Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/BuFiyi9ZRv5RgWL6cZqrS73zm5Q.roa
File: BuFiyi9ZRv5RgWL6cZqrS73zm5Q.roa (raw, json)
Hash identifier: xEw1dpu0AXmgn5oPMT0GbQR9hSP2U6Dg8filuqfGL54=
Subject key identifier: 06:E1:62:CA:2F:59:46:FE:51:81:62:FA:71:9A:AB:4B:BD:F3:9B:94
Certificate issuer: /CN=67920420f722f7d7f3c4b25a80e17d7290171180
Certificate serial: 018CC94E61BB16345305FAFEC9569C517B8C
Authority key identifier: 67:92:04:20:F7:22:F7:D7:F3:C4:B2:5A:80:E1:7D:72:90:17:11:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5IEIPci99fzxLJagOF9cpAXEYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/BuFiyi9ZRv5RgWL6cZqrS73zm5Q.roa
Signing time: Tue 02 Jan 2024 08:33:26 +0000
ROA not before: Tue 02 Jan 2024 08:33:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201210
IP address blocks: 2a05:8cc0::/29 maxlen: 29
2001:4d70::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 29 May 2024 11:54:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:61:bb:16:34:53:05:fa:fe:c9:56:9c:51:7b:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67920420f722f7d7f3c4b25a80e17d7290171180
Validity
Not Before: Jan 2 08:33:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06e162ca2f5946fe518162fa719aab4bbdf39b94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:45:e6:58:1c:ed:67:bb:61:71:d8:b4:25:02:
0b:20:b2:af:94:a0:8c:fc:ea:7e:13:c9:e2:f9:b5:
a7:81:1c:35:6f:0d:7f:f0:4b:a8:f2:58:47:d0:3a:
fb:8e:e7:f4:cb:37:65:9a:d7:e1:bf:78:78:e9:c5:
ce:a0:57:b8:53:01:83:5a:ba:df:13:0a:d4:72:ce:
6d:64:96:2a:11:29:ea:c2:15:2d:5a:f3:0b:e8:b7:
31:b1:59:ba:b4:8c:93:b1:a9:1b:6f:17:77:66:73:
aa:4d:d3:e7:75:a2:44:68:d1:30:3a:56:75:98:ff:
d2:99:a0:1a:a2:8e:71:c4:b5:92:b0:f1:1e:39:d9:
46:1f:c1:04:d3:29:16:dd:11:fd:44:40:a8:4f:db:
2b:2d:cf:3c:a3:fb:9e:6e:e7:e9:2d:df:6e:d9:4b:
9d:d2:8d:f6:fd:c9:3d:6c:69:99:b2:76:93:6f:a6:
1b:eb:c9:54:35:69:1e:04:86:ee:22:ee:64:a1:84:
d3:aa:52:fe:ba:f4:55:ed:dd:68:8f:76:bd:8e:99:
9a:d5:d2:40:c5:df:a0:cd:f0:57:2f:34:22:42:b8:
12:aa:f1:a7:d0:13:15:9d:81:ae:b2:8b:d0:ff:83:
f7:cd:85:4b:e7:37:ec:13:58:1c:56:c0:b6:30:47:
81:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:E1:62:CA:2F:59:46:FE:51:81:62:FA:71:9A:AB:4B:BD:F3:9B:94
X509v3 Authority Key Identifier:
keyid:67:92:04:20:F7:22:F7:D7:F3:C4:B2:5A:80:E1:7D:72:90:17:11:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5IEIPci99fzxLJagOF9cpAXEYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/BuFiyi9ZRv5RgWL6cZqrS73zm5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/Z5IEIPci99fzxLJagOF9cpAXEYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4d70::/32
