Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/BgaA-MGLYkJwRzgrId-1AFjDO-4.roa
File: BgaA-MGLYkJwRzgrId-1AFjDO-4.roa (raw, json)
Hash identifier: j2XrrP/iG44HfpzyOAAh981VLw36iklFW3N+XC31GFw=
Subject key identifier: 06:06:80:F8:C1:8B:62:42:70:47:38:2B:21:DF:B5:00:58:C3:3B:EE
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0B76E33527C20F99DC0520C71FC3A
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/BgaA-MGLYkJwRzgrId-1AFjDO-4.roa
Signing time: Wed 07 Feb 2024 05:00:52 +0000
ROA not before: Wed 07 Feb 2024 05:00:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215845
IP address blocks: 2a0f:b241:152::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:b7:6e:33:52:7c:20:f9:9d:c0:52:0c:71:fc:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=060680f8c18b62427047382b21dfb50058c33bee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:89:0e:a0:0f:8f:56:a7:3d:41:67:f3:c6:d6:
0b:99:66:99:74:04:04:41:30:be:25:41:c6:ae:bb:
9c:0c:8d:e5:6e:8f:82:5a:11:33:10:db:f6:72:09:
fd:2d:0f:4e:30:bd:0a:b6:64:66:03:24:a2:68:b9:
6e:81:e5:9d:b0:ab:11:0b:cb:ec:af:5a:c2:06:d6:
94:f3:bb:56:1e:1b:2e:31:70:90:13:b6:0a:14:3e:
54:4c:64:0d:33:64:69:5e:23:82:a3:ef:93:73:50:
7a:3b:58:c7:54:3b:a4:36:26:70:c1:1e:ff:f3:de:
18:3b:55:90:2d:c8:19:b5:8e:f5:fe:1f:d1:a7:dd:
6d:3c:7c:e2:e9:8d:3e:8c:80:3e:c7:34:be:fa:f5:
25:31:5b:e0:93:94:0a:50:6b:99:6a:85:13:e0:70:
2b:cd:3a:23:d0:c9:64:d5:50:21:8b:0e:d5:c6:67:
ea:23:30:5f:59:e5:8e:d2:72:7e:06:7c:32:17:56:
f8:07:da:b8:aa:31:88:03:f7:ce:76:0a:a6:5e:4c:
8f:bf:98:7a:d6:c1:5c:cb:e8:fa:eb:0a:d9:17:63:
bc:0f:c1:7b:1d:df:00:7a:e1:07:ca:ce:0b:4f:d2:
e9:6c:b4:f2:f3:d0:45:a4:0f:b6:27:fb:61:6e:5f:
aa:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:06:80:F8:C1:8B:62:42:70:47:38:2B:21:DF:B5:00:58:C3:3B:EE
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/BgaA-MGLYkJwRzgrId-1AFjDO-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:152::/48
Signature Algorithm: sha256WithRSAEncryption
77:19:f2:7a:3d:25:4c:f8:11:67:38:49:fa:e7:20:a2:fb:80:
1f:8a:99:68:9d:57:1c:8a:7b:53:de:11:34:c3:cd:8e:e3:f8:
1b:2d:23:00:9d:bf:d6:41:6b:2b:81:c3:c3:2f:20:50:ec:0a:
be:c8:ef:cd:10:78:ba:37:d0:49:cf:ac:a4:cc:ac:27:b1:63:
62:e2:05:b9:75:79:4e:41:8e:06:c3:47:2a:89:7e:59:3e:f7:
36:eb:f3:9e:f8:ec:c7:36:0f:3f:6a:a7:69:60:f6:51:39:41:
b7:65:58:17:e2:ef:89:df:5a:e9:36:7c:6b:d6:f4:22:78:09:
92:12:8c:e3:48:b5:e8:8c:f0:7d:7c:e7:8d:eb:6b:c9:bf:62:
87:bd:ec:35:d1:b9:53:2a:ad:1d:1a:fe:ef:4b:3c:62:db:c6:
35:87:35:72:59:28:13:61:da:c0:06:e5:23:f9:58:f3:62:cb:
27:ff:77:b4:64:72:55:af:09:7c:f2:f2:4a:af:83:b5:e4:e6:
af:7c:ed:ab:3b:ba:39:e8:25:be:3b:6e:5c:43:9c:13:ea:ad:
16:76:dd:9f:49:5e:ce:1c:53:4c:86:bb:23:1c:47:b8:c3:21:
bc:c2:63:f6:cb:9e:47:90:2b:37:76:80:73:7f:50:f5:9c:b0:
fb:dc:44:34
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8LduM1J8IPmdwFIMcfw6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjA2ODBmOGMxOGI2MjQyNzA0NzM4MmIyMWRmYjUwMDU4YzMzYmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIkOoA+PVqc9QWfzxtYLmWaZdAQE
QTC+JUHGrrucDI3lbo+CWhEzENv2cgn9LQ9OML0KtmRmAySiaLlugeWdsKsRC8vs
r1rCBtaU87tWHhsuMXCQE7YKFD5UTGQNM2RpXiOCo++Tc1B6O1jHVDukNiZwwR7/
894YO1WQLcgZtY71/h/Rp91tPHzi6Y0+jIA+xzS++vUlMVvgk5QKUGuZaoUT4HAr
zToj0Mlk1VAhiw7VxmfqIzBfWeWO0nJ+BnwyF1b4B9q4qjGIA/fOdgqmXkyPv5h6
1sFcy+j66wrZF2O8D8F7Hd8AeuEHys4LT9LpbLTy89BFpA+2J/thbl+q6wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAYGgPjBi2JCcEc4KyHftQBYwzvuMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvQmdhQS1NR0xZa0p3UnpncklkLTFBRmpETy00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFS
MA0GCSqGSIb3DQEBCwUAA4IBAQB3GfJ6PSVM+BFnOEn65yCi+4AfiplonVccintT
3hE0w82O4/gbLSMAnb/WQWsrgcPDLyBQ7Aq+yO/NEHi6N9BJz6ykzKwnsWNi4gW5
dXlOQY4Gw0cqiX5ZPvc26/Oe+OzHNg8/aqdpYPZROUG3ZVgX4u+J31rpNnxr1vQi
eAmSEozjSLXojPB9fOeN62vJv2KHvew10blTKq0dGv7vSzxi28Y1hzVyWSgTYdrA
BuUj+VjzYssn/3e0ZHJVrwl88vJKr4O15OavfO2rO7o56CW+O25cQ5wT6q0Wdt2f
SV7OHFNMhrsjHEe4wyG8wmP2y55HkCs3doBzf1D1nLD73EQ0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org