Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BB2fIk6GAaK4V5P1exr8KQPMhWA.roa
File: BB2fIk6GAaK4V5P1exr8KQPMhWA.roa (raw, json)
Hash identifier: 2a+7F4ZhVToq/5QMtdRpU9rBQ+G+5ArSHgqOXC76RFA=
Subject key identifier: 04:1D:9F:22:4E:86:01:A2:B8:57:93:F5:7B:1A:FC:29:03:CC:85:60
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01896FBE4471F4050EEEED0740937F309478
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BB2fIk6GAaK4V5P1exr8KQPMhWA.roa
Signing time: Wed 19 Jul 2023 20:01:27 +0000
ROA not before: Wed 19 Jul 2023 20:01:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212504
IP address blocks: 2a0e:97c0:9c0::/43 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Jul 2023 08:06:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6f:be:44:71:f4:05:0e:ee:ed:07:40:93:7f:30:94:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 19 20:01:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=041d9f224e8601a2b85793f57b1afc2903cc8560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b0:73:2f:13:a6:c2:24:dd:c0:85:fa:8d:25:
50:21:7f:7f:05:25:cf:56:25:ba:f8:4d:fd:22:40:
94:50:d7:62:c3:a2:d5:e6:53:bb:3c:c1:bd:4b:d5:
db:ff:2c:42:e1:20:20:9e:5b:56:a4:06:73:a1:eb:
55:64:2a:83:77:e3:2e:0b:0c:56:b7:7f:38:46:26:
a0:94:8d:e9:32:02:ba:1e:0a:f0:da:7e:73:c5:68:
f0:9e:b2:0a:6e:29:a0:42:bc:83:e6:c4:89:43:91:
1e:a7:ab:89:05:8b:77:c0:6f:57:1d:4b:f0:75:e1:
bf:25:57:b5:4e:b6:bc:bb:9d:23:26:2a:55:78:68:
1a:e4:aa:d0:4c:d1:4f:5a:e5:21:ed:93:c5:0e:1c:
58:82:f6:1f:12:ce:95:e4:c3:fb:c3:89:9f:53:3d:
5d:82:ab:34:08:04:15:8f:dd:32:df:0b:d2:63:a2:
ff:c2:db:a9:0e:eb:bf:39:46:d6:b6:c1:86:ee:24:
78:08:7a:91:37:3a:d2:5f:20:e4:cc:93:61:46:6a:
57:a3:a7:e9:f3:b7:6b:5d:ae:0e:72:b5:e8:de:b6:
87:00:01:26:be:09:e2:d1:d3:52:e8:ee:f2:00:f1:
ed:e7:6f:45:a5:c1:cc:99:f1:ad:4b:96:09:67:85:
31:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:1D:9F:22:4E:86:01:A2:B8:57:93:F5:7B:1A:FC:29:03:CC:85:60
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BB2fIk6GAaK4V5P1exr8KQPMhWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:9c0::/43
Signature Algorithm: sha256WithRSAEncryption
9b:9c:1e:ae:c4:e5:1c:ff:27:3f:7d:25:be:43:d2:fe:27:d8:
92:17:b6:65:6d:f0:9b:2b:1c:81:64:d1:db:37:b9:23:c6:07:
1a:e0:a0:0c:54:8d:0e:d7:55:1e:22:a3:ab:1c:ed:85:24:12:
21:3e:4a:44:dd:74:e8:ef:34:ae:c7:b2:68:a2:1e:75:f2:01:
72:e1:9e:ad:00:6c:b4:b7:5d:9f:da:e9:97:40:86:02:42:0a:
22:25:f8:8b:86:03:d2:42:26:03:dc:c9:77:3f:b0:45:cd:91:
48:e2:3e:05:74:84:a2:3a:5d:a3:93:93:11:93:15:d8:38:b3:
75:5d:4a:97:3f:3e:99:c9:b5:6c:a3:db:86:61:f3:51:54:4a:
74:81:0c:3f:43:83:14:11:72:86:6d:2b:b7:c7:c3:fc:8f:1d:
dd:45:f4:26:2c:56:0b:ed:7b:34:8f:17:62:68:e2:31:6e:42:
df:6e:f6:05:ff:3b:36:70:6c:e6:fb:55:53:8a:58:f8:55:3a:
ae:e4:ab:8a:7b:49:0f:e2:e3:b8:b2:7b:54:e2:62:7a:48:4e:
bb:e6:cf:5c:7c:ab:44:00:17:35:08:2c:82:92:96:d6:b5:0e:
b3:57:d6:ce:d0:db:c6:8d:92:55:9d:7e:e5:b9:37:b0:47:59:
13:b8:6f:81
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYlvvkRx9AUO7u0HQJN/MJR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNzE5MjAwMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDFkOWYyMjRlODYwMWEyYjg1NzkzZjU3YjFhZmMyOTAzY2M4NTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7BzLxOmwiTdwIX6jSVQIX9/BSXP
ViW6+E39IkCUUNdiw6LV5lO7PMG9S9Xb/yxC4SAgnltWpAZzoetVZCqDd+MuCwxW
t384RiaglI3pMgK6Hgrw2n5zxWjwnrIKbimgQryD5sSJQ5Eep6uJBYt3wG9XHUvw
deG/JVe1Tra8u50jJipVeGga5KrQTNFPWuUh7ZPFDhxYgvYfEs6V5MP7w4mfUz1d
gqs0CAQVj90y3wvSY6L/wtupDuu/OUbWtsGG7iR4CHqRNzrSXyDkzJNhRmpXo6fp
87drXa4OcrXo3raHAAEmvgni0dNS6O7yAPHt529FpcHMmfGtS5YJZ4UxtQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAQdnyJOhgGiuFeT9Xsa/CkDzIVgMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQkIyZklrNkdBYUs0VjVQMWV4cjhLUVBNaFdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcFKg6XwAnA
MA0GCSqGSIb3DQEBCwUAA4IBAQCbnB6uxOUc/yc/fSW+Q9L+J9iSF7ZlbfCbKxyB
ZNHbN7kjxgca4KAMVI0O11UeIqOrHO2FJBIhPkpE3XTo7zSux7Jooh518gFy4Z6t
AGy0t12f2umXQIYCQgoiJfiLhgPSQiYD3Ml3P7BFzZFI4j4FdISiOl2jk5MRkxXY
OLN1XUqXPz6ZybVso9uGYfNRVEp0gQw/Q4MUEXKGbSu3x8P8jx3dRfQmLFYL7Xs0
jxdiaOIxbkLfbvYF/zs2cGzm+1VTilj4VTqu5KuKe0kP4uO4sntU4mJ6SE675s9c
fKtEABc1CCyCkpbWtQ6zV9bO0NvGjZJVnX7luTewR1kTuG+B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:27 2024 by rpki-client on console-fra.rpki-client.org