Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/04a0f2-9b24-4491-b9ad-30fc6baf85f5/1/bf6DZHUnU9CeTUIj8KItCeVHmCo.roa
File: bf6DZHUnU9CeTUIj8KItCeVHmCo.roa (raw, json)
Hash identifier: 9LSQwoZQtv5Ff55Azb0lgUsplks4YWdS1GjwEBj/DkY=
Subject key identifier: 6D:FE:83:64:75:27:53:D0:9E:4D:42:23:F0:A2:2D:09:E5:47:98:2A
Certificate issuer: /CN=c13a8d7e3549fadf56b4e83fa49c16b73c9940b5
Certificate serial: 018CC2DB48F7BDA546BA63E3BE3320AEF183
Authority key identifier: C1:3A:8D:7E:35:49:FA:DF:56:B4:E8:3F:A4:9C:16:B7:3C:99:40:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wTqNfjVJ-t9WtOg_pJwWtzyZQLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/04a0f2-9b24-4491-b9ad-30fc6baf85f5/1/bf6DZHUnU9CeTUIj8KItCeVHmCo.roa
Signing time: Mon 01 Jan 2024 02:30:00 +0000
ROA not before: Mon 01 Jan 2024 02:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38915
IP address blocks: 178.21.216.0/21 maxlen: 21
193.203.220.0/23 maxlen: 23
2a00:1de0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:48:f7:bd:a5:46:ba:63:e3:be:33:20:ae:f1:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c13a8d7e3549fadf56b4e83fa49c16b73c9940b5
Validity
Not Before: Jan 1 02:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dfe8364752753d09e4d4223f0a22d09e547982a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d5:3c:9d:56:3c:96:2d:d6:f0:bb:9f:99:c1:
ef:df:70:c2:d4:3c:5c:1f:66:a6:68:22:24:96:aa:
62:2f:90:1c:ef:35:ae:d5:a6:aa:43:84:08:13:f1:
7d:3f:16:8e:93:07:a5:41:08:c8:bd:d2:1e:c7:fe:
f0:aa:13:ab:71:d7:ed:e3:92:fd:78:c7:3f:17:3c:
34:ab:98:cd:8c:81:99:9f:3d:5e:3f:f2:bb:b1:b4:
14:90:c6:0a:0e:e4:10:bc:5a:a2:66:12:03:a3:85:
a1:fd:cc:f6:7d:ea:ee:7c:5a:ce:ac:23:6a:08:17:
2f:6e:e9:6f:e0:57:bc:d8:b7:e9:95:17:d5:d2:e4:
48:74:b1:04:8f:6e:d7:20:10:1a:a7:92:35:c6:b6:
bc:23:90:a7:2f:eb:84:6e:0f:32:c0:2a:7d:8e:d8:
c8:04:a0:02:70:6b:d2:3b:33:87:50:c4:0d:85:42:
b9:16:a4:d1:af:f7:82:59:70:31:59:1b:68:b6:70:
4e:fb:f9:ce:2b:a0:6c:5d:77:cd:75:a6:99:a1:fc:
aa:44:45:5f:92:0d:71:35:37:42:a1:7f:16:20:30:
8d:a4:08:13:a4:93:cd:bf:9f:ca:e0:a3:be:b6:04:
7f:2b:84:93:0a:dc:33:f6:dc:d8:57:dd:32:f8:8e:
d1:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:FE:83:64:75:27:53:D0:9E:4D:42:23:F0:A2:2D:09:E5:47:98:2A
X509v3 Authority Key Identifier:
keyid:C1:3A:8D:7E:35:49:FA:DF:56:B4:E8:3F:A4:9C:16:B7:3C:99:40:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wTqNfjVJ-t9WtOg_pJwWtzyZQLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/04a0f2-9b24-4491-b9ad-30fc6baf85f5/1/bf6DZHUnU9CeTUIj8KItCeVHmCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/04a0f2-9b24-4491-b9ad-30fc6baf85f5/1/wTqNfjVJ-t9WtOg_pJwWtzyZQLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.216.0/21
