Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BqfrmidMtYO-HuqbB3AKmOWxnUs.roa
File: BqfrmidMtYO-HuqbB3AKmOWxnUs.roa (raw, json)
Hash identifier: E65b4dvz0fsonFwi8CzxCCylwoVR4mkS74Ui/uOmZLs=
Subject key identifier: 06:A7:EB:9A:27:4C:B5:83:BE:1E:EA:9B:07:70:0A:98:E5:B1:9D:4B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01867A0D00EA368D26288E38862ED398270D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BqfrmidMtYO-HuqbB3AKmOWxnUs.roa
Signing time: Wed 22 Feb 2023 16:55:17 +0000
ROA not before: Wed 22 Feb 2023 16:55:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199762
IP address blocks: 2a0e:b107:11bb::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7a:0d:00:ea:36:8d:26:28:8e:38:86:2e:d3:98:27:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 22 16:55:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06a7eb9a274cb583be1eea9b07700a98e5b19d4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:76:f6:81:a6:c8:8b:e1:e6:b0:b0:fa:dd:a6:
5c:6e:4f:59:93:7c:82:d7:b9:95:dd:51:fd:18:92:
1b:19:4b:96:23:4b:8b:c0:7d:92:cd:1c:4b:5c:76:
c1:fc:44:68:22:c4:01:6f:09:b4:51:f2:c3:5d:96:
62:78:71:60:3a:17:fe:fe:6b:e2:0e:4f:18:71:c8:
9d:a5:95:6c:06:4e:6f:8c:47:78:5d:4d:00:61:01:
9a:bb:fd:5d:46:b8:d9:61:17:5f:7c:ed:1c:a8:98:
b5:52:da:f1:4c:6f:3a:11:d2:c3:72:37:a9:5d:9f:
3e:0e:64:01:c2:dd:3b:cc:93:a2:de:08:21:56:ec:
77:0a:06:13:c5:41:e2:41:ae:8e:2c:a6:bb:35:4c:
f6:1c:cd:e8:13:9d:26:df:da:f1:08:df:c5:78:09:
b6:86:24:76:60:4b:5a:e7:01:6e:c0:80:e0:b2:7c:
62:f2:cd:a2:44:c2:c5:e0:f2:34:99:84:17:14:86:
2a:fb:10:0a:91:ca:c0:30:b3:d6:d1:67:aa:6b:9b:
ba:48:2a:cb:7d:18:5d:6f:e3:cb:b4:9a:f4:00:9c:
fb:d6:30:fe:fa:e9:fd:df:02:99:f9:c6:86:23:90:
70:af:78:ab:55:76:87:a2:fa:c5:9a:a4:0e:5f:f9:
48:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A7:EB:9A:27:4C:B5:83:BE:1E:EA:9B:07:70:0A:98:E5:B1:9D:4B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BqfrmidMtYO-HuqbB3AKmOWxnUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:11bb::/48
Signature Algorithm: sha256WithRSAEncryption
41:c7:ef:a8:e2:9d:46:41:1e:6c:96:46:b3:ea:38:cb:df:4e:
8e:05:8f:78:2e:80:48:d3:f6:cf:65:fb:92:13:84:c8:45:62:
5d:5a:23:68:d2:c8:8e:de:2f:24:6a:1e:1c:90:c7:bc:33:f1:
89:63:ad:84:3f:3e:42:3f:3d:d9:e2:d9:b6:ed:5b:23:20:13:
ec:d7:2c:44:5c:ca:a6:cd:4f:76:ce:f7:ed:5c:a7:a4:eb:6c:
6c:f5:75:49:19:e8:37:07:c3:1b:2d:ce:e9:c3:68:95:86:2f:
55:23:97:71:85:5b:c0:39:55:d5:b7:e6:10:44:0f:a1:7c:da:
b3:fe:bd:4c:fd:f6:14:33:9d:fb:64:db:0c:5a:84:0e:c2:cc:
dd:87:17:c2:7c:df:d5:e6:e0:c2:8c:8a:99:c1:c7:bc:11:52:
f5:60:10:8b:3d:a0:eb:08:b3:f4:87:55:5f:6e:88:1b:8a:60:
9c:ba:18:1a:a1:2d:68:1a:de:9e:b3:8f:28:68:89:b8:6a:cc:
7f:f8:f2:ea:07:0e:96:32:49:22:51:73:a7:92:2f:60:4b:4d:
cb:4d:dd:f4:90:0d:3e:d2:77:01:d4:b1:b6:5b:ea:9c:31:4e:
98:d9:9b:1f:a1:36:11:9a:d7:69:45:e7:8a:f5:a9:d1:3e:dd:
25:4e:6f:5d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYZ6DQDqNo0mKI44hi7TmCcNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjIyMTY1NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmE3ZWI5YTI3NGNiNTgzYmUxZWVhOWIwNzcwMGE5OGU1YjE5ZDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3b2gabIi+HmsLD63aZcbk9Zk3yC
17mV3VH9GJIbGUuWI0uLwH2SzRxLXHbB/ERoIsQBbwm0UfLDXZZieHFgOhf+/mvi
Dk8YccidpZVsBk5vjEd4XU0AYQGau/1dRrjZYRdffO0cqJi1UtrxTG86EdLDcjep
XZ8+DmQBwt07zJOi3gghVux3CgYTxUHiQa6OLKa7NUz2HM3oE50m39rxCN/FeAm2
hiR2YEta5wFuwIDgsnxi8s2iRMLF4PI0mYQXFIYq+xAKkcrAMLPW0Weqa5u6SCrL
fRhdb+PLtJr0AJz71jD++un93wKZ+caGI5Bwr3irVXaHovrFmqQOX/lI4wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAan65onTLWDvh7qmwdwCpjlsZ1LMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQnFmcm1pZE10WU8tSHVxYkIzQUttT1d4blVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxG7
MA0GCSqGSIb3DQEBCwUAA4IBAQBBx++o4p1GQR5slkaz6jjL306OBY94LoBI0/bP
ZfuSE4TIRWJdWiNo0siO3i8kah4ckMe8M/GJY62EPz5CPz3Z4tm27VsjIBPs1yxE
XMqmzU92zvftXKek62xs9XVJGeg3B8MbLc7pw2iVhi9VI5dxhVvAOVXVt+YQRA+h
fNqz/r1M/fYUM537ZNsMWoQOwszdhxfCfN/V5uDCjIqZwce8EVL1YBCLPaDrCLP0
h1VfbogbimCcuhgaoS1oGt6es48oaIm4asx/+PLqBw6WMkkiUXOnki9gS03LTd30
kA0+0ncB1LG2W+qcMU6Y2ZsfoTYRmtdpReeK9anRPt0lTm9d
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:14 2023 by rpki-client on console-fra.rpki-client.org