Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/bQcCEtVd1uAIqAu3c-RplCu4qPc.roa
File: bQcCEtVd1uAIqAu3c-RplCu4qPc.roa (raw, json)
Hash identifier: Y1nTKJ2507wucr+fdHFd1imsYJ/ZcHy5crNGpTl5uMM=
Subject key identifier: 6D:07:02:12:D5:5D:D6:E0:08:A8:0B:B7:73:E4:69:94:2B:B8:A8:F7
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 0193723A6663369F6DED00F6152D7FA9B006
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/bQcCEtVd1uAIqAu3c-RplCu4qPc.roa
Signing time: Thu 28 Nov 2024 10:04:10 +0000
ROA not before: Thu 28 Nov 2024 10:04:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35238
IP address blocks: 86.63.224.0/19 maxlen: 19
91.91.0.0/16 maxlen: 16
2a00:a580::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:72:3a:66:63:36:9f:6d:ed:00:f6:15:2d:7f:a9:b0:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Nov 28 10:04:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d070212d55dd6e008a80bb773e469942bb8a8f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:92:26:2f:25:3c:2c:5e:9f:2b:dd:9f:84:ce:
5c:00:e9:59:85:28:da:5c:2c:53:18:99:0f:65:20:
04:57:55:20:71:60:b3:e2:98:66:2e:7d:35:b2:bf:
98:63:34:83:5e:6c:31:ec:31:17:90:a7:42:8d:bc:
07:84:ad:bd:43:40:91:61:72:9c:c1:44:dd:98:e5:
dd:4a:3f:65:0e:5d:6e:5e:d7:cd:48:c5:06:de:2a:
56:aa:34:9b:f8:41:30:88:1c:d1:de:2e:c1:cf:c8:
0d:4f:77:95:db:62:9c:e5:7f:67:e7:3c:b8:57:2f:
5f:ee:13:14:ca:64:f9:9c:ce:62:df:3f:89:a9:5b:
d2:03:35:9e:c4:a9:8c:21:68:6a:51:17:3f:f8:61:
32:5e:ef:b4:9e:81:48:e8:b8:21:d5:11:62:7b:e7:
0f:83:b7:95:64:91:a0:95:8b:00:7a:5d:d2:d7:41:
3b:f8:2c:6a:57:98:7f:01:ca:48:80:28:73:05:ed:
e9:01:f8:92:0c:ba:41:67:ff:f9:e4:4f:e5:82:56:
58:12:15:0e:b5:b9:89:8f:42:e8:ae:c1:28:18:50:
00:10:c0:a8:a2:18:33:44:fe:e8:c4:8e:1d:41:2d:
4f:2d:f3:08:8e:d0:24:cb:e6:12:01:4b:d1:b5:75:
d9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:07:02:12:D5:5D:D6:E0:08:A8:0B:B7:73:E4:69:94:2B:B8:A8:F7
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/bQcCEtVd1uAIqAu3c-RplCu4qPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.63.224.0/19
91.91.0.0/16
IPv6:
2a00:a580::/32
Signature Algorithm: sha256WithRSAEncryption
88:46:fb:01:3d:0e:ca:bf:53:e6:b7:39:43:32:51:9a:ef:db:
04:2b:8b:55:d7:88:8e:57:3a:fa:87:cd:f1:6f:2f:0e:18:5f:
c3:f5:ba:0f:48:3e:6d:8e:47:f2:25:27:52:63:32:0c:77:81:
eb:c5:a8:1d:9f:21:91:15:1b:d7:25:77:23:e0:f2:f3:a1:52:
15:e0:7b:17:47:30:d9:14:35:79:f3:85:fc:8d:f3:73:b0:a2:
09:be:7a:4a:c9:41:95:d2:7a:b0:c3:e3:ab:0a:9e:02:7d:a4:
a2:a5:91:bc:e6:0e:75:59:05:ce:70:30:70:09:2e:c2:0a:04:
a0:de:68:9e:68:a2:13:55:2e:f8:09:1f:8e:ab:42:53:3b:ef:
20:29:c3:af:db:29:35:06:5e:c5:82:10:a3:82:d9:46:64:d7:
53:c6:9f:fc:85:64:5a:6d:c3:94:6a:27:28:17:df:14:53:57:
a1:4b:d0:55:e1:f5:0f:53:83:f0:e3:a7:7a:55:94:55:88:9b:
2b:2b:cb:4c:6a:17:83:fd:da:d4:72:06:80:72:5d:04:eb:49:
59:67:61:12:9e:cf:c6:4c:b7:64:25:75:24:7a:bb:71:95:85:
d5:ed:c4:87:c0:b5:2e:0d:62:ef:f8:71:69:70:32:e4:21:3c:
48:b4:a1:27
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZNyOmZjNp9t7QD2FS1/qbAGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjQxMTI4MTAwNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDA3MDIxMmQ1NWRkNmUwMDhhODBiYjc3M2U0Njk5NDJiYjhhOGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZImLyU8LF6fK92fhM5cAOlZhSja
XCxTGJkPZSAEV1UgcWCz4phmLn01sr+YYzSDXmwx7DEXkKdCjbwHhK29Q0CRYXKc
wUTdmOXdSj9lDl1uXtfNSMUG3ipWqjSb+EEwiBzR3i7Bz8gNT3eV22Kc5X9n5zy4
Vy9f7hMUymT5nM5i3z+JqVvSAzWexKmMIWhqURc/+GEyXu+0noFI6Lgh1RFie+cP
g7eVZJGglYsAel3S10E7+CxqV5h/AcpIgChzBe3pAfiSDLpBZ//55E/lglZYEhUO
tbmJj0LorsEoGFAAEMCoohgzRP7oxI4dQS1PLfMIjtAky+YSAUvRtXXZtwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFG0HAhLVXdbgCKgLt3PkaZQruKj3MB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvYlFjQ0V0VmQxdUFJcUF1M2MtUnBsQ3U0cVBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwQFVj/gAwMA
W1swDQQCAAIwBwMFACoApYAwDQYJKoZIhvcNAQELBQADggEBAIhG+wE9Dsq/U+a3
OUMyUZrv2wQri1XXiI5XOvqHzfFvLw4YX8P1ug9IPm2OR/IlJ1JjMgx3gevFqB2f
IZEVG9cldyPg8vOhUhXgexdHMNkUNXnzhfyN83Owogm+ekrJQZXSerDD46sKngJ9
pKKlkbzmDnVZBc5wMHAJLsIKBKDeaJ5oohNVLvgJH46rQlM77yApw6/bKTUGXsWC
EKOC2UZk11PGn/yFZFptw5RqJygX3xRTV6FL0FXh9Q9Tg/Djp3pVlFWImysry0xq
F4P92tRyBoByXQTrSVlnYRKez8ZMt2QldSR6u3GVhdXtxIfAtS4NYu/4cWlwMuQh
PEi0oSc=
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:07:34 2025 by rpki-client