Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/179ed5-d253-4255-9017-88df125ba663/1/bCUiL5v26WPNGINgyBcNSYddgTw.roa
File: bCUiL5v26WPNGINgyBcNSYddgTw.roa (raw, json)
Hash identifier: ANj/6ychgb1PJaTOE9yB1qmQuDNxOpI44tvdTbsBpS0=
Subject key identifier: 6C:25:22:2F:9B:F6:E9:63:CD:18:83:60:C8:17:0D:49:87:5D:81:3C
Certificate issuer: /CN=4ce98606bc9a5d44074ff8cbedcbdbcfc35f0562
Certificate serial: 0192766B3CC1CB4C12EFCA23B2A30CEA74B4
Authority key identifier: 4C:E9:86:06:BC:9A:5D:44:07:4F:F8:CB:ED:CB:DB:CF:C3:5F:05:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TOmGBryaXUQHT_jL7cvbz8NfBWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/179ed5-d253-4255-9017-88df125ba663/1/bCUiL5v26WPNGINgyBcNSYddgTw.roa
Signing time: Thu 10 Oct 2024 12:33:11 +0000
ROA not before: Thu 10 Oct 2024 12:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31510
IP address blocks: 83.175.64.0/18 maxlen: 32
83.175.86.0/24 maxlen: 24
83.175.126.0/24 maxlen: 24
156.67.200.0/21 maxlen: 32
156.67.200.0/24 maxlen: 24
185.72.72.0/22 maxlen: 32
212.56.160.0/19 maxlen: 32
2a02:6180::/32 maxlen: 128
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:76:6b:3c:c1:cb:4c:12:ef:ca:23:b2:a3:0c:ea:74:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ce98606bc9a5d44074ff8cbedcbdbcfc35f0562
Validity
Not Before: Oct 10 12:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c25222f9bf6e963cd188360c8170d49875d813c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:af:3c:d9:f9:1d:1f:61:4e:b2:1e:65:63:a7:
97:da:e9:16:55:72:66:74:4f:cf:77:47:68:dd:51:
d0:fd:6f:db:14:e5:e3:28:8d:5c:4d:ae:69:75:29:
86:43:95:3a:d6:07:01:e8:33:4c:a6:2c:d5:75:9a:
95:c8:6a:ef:19:bc:4f:96:49:6f:6a:c8:ab:d7:c4:
22:02:65:75:57:dc:2a:cf:8a:fd:65:99:40:f8:6c:
c7:f0:40:7a:ab:e2:28:13:33:2e:3c:b2:be:dc:48:
cf:85:d5:7a:9f:1e:fa:06:2d:6f:ec:cd:36:4a:fe:
0e:e2:0d:2e:da:d4:1d:1f:97:88:d5:d0:3f:ec:63:
56:54:de:e2:04:9b:9f:4d:61:9e:bb:b3:fb:c8:06:
27:dd:2e:e9:22:58:f5:0f:6c:da:52:66:4a:42:c7:
dc:71:55:a6:fa:b4:43:8f:de:3d:16:69:3b:9b:b0:
80:cd:de:89:a8:3a:9b:67:7e:8b:5c:32:87:ca:26:
7e:3f:49:24:37:40:72:c8:74:e9:0e:3e:da:2a:1d:
d6:01:09:4d:5e:cf:5a:0c:b7:35:c5:bd:ac:a5:48:
61:bb:c1:10:89:f3:89:aa:86:00:48:e7:33:5d:05:
c0:25:0b:33:8f:17:ac:35:42:d9:58:31:9a:87:07:
17:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:25:22:2F:9B:F6:E9:63:CD:18:83:60:C8:17:0D:49:87:5D:81:3C
X509v3 Authority Key Identifier:
keyid:4C:E9:86:06:BC:9A:5D:44:07:4F:F8:CB:ED:CB:DB:CF:C3:5F:05:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOmGBryaXUQHT_jL7cvbz8NfBWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/179ed5-d253-4255-9017-88df125ba663/1/bCUiL5v26WPNGINgyBcNSYddgTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/179ed5-d253-4255-9017-88df125ba663/1/TOmGBryaXUQHT_jL7cvbz8NfBWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.175.64.0/18
