Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Ba_dpc_6avIyq2YxLQFRjYaE5ck.roa
File: Ba_dpc_6avIyq2YxLQFRjYaE5ck.roa (raw, json)
Hash identifier: P9aXY6OlMYDQ4/0CZsRl27IxjRdB4ocLzonIYVX+VTk=
Subject key identifier: 05:AF:DD:A5:CF:FA:6A:F2:32:AB:66:31:2D:01:51:8D:86:84:E5:C9
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018ED129E36B0C728D07D570B3CE5DBE4066
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Ba_dpc_6avIyq2YxLQFRjYaE5ck.roa
Signing time: Fri 12 Apr 2024 07:16:07 +0000
ROA not before: Fri 12 Apr 2024 07:16:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 192.36.247.0/24 maxlen: 24
192.71.84.0/24 maxlen: 24
192.71.254.0/23 maxlen: 24
192.71.255.0/24 maxlen: 24
193.182.113.0/24 maxlen: 24
193.234.120.0/22 maxlen: 24
2a01:280:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 12 Apr 2024 07:19:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d1:29:e3:6b:0c:72:8d:07:d5:70:b3:ce:5d:be:40:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Apr 12 07:16:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05afdda5cffa6af232ab66312d01518d8684e5c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:10:0a:1c:2f:ba:b3:15:69:d0:63:cc:61:bb:
93:d7:91:88:01:83:7b:23:91:f7:72:04:36:73:96:
14:61:bd:3a:01:63:e3:55:11:e7:6a:3d:b6:c9:cb:
1a:a7:e0:bf:82:89:19:4b:8e:d0:73:e0:bd:0c:0d:
e6:c9:bc:99:27:38:a9:cb:ce:08:b9:e9:da:b7:78:
b7:ff:be:a0:86:94:da:d8:fe:b4:ba:64:08:08:25:
bd:fe:b5:2c:16:31:c4:38:d7:27:c6:0e:6f:24:a7:
71:a3:60:08:87:fd:73:dd:a8:a0:b4:79:e2:fd:74:
8d:2d:88:70:6e:84:fd:c1:26:f2:97:20:8d:67:8d:
09:b5:b9:fc:5b:9e:9b:22:ff:d2:25:b6:c5:93:bc:
6b:d2:b9:b8:78:df:9b:b9:1b:57:7b:59:4e:df:cd:
98:67:ed:af:b0:8c:a8:46:4e:76:db:47:0b:5d:d4:
0a:11:7e:2c:71:94:43:67:6a:81:73:8c:6b:9a:f8:
7c:25:5a:fc:1e:9c:e4:5c:c2:a7:f7:2f:ec:f3:95:
d5:91:5f:fe:48:59:68:81:a2:95:7b:40:20:a2:8f:
54:09:37:97:b5:40:57:e4:aa:57:5b:b3:42:b8:5d:
b0:06:08:de:5a:42:b6:70:65:83:f4:b2:2d:e8:e6:
dc:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:AF:DD:A5:CF:FA:6A:F2:32:AB:66:31:2D:01:51:8D:86:84:E5:C9
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Ba_dpc_6avIyq2YxLQFRjYaE5ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.247.0/24
192.71.84.0/24
192.71.254.0/23
193.182.113.0/24
193.234.120.0/22
IPv6:
2a01:280:6::/48
Signature Algorithm: sha256WithRSAEncryption
1a:e1:d9:f1:a1:34:1a:77:40:56:aa:5e:5c:32:f5:a5:30:a1:
b7:83:b7:a0:28:55:d4:8a:ec:da:76:00:8a:6f:2d:c4:26:9d:
22:f2:9a:b3:4a:0f:62:2e:8e:bc:b7:2f:4d:37:69:a8:76:8e:
29:a8:ba:b9:65:ce:20:4f:6d:86:e4:fb:d4:da:d0:f9:a6:08:
11:c0:e6:51:0c:39:ec:7d:ce:97:c6:3f:4a:cc:ef:df:1a:a6:
a6:15:09:1d:a4:5c:74:9b:b9:d0:23:c8:94:45:0a:c4:96:62:
6d:0e:43:c7:72:71:20:f5:4d:a1:69:45:6a:dc:2c:28:61:e5:
54:66:91:01:ce:75:9f:64:82:92:4d:2c:72:cf:83:34:38:a0:
80:6f:94:05:11:6a:24:f1:cc:d6:d8:0d:73:48:0b:9c:22:ed:
49:55:fc:4f:ec:c6:a1:e6:43:f9:c1:8c:c1:0a:13:24:f7:83:
99:43:ff:2b:72:fb:00:82:fa:7d:ca:46:a9:21:78:7e:a8:3c:
3c:5c:fa:d7:fe:ad:9d:35:0a:17:b6:c6:90:b0:a1:31:fb:55:
7f:b7:a1:ce:f8:83:dd:dc:f4:28:7f:ac:c1:ea:ba:92:a5:e4:
07:a9:d3:df:3c:91:7c:0a:8d:7b:8d:cb:ff:48:f7:95:c7:a8:
76:be:a4:3c
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY7RKeNrDHKNB9Vws85dvkBmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwNDEyMDcxNjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWFmZGRhNWNmZmE2YWYyMzJhYjY2MzEyZDAxNTE4ZDg2ODRlNWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhAKHC+6sxVp0GPMYbuT15GIAYN7
I5H3cgQ2c5YUYb06AWPjVRHnaj22ycsap+C/gokZS47Qc+C9DA3mybyZJzipy84I
uenat3i3/76ghpTa2P60umQICCW9/rUsFjHEONcnxg5vJKdxo2AIh/1z3aigtHni
/XSNLYhwboT9wSbylyCNZ40Jtbn8W56bIv/SJbbFk7xr0rm4eN+buRtXe1lO382Y
Z+2vsIyoRk5220cLXdQKEX4scZRDZ2qBc4xrmvh8JVr8HpzkXMKn9y/s85XVkV/+
SFlogaKVe0Agoo9UCTeXtUBX5KpXW7NCuF2wBgjeWkK2cGWD9LIt6ObckQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFAWv3aXP+mryMqtmMS0BUY2GhOXJMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvQmFfZHBjXzZhdkl5cTJZeExRRlJqWWFFNWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAwCT3AwQA
wEdUAwQBwEf+AwQAwbZxAwQCwep4MA8EAgACMAkDBwAqAQKAAAYwDQYJKoZIhvcN
AQELBQADggEBABrh2fGhNBp3QFaqXlwy9aUwobeDt6AoVdSK7Np2AIpvLcQmnSLy
mrNKD2Iujry3L003aah2jimourllziBPbYbk+9Ta0PmmCBHA5lEMOex9zpfGP0rM
798apqYVCR2kXHSbudAjyJRFCsSWYm0OQ8dycSD1TaFpRWrcLChh5VRmkQHOdZ9k
gpJNLHLPgzQ4oIBvlAURaiTxzNbYDXNIC5wi7UlV/E/sxqHmQ/nBjMEKEyT3g5lD
/yty+wCC+n3KRqkheH6oPDxc+tf+rZ01Che2xpCwoTH7VX+3oc74g93c9Ch/rMHq
upKl5Aep0988kXwKjXuNy/9I95XHqHa+pDw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:13 2025 by rpki-client