Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bmpRRJfViqLd5813Q7kjupVdlRo.roa
File: bmpRRJfViqLd5813Q7kjupVdlRo.roa (raw, json)
Hash identifier: d67mgYD7DyjlOQ2fnqaUBpUU7A9wtvjAhHaxA92HY1w=
Subject key identifier: 6E:6A:51:44:97:D5:8A:A2:DD:E7:CD:77:43:B9:23:BA:95:5D:95:1A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7BB0FABBAB6B7B96EAE505353AFE4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bmpRRJfViqLd5813Q7kjupVdlRo.roa
Signing time: Mon 02 Jan 2023 05:15:12 +0000
ROA not before: Mon 02 Jan 2023 05:15:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204610
IP address blocks: 2a0e:97c0:b60::/44 maxlen: 48
2a0e:97c0:b60::/48 maxlen: 48
2a0e:97c0:b6a::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 09 Jul 2023 22:51:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:bb:0f:ab:ba:b6:b7:b9:6e:ae:50:53:53:af:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e6a514497d58aa2dde7cd7743b923ba955d951a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6e:86:7b:4a:a7:09:19:b6:c0:02:5b:4d:e3:
51:a1:69:f1:f0:2a:6f:88:cd:1a:c0:51:3d:67:3b:
d7:f0:c0:1c:2d:e8:ea:a3:4e:ce:82:a5:86:5a:8c:
43:b3:a2:3d:fc:90:84:ac:94:74:28:52:ce:a9:99:
32:4c:01:dd:1e:84:4a:22:e8:60:63:f4:9e:6d:d7:
7e:8d:4e:f6:b4:70:21:6c:d7:e2:84:44:95:47:1b:
e3:e5:37:40:af:16:e0:f4:9c:72:55:71:91:5c:0d:
d3:99:8b:37:10:7e:eb:21:06:af:a2:e5:99:fb:48:
d5:be:ca:34:6e:f8:d7:93:bb:19:41:4f:00:39:82:
4f:a0:12:94:ad:9e:07:3d:60:99:d1:31:1f:40:cd:
3b:27:1b:6d:af:35:e1:ae:0a:21:25:c7:1f:0f:09:
2d:f0:16:ae:c2:43:b7:2e:0f:4a:82:94:ee:da:01:
6c:6a:7c:78:c6:e0:21:87:98:36:64:ed:4b:4f:bf:
e6:3d:a6:e2:94:5e:39:24:10:aa:d8:2b:3f:f9:db:
28:22:ad:3c:25:90:38:23:53:4a:36:42:36:0e:c1:
53:6b:e5:39:9b:5b:51:99:e5:1b:62:5a:6a:22:43:
fc:b4:d3:2f:99:2d:ea:e4:36:d7:2d:8b:79:ea:c7:
41:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:6A:51:44:97:D5:8A:A2:DD:E7:CD:77:43:B9:23:BA:95:5D:95:1A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bmpRRJfViqLd5813Q7kjupVdlRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b60::/44
Signature Algorithm: sha256WithRSAEncryption
66:c2:95:ea:e8:d3:00:bf:ee:79:ec:17:fd:9e:94:f6:21:e8:
7a:82:e6:69:02:a1:7e:80:85:f5:e0:94:2b:f4:aa:81:b3:92:
a0:e4:80:39:ca:42:b9:b5:6e:f0:f3:9f:4d:3b:db:d3:96:cb:
eb:35:60:2e:24:08:f6:64:85:ed:26:76:ff:c5:8d:93:89:5e:
08:7c:b5:c8:f9:eb:77:df:5e:5b:71:cf:ba:8a:4f:cb:6a:fe:
d0:5c:29:f3:72:9d:4b:4a:dc:62:11:ba:87:8d:1c:76:be:66:
90:e2:78:b9:25:e7:fa:c1:10:b0:11:b7:b6:5a:2b:4b:60:25:
07:7a:fc:52:1b:23:a2:04:3a:b0:b0:a4:15:e1:fa:9d:f0:47:
82:f0:0a:ce:0e:1c:b6:46:f0:c4:30:37:92:89:a4:75:aa:59:
8b:1d:9a:eb:19:48:e9:88:4a:5f:d1:e0:73:a8:0e:7f:98:bb:
d6:c1:f1:1a:53:d6:f0:c0:21:12:59:a4:a5:76:a3:48:4e:e1:
10:82:70:45:3e:4d:c7:da:3a:33:27:e2:57:90:a8:9d:e2:93:
13:b2:d5:3e:a5:ea:0f:06:f8:6d:7b:eb:52:ea:de:6a:19:17:
3e:a7:34:70:cb:ac:c7:fa:02:17:9f:b9:89:1b:7c:06:aa:a2:
38:32:b4:c9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw57sPq7q2t7lurlBTU6/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTZhNTE0NDk3ZDU4YWEyZGRlN2NkNzc0M2I5MjNiYTk1NWQ5NTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw26Ge0qnCRm2wAJbTeNRoWnx8Cpv
iM0awFE9ZzvX8MAcLejqo07OgqWGWoxDs6I9/JCErJR0KFLOqZkyTAHdHoRKIuhg
Y/Sebdd+jU72tHAhbNfihESVRxvj5TdArxbg9JxyVXGRXA3TmYs3EH7rIQavouWZ
+0jVvso0bvjXk7sZQU8AOYJPoBKUrZ4HPWCZ0TEfQM07JxttrzXhrgohJccfDwkt
8BauwkO3Lg9KgpTu2gFsanx4xuAhh5g2ZO1LT7/mPabilF45JBCq2Cs/+dsoIq08
JZA4I1NKNkI2DsFTa+U5m1tRmeUbYlpqIkP8tNMvmS3q5DbXLYt56sdBjQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG5qUUSX1Yqi3efNd0O5I7qVXZUaMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYm1wUlJKZlZpcUxkNTgxM1E3a2p1cFZkbFJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAtg
MA0GCSqGSIb3DQEBCwUAA4IBAQBmwpXq6NMAv+557Bf9npT2Ieh6guZpAqF+gIX1
4JQr9KqBs5Kg5IA5ykK5tW7w859NO9vTlsvrNWAuJAj2ZIXtJnb/xY2TiV4IfLXI
+et3315bcc+6ik/Lav7QXCnzcp1LStxiEbqHjRx2vmaQ4ni5Jef6wRCwEbe2WitL
YCUHevxSGyOiBDqwsKQV4fqd8EeC8ArODhy2RvDEMDeSiaR1qlmLHZrrGUjpiEpf
0eBzqA5/mLvWwfEaU9bwwCESWaSldqNITuEQgnBFPk3H2jozJ+JXkKid4pMTstU+
peoPBvhte+tS6t5qGRc+pzRwy6zH+gIXn7mJG3wGqqI4MrTJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:34 2024 by rpki-client on console-fra.rpki-client.org