Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/ed7c8a-3952-4401-9dd4-44692dbccb32/1/bh913sFsXZYNOfSl-ILYM0hPMn0.roa
File: bh913sFsXZYNOfSl-ILYM0hPMn0.roa (raw, json)
Hash identifier: F0dtyxFrw7VfBteOvmcKGtQakq4NdDeta6ME6hnL/gI=
Subject key identifier: 6E:1F:75:DE:C1:6C:5D:96:0D:39:F4:A5:F8:82:D8:33:48:4F:32:7D
Certificate issuer: /CN=9a4d76dd2f46068b0871ad4500ac6e577afe469c
Certificate serial: 018CC794880DA85A6EA68FC4A30D29FFE4E2
Authority key identifier: 9A:4D:76:DD:2F:46:06:8B:08:71:AD:45:00:AC:6E:57:7A:FE:46:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mk123S9GBosIca1FAKxuV3r-Rpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/ed7c8a-3952-4401-9dd4-44692dbccb32/1/bh913sFsXZYNOfSl-ILYM0hPMn0.roa
Signing time: Tue 02 Jan 2024 00:30:49 +0000
ROA not before: Tue 02 Jan 2024 00:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51696
IP address blocks: 94.142.134.0/23 maxlen: 32
2a0c:1000::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 29 Feb 2024 14:39:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:88:0d:a8:5a:6e:a6:8f:c4:a3:0d:29:ff:e4:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a4d76dd2f46068b0871ad4500ac6e577afe469c
Validity
Not Before: Jan 2 00:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e1f75dec16c5d960d39f4a5f882d833484f327d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6e:aa:7d:c0:0d:ad:7e:a0:86:70:64:05:ff:
f9:f0:1c:0b:10:0a:cc:18:18:8b:22:7e:9c:ae:ba:
f8:be:a1:fe:50:dc:54:38:9b:50:aa:a4:57:81:c4:
9b:d0:4c:c9:e2:d7:51:15:70:2d:72:55:b0:33:62:
2a:7b:90:d2:7b:65:b2:9c:59:32:8c:dd:c1:91:e5:
ff:5e:27:da:ad:22:25:b1:62:a2:8f:5d:6b:0a:d1:
43:9b:77:e9:99:28:95:56:0a:16:e1:36:df:9d:c6:
2a:f6:fd:19:5d:03:37:d5:30:3d:ff:c1:ee:b4:c4:
e6:9f:8a:f8:70:1a:7b:f3:f5:52:8e:e4:1b:17:cf:
9f:77:fc:e7:aa:65:a1:35:d3:b8:37:20:a9:40:33:
57:54:e0:05:23:e9:24:52:c8:af:63:54:94:c7:20:
1e:82:42:f4:f3:57:df:db:f8:09:24:02:0e:cb:6c:
23:0e:46:ca:05:5d:d5:ae:09:de:a6:c8:ad:dd:4e:
33:c8:99:bd:6a:79:44:55:53:6d:9f:6e:d6:8f:ab:
a5:58:b8:36:8e:78:16:4a:2d:c4:75:06:ab:89:99:
8f:24:46:9b:c1:f9:74:9d:74:4d:9a:c8:d8:4f:35:
87:42:82:34:79:16:32:57:4d:d9:f1:0b:2e:1c:ef:
2c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:1F:75:DE:C1:6C:5D:96:0D:39:F4:A5:F8:82:D8:33:48:4F:32:7D
X509v3 Authority Key Identifier:
keyid:9A:4D:76:DD:2F:46:06:8B:08:71:AD:45:00:AC:6E:57:7A:FE:46:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mk123S9GBosIca1FAKxuV3r-Rpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ed7c8a-3952-4401-9dd4-44692dbccb32/1/bh913sFsXZYNOfSl-ILYM0hPMn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ed7c8a-3952-4401-9dd4-44692dbccb32/1/mk123S9GBosIca1FAKxuV3r-Rpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.134.0/23
