Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/15863b-787f-4084-b7f6-5944960e31cf/1/BO3mC7INRbAdgNj9zfBOTZGZwO0.roa
File: BO3mC7INRbAdgNj9zfBOTZGZwO0.roa (raw, json)
Hash identifier: t0i9FsWd634S2rz1w2yJKQZ3aur9+4BFyKtYuE7KKgk=
Subject key identifier: 04:ED:E6:0B:B2:0D:45:B0:1D:80:D8:FD:CD:F0:4E:4D:91:99:C0:ED
Certificate issuer: /CN=9aeecb353f1cdc5fd3a9d54a8873531efd285c46
Certificate serial: 0194228DEBFA43D117CB699F8AB23D4E92C2
Authority key identifier: 9A:EE:CB:35:3F:1C:DC:5F:D3:A9:D5:4A:88:73:53:1E:FD:28:5C:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu7LNT8c3F_TqdVKiHNTHv0oXEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/15863b-787f-4084-b7f6-5944960e31cf/1/BO3mC7INRbAdgNj9zfBOTZGZwO0.roa
Signing time: Wed 01 Jan 2025 15:48:33 +0000
ROA not before: Wed 01 Jan 2025 15:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42689
IP address blocks: 195.96.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 06:12:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:eb:fa:43:d1:17:cb:69:9f:8a:b2:3d:4e:92:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aeecb353f1cdc5fd3a9d54a8873531efd285c46
Validity
Not Before: Jan 1 15:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04ede60bb20d45b01d80d8fdcdf04e4d9199c0ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:10:b7:12:26:04:54:40:b8:d6:e2:53:88:d6:
36:f0:e9:e2:d5:13:80:47:11:0b:e4:ff:49:f9:aa:
b4:ed:42:e8:ea:78:f2:8e:64:b6:9d:b9:b2:8c:9b:
01:d1:90:da:d5:30:f2:b8:70:13:c0:4d:86:22:c2:
ee:86:6a:e0:fa:e0:da:42:4a:50:33:43:5f:83:08:
9a:dc:04:0f:85:ca:57:05:6d:bf:3c:e5:2a:ec:ff:
61:96:e7:b5:38:7b:03:81:44:d8:bc:7c:2a:77:63:
f4:47:b7:b2:ae:21:e4:c1:39:17:2b:e5:9c:b8:e7:
08:b4:7f:81:4a:65:ee:71:3b:d5:0e:9d:c0:89:50:
3a:c4:72:1f:b6:49:5d:ba:f2:03:39:93:97:37:e1:
8a:a4:88:1e:34:2e:b2:bb:e1:20:d0:7b:4f:92:9d:
81:84:28:3a:c0:86:0a:7a:24:14:f7:25:8f:d7:0e:
6e:06:cb:8b:a4:36:9d:1b:9d:3f:28:e0:8c:5d:f4:
db:cc:ee:e6:1c:31:89:3b:a1:39:1b:a8:e5:69:38:
1c:84:66:56:39:82:3b:2d:88:ba:4c:29:59:99:c5:
36:8a:61:c7:a7:3d:58:46:ba:22:5b:8c:89:e9:23:
a3:f1:5e:c8:93:d3:32:5d:75:86:59:93:0a:7c:14:
a6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:ED:E6:0B:B2:0D:45:B0:1D:80:D8:FD:CD:F0:4E:4D:91:99:C0:ED
X509v3 Authority Key Identifier:
keyid:9A:EE:CB:35:3F:1C:DC:5F:D3:A9:D5:4A:88:73:53:1E:FD:28:5C:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu7LNT8c3F_TqdVKiHNTHv0oXEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/15863b-787f-4084-b7f6-5944960e31cf/1/BO3mC7INRbAdgNj9zfBOTZGZwO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/15863b-787f-4084-b7f6-5944960e31cf/1/mu7LNT8c3F_TqdVKiHNTHv0oXEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.138.0/24
