Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/bf_Ic-L9OofrWXtNHAmSMOBsS_Y.roa
File: bf_Ic-L9OofrWXtNHAmSMOBsS_Y.roa (raw, json)
Hash identifier: 7VsYncI9GJ9Pla4NofVnAxZDZ15RiyBcV0FfXR1sum4=
Subject key identifier: 6D:FF:C8:73:E2:FD:3A:87:EB:59:7B:4D:1C:09:92:30:E0:6C:4B:F6
Certificate issuer: /CN=881721281ffba5713e9d052af6fe6d1b040a2a39
Certificate serial: 018CC64A5A1F17A2FA01284D064C20F8531A
Authority key identifier: 88:17:21:28:1F:FB:A5:71:3E:9D:05:2A:F6:FE:6D:1B:04:0A:2A:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBchKB_7pXE-nQUq9v5tGwQKKjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/bf_Ic-L9OofrWXtNHAmSMOBsS_Y.roa
Signing time: Mon 01 Jan 2024 18:30:10 +0000
ROA not before: Mon 01 Jan 2024 18:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34655
IP address blocks: 2a03:9c40:800::/48 maxlen: 48
2a03:9c40:600::/48 maxlen: 48
2a03:9c40:400::/48 maxlen: 48
2a03:9c40:200::/48 maxlen: 48
2a03:9c40::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:5a:1f:17:a2:fa:01:28:4d:06:4c:20:f8:53:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881721281ffba5713e9d052af6fe6d1b040a2a39
Validity
Not Before: Jan 1 18:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dffc873e2fd3a87eb597b4d1c099230e06c4bf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0a:16:38:e1:fc:57:5a:9a:fb:d0:c1:a2:bc:
53:db:84:ee:1c:12:d6:10:0f:2a:26:ce:21:12:d4:
cb:5b:2d:4b:2c:34:7b:f3:14:13:0e:76:28:b9:e2:
d1:9b:8a:98:c2:ef:c8:7a:d2:1b:d7:4a:da:8e:6b:
4f:77:83:f6:fd:69:8f:58:72:1b:bc:67:43:9e:0d:
fe:c5:95:ed:e5:94:bf:63:b2:bc:5c:cb:af:0c:b5:
bf:f8:d3:2f:dc:2c:33:94:5b:bd:61:38:df:fe:c7:
c6:83:42:13:7a:b3:61:c1:cd:ca:9f:86:69:b1:3a:
4f:ba:bf:a0:2d:cb:23:31:88:53:e2:38:a9:df:9a:
d5:3f:d2:c2:61:81:00:f5:cd:78:d8:7e:4e:79:2b:
9d:df:a5:db:2c:3a:c8:f1:5a:40:0c:47:2b:65:6e:
7e:e3:49:cd:1d:ff:dc:53:8d:f9:aa:0d:a2:5b:d0:
02:cd:71:e9:a9:54:df:00:38:51:57:0c:fd:27:d3:
e8:f9:42:b2:30:8c:5c:13:ab:c8:7f:a2:c2:fc:73:
1d:3d:23:58:a5:50:78:d4:5d:d2:b4:99:c7:65:7c:
d9:f8:75:d9:22:10:8a:e8:5b:f2:ec:4e:fc:99:a3:
f5:c9:4f:92:84:01:85:55:96:71:ec:53:8f:c6:47:
6a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:FF:C8:73:E2:FD:3A:87:EB:59:7B:4D:1C:09:92:30:E0:6C:4B:F6
X509v3 Authority Key Identifier:
keyid:88:17:21:28:1F:FB:A5:71:3E:9D:05:2A:F6:FE:6D:1B:04:0A:2A:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBchKB_7pXE-nQUq9v5tGwQKKjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/bf_Ic-L9OofrWXtNHAmSMOBsS_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/iBchKB_7pXE-nQUq9v5tGwQKKjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:9c40::/48
2a03:9c40:200::/48
2a03:9c40:400::/48
