Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bp7r_cWMFOArIjyP-GGRuh34e7U.roa
File: bp7r_cWMFOArIjyP-GGRuh34e7U.roa (raw, json)
Hash identifier: 34wcwiirGtqN9tCYF5FB3yIeOt+wrnIINX1E78TLLRs=
Subject key identifier: 6E:9E:EB:FD:C5:8C:14:E0:2B:22:3C:8F:F8:61:91:BA:1D:F8:7B:B5
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019634998B18977D7353C4A700066B0F06D4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bp7r_cWMFOArIjyP-GGRuh34e7U.roa
Signing time: Mon 14 Apr 2025 13:59:59 +0000
ROA not before: Mon 14 Apr 2025 13:59:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203758
IP address blocks: 82.153.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Apr 2025 09:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:34:99:8b:18:97:7d:73:53:c4:a7:00:06:6b:0f:06:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 14 13:59:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e9eebfdc58c14e02b223c8ff86191ba1df87bb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bd:33:4c:0d:de:e4:01:7e:d7:d3:bc:c0:2f:
0f:11:08:b2:84:c5:06:7e:a9:bd:25:1c:a8:fb:77:
a3:d5:8b:3a:8e:23:52:e9:c2:8b:e3:a5:c6:f6:53:
1e:ef:e9:22:fc:9a:69:29:25:6a:27:5d:b2:87:0c:
42:77:c5:1e:fe:2a:01:4a:c9:9d:d7:af:10:64:03:
a0:18:b9:4b:b3:f5:2d:6f:e3:a3:e4:9d:58:2b:d5:
e2:f9:8e:c2:39:c2:de:43:b9:70:fd:60:c9:2e:5b:
8a:76:44:ba:3c:a1:63:d7:7e:c5:90:08:46:5a:f1:
1d:a6:9c:bc:6b:6e:96:e0:4e:0b:4f:8b:b7:ab:3c:
fc:2c:54:50:cd:4d:21:6e:3e:31:78:91:bc:ab:1d:
59:fd:47:8b:e5:be:95:b9:35:47:9d:00:0b:90:e7:
c1:21:90:e6:11:e1:2f:37:0d:3d:4e:19:ad:01:a3:
4d:74:49:39:00:c8:03:e6:0d:8b:01:56:38:09:ca:
b0:6f:b9:a4:45:c8:7b:f3:7a:4e:82:71:ac:ed:ef:
de:fd:ab:f8:67:4b:6d:82:10:22:76:72:48:de:52:
61:dc:be:8b:a8:18:66:25:11:a3:31:fa:e8:1b:b0:
38:ff:20:1e:32:36:66:fa:32:99:d2:19:e2:31:72:
78:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:9E:EB:FD:C5:8C:14:E0:2B:22:3C:8F:F8:61:91:BA:1D:F8:7B:B5
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bp7r_cWMFOArIjyP-GGRuh34e7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.70.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:40:fc:2f:66:e2:b5:95:4d:c2:2a:41:c1:75:8b:54:66:8c:
a0:89:98:66:55:b0:e4:d6:a5:de:60:f6:d0:78:9f:27:c4:48:
43:9b:a7:b4:dd:af:19:41:b2:ef:73:0f:53:c1:e6:ba:43:67:
40:40:73:d9:07:b3:33:45:31:ca:ee:f3:a8:53:c7:80:42:45:
53:1d:bb:03:3f:ac:20:6b:ca:d9:1a:af:2f:06:bb:ee:9f:50:
5a:ad:d4:a0:df:0c:54:b9:c1:81:b0:38:0c:ce:ef:ce:a4:f2:
23:75:ac:1f:34:65:5a:52:61:f2:07:10:11:54:0c:c9:9c:2b:
24:17:5e:90:ea:2f:b8:14:1e:46:d3:f9:9e:ba:d1:c6:70:f3:
cc:4b:37:1b:bf:42:ae:ef:c0:f8:73:e2:0c:0c:cc:3d:35:a3:
de:22:d3:2f:4f:fc:cf:38:78:a4:ef:f1:bf:bd:b9:bc:c8:de:
99:39:67:5a:e6:3e:d3:10:b7:b7:05:7d:54:8a:3c:0d:82:fb:
2b:1d:cf:ad:6d:c3:e2:3b:15:b3:95:3d:0b:49:35:e7:e4:13:
c2:8e:6a:2c:7a:0f:d6:dd:eb:e8:c4:a8:17:77:49:eb:14:4f:
8c:5c:37:df:e3:62:03:53:ed:ad:55:e9:38:72:d3:d2:a5:6e:
74:05:ca:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZY0mYsYl31zU8SnAAZrDwbUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNDE0MTM1OTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTllZWJmZGM1OGMxNGUwMmIyMjNjOGZmODYxOTFiYTFkZjg3YmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqb0zTA3e5AF+19O8wC8PEQiyhMUG
fqm9JRyo+3ej1Ys6jiNS6cKL46XG9lMe7+ki/JppKSVqJ12yhwxCd8Ue/ioBSsmd
168QZAOgGLlLs/Utb+Oj5J1YK9Xi+Y7COcLeQ7lw/WDJLluKdkS6PKFj137FkAhG
WvEdppy8a26W4E4LT4u3qzz8LFRQzU0hbj4xeJG8qx1Z/UeL5b6VuTVHnQALkOfB
IZDmEeEvNw09ThmtAaNNdEk5AMgD5g2LAVY4Ccqwb7mkRch783pOgnGs7e/e/av4
Z0ttghAidnJI3lJh3L6LqBhmJRGjMfroG7A4/yAeMjZm+jKZ0hniMXJ4WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG6e6/3FjBTgKyI8j/hhkbod+Hu1MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYnA3cl9jV01GT0FySWp5UC1HR1J1aDM0ZTdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUplGMA0G
CSqGSIb3DQEBCwUAA4IBAQBtQPwvZuK1lU3CKkHBdYtUZoygiZhmVbDk1qXeYPbQ
eJ8nxEhDm6e03a8ZQbLvcw9Twea6Q2dAQHPZB7MzRTHK7vOoU8eAQkVTHbsDP6wg
a8rZGq8vBrvun1BardSg3wxUucGBsDgMzu/OpPIjdawfNGVaUmHyBxARVAzJnCsk
F16Q6i+4FB5G0/meutHGcPPMSzcbv0Ku78D4c+IMDMw9NaPeItMvT/zPOHik7/G/
vbm8yN6ZOWda5j7TELe3BX1UijwNgvsrHc+tbcPiOxWzlT0LSTXn5BPCjmoseg/W
3evoxKgXd0nrFE+MXDff42IDU+2tVek4ctPSpW50Bcrw
-----END CERTIFICATE-----
Generated at Tue Apr 29 18:40:55 2025 by rpki-client