Signature Algorithm: sha256WithRSAEncryption
80:78:c2:2f:56:d4:0b:2c:4b:bf:86:28:e7:d2:3e:41:ba:19:
7c:18:64:63:93:af:4f:6f:7a:47:74:0d:a8:24:d9:98:40:9d:
92:d0:e3:06:bd:1c:91:37:83:18:f8:a9:bb:9e:43:94:a2:ae:
e9:c0:15:d2:eb:6a:5f:04:0c:11:6c:d4:26:bd:de:05:40:3e:
a0:60:70:cb:a0:57:93:e7:de:44:24:fa:a4:bc:1f:cd:95:3b:
42:0a:d5:a4:6f:dd:8e:22:46:56:de:89:d7:62:09:08:2f:66:
5a:aa:6c:71:b0:e5:67:a7:21:60:fc:63:55:af:81:a8:bf:3e:
ea:63:7e:4f:fc:36:25:60:1b:6a:19:27:25:7e:67:77:b3:52:
f1:00:40:b9:24:85:09:46:21:7e:95:3b:d1:9b:2e:28:dc:57:
f4:9e:f0:85:3f:6a:df:c5:49:6b:fa:72:cc:06:75:6d:58:87:
3c:2b:f7:d7:bc:6c:6b:da:2b:fb:6b:d1:a2:db:cf:a7:aa:4c:
ea:0b:fa:fa:d3:d8:9b:91:84:f7:e8:30:7d:bd:8e:f5:5b:08:
0a:3f:ba:e7:7f:3c:e5:cf:1b:88:fc:8c:82:f2:1b:e9:69:a2:
32:a6:94:df:73:af:10:3a:1b:8c:e5:bb:e4:68:50:be:8e:bb:
f9:da:1a:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijev6Q9EXy2mfirI9TpLCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWVjYjM1M2YxY2RjNWZkM2E5ZDU0YTg4NzM1MzFlZmQy
ODVjNDYwHhcNMjUwMTAxMTU0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGVkZTYwYmIyMGQ0NWIwMWQ4MGQ4ZmRjZGYwNGU0ZDkxOTljMGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9xC3EiYEVEC41uJTiNY28Oni1ROA
RxEL5P9J+aq07ULo6njyjmS2nbmyjJsB0ZDa1TDyuHATwE2GIsLuhmrg+uDaQkpQ
M0Nfgwia3AQPhcpXBW2/POUq7P9hlue1OHsDgUTYvHwqd2P0R7eyriHkwTkXK+Wc
uOcItH+BSmXucTvVDp3AiVA6xHIftklduvIDOZOXN+GKpIgeNC6yu+Eg0HtPkp2B
hCg6wIYKeiQU9yWP1w5uBsuLpDadG50/KOCMXfTbzO7mHDGJO6E5G6jlaTgchGZW
OYI7LYi6TClZmcU2imHHpz1YRroiW4yJ6SOj8V7Ik9MyXXWGWZMKfBSmbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFATt5guyDUWwHYDY/c3wTk2RmcDtMB8GA1UdIwQY
MBaAFJruyzU/HNxf06nVSohzUx79KFxGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU3TE5UOGMzRl9UcWRWS2lITlRIdjBvWEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8xNTg2M2ItNzg3Zi00MDg0LWI3ZjYt
NTk0NDk2MGUzMWNmLzEvQk8zbUM3SU5SYkFkZ05qOXpmQk9UWkdad08wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8xNTg2M2ItNzg3Zi00MDg0LWI3ZjYtNTk0NDk2MGUzMWNm
LzEvbXU3TE5UOGMzRl9UcWRWS2lITlRIdjBvWEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CKMA0G
CSqGSIb3DQEBCwUAA4IBAQCAeMIvVtQLLEu/hijn0j5Buhl8GGRjk69Pb3pHdA2o
JNmYQJ2S0OMGvRyRN4MY+Km7nkOUoq7pwBXS62pfBAwRbNQmvd4FQD6gYHDLoFeT
595EJPqkvB/NlTtCCtWkb92OIkZW3onXYgkIL2ZaqmxxsOVnpyFg/GNVr4Govz7q
Y35P/DYlYBtqGSclfmd3s1LxAEC5JIUJRiF+lTvRmy4o3Ff0nvCFP2rfxUlr+nLM
BnVtWIc8K/fXvGxr2iv7a9Gi28+nqkzqC/r609ibkYT36DB9vY71WwgKP7rnfzzl
zxuI/IyC8hvpaaIyppTfc68QOhuM5bvkaFC+jrv52hpf
-----END CERTIFICATE-----
Generated at Fri May 2 23:26:28 2025 by rpki-client