Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/5811c0-6dae-4dd4-987c-d46ffc501f36/1/bufm1xfOrXCVVC1AbMtQEdp8FcA.roa
File: bufm1xfOrXCVVC1AbMtQEdp8FcA.roa (raw, json)
Hash identifier: aEvNWMUEEv+DPeoe+3dLIGBThs01QtATufG6h+vVFKE=
Subject key identifier: 6E:E7:E6:D7:17:CE:AD:70:95:54:2D:40:6C:CB:50:11:DA:7C:15:C0
Certificate issuer: /CN=991b5422cd5578d4715ebe4c5097202523dd5658
Certificate serial: 01856DE646C5EB149DC51D1B449C46AE65BF
Authority key identifier: 99:1B:54:22:CD:55:78:D4:71:5E:BE:4C:50:97:20:25:23:DD:56:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mRtUIs1VeNRxXr5MUJcgJSPdVlg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/5811c0-6dae-4dd4-987c-d46ffc501f36/1/bufm1xfOrXCVVC1AbMtQEdp8FcA.roa
Signing time: Sun 01 Jan 2023 15:14:45 +0000
ROA not before: Sun 01 Jan 2023 15:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60404
IP address blocks: 2001:678:acc::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 May 2023 00:13:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:46:c5:eb:14:9d:c5:1d:1b:44:9c:46:ae:65:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=991b5422cd5578d4715ebe4c5097202523dd5658
Validity
Not Before: Jan 1 15:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ee7e6d717cead7095542d406ccb5011da7c15c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:57:c8:58:3e:88:9c:3b:29:29:b2:cf:b7:12:
6a:cc:d7:46:fc:13:1b:f8:18:b9:7f:53:09:cd:8e:
4d:54:ef:e4:6b:41:33:14:cc:30:18:24:e5:a4:27:
36:40:32:e2:1a:98:c4:c6:bb:21:01:1b:59:b7:90:
d6:78:0c:73:0d:cc:29:05:33:e1:8c:e0:83:27:3c:
a9:b4:67:57:9b:4e:dd:82:93:74:7a:e5:33:f4:f0:
0d:a9:c5:7d:1d:ac:6e:8d:f8:8c:64:b0:e6:c2:32:
67:d8:44:45:82:9f:7a:20:a7:31:eb:7f:74:a0:02:
0b:e6:7a:3c:32:a8:9b:c1:18:c0:12:62:5b:a0:48:
27:32:6c:cc:3d:af:d6:fe:b8:cc:90:10:f0:68:c6:
22:68:12:b7:38:50:78:92:52:1b:39:39:2f:19:23:
27:11:27:eb:c3:ae:e7:76:31:90:12:79:ba:99:3b:
fa:e4:d4:f7:2d:22:23:fd:a2:aa:01:a0:24:99:82:
21:27:0f:ee:b3:f7:5c:8d:fc:0b:90:0b:c8:e9:39:
16:4e:c4:96:21:43:19:29:77:05:73:24:a9:93:10:
98:40:cc:4b:5e:60:da:07:2c:57:d3:4d:d1:6f:18:
5a:73:81:0b:b4:c2:13:8c:aa:eb:8e:f8:c1:22:df:
dc:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:E7:E6:D7:17:CE:AD:70:95:54:2D:40:6C:CB:50:11:DA:7C:15:C0
X509v3 Authority Key Identifier:
keyid:99:1B:54:22:CD:55:78:D4:71:5E:BE:4C:50:97:20:25:23:DD:56:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mRtUIs1VeNRxXr5MUJcgJSPdVlg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/5811c0-6dae-4dd4-987c-d46ffc501f36/1/bufm1xfOrXCVVC1AbMtQEdp8FcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/5811c0-6dae-4dd4-987c-d46ffc501f36/1/mRtUIs1VeNRxXr5MUJcgJSPdVlg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:acc::/48