2a03:9c40:600::/48
2a03:9c40:800::/48
Signature Algorithm: sha256WithRSAEncryption
9e:11:f8:ad:3f:f4:23:6e:47:47:14:f1:1c:0d:e3:ea:0a:95:
f3:c8:d0:a8:cf:d9:4f:3c:87:82:0f:18:5b:19:17:af:aa:fc:
39:c5:fb:ae:96:a7:c8:22:fb:16:84:b6:1c:54:b0:d4:46:3d:
d7:a0:6b:03:e7:7a:a1:d8:78:cb:68:5e:e9:44:fd:19:68:04:
fb:aa:6a:08:30:32:cf:40:86:ba:a5:b4:f1:b6:fc:f7:23:15:
50:43:b6:03:f5:1f:09:34:90:bd:69:25:8b:b8:17:20:49:14:
e8:6a:04:d5:6a:ca:8a:25:d4:a7:76:72:f1:3b:e2:66:e0:f6:
58:48:6c:e1:45:a9:fd:b4:84:b6:46:87:4b:3b:de:82:84:b4:
23:c1:25:1a:46:ac:d0:47:93:e3:b7:8a:e9:a8:8a:02:69:94:
6d:c3:87:f9:50:ea:b4:42:7e:0e:0f:90:a2:33:e3:cd:5f:c2:
9d:36:50:b4:42:60:cf:cf:83:fc:90:9e:a9:df:6a:e5:9a:1d:
ed:31:77:a3:9e:da:b9:36:e3:d7:37:0b:16:7c:8c:79:59:e1:
b3:55:dc:17:e3:b5:ad:77:3c:6b:88:cd:8a:3a:4b:12:81:f0:
13:50:48:e1:cb:a9:d6:8f:a9:e7:f6:b4:33:9b:7b:c0:b4:28:
2c:69:89:79
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzGSlofF6L6AShNBkwg+FMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTcyMTI4MWZmYmE1NzEzZTlkMDUyYWY2ZmU2ZDFiMDQw
YTJhMzkwHhcNMjQwMTAxMTgzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGZmYzg3M2UyZmQzYTg3ZWI1OTdiNGQxYzA5OTIzMGUwNmM0YmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwoWOOH8V1qa+9DBorxT24TuHBLW
EA8qJs4hEtTLWy1LLDR78xQTDnYoueLRm4qYwu/IetIb10rajmtPd4P2/WmPWHIb
vGdDng3+xZXt5ZS/Y7K8XMuvDLW/+NMv3CwzlFu9YTjf/sfGg0ITerNhwc3Kn4Zp
sTpPur+gLcsjMYhT4jip35rVP9LCYYEA9c142H5OeSud36XbLDrI8VpADEcrZW5+
40nNHf/cU435qg2iW9ACzXHpqVTfADhRVwz9J9Po+UKyMIxcE6vIf6LC/HMdPSNY
pVB41F3StJnHZXzZ+HXZIhCK6Fvy7E78maP1yU+ShAGFVZZx7FOPxkdqiwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFG3/yHPi/TqH61l7TRwJkjDgbEv2MB8GA1UdIwQY
MBaAFIgXISgf+6VxPp0FKvb+bRsECio5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJjaEtCXzdwWEUtblFVcTl2NXRHd1FLS2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy84YzgzZmQtNTJiNS00MGJiLTk5NjMt
NDg4NzNiYWE2OWE3LzEvYmZfSWMtTDlPb2ZyV1h0TkhBbVNNT0JzU19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy84YzgzZmQtNTJiNS00MGJiLTk5NjMtNDg4NzNiYWE2OWE3
LzEvaUJjaEtCXzdwWEUtblFVcTl2NXRHd1FLS2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcAKgOcQAAA
AwcAKgOcQAIAAwcAKgOcQAQAAwcAKgOcQAYAAwcAKgOcQAgAMA0GCSqGSIb3DQEB
CwUAA4IBAQCeEfitP/QjbkdHFPEcDePqCpXzyNCoz9lPPIeCDxhbGRevqvw5xfuu
lqfIIvsWhLYcVLDURj3XoGsD53qh2HjLaF7pRP0ZaAT7qmoIMDLPQIa6pbTxtvz3
IxVQQ7YD9R8JNJC9aSWLuBcgSRToagTVasqKJdSndnLxO+Jm4PZYSGzhRan9tIS2
RodLO96ChLQjwSUaRqzQR5Pjt4rpqIoCaZRtw4f5UOq0Qn4OD5CiM+PNX8KdNlC0
QmDPz4P8kJ6p32rlmh3tMXejntq5NuPXNwsWfIx5WeGzVdwX47WtdzxriM2KOksS
gfATUEjhy6nWj6nn9rQzm3vAtCgsaYl5
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:23 2025 by rpki-client