Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/bnfpn7lQx-DJJvEc5RaKIf2Vor4.roa
File: bnfpn7lQx-DJJvEc5RaKIf2Vor4.roa (raw, json)
Hash identifier: uJeRpUOu0+tTpDMQPuPaDEcVCHrFwi9vGw3ROvKzIc0=
Subject key identifier: 6E:77:E9:9F:B9:50:C7:E0:C9:26:F1:1C:E5:16:8A:21:FD:95:A2:BE
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018C3AAA193A52A2BEAE33DCD2C7218A9A43
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/bnfpn7lQx-DJJvEc5RaKIf2Vor4.roa
Signing time: Tue 05 Dec 2023 15:47:55 +0000
ROA not before: Tue 05 Dec 2023 15:47:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4826
IP address blocks: 2a0e:eb44::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:aa:19:3a:52:a2:be:ae:33:dc:d2:c7:21:8a:9a:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Dec 5 15:47:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e77e99fb950c7e0c926f11ce5168a21fd95a2be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:79:1d:9e:be:b5:d2:41:d7:7c:c6:5a:b7:b6:
eb:3b:21:65:40:b0:f6:e1:22:fe:26:1b:50:ac:f1:
3c:e4:1b:c7:da:fb:ae:65:33:00:c8:36:98:cc:5a:
4d:a5:a6:11:3f:44:d3:af:72:9f:89:e5:49:fe:1b:
15:1a:bf:1e:e6:b2:d4:54:60:c4:de:02:70:0d:d4:
c0:b3:9b:0b:78:c0:c3:3a:4e:07:e8:89:e5:36:8c:
82:95:b2:7d:97:ed:5f:08:b4:32:d8:ac:47:e8:f8:
40:13:10:aa:ed:50:22:10:fb:27:58:8e:c7:a0:17:
ad:95:3e:22:55:48:a8:d9:cb:3b:48:e9:f1:52:3e:
02:17:35:82:c0:6c:d7:62:93:a3:b6:12:66:46:a7:
e4:84:99:bd:90:ff:b2:2d:ec:b3:db:78:ea:c9:81:
2f:92:2e:47:15:e7:e5:72:73:b3:fa:d0:a4:e4:6a:
79:70:92:c7:7b:1f:ab:08:a2:46:36:d1:35:70:fa:
52:f5:27:86:c8:1b:d5:5b:77:23:c8:82:e1:24:55:
ab:81:0b:88:7e:a8:a8:9e:d4:00:cf:cb:b0:54:23:
6d:e5:ed:0e:ac:ca:5c:91:d2:34:90:81:79:31:80:
94:d4:35:83:e9:47:fa:c0:d5:6c:c0:57:a2:3e:74:
b2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:77:E9:9F:B9:50:C7:E0:C9:26:F1:1C:E5:16:8A:21:FD:95:A2:BE
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/bnfpn7lQx-DJJvEc5RaKIf2Vor4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:eb44::/32
Signature Algorithm: sha256WithRSAEncryption
11:8b:e3:26:7c:84:de:a8:b3:a5:f7:ac:1b:bf:23:38:81:b0:
37:7b:57:f6:1c:f7:e1:91:ef:ed:96:42:2b:55:88:90:4a:d0:
d4:9a:ea:1d:00:b5:2d:fa:3f:05:47:0b:d2:90:a8:72:88:f5:
01:25:19:0d:c5:f1:1a:a6:cc:ad:f5:12:02:32:29:ec:e1:33:
aa:9a:4d:2b:f2:86:ac:a3:b6:d4:4e:40:d4:1e:0d:3f:01:73:
13:88:9d:d7:e5:f0:d5:25:6b:29:47:bf:77:1a:0d:27:1a:ff:
ac:26:4c:31:2e:7e:25:67:a0:7c:5a:13:2f:6d:5d:ef:25:df:
99:82:35:30:28:15:4c:41:31:0b:3b:00:3f:69:d8:40:df:e5:
29:8f:09:2f:29:dd:3f:9f:53:ba:16:14:f2:e5:cd:fb:27:ec:
fb:d8:4c:df:9d:89:58:c7:49:ac:5d:64:87:77:f5:ba:d5:9a:
b7:1d:31:0b:2f:63:89:2f:33:07:64:71:ee:16:39:75:78:d4:
38:3c:d8:ea:14:f8:99:7b:25:13:80:be:90:08:df:c1:22:77:
d0:aa:e8:52:4a:19:a7:0a:9e:82:c8:ee:6e:4f:a8:f7:a0:97:
62:51:47:1a:82:04:24:08:aa:6e:82:d5:df:0e:62:05:a1:db:
4a:c7:34:49
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYw6qhk6UqK+rjPc0schippDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMxMjA1MTU0NzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTc3ZTk5ZmI5NTBjN2UwYzkyNmYxMWNlNTE2OGEyMWZkOTVhMmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Hkdnr610kHXfMZat7brOyFlQLD2
4SL+JhtQrPE85BvH2vuuZTMAyDaYzFpNpaYRP0TTr3KfieVJ/hsVGr8e5rLUVGDE
3gJwDdTAs5sLeMDDOk4H6InlNoyClbJ9l+1fCLQy2KxH6PhAExCq7VAiEPsnWI7H
oBetlT4iVUio2cs7SOnxUj4CFzWCwGzXYpOjthJmRqfkhJm9kP+yLeyz23jqyYEv
ki5HFeflcnOz+tCk5Gp5cJLHex+rCKJGNtE1cPpS9SeGyBvVW3cjyILhJFWrgQuI
fqiontQAz8uwVCNt5e0OrMpckdI0kIF5MYCU1DWD6Uf6wNVswFeiPnSynwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFG536Z+5UMfgySbxHOUWiiH9laK+MB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvYm5mcG43bFF4LURKSnZFYzVSYUtJZjJWb3I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg7rRDAN
BgkqhkiG9w0BAQsFAAOCAQEAEYvjJnyE3qizpfesG78jOIGwN3tX9hz34ZHv7ZZC
K1WIkErQ1JrqHQC1Lfo/BUcL0pCocoj1ASUZDcXxGqbMrfUSAjIp7OEzqppNK/KG
rKO21E5A1B4NPwFzE4id1+Xw1SVrKUe/dxoNJxr/rCZMMS5+JWegfFoTL21d7yXf
mYI1MCgVTEExCzsAP2nYQN/lKY8JLyndP59TuhYU8uXN+yfs+9hM352JWMdJrF1k
h3f1utWatx0xCy9jiS8zB2Rx7hY5dXjUODzY6hT4mXslE4C+kAjfwSJ30KroUkoZ
pwqegsjubk+o96CXYlFHGoIEJAiqboLV3w5iBaHbSsc0SQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org