5:f4:17:0f:21:
a5:2c:9e:81:9d:57:dd:c6:bd:0e:0a:3b:6d:f2:80:4e:65:af:
3f:c3:9b:90:01:1c:f5:47:ae:0a:05:ae:08:be:3e:e2:4b:59:
5b:62:8d:4b:48:8e:cd:16:f4:08:93:bf:05:73:e0:26:02:7e:
2a:52:ba:8a:ae:24:2b:66:4e:fb:4d:70:3d:c4:fa:72:c8:db:
b8:4e:06:d4:e6:02:a1:3b:93:92:03:58:62:36:52:9c:6f:c2:
3c:d0:a5:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI36ShJ2S2uhAjbt8UIvqdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTllZTVlYmM1YzczMjYyMmQxOGRlODBlNDQ2NGNkMDA1ZTg2OTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVuMCeQo21nKAqI8g9q+qId6yzu/
8FzpmAUsp5WufGyrs1lD8cxaeZ4zfJv6kbMEayZMbhOdIIMduFHCRcg4laDNLpM3
F1gcu68ZaassfnLgj5eqSPV+7flOmwX5RuEY4xwi5tQrLrLq8hMAQXHVEXxky8Lx
8rMTT8XEyBzYCYe1xEXuKpIXuBQGJNoSg8MZRBU4Chc1rg6Eiri139JzspE3JRXc
XztB7CW2QmE0u2HrNRPSZwXGVL/9fufLRLKwO9b02U0lgBL2tF54xIJe9n7hwkfu
dhtE+y8aY/EfVeINFhyeX02k5I8QxP01B/zp62brNu+WvYJTjaEgHTsQ2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG6e5evFxzJiLRjegORGTNAF6GkgMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvYnA3bDY4WEhNbUl0R042QTVFWk0wQVhvYVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2f+MA0G
CSqGSIb3DQEBCwUAA4IBAQAwSdDYJl+fyVB3m5hNd18qfWLordroWx85888+xCzK
CYWFgkVLZ21A5Vgrqjppz5Bry37qzBijuiu6wYrfvyanqaYHHaywtXfnFbMfDlWn
MmJzXVjOjLjodOloOtZLkVHFJRC5fMiAWl0oK/wgBjlRBZKHXywMlCyj08qf30UN
b1XTizawZxDwI8EZO9q2quWmOPWuqDDZOfAI+QAStfQXDyGlLJ6BnVfdxr0OCjtt
8oBOZa8/w5uQARz1R64KBa4Ivj7iS1lbYo1LSI7NFvQIk78Fc+AmAn4qUrqKriQr
Zk77TXA9xPpyyNu4TgbU5gKhO5OSA1hiNlKcb8I80KW4
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:33:17 2025 by rpki-client