Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/bvdcDST_7foD1jcQ72mIj9SyPDY.roa
File: bvdcDST_7foD1jcQ72mIj9SyPDY.roa (raw, json)
Hash identifier: /FERPqGMhzkuIG3gCaXhoWBwOzbQ4MfyEZo07MIXtGI=
Subject key identifier: 6E:F7:5C:0D:24:FF:ED:FA:03:D6:37:10:EF:69:88:8F:D4:B2:3C:36
Certificate issuer: /CN=baaa748ba14a76e5d8a6edacb5426082a56f5e3d
Certificate serial: 018CC793F5B62BB49EFDCE1CE7B70F8101B9
Authority key identifier: BA:AA:74:8B:A1:4A:76:E5:D8:A6:ED:AC:B5:42:60:82:A5:6F:5E:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqp0i6FKduXYpu2stUJggqVvXj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/bvdcDST_7foD1jcQ72mIj9SyPDY.roa
Signing time: Tue 02 Jan 2024 00:30:11 +0000
ROA not before: Tue 02 Jan 2024 00:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47526
IP address blocks: 2a13:ccc0::/29 maxlen: 29
2a13:ccc3::/32 maxlen: 32
2a13:ccc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 09 Feb 2024 21:21:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:f5:b6:2b:b4:9e:fd:ce:1c:e7:b7:0f:81:01:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa748ba14a76e5d8a6edacb5426082a56f5e3d
Validity
Not Before: Jan 2 00:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ef75c0d24ffedfa03d63710ef69888fd4b23c36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:db:ea:a4:9e:33:15:ce:87:1b:eb:a1:10:6b:
3c:02:57:85:d8:89:ae:38:c3:7f:70:b8:69:bf:6e:
93:23:c6:1a:7b:b3:8a:78:eb:0a:0c:c1:0c:41:f7:
90:e8:f8:71:35:ec:7d:0d:af:38:aa:72:83:67:5b:
94:e2:05:ce:c4:65:76:4e:f4:26:d5:46:08:ad:1e:
93:2b:f0:bf:c6:ee:f6:f2:b9:35:64:00:ba:7e:e4:
57:a7:00:c0:a6:56:0c:0d:ae:8e:ec:5c:47:f1:ef:
fb:09:73:f4:e4:b3:2f:fa:be:e9:1c:8b:a0:6a:01:
99:e5:b8:9b:c4:f4:53:71:07:ee:99:62:16:75:7d:
d8:bb:13:0f:a8:fe:d6:77:b1:97:0e:cd:f1:cc:6f:
4f:6f:f3:c4:3b:7d:a3:14:28:5d:ea:ae:b4:08:95:
28:a2:db:d8:b8:e5:d7:ff:e9:4e:d5:9d:75:63:5a:
15:39:58:76:c6:4d:4b:1a:9f:a1:5b:07:ee:56:b3:
5c:5b:7b:7c:ac:f8:d2:5f:2d:ca:a8:8c:8f:15:a5:
54:09:08:84:f5:ba:cb:a2:9f:86:fc:0a:17:8b:e5:
98:90:7c:22:75:ec:91:42:ef:3a:e0:42:08:1e:2c:
e9:64:1b:4e:96:73:bd:16:06:e5:00:f5:dc:f8:14:
53:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F7:5C:0D:24:FF:ED:FA:03:D6:37:10:EF:69:88:8F:D4:B2:3C:36
X509v3 Authority Key Identifier:
keyid:BA:AA:74:8B:A1:4A:76:E5:D8:A6:ED:AC:B5:42:60:82:A5:6F:5E:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqp0i6FKduXYpu2stUJggqVvXj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/bvdcDST_7foD1jcQ72mIj9SyPDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/uqp0i6FKduXYpu2stUJggqVvXj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:ccc0::/29
