Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BncOsl9AfvjT-URqfRyD3SQ3MHY.roa
File: BncOsl9AfvjT-URqfRyD3SQ3MHY.roa (raw, json)
Hash identifier: ih/1oit0Kf03NPGalCYvwDNIAmYP3Y926kLWsYl4MC0=
Subject key identifier: 06:77:0E:B2:5F:40:7E:F8:D3:F9:44:6A:7D:1C:83:DD:24:37:30:76
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018BDB77299E02718AFD0A5F5739E2BC19D2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BncOsl9AfvjT-URqfRyD3SQ3MHY.roa
Signing time: Fri 17 Nov 2023 04:08:21 +0000
ROA not before: Fri 17 Nov 2023 04:08:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 2a00:1c8a::/32 maxlen: 32
2a00:1c8b::/32 maxlen: 32
2a00:1c89::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:db:77:29:9e:02:71:8a:fd:0a:5f:57:39:e2:bc:19:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 17 04:08:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06770eb25f407ef8d3f9446a7d1c83dd24373076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fb:21:f4:1f:b8:ad:a5:b1:c9:11:8e:cc:97:
2c:34:15:c4:6f:6f:75:13:cc:a0:41:9a:19:b4:7d:
54:1e:b8:35:62:a2:5c:b2:65:28:2a:c2:cc:ab:db:
5f:bb:71:1b:db:62:e7:3b:eb:87:08:5e:80:6d:33:
82:08:c6:0f:6f:d0:aa:27:cf:24:d2:c2:39:3d:1c:
a2:59:92:11:23:5d:32:ba:b8:37:89:94:f8:da:eb:
d2:ff:59:4a:f5:ac:86:5a:3e:dc:f1:5d:21:10:fc:
82:7c:f4:71:8a:fb:dd:e1:d5:ef:ad:17:5b:19:16:
71:12:d2:0c:de:4a:e5:7a:86:bb:c3:22:ab:56:93:
5a:97:50:3a:16:78:2b:21:66:06:41:35:e1:7f:66:
83:ee:8c:32:fb:98:cd:33:42:73:01:31:79:e1:04:
3e:7b:5f:40:63:79:c3:6d:c7:68:88:15:23:a0:82:
90:c3:48:0d:1a:23:34:ae:bd:67:6b:4f:0a:01:47:
c0:83:f0:38:9a:c8:76:9b:26:d5:8d:aa:65:f9:4c:
85:19:be:ad:b4:91:c7:0c:10:5d:06:54:ed:eb:2b:
22:10:90:76:ce:54:6b:52:85:92:88:97:a7:85:85:
91:cf:df:86:6e:23:a7:7c:c4:c6:ea:f2:85:ac:a5:
2c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:77:0E:B2:5F:40:7E:F8:D3:F9:44:6A:7D:1C:83:DD:24:37:30:76
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BncOsl9AfvjT-URqfRyD3SQ3MHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1c89::-2a00:1c8b:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1b:f9:b8:34:0f:20:be:dc:d0:24:73:23:92:e5:03:9f:dc:4f:
56:9f:d5:fd:83:28:8d:57:8e:21:8f:70:bb:d4:5c:ff:86:ca:
51:73:19:4d:c8:a3:c1:73:ed:b0:b9:2e:0a:96:4c:df:20:a9:
73:13:5b:a8:aa:5d:8d:7e:51:99:5a:c0:32:ac:58:bf:35:dd:
72:f0:3a:4b:c7:5d:36:90:90:a7:ae:ed:22:65:81:8c:52:bc:
46:0a:d3:44:d9:2e:61:4f:68:eb:6a:04:a0:19:26:a3:f9:df:
1e:4c:83:cd:74:e4:67:5f:b5:a6:f5:7e:46:72:40:2d:fa:7d:
e1:48:99:d7:72:b2:00:85:46:a4:02:2f:6b:00:6b:56:a1:a8:
c0:ae:25:f3:45:0a:5c:2f:9b:67:44:95:b2:a5:17:76:24:2c:
1f:00:c9:fd:18:9e:80:bd:ff:a1:99:83:60:3d:a0:ec:8a:5b:
d9:eb:7f:06:36:9b:15:53:88:48:ca:7d:75:b9:0e:c6:7a:77:
37:e1:c2:8f:fb:8e:fa:ee:8d:8a:13:ee:b9:61:c7:f6:70:04:
2d:c2:74:83:8d:c9:fa:c0:2d:74:99:30:4d:7e:69:66:8d:e8:
80:e3:e5:49:58:bc:85:08:cb:64:f4:fd:6f:f6:ca:21:84:5c:
61:d6:58:4c
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYvbdymeAnGK/QpfVznivBnSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTE3MDQwODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjc3MGViMjVmNDA3ZWY4ZDNmOTQ0NmE3ZDFjODNkZDI0MzczMDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPsh9B+4raWxyRGOzJcsNBXEb291
E8ygQZoZtH1UHrg1YqJcsmUoKsLMq9tfu3Eb22LnO+uHCF6AbTOCCMYPb9CqJ88k
0sI5PRyiWZIRI10yurg3iZT42uvS/1lK9ayGWj7c8V0hEPyCfPRxivvd4dXvrRdb
GRZxEtIM3krleoa7wyKrVpNal1A6FngrIWYGQTXhf2aD7owy+5jNM0JzATF54QQ+
e19AY3nDbcdoiBUjoIKQw0gNGiM0rr1na08KAUfAg/A4msh2mybVjapl+UyFGb6t
tJHHDBBdBlTt6ysiEJB2zlRrUoWSiJenhYWRz9+GbiOnfMTG6vKFrKUsuQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFAZ3DrJfQH740/lEan0cg90kNzB2MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQm5jT3NsOUFmdmpULVVScWZSeUQzU1EzTUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqAByJ
AwUCKgAciDANBgkqhkiG9w0BAQsFAAOCAQEAG/m4NA8gvtzQJHMjkuUDn9xPVp/V
/YMojVeOIY9wu9Rc/4bKUXMZTcijwXPtsLkuCpZM3yCpcxNbqKpdjX5RmVrAMqxY
vzXdcvA6S8ddNpCQp67tImWBjFK8RgrTRNkuYU9o62oEoBkmo/nfHkyDzXTkZ1+1
pvV+RnJALfp94UiZ13KyAIVGpAIvawBrVqGowK4l80UKXC+bZ0SVsqUXdiQsHwDJ
/RiegL3/oZmDYD2g7Ipb2et/BjabFVOISMp9dbkOxnp3N+HCj/uO+u6NihPuuWHH
9nAELcJ0g43J+sAtdJkwTX5pZo3ogOPlSVi8hQjLZPT9b/bKIYRcYdZYTA==
-----END CERTIFICATE-----
Generated at Mon Nov 27 12:09:35 2023 by rpki-client on console-ams.rpki-client.org