2a05:8cc0::/29
Signature Algorithm: sha256WithRSAEncryption
35:bc:d1:1f:9c:87:dd:e5:89:f7:95:31:50:5f:b6:26:14:11:
cd:78:79:c8:a9:04:2c:28:c1:62:5e:11:e5:12:7c:26:5f:91:
10:e6:71:40:2d:d4:0b:2b:34:a9:0b:6b:62:95:e0:f5:f3:02:
a7:df:9c:91:56:eb:12:f3:db:73:2b:37:b8:42:51:af:b0:d0:
4c:52:db:e5:26:26:7d:95:7b:bb:9e:1c:0e:ac:f1:80:66:36:
26:72:5d:8a:fd:36:7a:0e:a4:40:33:82:d2:1a:69:d9:07:eb:
61:d9:c5:d2:16:8c:4c:31:54:31:11:c0:d2:e7:ee:74:70:62:
aa:7c:42:65:0f:1f:35:44:03:1e:50:69:62:d2:db:97:dc:30:
9c:12:2d:ca:98:64:aa:65:fb:e1:53:d1:b9:53:9c:0c:59:12:
d4:13:19:aa:ce:f0:00:c4:2c:b4:a2:d0:04:a1:12:f2:2a:05:
e0:c4:40:5b:cc:69:46:13:07:66:87:29:4d:a5:71:b3:ee:a4:
f4:66:d1:b8:cb:d3:75:59:92:81:c2:0a:d9:4c:11:d0:d1:1d:
14:cc:42:a6:d8:78:ce:b9:50:d6:43:6e:be:63:3c:bc:68:37:
3d:99:47:f6:16:44:5f:f5:73:e8:c0:36:b1:a5:e6:a7:d3:e1:
44:e0:44:9f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJTmG7FjRTBfr+yVacUXuMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTIwNDIwZjcyMmY3ZDdmM2M0YjI1YTgwZTE3ZDcyOTAx
NzExODAwHhcNMjQwMTAyMDgzMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmUxNjJjYTJmNTk0NmZlNTE4MTYyZmE3MTlhYWI0YmJkZjM5Yjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0XmWBztZ7thcdi0JQILILKvlKCM
/Op+E8ni+bWngRw1bw1/8Euo8lhH0Dr7juf0yzdlmtfhv3h46cXOoFe4UwGDWrrf
EwrUcs5tZJYqESnqwhUtWvML6LcxsVm6tIyTsakbbxd3ZnOqTdPndaJEaNEwOlZ1
mP/SmaAaoo5xxLWSsPEeOdlGH8EE0ykW3RH9RECoT9srLc88o/uebufpLd9u2Uud
0o32/ck9bGmZsnaTb6Yb68lUNWkeBIbuIu5koYTTqlL+uvRV7d1oj3a9jpma1dJA
xd+gzfBXLzQiQrgSqvGn0BMVnYGusovQ/4P3zYVL5zfsE1gcVsC2MEeB5wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAbhYsovWUb+UYFi+nGaq0u985uUMB8GA1UdIwQY
MBaAFGeSBCD3IvfX88SyWoDhfXKQFxGAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVJRUlQY2k5OWZ6eExKYWdPRjljcEFYRVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yN2NhMTYtZjQ2Yi00ZjhlLWI5MmUt
NWVkMDg5YzFhZmVkLzEvQnVGaXlpOVpSdjVSZ1dMNmNacXJTNzN6bTVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yN2NhMTYtZjQ2Yi00ZjhlLWI5MmUtNWVkMDg5YzFhZmVk
LzEvWjVJRUlQY2k5OWZ6eExKYWdPRjljcEFYRVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAIAFNcAMF
AyoFjMAwDQYJKoZIhvcNAQELBQADggEBADW80R+ch93lifeVMVBftiYUEc14ecip
BCwowWJeEeUSfCZfkRDmcUAt1AsrNKkLa2KV4PXzAqffnJFW6xLz23MrN7hCUa+w
0ExS2+UmJn2Ve7ueHA6s8YBmNiZyXYr9NnoOpEAzgtIaadkH62HZxdIWjEwxVDER
wNLn7nRwYqp8QmUPHzVEAx5QaWLS25fcMJwSLcqYZKpl++FT0blTnAxZEtQTGarO
8ADELLSi0AShEvIqBeDEQFvMaUYTB2aHKU2lcbPupPRm0bjL03VZkoHCCtlMEdDR
HRTMQqbYeM65UNZDbr5jPLxoNz2ZR/YWRF/1c+jANrGl5qfT4UTgRJ8=
-----END CERTIFICATE-----
Generated at Wed May 29 15:26:41 2024 by rpki-client on console-fra.rpki-client.org