Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/bCqLDAHx1-8CEgJHi4kMUzsBjwE.roa
File: bCqLDAHx1-8CEgJHi4kMUzsBjwE.roa (raw, json)
Hash identifier: xwqahmH4ZGpjUzXVNfSi5F7mTI7ledLfod10yhMZ3YI=
Subject key identifier: 6C:2A:8B:0C:01:F1:D7:EF:02:12:02:47:8B:89:0C:53:3B:01:8F:01
Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Certificate serial: 018DC09933C51DDE9A5A48090BF438B02BF8
Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/bCqLDAHx1-8CEgJHi4kMUzsBjwE.roa
Signing time: Mon 19 Feb 2024 09:01:22 +0000
ROA not before: Mon 19 Feb 2024 09:01:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212623
IP address blocks: 2a13:a5c3:f100::/40 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Jun 2024 13:28:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c0:99:33:c5:1d:de:9a:5a:48:09:0b:f4:38:b0:2b:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Validity
Not Before: Feb 19 09:01:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c2a8b0c01f1d7ef021202478b890c533b018f01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:16:79:fb:b8:a9:4c:d5:9f:e2:1b:ce:b8:80:
72:40:82:05:29:50:f3:27:26:ac:c8:5a:78:21:2e:
65:a9:f9:26:9b:0b:ba:7a:7f:bf:3f:ee:58:4b:cc:
8a:ea:21:7d:94:8f:7a:8e:c6:6f:10:06:cf:2e:06:
cc:96:92:ce:c7:23:b1:5c:eb:58:5f:3c:62:ec:67:
ba:ee:2a:5a:31:78:2c:19:1c:14:a2:55:80:76:37:
5a:66:90:51:ac:ba:35:25:e3:ad:21:da:23:5d:64:
2a:3c:34:d1:73:37:4d:b1:cd:81:22:85:1e:62:19:
e3:c7:01:8d:16:f6:11:b3:a5:61:81:48:7d:7a:bd:
19:fe:56:81:69:2a:58:39:25:b0:ad:45:db:d9:28:
62:98:fe:06:5c:cc:e4:7d:76:d4:a7:42:be:a1:c9:
1d:e9:d5:47:8d:95:b2:73:a6:61:30:50:e4:ce:b0:
fd:98:ff:4e:b9:53:16:11:b0:44:fc:fd:ab:77:9c:
69:be:4e:28:b4:6b:e6:ac:28:25:dd:59:82:8e:c4:
7a:83:37:8c:fc:e1:97:a3:57:d1:e5:ac:b5:30:13:
0a:2a:43:cf:4f:3b:e1:2f:fe:1d:66:1d:ac:d0:80:
ad:5e:e5:68:4c:f0:9b:c0:a3:09:bd:94:66:e8:d7:
69:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:2A:8B:0C:01:F1:D7:EF:02:12:02:47:8B:89:0C:53:3B:01:8F:01
X509v3 Authority Key Identifier:
keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/bCqLDAHx1-8CEgJHi4kMUzsBjwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a5c3:f100::/40
Signature Algorithm: sha256WithRSAEncryption
23:b6:07:9f:7a:ab:a9:69:a6:2e:54:5f:5c:6a:5c:04:5f:ba:
c4:69:e9:17:e0:fd:d5:cc:2e:fa:e8:52:18:b9:2f:3c:70:ad:
8c:4d:d9:7d:90:a2:60:38:9b:74:3b:7e:d6:fa:d5:7c:ac:9e:
ce:62:eb:48:54:48:56:8f:9d:34:c4:9f:6b:e5:9a:5e:48:23:
7a:9f:6a:c1:a5:85:9f:73:2b:dc:85:d8:99:21:57:66:5b:ea:
b9:89:7e:80:75:01:3b:b3:f2:78:c1:a5:10:75:8a:0c:75:29:
bb:48:d3:9b:18:13:a4:ae:6c:c2:23:be:01:1a:fb:b4:6c:46:
de:03:47:1c:21:2b:f5:69:d4:ef:a3:1f:0a:58:04:6e:b7:44:
c3:1f:97:e8:8f:53:d6:ec:cc:b8:50:d9:9e:9d:12:c9:a9:41:
3a:df:10:fd:e6:f7:2c:50:d7:b6:72:4a:f3:6e:e7:13:91:75:
f8:51:5b:b3:a1:5a:d7:10:75:65:d2:78:03:7c:b0:43:95:49:
06:c4:b4:8a:6d:d5:6d:f9:69:d5:4d:cc:88:15:50:d9:37:34:
03:71:a6:ad:f2:2d:c0:3b:83:04:0c:c3:82:e9:6a:60:99:22:
85:ef:13:45:36:cd:de:19:00:62:95:d5:d4:b4:2c:d0:f9:82:
42:1a:3f:92
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAY3AmTPFHd6aWkgJC/Q4sCv4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3
MWRkOWQwHhcNMjQwMjE5MDkwMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzJhOGIwYzAxZjFkN2VmMDIxMjAyNDc4Yjg5MGM1MzNiMDE4ZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBZ5+7ipTNWf4hvOuIByQIIFKVDz
JyasyFp4IS5lqfkmmwu6en+/P+5YS8yK6iF9lI96jsZvEAbPLgbMlpLOxyOxXOtY
Xzxi7Ge67ipaMXgsGRwUolWAdjdaZpBRrLo1JeOtIdojXWQqPDTRczdNsc2BIoUe
YhnjxwGNFvYRs6VhgUh9er0Z/laBaSpYOSWwrUXb2ShimP4GXMzkfXbUp0K+ockd
6dVHjZWyc6ZhMFDkzrD9mP9OuVMWEbBE/P2rd5xpvk4otGvmrCgl3VmCjsR6gzeM
/OGXo1fR5ay1MBMKKkPPTzvhL/4dZh2s0ICtXuVoTPCbwKMJvZRm6NdpcQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGwqiwwB8dfvAhICR4uJDFM7AY8BMB8GA1UdIwQY
MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct
NjNjNzIxY2YxZjU2LzEvYkNxTERBSHgxLThDRWdKSGk0a01VenNCandFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDctNjNjNzIxY2YxZjU2
LzEvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhOlw/Ew
DQYJKoZIhvcNAQELBQADggEBACO2B596q6lppi5UX1xqXARfusRp6Rfg/dXMLvro
Uhi5LzxwrYxN2X2QomA4m3Q7ftb61Xysns5i60hUSFaPnTTEn2vlml5II3qfasGl
hZ9zK9yF2JkhV2Zb6rmJfoB1ATuz8njBpRB1igx1KbtI05sYE6SubMIjvgEa+7Rs
Rt4DRxwhK/Vp1O+jHwpYBG63RMMfl+iPU9bszLhQ2Z6dEsmpQTrfEP3m9yxQ17Zy
SvNu5xORdfhRW7OhWtcQdWXSeAN8sEOVSQbEtIpt1W35adVNzIgVUNk3NANxpq3y
LcA7gwQMw4LpamCZIoXvE0U2zd4ZAGKV1dS0LND5gkIaP5I=
-----END CERTIFICATE-----
Generated at Fri Jun 21 18:06:49 2024 by rpki-client on console-fra.rpki-client.org