Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/Bnca41KtqCnqWxdLknhG9hKhfD4.roa
File: Bnca41KtqCnqWxdLknhG9hKhfD4.roa (raw, json)
Hash identifier: v7pdZyf1Z9hKhaGrXfch0v5vnzjiyIxK3nxi/4fP48U=
Subject key identifier: 06:77:1A:E3:52:AD:A8:29:EA:5B:17:4B:92:78:46:F6:12:A1:7C:3E
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 0193436EB9467EB30A95C212D41097DA286C
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/Bnca41KtqCnqWxdLknhG9hKhfD4.roa
Signing time: Tue 19 Nov 2024 07:59:10 +0000
ROA not before: Tue 19 Nov 2024 07:59:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3305
IP address blocks: 2a00:ec81::/32 maxlen: 32
2a04:800:3000::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:43:6e:b9:46:7e:b3:0a:95:c2:12:d4:10:97:da:28:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Nov 19 07:59:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06771ae352ada829ea5b174b927846f612a17c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:54:a2:5a:43:b8:8c:9e:84:52:b7:32:9a:5a:
5e:53:ae:77:63:e6:52:a6:b4:68:36:50:a4:a1:9c:
28:0e:99:fd:24:cf:e8:92:c4:1e:29:51:67:93:0b:
50:19:d8:e7:5c:91:3d:b1:95:bd:14:29:fe:55:79:
a0:a7:48:0b:0e:db:00:db:31:26:6a:d8:80:a9:c7:
b3:9c:56:b5:ed:ea:3a:47:29:a6:6c:2e:e2:9b:e8:
25:fd:df:b4:61:41:be:9b:4d:9b:d0:61:62:ca:5a:
72:fb:09:66:01:46:3b:41:0c:02:0e:8f:ca:75:48:
4b:bc:65:47:d1:bd:d8:17:22:e9:05:a4:b4:b7:12:
e9:de:69:9e:38:31:85:8e:5e:34:b6:51:ac:fa:62:
0a:01:82:4a:46:e6:08:e3:8f:a9:a9:09:2a:10:9b:
51:2b:69:ae:08:f9:dc:b6:b9:34:af:3c:39:ba:99:
49:bc:19:ab:0e:a8:55:67:4c:9d:d5:72:c7:c2:5f:
b0:84:f8:6f:c6:ff:26:2a:6e:f9:fe:e9:2c:9f:49:
39:10:48:84:2d:6a:87:95:b3:6e:76:ef:81:c1:0f:
d5:2d:bf:22:65:72:39:f8:ff:8e:90:f5:f2:d7:cd:
19:16:d5:30:84:dc:b7:fa:25:69:5f:c1:f9:87:3a:
71:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:77:1A:E3:52:AD:A8:29:EA:5B:17:4B:92:78:46:F6:12:A1:7C:3E
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/Bnca41KtqCnqWxdLknhG9hKhfD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:ec81::/32
2a04:800:3000::/36
Signature Algorithm: sha256WithRSAEncryption
16:96:59:d8:2a:05:1b:68:95:b0:16:07:b5:e8:44:a7:0f:f6:
67:fc:fd:97:c2:ac:19:47:d4:f6:c5:41:14:04:8b:be:f8:73:
fc:cb:f4:d9:77:cc:1e:93:c2:c2:80:41:5e:00:c0:f0:61:be:
61:1a:cf:c3:5d:57:a9:19:d3:37:ee:63:1a:a8:3f:9a:8b:f3:
51:5d:5e:c6:fb:73:6e:cc:21:93:40:3c:7a:f0:6f:83:40:99:
73:5d:71:39:fa:22:4e:82:08:94:14:1f:89:4f:5c:85:aa:f5:
13:93:6e:be:22:cb:41:f9:21:e8:c1:65:a4:ff:70:6d:d1:09:
e9:42:76:d1:b6:de:7c:3e:e5:b4:05:fa:e3:33:80:82:cc:c3:
ec:a1:4a:ec:d0:af:39:91:62:87:b4:97:03:05:d1:bb:c5:1a:
b1:bd:8e:5f:9c:88:fa:58:11:d6:ae:cf:c7:27:91:dd:70:c6:
42:e6:71:41:5a:25:60:6e:41:45:30:84:49:57:cd:09:dd:7d:
82:b1:c5:ab:c2:4b:30:b0:d1:58:ef:a3:f0:9c:db:86:ee:1b:
6b:85:00:b6:fc:8a:e7:4c:ad:fb:27:f0:a5:4b:f1:c7:31:e3:
b5:be:e1:a6:0a:6d:41:32:e7:d6:cb:c5:7b:18:f4:cc:94:c3:
42:d5:06:5d
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZNDbrlGfrMKlcIS1BCX2ihsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjQxMTE5MDc1OTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjc3MWFlMzUyYWRhODI5ZWE1YjE3NGI5Mjc4NDZmNjEyYTE3YzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFSiWkO4jJ6EUrcymlpeU653Y+ZS
prRoNlCkoZwoDpn9JM/oksQeKVFnkwtQGdjnXJE9sZW9FCn+VXmgp0gLDtsA2zEm
atiAqceznFa17eo6RymmbC7im+gl/d+0YUG+m02b0GFiylpy+wlmAUY7QQwCDo/K
dUhLvGVH0b3YFyLpBaS0txLp3mmeODGFjl40tlGs+mIKAYJKRuYI44+pqQkqEJtR
K2muCPnctrk0rzw5uplJvBmrDqhVZ0yd1XLHwl+whPhvxv8mKm75/uksn0k5EEiE
LWqHlbNudu+BwQ/VLb8iZXI5+P+OkPXy180ZFtUwhNy3+iVpX8H5hzpxgQIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFAZ3GuNSragp6lsXS5J4RvYSoXw+MB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvQm5jYTQxS3RxQ25xV3hkTGtuaEc5aEtoZkQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPAwUAKgDsgQMG
BCoECAAwMA0GCSqGSIb3DQEBCwUAA4IBAQAWllnYKgUbaJWwFge16ESnD/Zn/P2X
wqwZR9T2xUEUBIu++HP8y/TZd8wek8LCgEFeAMDwYb5hGs/DXVepGdM37mMaqD+a
i/NRXV7G+3NuzCGTQDx68G+DQJlzXXE5+iJOggiUFB+JT1yFqvUTk26+IstB+SHo
wWWk/3Bt0QnpQnbRtt58PuW0BfrjM4CCzMPsoUrs0K85kWKHtJcDBdG7xRqxvY5f
nIj6WBHWrs/HJ5HdcMZC5nFBWiVgbkFFMIRJV80J3X2CscWrwkswsNFY76PwnNuG
7htrhQC2/IrnTK37J/ClS/HHMeO1vuGmCm1BMufWy8V7GPTMlMNC1QZd
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:05:10 2025 by rpki-client