Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fe3f3e-e187-4a12-aa9a-243c5f4e2e40/1/BQPQCwjzBEuctmuFIjdf3WOHbfc.roa
File: BQPQCwjzBEuctmuFIjdf3WOHbfc.roa (raw, json)
Hash identifier: kcijbCnm84Jmm/2r99tUc3oyKs3FG8MW9PnwKfOWqMM=
Subject key identifier: 05:03:D0:0B:08:F3:04:4B:9C:B6:6B:85:22:37:5F:DD:63:87:6D:F7
Certificate issuer: /CN=a9a815be7547eb870eb5f641d30fe6963741c8e0
Certificate serial: 018CC3B69EFF5E5DC4E0C29424ED516A0045
Authority key identifier: A9:A8:15:BE:75:47:EB:87:0E:B5:F6:41:D3:0F:E6:96:37:41:C8:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qagVvnVH64cOtfZB0w_mljdByOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fe3f3e-e187-4a12-aa9a-243c5f4e2e40/1/BQPQCwjzBEuctmuFIjdf3WOHbfc.roa
Signing time: Mon 01 Jan 2024 06:29:34 +0000
ROA not before: Mon 01 Jan 2024 06:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44156
IP address blocks: 79.99.96.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:9e:ff:5e:5d:c4:e0:c2:94:24:ed:51:6a:00:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9a815be7547eb870eb5f641d30fe6963741c8e0
Validity
Not Before: Jan 1 06:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0503d00b08f3044b9cb66b8522375fdd63876df7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ac:48:3a:9d:5f:b7:37:6b:01:84:59:1f:1d:
e4:fe:6b:9f:51:e9:11:7d:9c:9c:86:68:af:2e:1c:
a3:af:9d:ef:13:30:34:76:51:a2:75:dc:6f:9f:3e:
2b:86:d2:12:5d:20:a0:24:e9:1a:ba:6d:4f:88:1e:
10:74:06:d8:5c:bd:a3:cc:6c:25:75:69:f8:39:dc:
5e:6c:75:4b:0c:0e:23:00:48:e2:2e:1f:1a:00:1f:
46:15:10:5b:e0:2e:30:6c:be:cb:3a:2c:99:92:c7:
fb:06:72:99:1a:d7:75:e4:57:f6:90:d6:0b:ab:a6:
c1:bd:e1:ce:8e:3b:0e:98:c0:34:9f:ae:63:25:1c:
14:e5:25:8d:e6:9b:96:73:ef:10:25:c7:fb:97:66:
7c:00:65:6f:f0:28:7e:4a:f3:20:aa:05:ee:59:6e:
dd:16:10:5d:b7:f1:a3:03:f6:e3:7a:3a:51:be:98:
74:2e:e5:b6:79:63:62:ae:c6:0c:65:1a:a0:55:b4:
86:11:37:f5:05:2e:4a:5c:c3:4b:03:ca:2e:01:4f:
cc:1e:16:e6:ab:9d:7e:ef:cf:5c:a5:f8:ea:41:5a:
b5:12:bc:6e:d1:90:ab:73:fe:7b:d5:a0:45:b6:62:
8f:4f:a8:96:8f:b2:20:aa:0d:ef:43:80:31:53:ee:
d1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:03:D0:0B:08:F3:04:4B:9C:B6:6B:85:22:37:5F:DD:63:87:6D:F7
X509v3 Authority Key Identifier:
keyid:A9:A8:15:BE:75:47:EB:87:0E:B5:F6:41:D3:0F:E6:96:37:41:C8:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qagVvnVH64cOtfZB0w_mljdByOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fe3f3e-e187-4a12-aa9a-243c5f4e2e40/1/BQPQCwjzBEuctmuFIjdf3WOHbfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fe3f3e-e187-4a12-aa9a-243c5f4e2e40/1/qagVvnVH64cOtfZB0w_mljdByOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.99.96.0/21