193.203.220.0/23
IPv6:
2a00:1de0::/32
Signature Algorithm: sha256WithRSAEncryption
9a:36:14:de:42:87:ed:86:67:7a:40:00:e7:66:bb:79:bc:6c:
2f:d4:1a:a0:96:04:26:72:ce:ac:c4:05:43:d4:31:93:f0:82:
eb:a7:f8:c0:1a:d9:c3:d2:5f:b1:fd:e3:2a:e9:25:34:c1:75:
fc:c2:39:cb:8f:3e:c4:ba:e7:3d:7a:36:f7:95:0c:6e:df:1f:
a0:b1:85:de:cb:53:2c:41:0f:2f:3e:6e:1f:6e:9c:be:fc:49:
c3:96:d8:5d:5b:3b:7a:25:8d:c6:60:47:29:51:20:ce:7b:30:
c2:22:29:e9:b7:cb:65:4e:59:45:5e:c1:4a:21:9c:f7:63:7a:
f8:79:40:df:70:21:97:eb:91:24:f3:0c:54:6e:68:49:8a:cf:
74:3a:8f:72:4e:86:96:fd:79:85:fb:eb:de:52:a7:85:b1:02:
a9:26:9c:75:d1:c3:e6:45:a2:3a:5e:53:34:cc:25:79:a6:9c:
d9:18:76:f3:d6:32:29:00:14:45:9d:99:3f:03:e6:0b:cc:a3:
d1:36:9b:48:05:e3:23:69:02:7c:a7:52:04:54:6d:c0:d4:56:
c0:8e:c8:47:36:72:a4:10:4c:ea:ac:8c:85:a0:c2:9c:b5:c1:
6d:f2:7c:9d:e4:5d:35:fa:ee:5c:22:c2:0d:2e:c4:a6:bc:ff:
e8:95:00:ed
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC20j3vaVGumPjvjMgrvGDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxM2E4ZDdlMzU0OWZhZGY1NmI0ZTgzZmE0OWMxNmI3M2M5
OTQwYjUwHhcNMjQwMTAxMDIzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGZlODM2NDc1Mjc1M2QwOWU0ZDQyMjNmMGEyMmQwOWU1NDc5ODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9U8nVY8li3W8LufmcHv33DC1Dxc
H2amaCIklqpiL5Ac7zWu1aaqQ4QIE/F9PxaOkwelQQjIvdIex/7wqhOrcdft45L9
eMc/Fzw0q5jNjIGZnz1eP/K7sbQUkMYKDuQQvFqiZhIDo4Wh/cz2ferufFrOrCNq
CBcvbulv4Fe82LfplRfV0uRIdLEEj27XIBAap5I1xra8I5CnL+uEbg8ywCp9jtjI
BKACcGvSOzOHUMQNhUK5FqTRr/eCWXAxWRtotnBO+/nOK6BsXXfNdaaZofyqREVf
kg1xNTdCoX8WIDCNpAgTpJPNv5/K4KO+tgR/K4STCtwz9tzYV90y+I7RfQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFG3+g2R1J1PQnk1CI/CiLQnlR5gqMB8GA1UdIwQY
MBaAFME6jX41SfrfVrToP6ScFrc8mUC1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1RxTmZqVkotdDlXdE9nX3BKd1d0enlaUUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi8wNGEwZjItOWIyNC00NDkxLWI5YWQt
MzBmYzZiYWY4NWY1LzEvYmY2RFpIVW5VOUNlVFVJajhLSXRDZVZIbUNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi8wNGEwZjItOWIyNC00NDkxLWI5YWQtMzBmYzZiYWY4NWY1
LzEvd1RxTmZqVkotdDlXdE9nX3BKd1d0enlaUUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDshXYAwQB
wcvcMA0EAgACMAcDBQAqAB3gMA0GCSqGSIb3DQEBCwUAA4IBAQCaNhTeQofthmd6
QADnZrt5vGwv1BqglgQmcs6sxAVD1DGT8ILrp/jAGtnD0l+x/eMq6SU0wXX8wjnL
jz7Euuc9ejb3lQxu3x+gsYXey1MsQQ8vPm4fbpy+/EnDlthdWzt6JY3GYEcpUSDO
ezDCIinpt8tlTllFXsFKIZz3Y3r4eUDfcCGX65Ek8wxUbmhJis90Oo9yToaW/XmF
++veUqeFsQKpJpx10cPmRaI6XlM0zCV5ppzZGHbz1jIpABRFnZk/A+YLzKPRNptI
BeMjaQJ8p1IEVG3A1FbAjshHNnKkEEzqrIyFoMKctcFt8nyd5F01+u5cIsINLsSm
vP/olQDt
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:22:48 2025 by rpki-client