Signature Algorithm: sha256WithRSAEncryption
0a:13:80:27:84:7d:ce:79:9b:3f:e6:87:89:e8:7c:83:c4:4d:
af:02:33:08:43:58:64:71:a2:e4:09:bb:26:85:d3:35:b1:69:
e6:c7:4f:03:98:87:4d:57:76:ea:a5:0c:ed:78:e3:71:68:a8:
00:e0:1f:5d:5c:73:5c:e8:0a:86:d2:13:a3:da:9b:e2:c2:5a:
38:34:53:a9:a1:db:c9:7c:77:ce:15:de:dd:4f:8e:37:da:c4:
9c:5c:ef:7a:b4:b2:3c:d2:3d:b5:2f:79:72:6a:be:a2:fa:28:
7e:00:2e:fa:5e:f2:96:cb:0a:e9:6c:c4:34:9e:1a:e9:73:df:
9e:54:e4:23:15:cd:23:9e:ef:46:5a:db:91:6d:9a:86:c1:ea:
f2:61:b7:91:fc:1e:8d:e1:47:0c:94:a0:b3:dd:b6:b7:45:8c:
8c:6b:ac:e2:d5:e1:a7:0e:c5:d7:27:23:3c:d4:03:81:a4:a7:
39:ff:ab:68:8f:76:1a:8c:d9:41:d5:87:dd:e7:64:88:4c:48:
8c:70:19:65:0d:27:43:c5:f5:e8:b0:27:e9:21:ac:a2:88:e2:
b0:a4:f7:7c:0a:aa:f1:92:b4:a5:89:cb:60:7c:64:67:f0:a3:
24:83:46:8f:ad:15:2b:12:4c:a3:d9:55:63:a2:de:1d:b3:f4:
d4:84:ef:35
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVt5kbF6xSdxR0bRJxGrmW/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MWI1NDIyY2Q1NTc4ZDQ3MTVlYmU0YzUwOTcyMDI1MjNk
ZDU2NTgwHhcNMjMwMTAxMTUxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWU3ZTZkNzE3Y2VhZDcwOTU1NDJkNDA2Y2NiNTAxMWRhN2MxNWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFfIWD6InDspKbLPtxJqzNdG/BMb
+Bi5f1MJzY5NVO/ka0EzFMwwGCTlpCc2QDLiGpjExrshARtZt5DWeAxzDcwpBTPh
jOCDJzyptGdXm07dgpN0euUz9PANqcV9HaxujfiMZLDmwjJn2ERFgp96IKcx6390
oAIL5no8MqibwRjAEmJboEgnMmzMPa/W/rjMkBDwaMYiaBK3OFB4klIbOTkvGSMn
ESfrw67ndjGQEnm6mTv65NT3LSIj/aKqAaAkmYIhJw/us/dcjfwLkAvI6TkWTsSW
IUMZKXcFcySpkxCYQMxLXmDaByxX003Rbxhac4ELtMITjKrrjvjBIt/cOwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG7n5tcXzq1wlVQtQGzLUBHafBXAMB8GA1UdIwQY
MBaAFJkbVCLNVXjUcV6+TFCXICUj3VZYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVJ0VUlzMVZlTlJ4WHI1TVVKY2dKU1BkVmxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy81ODExYzAtNmRhZS00ZGQ0LTk4N2Mt
ZDQ2ZmZjNTAxZjM2LzEvYnVmbTF4Zk9yWENWVkMxQWJNdFFFZHA4RmNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy81ODExYzAtNmRhZS00ZGQ0LTk4N2MtZDQ2ZmZjNTAxZjM2
LzEvbVJ0VUlzMVZlTlJ4WHI1TVVKY2dKU1BkVmxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeArM
MA0GCSqGSIb3DQEBCwUAA4IBAQAKE4AnhH3OeZs/5oeJ6HyDxE2vAjMIQ1hkcaLk
CbsmhdM1sWnmx08DmIdNV3bqpQzteONxaKgA4B9dXHNc6AqG0hOj2pviwlo4NFOp
odvJfHfOFd7dT4432sScXO96tLI80j21L3lyar6i+ih+AC76XvKWywrpbMQ0nhrp
c9+eVOQjFc0jnu9GWtuRbZqGweryYbeR/B6N4UcMlKCz3ba3RYyMa6zi1eGnDsXX
JyM81AOBpKc5/6toj3YajNlB1Yfd52SITEiMcBllDSdDxfXosCfpIayiiOKwpPd8
CqrxkrSlictgfGRn8KMkg0aPrRUrEkyj2VVjot4ds/TUhO81
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:24 2024 by rpki-client on console-fra.rpki-client.org