Signature Algorithm: sha256WithRSAEncryption
bd:ba:4f:92:e8:50:7e:30:73:6a:59:0e:9f:ce:38:92:9f:e2:
21:6f:79:49:6a:bd:f2:ea:ea:09:4c:bf:1a:b5:60:f4:cf:ad:
e7:85:1c:dd:63:9b:f8:22:87:6b:62:31:5c:53:e6:de:ae:ff:
35:0c:d6:3f:8d:67:3b:30:7d:21:29:d2:6b:7d:cc:b1:14:a7:
18:0f:2c:5b:cf:75:b0:57:a3:da:45:b6:a9:ff:c8:59:45:f3:
1c:63:72:e9:ee:6b:5d:74:3a:ac:d3:41:91:18:60:9e:97:13:
0e:8c:d6:45:f3:09:f1:dc:81:7b:a8:24:3d:ab:dd:ac:8d:11:
db:30:ec:aa:e8:27:39:23:4e:a0:7b:05:fc:ba:25:11:60:dd:
29:c3:e6:72:c5:26:45:07:7d:2b:f9:b6:8c:be:1c:b8:29:88:
d6:4a:dd:ff:fc:47:72:fd:c7:6a:eb:ed:72:39:f4:b2:e0:18:
78:a3:88:c6:b5:e6:44:d4:21:22:ac:94:8d:71:26:ed:c0:07:
a9:51:55:4f:25:9f:13:f3:32:eb:fc:58:2d:56:d1:ef:4c:1b:
c0:36:43:05:2d:e7:08:f0:24:c1:80:6a:1f:4d:dc:64:e0:60:
71:60:06:0b:21:fd:f6:b2:90:47:3c:23:fa:14:39:e1:5e:02:
6c:33:6e:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtp7/Xl3E4MKUJO1RagBFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YTgxNWJlNzU0N2ViODcwZWI1ZjY0MWQzMGZlNjk2Mzc0
MWM4ZTAwHhcNMjQwMTAxMDYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTAzZDAwYjA4ZjMwNDRiOWNiNjZiODUyMjM3NWZkZDYzODc2ZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKxIOp1ftzdrAYRZHx3k/mufUekR
fZychmivLhyjr53vEzA0dlGiddxvnz4rhtISXSCgJOkaum1PiB4QdAbYXL2jzGwl
dWn4OdxebHVLDA4jAEjiLh8aAB9GFRBb4C4wbL7LOiyZksf7BnKZGtd15Ff2kNYL
q6bBveHOjjsOmMA0n65jJRwU5SWN5puWc+8QJcf7l2Z8AGVv8Ch+SvMgqgXuWW7d
FhBdt/GjA/bjejpRvph0LuW2eWNirsYMZRqgVbSGETf1BS5KXMNLA8ouAU/MHhbm
q51+789cpfjqQVq1Erxu0ZCrc/571aBFtmKPT6iWj7Igqg3vQ4AxU+7R4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAUD0AsI8wRLnLZrhSI3X91jh233MB8GA1UdIwQY
MBaAFKmoFb51R+uHDrX2QdMP5pY3QcjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWFnVnZuVkg2NGNPdGZaQjB3X21samRCeU9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZTNmM2UtZTE4Ny00YTEyLWFhOWEt
MjQzYzVmNGUyZTQwLzEvQlFQUUN3anpCRXVjdG11RklqZGYzV09IYmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZTNmM2UtZTE4Ny00YTEyLWFhOWEtMjQzYzVmNGUyZTQw
LzEvcWFnVnZuVkg2NGNPdGZaQjB3X21samRCeU9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDT2NgMA0G
CSqGSIb3DQEBCwUAA4IBAQC9uk+S6FB+MHNqWQ6fzjiSn+Ihb3lJar3y6uoJTL8a
tWD0z63nhRzdY5v4IodrYjFcU+berv81DNY/jWc7MH0hKdJrfcyxFKcYDyxbz3Ww
V6PaRbap/8hZRfMcY3Lp7mtddDqs00GRGGCelxMOjNZF8wnx3IF7qCQ9q92sjRHb
MOyq6Cc5I06gewX8uiURYN0pw+ZyxSZFB30r+baMvhy4KYjWSt3//Edy/cdq6+1y
OfSy4Bh4o4jGteZE1CEirJSNcSbtwAepUVVPJZ8T8zLr/FgtVtHvTBvANkMFLecI
8CTBgGofTdxk4GBxYAYLIf32spBHPCP6FDnhXgJsM26z
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:21:31 2025 by rpki-client