Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/BqcxuDuI2B6f7EEKvuso7Jsymjc.roa
File: BqcxuDuI2B6f7EEKvuso7Jsymjc.roa (raw, json)
Hash identifier: sLBjfBF0Pa5utb9h4prDObqYo1SOjAjHB/5ZGuPF+i8=
Subject key identifier: 06:A7:31:B8:3B:88:D8:1E:9F:EC:41:0A:BE:EB:28:EC:9B:32:9A:37
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 018CC500DA097B741CF7A4334BFBF9969C18
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/BqcxuDuI2B6f7EEKvuso7Jsymjc.roa
Signing time: Mon 01 Jan 2024 12:30:16 +0000
ROA not before: Mon 01 Jan 2024 12:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211282
IP address blocks: 80.72.18.0/23 maxlen: 23
2a00:8740:600::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 09 Jul 2024 12:36:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:da:09:7b:74:1c:f7:a4:33:4b:fb:f9:96:9c:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Jan 1 12:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06a731b83b88d81e9fec410abeeb28ec9b329a37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1a:b5:15:2f:a5:ef:05:65:d8:7f:d3:10:1d:
b8:49:2c:2d:13:3a:66:c9:74:a5:63:09:55:3b:0c:
f4:34:47:f2:ff:ff:7d:35:ef:aa:de:d0:82:5b:d6:
ac:78:d7:64:50:2c:f6:01:50:05:74:2c:f8:81:e2:
ac:44:bd:0e:99:0d:d0:c7:1a:bd:71:08:d7:93:6c:
a9:37:76:d3:8e:22:7d:44:ee:e9:19:52:51:15:7e:
83:c8:a8:b2:f0:79:ab:a0:4b:43:01:61:84:45:0e:
2f:ae:a7:7d:6e:15:f3:e4:f6:b1:2b:e6:1c:f8:80:
d4:d8:12:c1:97:f3:f8:87:2a:c4:a6:a0:c7:13:5c:
08:b9:56:e6:9e:20:59:43:3b:c1:09:1b:c4:5c:a4:
69:f8:0a:e5:bb:7f:50:a1:23:47:7b:83:31:d0:29:
29:7a:d1:31:1a:9e:2b:a6:7c:5d:9d:2f:17:64:03:
fd:2a:06:34:57:48:44:9b:ca:1b:8d:01:8a:50:13:
89:3f:96:7e:70:35:87:15:33:bc:d3:9e:66:b9:68:
ef:f2:91:e5:33:e3:30:76:ea:4e:87:18:f3:d2:c5:
ed:c0:9b:cb:3b:1b:93:1d:57:7a:9e:b0:d1:e5:53:
38:4f:e4:24:4c:cb:9e:c3:22:58:66:eb:71:38:24:
d9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A7:31:B8:3B:88:D8:1E:9F:EC:41:0A:BE:EB:28:EC:9B:32:9A:37
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/BqcxuDuI2B6f7EEKvuso7Jsymjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.18.0/23
IPv6:
2a00:8740:600::/40
Signature Algorithm: sha256WithRSAEncryption
a6:95:fc:71:9e:6b:14:fa:5c:06:53:99:5b:13:d4:83:e8:0a:
8e:b5:71:14:d1:0a:a4:b9:1f:1b:c4:ee:bb:9a:60:a5:9e:14:
01:e9:52:bc:00:74:1b:be:44:82:7a:e5:08:9c:72:e0:09:cc:
c1:a8:e0:8c:6c:12:ce:85:ff:8e:1b:6d:fd:13:b8:fa:af:82:
fb:2e:e1:46:8b:0d:7a:84:1c:9a:cc:74:52:c7:94:de:54:dc:
04:5e:5c:cb:a9:02:1f:b9:ec:3a:8a:73:bf:99:09:d9:4f:bc:
4c:a5:6c:44:59:be:62:8a:cc:0d:b5:af:37:cf:b8:01:b4:45:
1b:5d:30:14:4d:0c:f6:9f:a5:c1:ac:20:4e:b8:01:fc:44:83:
14:2a:77:76:bf:fc:7d:61:9a:a2:f7:ea:bc:23:55:63:99:1d:
44:fb:80:0a:54:20:36:68:dd:07:7d:4b:ff:5e:ad:fd:9a:42:
6a:d5:c2:73:6c:55:e6:2d:c6:6e:ca:00:9c:2a:75:97:57:a1:
d3:81:b3:b3:e3:d9:a8:77:8a:d6:b0:ec:77:b7:ed:30:06:42:
6a:01:df:c3:28:98:25:6a:4f:f8:22:e2:85:a7:02:1a:84:d7:
7b:70:86:4b:89:44:fe:8d:fe:75:af:06:39:e2:10:13:87:fb:
9d:ce:8d:83
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzFANoJe3Qc96QzS/v5lpwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjQwMTAxMTIzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmE3MzFiODNiODhkODFlOWZlYzQxMGFiZWViMjhlYzliMzI5YTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBq1FS+l7wVl2H/TEB24SSwtEzpm
yXSlYwlVOwz0NEfy//99Ne+q3tCCW9aseNdkUCz2AVAFdCz4geKsRL0OmQ3Qxxq9
cQjXk2ypN3bTjiJ9RO7pGVJRFX6DyKiy8HmroEtDAWGERQ4vrqd9bhXz5PaxK+Yc
+IDU2BLBl/P4hyrEpqDHE1wIuVbmniBZQzvBCRvEXKRp+Arlu39QoSNHe4Mx0Ckp
etExGp4rpnxdnS8XZAP9KgY0V0hEm8objQGKUBOJP5Z+cDWHFTO8055muWjv8pHl
M+MwdupOhxjz0sXtwJvLOxuTHVd6nrDR5VM4T+QkTMuewyJYZutxOCTZAwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFAanMbg7iNgen+xBCr7rKOybMpo3MB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvQnFjeHVEdUkyQjZmN0VFS3Z1c283SnN5bWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBUEgSMA4E
AgACMAgDBgAqAIdABjANBgkqhkiG9w0BAQsFAAOCAQEAppX8cZ5rFPpcBlOZWxPU
g+gKjrVxFNEKpLkfG8Tuu5pgpZ4UAelSvAB0G75EgnrlCJxy4AnMwajgjGwSzoX/
jhtt/RO4+q+C+y7hRosNeoQcmsx0UseU3lTcBF5cy6kCH7nsOopzv5kJ2U+8TKVs
RFm+YorMDbWvN8+4AbRFG10wFE0M9p+lwawgTrgB/ESDFCp3dr/8fWGaovfqvCNV
Y5kdRPuAClQgNmjdB31L/16t/ZpCatXCc2xV5i3GbsoAnCp1l1eh04Gzs+PZqHeK
1rDsd7ftMAZCagHfwyiYJWpP+CLihacCGoTXe3CGS4lE/o3+da8GOeIQE4f7nc6N
gw==
-----END CERTIFICATE-----
Generated at Tue Jul 9 15:12:05 2024 by rpki-client on console-fra.rpki-client.org