Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/BB7Dki96nJbqIgPj-y7qlSfI7Ag.roa
File: BB7Dki96nJbqIgPj-y7qlSfI7Ag.roa (raw, json)
Hash identifier: ucz/49Itjgs1nBc8znrljCxLVwqbMxeaz1gepUoTrGc=
Subject key identifier: 04:1E:C3:92:2F:7A:9C:96:EA:22:03:E3:FB:2E:EA:95:27:C8:EC:08
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 0187B24CF84DF882916F078367C5E82CFEC6
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/BB7Dki96nJbqIgPj-y7qlSfI7Ag.roa
Signing time: Mon 24 Apr 2023 08:06:41 +0000
ROA not before: Mon 24 Apr 2023 08:06:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199925
IP address blocks: 2a0c:9a40:9800::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b2:4c:f8:4d:f8:82:91:6f:07:83:67:c5:e8:2c:fe:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Apr 24 08:06:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=041ec3922f7a9c96ea2203e3fb2eea9527c8ec08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0e:92:70:69:ff:4e:33:c2:71:9b:f2:28:63:
e4:d9:19:d2:14:81:26:77:7f:84:a0:6a:a1:d0:cb:
65:21:9f:63:c3:26:7d:eb:4a:c2:19:30:33:d5:d4:
f8:3c:26:7e:1d:3a:56:f1:b4:2d:22:5d:0f:de:72:
45:cb:ce:62:0b:79:2d:5c:db:1c:e5:54:58:79:c6:
ab:04:1d:8b:01:95:5b:8d:8a:ef:f4:67:45:30:ce:
f0:b4:87:8a:86:e9:14:a6:de:db:b1:07:4b:4a:ad:
3e:4c:5b:82:b8:57:d2:b1:c1:d7:b3:4b:94:db:0d:
d0:18:a5:c2:ca:a7:68:85:9a:ed:d6:22:5a:ee:ac:
48:46:77:74:ba:86:8f:44:5a:ac:f8:ba:99:e7:e9:
a3:ed:8f:36:5b:cb:d4:0a:7f:ef:61:b2:a9:96:87:
97:9e:30:38:f4:bf:f4:2c:0a:5d:e9:48:d4:e7:fb:
b3:42:2d:1b:15:86:c3:86:ca:91:a4:43:c7:98:f8:
36:3b:cc:c7:ce:4d:cb:03:d3:ab:b3:aa:ed:8f:e5:
84:ae:eb:26:6a:6d:70:ad:7b:32:dc:5a:03:85:83:
a6:72:67:54:1b:87:53:a3:40:08:2d:97:a3:17:bb:
5d:0d:3e:94:0e:5a:34:03:1c:9e:6a:55:a3:3c:db:
bd:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:1E:C3:92:2F:7A:9C:96:EA:22:03:E3:FB:2E:EA:95:27:C8:EC:08
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/BB7Dki96nJbqIgPj-y7qlSfI7Ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:9800::/40
Signature Algorithm: sha256WithRSAEncryption
75:78:fa:12:dd:27:ae:7d:2d:4a:8f:0f:e9:b3:82:01:cf:4f:
a2:1c:84:0d:d2:c4:58:4c:1f:b2:a0:19:f0:fe:ae:b1:2b:26:
b4:d3:3a:10:22:6a:57:29:52:27:24:22:59:e3:e4:29:aa:61:
4c:d4:89:c5:20:4b:04:3e:28:4b:3d:7f:59:fd:c8:74:4a:c4:
09:7b:d0:be:9c:3e:83:11:f3:8c:8b:8e:30:32:48:12:e4:9a:
d9:c0:7c:fe:50:db:13:26:50:27:cc:42:e1:63:2c:4d:11:4c:
47:99:ab:fe:c8:9f:0c:0b:ef:a7:67:d1:f9:cb:fc:ba:5a:23:
40:8c:c6:a8:bb:95:5f:3e:24:91:73:53:17:1a:9f:27:d2:a9:
d3:72:b2:16:34:9a:fd:91:af:a7:0b:f7:9b:c1:16:bf:ce:23:
5e:cf:86:60:73:a8:0c:ab:15:01:7a:18:3d:96:10:b2:c7:5c:
76:c6:02:ea:e0:52:5a:4b:d4:e9:e6:d8:bf:1f:cb:f6:55:0f:
1a:3f:c0:b1:30:81:84:7c:01:2b:70:22:44:41:ac:16:c3:15:
12:1d:2e:4b:c5:19:f4:48:a6:18:30:f9:f5:bd:43:e0:86:98:
43:37:22:2c:58:4f:8e:1c:da:3e:3f:17:71:a5:9b:16:be:26:
b2:30:f9:1f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYeyTPhN+IKRbweDZ8XoLP7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwNDI0MDgwNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDFlYzM5MjJmN2E5Yzk2ZWEyMjAzZTNmYjJlZWE5NTI3YzhlYzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjA6ScGn/TjPCcZvyKGPk2RnSFIEm
d3+EoGqh0MtlIZ9jwyZ960rCGTAz1dT4PCZ+HTpW8bQtIl0P3nJFy85iC3ktXNsc
5VRYecarBB2LAZVbjYrv9GdFMM7wtIeKhukUpt7bsQdLSq0+TFuCuFfSscHXs0uU
2w3QGKXCyqdohZrt1iJa7qxIRnd0uoaPRFqs+LqZ5+mj7Y82W8vUCn/vYbKploeX
njA49L/0LApd6UjU5/uzQi0bFYbDhsqRpEPHmPg2O8zHzk3LA9Ors6rtj+WErusm
am1wrXsy3FoDhYOmcmdUG4dTo0AILZejF7tdDT6UDlo0AxyealWjPNu98wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFAQew5IvepyW6iID4/su6pUnyOwIMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvQkI3RGtpOTZuSmJxSWdQai15N3FsU2ZJN0FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgyaQJgw
DQYJKoZIhvcNAQELBQADggEBAHV4+hLdJ659LUqPD+mzggHPT6IchA3SxFhMH7Kg
GfD+rrErJrTTOhAialcpUickIlnj5CmqYUzUicUgSwQ+KEs9f1n9yHRKxAl70L6c
PoMR84yLjjAySBLkmtnAfP5Q2xMmUCfMQuFjLE0RTEeZq/7InwwL76dn0fnL/Lpa
I0CMxqi7lV8+JJFzUxcanyfSqdNyshY0mv2Rr6cL95vBFr/OI17PhmBzqAyrFQF6
GD2WELLHXHbGAurgUlpL1Onm2L8fy/ZVDxo/wLEwgYR8AStwIkRBrBbDFRIdLkvF
GfRIphgw+fW9Q+CGmEM3IixYT44c2j4/F3Glmxa+JrIw+R8=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:36:57 2024 by rpki-client on console-fra.rpki-client.org