Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/bsCsCK2P6S0F3xwxmx7xDaaaqlE.roa
File: bsCsCK2P6S0F3xwxmx7xDaaaqlE.roa (raw, json)
Hash identifier: VOIYcea6IyaJVkWs8W1AwyM8ifqlR0AAgPBaz9vEiNI=
Subject key identifier: 6E:C0:AC:08:AD:8F:E9:2D:05:DF:1C:31:9B:1E:F1:0D:A6:9A:AA:51
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCCEF8878633F6F9157F6B32C8DB6A
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/bsCsCK2P6S0F3xwxmx7xDaaaqlE.roa
Signing time: Tue 02 Jan 2024 10:34:03 +0000
ROA not before: Tue 02 Jan 2024 10:34:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31483
IP address blocks: 2a02:2698:a002::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ce:f8:87:86:33:f6:f9:15:7f:6b:32:c8:db:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ec0ac08ad8fe92d05df1c319b1ef10da69aaa51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3e:31:3a:8e:e8:4a:f3:6f:a1:66:6f:23:00:
7d:ba:da:f8:12:6a:f4:ba:1a:00:57:4a:96:86:25:
ad:85:f6:4e:3e:e6:6a:68:14:13:6f:df:a7:02:f3:
ac:4b:21:df:50:b5:48:be:44:a2:e5:b2:e6:93:39:
36:30:f3:88:f7:c3:a9:45:81:03:f1:b0:3c:8f:46:
fd:fd:75:db:1e:9b:bd:d7:6d:82:dd:f0:f5:93:84:
49:e0:ab:6c:79:01:76:d5:ac:4c:ce:56:50:1a:75:
f8:11:1f:bc:ed:5d:54:6e:2a:1d:1a:2d:55:a4:46:
6a:43:76:26:b3:df:86:9d:43:f7:e7:67:d9:a0:04:
9d:be:22:98:20:2a:ca:ae:fd:44:17:c1:1c:38:43:
ad:34:08:52:1b:66:a3:aa:f7:b8:41:50:03:8a:d2:
05:92:31:84:c3:e6:5b:54:a9:a3:2d:8e:98:b2:f3:
b5:89:75:17:ab:e7:19:49:05:f6:5d:16:3a:3b:a7:
22:60:82:63:88:4b:97:0e:45:65:01:e6:45:6e:30:
d6:21:b4:ad:60:a5:85:5c:24:a8:99:42:85:e6:a0:
ee:57:bd:52:9d:0a:01:77:bb:76:a8:85:f3:28:b1:
c6:49:c6:0c:c4:af:29:e9:c1:e2:2a:4b:0e:ca:40:
3d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C0:AC:08:AD:8F:E9:2D:05:DF:1C:31:9B:1E:F1:0D:A6:9A:AA:51
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/bsCsCK2P6S0F3xwxmx7xDaaaqlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:a002::/48
Signature Algorithm: sha256WithRSAEncryption
dd:ff:40:0e:18:6f:b5:d0:b2:77:ad:27:50:9a:ec:37:58:f5:
6f:0c:5b:63:6e:f7:03:ed:7d:2e:df:18:6b:a2:f7:a6:e1:f2:
fd:ba:56:8e:b8:c0:8e:df:b1:e4:16:d3:1a:c8:3c:7c:21:f2:
70:0c:0a:21:81:f7:60:52:f2:14:88:04:f2:e0:e3:49:fc:51:
c9:ac:99:35:6d:09:6b:ad:8c:95:75:c6:85:e2:bf:f7:ae:10:
1f:5d:03:ee:60:94:6e:c3:15:30:cc:f2:ba:60:a3:d7:8e:dd:
92:de:d2:1c:50:d1:37:fd:2d:3e:e1:5c:35:9a:41:fb:40:8f:
3e:6a:b6:35:f3:0f:f0:77:b0:10:64:2d:96:32:b3:32:5b:d0:
18:03:00:e2:af:7f:9c:bb:2a:58:35:ab:c4:e5:ee:c5:53:13:
b9:3b:6c:c8:6b:3f:65:17:18:1b:00:26:af:8d:68:d7:b1:6e:
1d:a7:22:eb:86:dc:d7:37:b0:10:6f:c6:77:32:88:97:63:7b:
22:c4:ff:59:c4:9d:04:da:1a:9c:a0:e1:52:55:5a:0b:82:51:
82:20:15:6e:e2:ce:e4:9d:49:1e:83:fb:a2:6c:82:1d:78:07:
62:43:4e:64:2f:20:a3:8e:6c:8a:ca:3b:9e:c0:1d:aa:0b:be:
86:9e:67:04
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvM74h4Yz9vkVf2syyNtqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWMwYWMwOGFkOGZlOTJkMDVkZjFjMzE5YjFlZjEwZGE2OWFhYTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoT4xOo7oSvNvoWZvIwB9utr4Emr0
uhoAV0qWhiWthfZOPuZqaBQTb9+nAvOsSyHfULVIvkSi5bLmkzk2MPOI98OpRYED
8bA8j0b9/XXbHpu9122C3fD1k4RJ4KtseQF21axMzlZQGnX4ER+87V1UbiodGi1V
pEZqQ3Yms9+GnUP352fZoASdviKYICrKrv1EF8EcOEOtNAhSG2ajqve4QVADitIF
kjGEw+ZbVKmjLY6YsvO1iXUXq+cZSQX2XRY6O6ciYIJjiEuXDkVlAeZFbjDWIbSt
YKWFXCSomUKF5qDuV71SnQoBd7t2qIXzKLHGScYMxK8p6cHiKksOykA9cQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG7ArAitj+ktBd8cMZse8Q2mmqpRMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvYnNDc0NLMlA2UzBGM3h3eG14N3hEYWFhcWxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgImmKAC
MA0GCSqGSIb3DQEBCwUAA4IBAQDd/0AOGG+10LJ3rSdQmuw3WPVvDFtjbvcD7X0u
3xhrovem4fL9ulaOuMCO37HkFtMayDx8IfJwDAohgfdgUvIUiATy4ONJ/FHJrJk1
bQlrrYyVdcaF4r/3rhAfXQPuYJRuwxUwzPK6YKPXjt2S3tIcUNE3/S0+4Vw1mkH7
QI8+arY18w/wd7AQZC2WMrMyW9AYAwDir3+cuypYNavE5e7FUxO5O2zIaz9lFxgb
ACavjWjXsW4dpyLrhtzXN7AQb8Z3MoiXY3sixP9ZxJ0E2hqcoOFSVVoLglGCIBVu
4s7knUkeg/uibIIdeAdiQ05kLyCjjmyKyjuewB2qC76GnmcE
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:45 2025 by rpki-client