Signature Algorithm: sha256WithRSAEncryption
38:00:12:07:80:8d:22:42:33:d5:f0:52:fc:1c:5d:fe:f4:ab:
10:64:f5:47:31:ac:bd:bb:73:eb:be:05:7e:18:e2:cf:29:73:
02:69:f7:78:1a:6e:03:71:cf:80:bb:55:4f:98:9c:d8:9b:1a:
ec:9c:69:68:de:4e:19:2c:ea:ab:d4:da:ee:a8:70:e7:60:70:
44:18:65:b2:b3:91:c7:7f:c4:87:d3:c7:60:41:ab:b5:be:14:
cc:e1:b2:84:41:aa:8d:87:65:ed:3b:71:ca:5a:34:8a:de:2c:
b5:08:57:30:4d:0b:da:1b:08:82:9e:d9:eb:ca:71:07:f4:9e:
73:59:5c:5d:33:b1:44:ca:33:05:7a:3d:a3:8c:7e:4b:97:ab:
e9:9d:8a:69:66:d6:29:6f:21:87:aa:a5:45:7f:87:50:17:9c:
81:26:f6:bc:88:8c:a2:e5:7c:76:da:d6:2f:c9:d6:12:35:b9:
84:f1:0e:3c:39:bb:d0:6f:a6:21:ac:b5:8d:fe:2e:c9:21:66:
ac:a6:00:a6:a3:c3:b0:51:ee:3d:97:c0:70:27:92:f3:02:8e:
c8:c7:e2:01:71:77:10:18:78:87:6a:a5:e5:1d:c2:66:d7:7d:
1b:ce:d3:28:03:60:ce:8c:e3:c9:14:22:ed:2c:af:6f:b5:c7:
34:7d:79:b8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHk/W2K7Se/c4c57cPgQG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE3NDhiYTE0YTc2ZTVkOGE2ZWRhY2I1NDI2MDgyYTU2
ZjVlM2QwHhcNMjQwMTAyMDAzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWY3NWMwZDI0ZmZlZGZhMDNkNjM3MTBlZjY5ODg4ZmQ0YjIzYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNvqpJ4zFc6HG+uhEGs8AleF2Imu
OMN/cLhpv26TI8Yae7OKeOsKDMEMQfeQ6PhxNex9Da84qnKDZ1uU4gXOxGV2TvQm
1UYIrR6TK/C/xu728rk1ZAC6fuRXpwDAplYMDa6O7FxH8e/7CXP05LMv+r7pHIug
agGZ5bibxPRTcQfumWIWdX3YuxMPqP7Wd7GXDs3xzG9Pb/PEO32jFChd6q60CJUo
otvYuOXX/+lO1Z11Y1oVOVh2xk1LGp+hWwfuVrNcW3t8rPjSXy3KqIyPFaVUCQiE
9brLop+G/AoXi+WYkHwideyRQu864EIIHizpZBtOlnO9FgblAPXc+BRTlwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFG73XA0k/+36A9Y3EO9piI/Usjw2MB8GA1UdIwQY
MBaAFLqqdIuhSnbl2KbtrLVCYIKlb149MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwMGk2RktkdVhZcHUyc3RVSmdncVZ2WGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9hOGU0NWItMTdjNi00MzZkLTgxYTgt
YzUxOTUxNjJlM2JlLzEvYnZkY0RTVF83Zm9EMWpjUTcybUlqOVN5UERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9hOGU0NWItMTdjNi00MzZkLTgxYTgtYzUxOTUxNjJlM2Jl
LzEvdXFwMGk2RktkdVhZcHUyc3RVSmdncVZ2WGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPMwDAN
BgkqhkiG9w0BAQsFAAOCAQEAOAASB4CNIkIz1fBS/Bxd/vSrEGT1RzGsvbtz674F
fhjizylzAmn3eBpuA3HPgLtVT5ic2Jsa7JxpaN5OGSzqq9Ta7qhw52BwRBhlsrOR
x3/Eh9PHYEGrtb4UzOGyhEGqjYdl7Ttxylo0it4stQhXME0L2hsIgp7Z68pxB/Se
c1lcXTOxRMozBXo9o4x+S5er6Z2KaWbWKW8hh6qlRX+HUBecgSb2vIiMouV8dtrW
L8nWEjW5hPEOPDm70G+mIay1jf4uySFmrKYApqPDsFHuPZfAcCeS8wKOyMfiAXF3
EBh4h2ql5R3CZtd9G87TKANgzozjyRQi7Syvb7XHNH15uA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:01 2024 by rpki-client on console-fra.rpki-client.org