Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/BWN4e3q4q8NhdvTvfGU2HIrqPy0.roa
File: BWN4e3q4q8NhdvTvfGU2HIrqPy0.roa (raw, json)
Hash identifier: k8+fuSXCMZL5qcMBOqXsz/EdOWoyeEoxPTU9c090eUM=
Subject key identifier: 05:63:78:7B:7A:B8:AB:C3:61:76:F4:EF:7C:65:36:1C:8A:EA:3F:2D
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018CC26D30D83FAEC3181249621C72654A6E
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/BWN4e3q4q8NhdvTvfGU2HIrqPy0.roa
Signing time: Mon 01 Jan 2024 00:29:44 +0000
ROA not before: Mon 01 Jan 2024 00:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205591
IP address blocks: 2a0e:aa01:bad0::/44 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:30:d8:3f:ae:c3:18:12:49:62:1c:72:65:4a:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 00:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0563787b7ab8abc36176f4ef7c65361c8aea3f2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ef:92:5e:cf:ab:36:d4:fc:61:74:96:d4:90:
b7:1f:95:3d:46:45:16:04:01:17:bc:fa:6b:54:18:
3f:2c:3c:8d:01:00:a1:a5:24:3e:61:9f:ab:d1:40:
db:db:d3:f5:1d:da:d7:e0:82:9c:d6:2a:e8:fb:b1:
dd:c7:1a:33:fb:fd:dc:c7:c2:b4:c6:ac:b0:8d:a7:
f2:cc:4f:88:fb:60:10:0f:d2:68:d9:21:81:55:34:
a0:20:d0:19:6d:79:16:d8:27:6a:2a:9a:c6:00:9f:
51:22:a4:96:a7:ff:e9:9e:98:ec:24:0f:6a:37:4b:
c1:af:6e:54:90:15:28:4a:ee:5b:40:17:26:3b:fc:
68:75:b4:5c:68:4c:00:dc:c6:00:93:a7:89:e5:af:
23:19:d1:0d:e3:3d:16:52:b3:dd:4c:8b:b2:21:69:
96:92:34:99:f9:59:f2:59:d6:86:a0:17:fa:0d:b8:
b3:06:9f:a4:19:f2:7c:01:c4:85:c7:06:ef:28:70:
40:40:38:26:0c:48:4c:a0:01:1c:5a:69:9d:a9:5a:
ac:78:ea:76:cb:6a:7e:ce:aa:39:1e:6f:1f:10:25:
27:a7:61:72:e3:34:6a:26:0d:9c:1a:26:bb:75:2a:
e6:b4:36:81:71:88:ca:30:ba:8b:2e:58:b2:71:6d:
4a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:63:78:7B:7A:B8:AB:C3:61:76:F4:EF:7C:65:36:1C:8A:EA:3F:2D
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/BWN4e3q4q8NhdvTvfGU2HIrqPy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa01:bad0::/44
Signature Algorithm: sha256WithRSAEncryption
26:f7:a2:ae:e3:04:29:bf:87:2a:31:e6:99:0f:02:66:35:29:
d0:fd:8d:cd:31:cd:1d:6f:cb:c9:4c:fe:6f:4a:2e:38:db:e2:
47:c1:20:77:45:9d:3f:78:80:5b:a3:1f:18:92:51:2b:95:99:
89:4e:b0:10:d1:d0:e9:8b:d0:9e:84:5c:e9:70:6f:31:5a:f2:
12:e4:c7:9a:bb:ea:52:b7:70:c1:fc:eb:f2:84:54:98:2a:e0:
5f:61:ee:59:45:77:2f:e7:9f:45:53:c1:a3:52:65:19:af:0b:
3b:a3:b1:2e:a0:25:dd:88:25:ee:a6:da:81:29:72:05:b7:03:
62:22:a0:c6:a6:a4:ed:94:73:04:12:78:a5:1a:74:7c:83:3d:
fc:4b:66:7a:9e:75:58:d7:c2:2b:03:f7:4a:83:a6:33:8f:d1:
80:59:e7:ef:23:ee:73:3e:a3:bf:16:37:5d:c4:1c:fe:75:9b:
a7:9b:71:58:f9:73:41:45:cb:0e:c8:46:39:4a:2d:c4:c9:80:
fb:52:05:1a:5d:d8:5e:05:05:19:0b:94:be:99:ab:c9:65:8f:
ac:a5:a6:c2:0e:95:22:d2:d0:6c:74:e1:92:82:42:ef:64:48:
bc:df:af:8a:1d:de:78:6d:17:6d:f5:29:1a:1b:5b:b5:32:3f:
6f:f5:7f:31
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzCbTDYP67DGBJJYhxyZUpuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjQwMTAxMDAyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTYzNzg3YjdhYjhhYmMzNjE3NmY0ZWY3YzY1MzYxYzhhZWEzZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgu+SXs+rNtT8YXSW1JC3H5U9RkUW
BAEXvPprVBg/LDyNAQChpSQ+YZ+r0UDb29P1HdrX4IKc1iro+7Hdxxoz+/3cx8K0
xqywjafyzE+I+2AQD9Jo2SGBVTSgINAZbXkW2CdqKprGAJ9RIqSWp//pnpjsJA9q
N0vBr25UkBUoSu5bQBcmO/xodbRcaEwA3MYAk6eJ5a8jGdEN4z0WUrPdTIuyIWmW
kjSZ+VnyWdaGoBf6DbizBp+kGfJ8AcSFxwbvKHBAQDgmDEhMoAEcWmmdqVqseOp2
y2p+zqo5Hm8fECUnp2Fy4zRqJg2cGia7dSrmtDaBcYjKMLqLLliycW1KrQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAVjeHt6uKvDYXb073xlNhyK6j8tMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvQldONGUzcTRxOE5oZHZUdmZHVTJISXJxUHkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qAbrQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAm96Ku4wQpv4cqMeaZDwJmNSnQ/Y3NMc0db8vJ
TP5vSi442+JHwSB3RZ0/eIBbox8YklErlZmJTrAQ0dDpi9CehFzpcG8xWvIS5Mea
u+pSt3DB/OvyhFSYKuBfYe5ZRXcv559FU8GjUmUZrws7o7EuoCXdiCXuptqBKXIF
twNiIqDGpqTtlHMEEnilGnR8gz38S2Z6nnVY18IrA/dKg6Yzj9GAWefvI+5zPqO/
FjddxBz+dZunm3FY+XNBRcsOyEY5Si3EyYD7UgUaXdheBQUZC5S+mavJZY+spabC
DpUi0tBsdOGSgkLvZEi836+KHd54bRdt9SkaG1u1Mj9v9X8x
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:10:51 2025 by rpki-client