IPv6:
2a0c:1000::/29
Signature Algorithm: sha256WithRSAEncryption
2a:c7:97:0d:d2:16:48:f8:6e:80:78:16:e9:15:7c:93:d0:03:
64:65:c0:04:9f:9e:94:58:1c:60:67:8c:ee:c9:26:78:76:09:
11:66:4a:e4:7b:4e:b8:19:0f:99:38:94:69:47:3f:86:ff:d6:
e7:bf:4c:66:0d:a5:d6:12:68:79:40:89:a5:8e:09:bd:5d:fe:
4a:ef:c0:af:f7:ed:58:aa:f1:59:d9:8f:3c:9c:43:3a:6c:38:
4e:47:b8:32:48:fc:f3:b7:5f:57:a0:a5:97:a9:ca:38:5a:44:
57:9c:72:7e:b5:c0:55:a5:72:16:d9:4e:e8:01:f5:92:d3:d9:
ae:bc:d7:05:33:99:19:3b:7b:8c:eb:2e:fe:ee:46:64:94:8e:
b9:6c:e0:39:a3:f4:03:dd:a8:26:82:f9:99:3a:79:d5:e2:14:
71:ca:e5:e4:5f:b7:30:d8:cc:a7:50:0a:11:c0:6e:f8:4f:5e:
01:12:2f:1d:e8:01:9a:8d:91:ea:70:9e:4a:ec:22:d1:aa:4a:
ea:66:dc:a3:05:41:d3:cc:1d:3a:68:47:d5:85:4e:c9:2d:c6:
ba:0e:cb:95:a0:e3:5a:04:7e:0d:29:48:aa:6a:f8:2b:21:0e:
e4:6d:56:41:42:9b:94:d6:7f:26:ec:ba:6e:5d:2f:65:59:cb:
7a:63:a7:a3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlIgNqFpupo/Eow0p/+TiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNGQ3NmRkMmY0NjA2OGIwODcxYWQ0NTAwYWM2ZTU3N2Fm
ZTQ2OWMwHhcNMjQwMTAyMDAzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTFmNzVkZWMxNmM1ZDk2MGQzOWY0YTVmODgyZDgzMzQ4NGYzMjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi26qfcANrX6ghnBkBf/58BwLEArM
GBiLIn6crrr4vqH+UNxUOJtQqqRXgcSb0EzJ4tdRFXAtclWwM2Iqe5DSe2WynFky
jN3BkeX/XifarSIlsWKij11rCtFDm3fpmSiVVgoW4TbfncYq9v0ZXQM31TA9/8Hu
tMTmn4r4cBp78/VSjuQbF8+fd/znqmWhNdO4NyCpQDNXVOAFI+kkUsivY1SUxyAe
gkL081ff2/gJJAIOy2wjDkbKBV3Vrgnepsit3U4zyJm9anlEVVNtn27Wj6ulWLg2
jngWSi3EdQariZmPJEabwfl0nXRNmsjYTzWHQoI0eRYyV03Z8QsuHO8sVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG4fdd7BbF2WDTn0pfiC2DNITzJ9MB8GA1UdIwQY
MBaAFJpNdt0vRgaLCHGtRQCsbld6/kacMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWsxMjNTOUdCb3NJY2ExRkFLeHVWM3ItUnB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lZDdjOGEtMzk1Mi00NDAxLTlkZDQt
NDQ2OTJkYmNjYjMyLzEvYmg5MTNzRnNYWllOT2ZTbC1JTFlNMGhQTW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lZDdjOGEtMzk1Mi00NDAxLTlkZDQtNDQ2OTJkYmNjYjMy
LzEvbWsxMjNTOUdCb3NJY2ExRkFLeHVWM3ItUnB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBXo6GMA0E
AgACMAcDBQMqDBAAMA0GCSqGSIb3DQEBCwUAA4IBAQAqx5cN0hZI+G6AeBbpFXyT
0ANkZcAEn56UWBxgZ4zuySZ4dgkRZkrke064GQ+ZOJRpRz+G/9bnv0xmDaXWEmh5
QImljgm9Xf5K78Cv9+1YqvFZ2Y88nEM6bDhOR7gySPzzt19XoKWXqco4WkRXnHJ+
tcBVpXIW2U7oAfWS09muvNcFM5kZO3uM6y7+7kZklI65bOA5o/QD3agmgvmZOnnV
4hRxyuXkX7cw2MynUAoRwG74T14BEi8d6AGajZHqcJ5K7CLRqkrqZtyjBUHTzB06
aEfVhU7JLca6DsuVoONaBH4NKUiqavgrIQ7kbVZBQpuU1n8m7LpuXS9lWct6Y6ej
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:36:44 2025 by rpki-client