Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Bfj72Ys52MphBzT3cOXlamKD5AI.roa
File: Bfj72Ys52MphBzT3cOXlamKD5AI.roa (raw, json)
Hash identifier: z+viHBQM3L4NjIbTu3G+X4iVr9AAdhNXJazLG8J6RUI=
Subject key identifier: 05:F8:FB:D9:8B:39:D8:CA:61:07:34:F7:70:E5:E5:6A:62:83:E4:02
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018573900A543102ECF645C0FD9EAE47B3FA
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Bfj72Ys52MphBzT3cOXlamKD5AI.roa
Signing time: Mon 02 Jan 2023 17:38:17 +0000
ROA not before: Mon 02 Jan 2023 17:38:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210902
IP address blocks: 2a0b:b87:ff10::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:90:0a:54:31:02:ec:f6:45:c0:fd:9e:ae:47:b3:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05f8fbd98b39d8ca610734f770e5e56a6283e402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d4:80:91:2d:15:75:b2:4d:34:ad:eb:db:bb:
14:b0:30:bb:90:a9:ed:0b:56:0a:7b:cc:ee:51:49:
08:f1:1d:d3:57:71:29:fc:be:2b:7e:42:bb:a4:ea:
6f:a5:cd:ef:c2:aa:fb:28:b1:22:91:32:c3:67:45:
66:1c:d4:f7:ba:29:b1:54:65:c5:3c:da:fc:79:0a:
dc:f0:67:07:b3:8d:3b:33:c9:25:5c:29:ce:f6:c0:
11:20:f8:70:23:4d:2c:08:68:d9:d1:f5:d3:dd:e1:
43:86:08:18:5c:b7:ff:81:49:71:54:38:8c:e2:d0:
a0:75:89:4f:37:99:6c:6f:10:5e:f7:3e:d5:9e:21:
bd:04:3b:45:6e:75:44:5c:29:6a:8b:9d:f8:75:3e:
30:9c:93:39:81:3c:4e:5d:c8:0a:88:05:a3:6b:c3:
c1:63:a6:c4:8b:b0:5c:73:a1:35:2b:d6:6a:86:95:
b8:fb:72:9f:67:a6:2d:38:09:b2:96:4b:71:78:82:
0e:5a:1c:c3:04:8b:eb:cf:60:ac:e1:dc:5c:a0:99:
60:75:3c:df:4a:6e:67:f3:86:57:6e:35:cd:3a:ff:
8d:90:c8:4f:e4:ed:fa:78:7d:e4:12:e6:c4:69:9b:
d6:e4:5b:a7:61:2a:17:86:95:b0:01:a9:9f:06:21:
72:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:F8:FB:D9:8B:39:D8:CA:61:07:34:F7:70:E5:E5:6A:62:83:E4:02
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Bfj72Ys52MphBzT3cOXlamKD5AI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ff10::/48
Signature Algorithm: sha256WithRSAEncryption
1f:f2:18:9f:8f:94:c9:0d:4f:ad:39:1f:59:d6:c0:d7:35:fb:
4d:be:ff:5c:13:58:21:77:91:98:08:cc:75:e6:e2:f2:80:e1:
95:3b:b1:84:39:14:68:df:62:95:06:e3:dd:1f:2e:36:66:23:
c5:1e:1e:a9:58:f9:bb:4d:52:22:f4:2c:8c:1f:06:2e:4c:9d:
a3:28:ae:25:34:5e:e9:52:05:0e:6f:13:ff:5a:58:63:24:6c:
c9:1f:a8:a6:00:a2:2a:e8:c7:32:b6:7d:df:50:0d:44:7b:74:
0c:2c:38:f2:63:7f:e5:b5:e4:8c:dd:ad:bd:fc:35:9a:01:c9:
d0:d1:55:b0:d0:e5:b6:1b:16:16:da:c2:d3:34:51:7f:91:bd:
c1:fe:3f:09:42:3d:55:8b:ff:02:c7:41:8c:61:5a:2c:e6:51:
13:7c:5c:15:97:a8:9c:47:84:e4:ff:ae:46:2f:b4:da:a4:fc:
8f:c2:59:04:9e:8c:f1:32:0c:0f:85:62:9b:00:bd:62:61:45:
aa:fe:fa:0e:34:3f:c5:b1:8f:78:7a:50:25:c0:ca:8c:ff:53:
73:0b:74:96:9f:f3:4b:0c:76:03:66:9c:c5:0f:e3:52:7f:6c:
c1:c1:c4:61:6c:ca:98:1a:a4:88:81:48:e5:4a:a0:7d:fb:9e:
4d:ea:52:cd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzkApUMQLs9kXA/Z6uR7P6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWY4ZmJkOThiMzlkOGNhNjEwNzM0Zjc3MGU1ZTU2YTYyODNlNDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutSAkS0VdbJNNK3r27sUsDC7kKnt
C1YKe8zuUUkI8R3TV3Ep/L4rfkK7pOpvpc3vwqr7KLEikTLDZ0VmHNT3uimxVGXF
PNr8eQrc8GcHs407M8klXCnO9sARIPhwI00sCGjZ0fXT3eFDhggYXLf/gUlxVDiM
4tCgdYlPN5lsbxBe9z7VniG9BDtFbnVEXClqi534dT4wnJM5gTxOXcgKiAWja8PB
Y6bEi7Bcc6E1K9ZqhpW4+3KfZ6YtOAmylktxeIIOWhzDBIvrz2Cs4dxcoJlgdTzf
Sm5n84ZXbjXNOv+NkMhP5O36eH3kEubEaZvW5FunYSoXhpWwAamfBiFy8QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAX4+9mLOdjKYQc093Dl5Wpig+QCMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvQmZqNzJZczUyTXBoQnpUM2NPWGxhbUtENUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh/8Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAf8hifj5TJDU+tOR9Z1sDXNftNvv9cE1ghd5GY
CMx15uLygOGVO7GEORRo32KVBuPdHy42ZiPFHh6pWPm7TVIi9CyMHwYuTJ2jKK4l
NF7pUgUObxP/WlhjJGzJH6imAKIq6Mcytn3fUA1Ee3QMLDjyY3/lteSM3a29/DWa
AcnQ0VWw0OW2GxYW2sLTNFF/kb3B/j8JQj1Vi/8Cx0GMYVos5lETfFwVl6icR4Tk
/65GL7TapPyPwlkEnozxMgwPhWKbAL1iYUWq/voOND/FsY94elAlwMqM/1NzC3SW
n/NLDHYDZpzFD+NSf2zBwcRhbMqYGqSIgUjlSqB9+55N6lLN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:48 2024 by rpki-client on console-fra.rpki-client.org