156.67.200.0/21
185.72.72.0/22
212.56.160.0/19
IPv6:
2a02:6180::/32
Signature Algorithm: sha256WithRSAEncryption
99:7d:12:57:d8:3b:b0:b0:f2:31:ab:44:2f:ca:d4:3a:c1:4b:
66:5a:0e:78:ac:c2:c5:ce:ab:e5:63:a3:2d:27:60:bf:e4:8a:
1e:4a:9a:36:b1:94:4b:40:b1:79:18:1d:a3:e0:e8:74:1c:8d:
16:bc:65:44:0e:1b:dc:db:37:9c:eb:1a:9a:82:5a:35:36:c2:
38:3e:93:38:a3:27:95:ee:c0:b6:24:bd:8a:60:91:83:20:ad:
0c:1a:d6:64:dd:01:e3:5b:a3:9e:3e:38:99:4a:0d:e9:da:3a:
de:1f:a3:7e:0c:e2:a8:f0:33:3c:38:cf:c5:45:3c:2f:82:1f:
fd:3d:3f:97:86:e0:15:3f:34:bd:f2:6c:42:a7:92:ab:01:eb:
2a:77:4d:7e:41:43:63:ed:a9:e9:f0:fb:6a:93:7f:80:17:34:
cd:d4:53:da:ba:34:5c:4a:fc:c7:e1:04:56:d5:16:1d:4f:3c:
57:a8:51:9a:f3:be:6d:bc:49:c3:ce:c3:0d:c6:31:2c:5c:62:
52:4d:68:29:90:ea:66:92:ba:93:b3:b0:18:f3:67:1a:7e:46:
8b:cb:dd:86:a3:8c:db:c7:b2:b2:0a:2c:10:36:62:34:56:9b:
a8:d3:73:89:9c:55:99:a5:9b:69:c7:63:45:54:d0:05:81:72:
e1:a6:3c:68
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZJ2azzBy0wS78ojsqMM6nS0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTk4NjA2YmM5YTVkNDQwNzRmZjhjYmVkY2JkYmNmYzM1
ZjA1NjIwHhcNMjQxMDEwMTIzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzI1MjIyZjliZjZlOTYzY2QxODgzNjBjODE3MGQ0OTg3NWQ4MTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvq882fkdH2FOsh5lY6eX2ukWVXJm
dE/Pd0do3VHQ/W/bFOXjKI1cTa5pdSmGQ5U61gcB6DNMpizVdZqVyGrvGbxPlklv
asir18QiAmV1V9wqz4r9ZZlA+GzH8EB6q+IoEzMuPLK+3EjPhdV6nx76Bi1v7M02
Sv4O4g0u2tQdH5eI1dA/7GNWVN7iBJufTWGeu7P7yAYn3S7pIlj1D2zaUmZKQsfc
cVWm+rRDj949Fmk7m7CAzd6JqDqbZ36LXDKHyiZ+P0kkN0ByyHTpDj7aKh3WAQlN
Xs9aDLc1xb2spUhhu8EQifOJqoYASOczXQXAJQszjxesNULZWDGahwcXHwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGwlIi+b9uljzRiDYMgXDUmHXYE8MB8GA1UdIwQY
MBaAFEzphga8ml1EB0/4y+3L28/DXwViMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9tR0JyeWFYVVFIVF9qTDdjdmJ6OE5mQldJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNzllZDUtZDI1My00MjU1LTkwMTct
ODhkZjEyNWJhNjYzLzEvYkNVaUw1djI2V1BOR0lOZ3lCY05TWWRkZ1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNzllZDUtZDI1My00MjU1LTkwMTctODhkZjEyNWJhNjYz
LzEvVE9tR0JyeWFYVVFIVF9qTDdjdmJ6OE5mQldJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGU69AAwQD
nEPIAwQCuUhIAwQF1DigMA0EAgACMAcDBQAqAmGAMA0GCSqGSIb3DQEBCwUAA4IB
AQCZfRJX2DuwsPIxq0QvytQ6wUtmWg54rMLFzqvlY6MtJ2C/5IoeSpo2sZRLQLF5
GB2j4Oh0HI0WvGVEDhvc2zec6xqaglo1NsI4PpM4oyeV7sC2JL2KYJGDIK0MGtZk
3QHjW6OePjiZSg3p2jreH6N+DOKo8DM8OM/FRTwvgh/9PT+XhuAVPzS98mxCp5Kr
Aesqd01+QUNj7anp8Ptqk3+AFzTN1FPaujRcSvzH4QRW1RYdTzxXqFGa875tvEnD
zsMNxjEsXGJSTWgpkOpmkrqTs7AY82cafkaLy92Go4zbx7KyCiwQNmI0Vpuo03OJ
nFWZpZtpx2NFVNAFgXLhpjxo
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:59 2025 by rpki-client