Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/bvSS2rH3a_KQoZU6yRsiD0RZmGM.roa
File: bvSS2rH3a_KQoZU6yRsiD0RZmGM.roa (raw, json)
Hash identifier: b6a/QHOQcfCP5QS41qNjO3lcaw7yqywHWsNTlxhTvCc=
Subject key identifier: 6E:F4:92:DA:B1:F7:6B:F2:90:A1:95:3A:C9:1B:22:0F:44:59:98:63
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01963EAAE9E90A3F52DECF179964492863E9
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/bvSS2rH3a_KQoZU6yRsiD0RZmGM.roa
Signing time: Wed 16 Apr 2025 12:55:10 +0000
ROA not before: Wed 16 Apr 2025 12:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210349
IP address blocks: 2a0c:b641:390::/44 maxlen: 128
Validation: Failed, certificate revoked on Wed 16 Apr 2025 13:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:aa:e9:e9:0a:3f:52:de:cf:17:99:64:49:28:63:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Apr 16 12:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ef492dab1f76bf290a1953ac91b220f44599863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ac:9b:0e:f6:64:a4:9b:e4:cc:dd:5a:42:2f:
39:6c:61:94:00:97:84:63:94:89:dd:e2:75:9d:8f:
76:97:80:67:92:e3:44:a1:77:1e:fe:db:35:9c:2e:
9c:57:df:9f:bf:13:6a:2b:ca:6b:0a:b2:16:0b:83:
3f:1f:8d:a0:b0:0e:2b:ba:9f:9a:d0:02:6f:63:72:
2f:60:7a:3e:4f:a6:5a:45:cb:3e:a0:94:38:ad:cd:
0d:1b:56:66:9b:58:32:a2:50:17:88:00:27:53:ea:
8c:25:0f:4e:e4:8e:ee:b9:27:02:25:b3:2f:78:44:
4f:99:67:07:4e:a5:45:45:22:51:a4:33:d9:ef:cc:
6e:30:7e:f6:63:08:4e:93:30:7a:1a:f1:a5:c9:b6:
de:23:e7:45:bc:c8:8c:5c:cd:61:f2:87:67:15:ff:
26:7a:25:10:63:89:d2:c0:2d:58:8b:9d:0f:ef:fb:
16:41:78:7f:7a:7e:07:d4:ca:53:eb:0c:2f:01:dd:
82:b6:25:51:cc:f3:8e:f0:d8:d5:f0:fe:af:60:67:
21:5c:c9:6d:9d:70:a1:98:e6:ab:6e:06:21:2a:93:
28:30:a9:a3:f6:bb:29:ac:31:df:9c:63:df:82:fc:
6d:9d:4e:1c:1e:d2:45:7b:2a:9c:1a:eb:7d:85:06:
15:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F4:92:DA:B1:F7:6B:F2:90:A1:95:3A:C9:1B:22:0F:44:59:98:63
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/bvSS2rH3a_KQoZU6yRsiD0RZmGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:390::/44
Signature Algorithm: sha256WithRSAEncryption
90:c2:2f:7c:f7:97:8c:08:32:8c:89:91:c5:1a:9d:6b:3e:79:
21:09:45:13:e0:de:89:c2:c2:3e:09:4d:58:f9:36:70:1d:59:
cc:12:78:9f:af:a9:5a:1b:0b:0c:6a:10:01:99:b4:da:7b:29:
3e:1b:da:18:d0:f5:66:46:77:9d:2c:59:53:61:76:ad:5f:6a:
49:c4:8c:f2:f8:2e:03:7b:19:72:b6:28:6f:b4:3f:36:31:2b:
df:4f:41:55:5a:67:8f:8b:09:e1:07:6a:59:6a:c9:df:b1:a6:
02:ab:f5:8f:75:75:bb:8e:1e:6a:a2:a6:a6:ed:86:48:1d:11:
d5:91:9c:24:3e:81:c1:6a:74:1e:1e:a8:78:3c:21:59:0e:e0:
f5:5f:86:de:57:25:43:57:96:59:93:c7:88:8d:27:55:de:29:
62:83:65:ee:52:0b:fa:2f:6f:f7:86:6c:a9:61:52:37:63:c6:
3e:5d:6d:ac:6d:0d:e5:cc:59:2c:fa:0c:fc:8b:fe:ce:9c:31:
90:90:1f:23:5e:c0:16:a9:8e:60:a7:46:62:59:0c:a5:d8:f3:
a3:ea:fb:18:95:34:d4:63:0a:e7:b8:16:06:de:33:64:56:ce:
67:18:98:ee:f4:fc:7a:23:d3:bd:ed:d1:62:98:25:68:d9:11:
98:d8:c6:60
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZY+qunpCj9S3s8XmWRJKGPpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwNDE2MTI1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWY0OTJkYWIxZjc2YmYyOTBhMTk1M2FjOTFiMjIwZjQ0NTk5ODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKybDvZkpJvkzN1aQi85bGGUAJeE
Y5SJ3eJ1nY92l4BnkuNEoXce/ts1nC6cV9+fvxNqK8prCrIWC4M/H42gsA4rup+a
0AJvY3IvYHo+T6ZaRcs+oJQ4rc0NG1Zmm1gyolAXiAAnU+qMJQ9O5I7uuScCJbMv
eERPmWcHTqVFRSJRpDPZ78xuMH72YwhOkzB6GvGlybbeI+dFvMiMXM1h8odnFf8m
eiUQY4nSwC1Yi50P7/sWQXh/en4H1MpT6wwvAd2CtiVRzPOO8NjV8P6vYGchXMlt
nXChmOarbgYhKpMoMKmj9rsprDHfnGPfgvxtnU4cHtJFeyqcGut9hQYVIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG70ktqx92vykKGVOskbIg9EWZhjMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvYnZTUzJySDNhX0tRb1pVNnlSc2lEMFJabUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQOQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCQwi9895eMCDKMiZHFGp1rPnkhCUUT4N6JwsI+
CU1Y+TZwHVnMEnifr6laGwsMahABmbTaeyk+G9oY0PVmRnedLFlTYXatX2pJxIzy
+C4DexlytihvtD82MSvfT0FVWmePiwnhB2pZasnfsaYCq/WPdXW7jh5qoqam7YZI
HRHVkZwkPoHBanQeHqh4PCFZDuD1X4beVyVDV5ZZk8eIjSdV3ilig2XuUgv6L2/3
hmypYVI3Y8Y+XW2sbQ3lzFks+gz8i/7OnDGQkB8jXsAWqY5gp0ZiWQyl2POj6vsY
lTTUYwrnuBYG3jNkVs5nGJju9Px6I9O97dFimCVo2RGY2MZg
-----END CERTIFICATE-----
Generated at Thu May 1 17:23:17 2025 by rpki-client