Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/BFZGIF5N7Tonx__wcf07DU2exuY.roa
File: BFZGIF5N7Tonx__wcf07DU2exuY.roa (raw, json)
Hash identifier: QzXK05w93Dcy5zLMXZIgVCgaNJDz+2xMFQtKXGNsj6I=
Subject key identifier: 04:56:46:20:5E:4D:ED:3A:27:C7:FF:F0:71:FD:3B:0D:4D:9E:C6:E6
Certificate issuer: /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial: 01929C0AA798B317C44875F3F1B3906C92BA
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/BFZGIF5N7Tonx__wcf07DU2exuY.roa
Signing time: Thu 17 Oct 2024 19:53:16 +0000
ROA not before: Thu 17 Oct 2024 19:53:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57271
IP address blocks: 2a09:3904::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 25 Oct 2024 10:32:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9c:0a:a7:98:b3:17:c4:48:75:f3:f1:b3:90:6c:92:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
Validity
Not Before: Oct 17 19:53:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=045646205e4ded3a27c7fff071fd3b0d4d9ec6e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:30:72:2e:01:1d:71:67:b5:40:13:43:1e:ca:
fe:14:2b:10:eb:91:26:22:3b:56:f3:77:23:0e:77:
fe:88:8c:5d:84:4b:36:7c:75:7d:be:8e:0e:62:12:
a7:29:c9:f7:14:ef:23:76:80:28:69:cc:ce:37:e0:
bb:99:5e:1a:7d:c1:19:98:4a:f1:cb:c6:d9:35:7b:
ae:e7:6a:31:c0:80:31:9a:71:6a:05:cc:0b:0b:de:
82:fc:75:15:6a:0b:c7:bd:b4:c6:cb:bb:2a:4d:c7:
2a:b6:39:2c:d6:9c:2c:52:07:e1:ae:22:47:48:5a:
ea:85:92:84:fb:35:c2:9c:d9:77:8b:ed:da:ce:f7:
c4:0f:82:07:54:ef:a5:9f:f2:3f:c2:ea:3f:56:13:
56:15:a8:fb:e0:bb:d5:cd:f9:97:6c:58:7e:e1:17:
5c:a1:cf:ad:9e:16:91:de:fc:49:cd:ad:70:ef:f4:
f3:da:e0:60:4c:0b:da:62:58:e2:22:c0:d3:af:67:
37:1d:54:b3:a3:76:e4:0c:4d:f0:90:28:94:0b:ca:
2c:57:17:00:53:0c:c7:c2:af:49:b1:5b:f3:06:cb:
70:8e:40:48:bc:73:7a:cf:86:dc:01:b6:cc:1a:84:
e7:f9:93:f6:70:52:c6:03:33:6f:b9:43:28:c9:16:
3b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:56:46:20:5E:4D:ED:3A:27:C7:FF:F0:71:FD:3B:0D:4D:9E:C6:E6
X509v3 Authority Key Identifier:
keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/BFZGIF5N7Tonx__wcf07DU2exuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3904::/32
Signature Algorithm: sha256WithRSAEncryption
b7:6c:ba:c6:8e:9e:c2:54:86:c0:0a:7e:59:28:7c:2e:77:28:
bc:ea:4d:41:c7:d0:76:26:e5:5a:a9:24:ac:7c:ea:08:d5:a0:
e0:c1:cd:44:60:5d:f4:b6:a0:53:b5:16:9f:85:1e:37:d3:9f:
ff:1b:13:4d:96:b2:da:8b:c0:5e:eb:2f:ab:fe:fb:c3:ef:a3:
e9:af:65:1f:3d:5d:11:5a:5b:75:62:ef:46:d1:81:25:48:4b:
5c:ad:bb:d2:17:f0:52:3c:51:0c:e3:89:d8:fb:c0:9c:5b:65:
ad:bf:92:8f:b1:c2:a0:b8:49:9e:9a:60:d9:23:fe:a6:0a:2c:
17:9d:a4:ac:34:a1:1a:39:75:3a:f3:21:89:ac:ac:bb:30:26:
5f:ba:d0:fd:2c:a4:8e:74:5a:b0:a4:86:4e:8c:2c:3a:e7:79:
28:ef:82:13:c3:2a:7c:4c:ed:ef:a7:86:02:10:45:cf:8b:f6:
8e:a4:36:85:36:83:a5:2c:bf:fa:0d:77:b2:4d:2a:00:32:e1:
b2:32:1d:f3:ea:30:07:db:4b:af:a6:18:f3:a8:1a:03:39:4c:
78:f5:7d:10:e0:67:dc:64:a5:df:b4:b6:f3:86:0c:6c:5b:33:
d8:bc:99:a1:83:de:5a:ea:b6:ce:c9:84:c5:cd:67:e4:78:e9:
86:2c:33:ea
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZKcCqeYsxfESHXz8bOQbJK6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjQxMDE3MTk1MzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDU2NDYyMDVlNGRlZDNhMjdjN2ZmZjA3MWZkM2IwZDRkOWVjNmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTByLgEdcWe1QBNDHsr+FCsQ65Em
IjtW83cjDnf+iIxdhEs2fHV9vo4OYhKnKcn3FO8jdoAoaczON+C7mV4afcEZmErx
y8bZNXuu52oxwIAxmnFqBcwLC96C/HUVagvHvbTGy7sqTccqtjks1pwsUgfhriJH
SFrqhZKE+zXCnNl3i+3azvfED4IHVO+ln/I/wuo/VhNWFaj74LvVzfmXbFh+4Rdc
oc+tnhaR3vxJza1w7/Tz2uBgTAvaYljiIsDTr2c3HVSzo3bkDE3wkCiUC8osVxcA
UwzHwq9JsVvzBstwjkBIvHN6z4bcAbbMGoTn+ZP2cFLGAzNvuUMoyRY7+QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFARWRiBeTe06J8f/8HH9Ow1NnsbmMB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvQkZaR0lGNU43VG9ueF9fd2NmMDdEVTJleHVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgk5BDAN
BgkqhkiG9w0BAQsFAAOCAQEAt2y6xo6ewlSGwAp+WSh8LncovOpNQcfQdiblWqkk
rHzqCNWg4MHNRGBd9LagU7UWn4UeN9Of/xsTTZay2ovAXusvq/77w++j6a9lHz1d
EVpbdWLvRtGBJUhLXK270hfwUjxRDOOJ2PvAnFtlrb+Sj7HCoLhJnppg2SP+pgos
F52krDShGjl1OvMhiaysuzAmX7rQ/SykjnRasKSGTowsOud5KO+CE8MqfEzt76eG
AhBFz4v2jqQ2hTaDpSy/+g13sk0qADLhsjId8+owB9tLr6YY86gaAzlMePV9EOBn
3GSl37S284YMbFsz2LyZoYPeWuq2zsmExc1n5Hjphiwz6g==
-----END CERTIFICATE-----
Generated at Fri Oct 25 12:38:02 2024 by rpki-client on console-ams.rpki-client.org