Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/BfyF-kIpJLsFoCbuLSd9j4k77Vg.roa
File: BfyF-kIpJLsFoCbuLSd9j4k77Vg.roa (raw, json)
Hash identifier: 3Ifbl4mGHmW8pN4d6WM05jeSWBAhy9T47SckRu7fYq4=
Subject key identifier: 05:FC:85:FA:42:29:24:BB:05:A0:26:EE:2D:27:7D:8F:89:3B:ED:58
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018D883D83486394A27ADB4F4168D0BC4A41
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/BfyF-kIpJLsFoCbuLSd9j4k77Vg.roa
Signing time: Thu 08 Feb 2024 10:22:29 +0000
ROA not before: Thu 08 Feb 2024 10:22:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216311
IP address blocks: 2a12:bec0:500::/48 maxlen: 48
2a12:bec0:501::/48 maxlen: 48
2a12:bec0:507::/48 maxlen: 48
2a12:bec0:509::/48 maxlen: 48
2a12:bec0:50b::/48 maxlen: 48
2a12:bec0:50c::/46 maxlen: 48
Validation: Failed, certificate revoked on Wed 20 Mar 2024 11:18:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:88:3d:83:48:63:94:a2:7a:db:4f:41:68:d0:bc:4a:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Feb 8 10:22:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05fc85fa422924bb05a026ee2d277d8f893bed58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6d:86:3d:77:4a:de:f8:62:14:9d:73:aa:b9:
9a:cf:dd:cc:de:21:93:9c:33:05:03:1d:03:f9:6c:
48:8d:cb:69:46:82:5d:10:63:02:70:e6:4c:16:bf:
97:b9:65:fc:c9:8c:81:b5:f6:34:d5:97:50:94:38:
5e:82:b9:2f:11:32:84:b3:b9:02:77:95:0b:bf:7d:
62:ac:57:af:70:f8:08:ca:e2:93:ce:3d:b3:4e:33:
56:df:cc:ec:e2:f6:05:04:db:d0:4e:b2:a2:e1:50:
4d:da:5c:74:79:76:97:5c:07:9e:cd:61:17:10:a8:
3d:9f:2e:f4:53:4f:94:40:3e:e8:cf:97:d6:00:5a:
26:f7:a4:d5:fe:07:8a:b9:78:09:fe:ba:a0:14:66:
09:7c:eb:72:1d:ff:7b:d5:8d:9e:d2:ae:ea:2b:e1:
a5:35:b6:cd:35:cb:af:a1:d5:f8:d5:b5:df:45:2e:
11:65:c8:f8:1f:f8:57:56:7f:da:70:34:14:19:71:
98:c5:f6:ca:77:52:47:36:70:00:26:a0:a7:d4:d8:
da:c1:7d:2a:19:59:dd:d8:fd:a4:ff:cd:52:36:51:
88:f9:10:29:1b:70:7b:50:2f:26:6b:34:89:92:37:
a5:b3:28:7c:39:07:2d:eb:96:33:cc:c7:04:32:c9:
3d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:FC:85:FA:42:29:24:BB:05:A0:26:EE:2D:27:7D:8F:89:3B:ED:58
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/BfyF-kIpJLsFoCbuLSd9j4k77Vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:500::/47
2a12:bec0:507::/48
2a12:bec0:509::/48
2a12:bec0:50b::-2a12:bec0:50f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
23:1f:95:33:42:99:5e:db:97:82:ac:c1:2b:ba:d8:f6:46:5f:
6b:03:47:ad:8d:9e:36:f8:0d:7d:d9:81:1c:09:e2:f4:ac:ae:
76:50:6d:79:4a:9b:73:11:92:c6:6a:eb:b7:18:f9:20:b8:a2:
89:d4:58:fa:04:e4:e7:56:92:12:c0:c4:76:b3:1a:cf:76:d3:
50:c2:a4:5f:12:93:55:45:10:40:58:59:bd:b4:84:56:95:f7:
7a:b3:2b:60:50:86:37:a3:59:3b:e5:95:70:c4:7f:e5:ec:4b:
24:33:4b:0d:66:a2:c9:1a:ff:86:00:52:e7:0c:90:76:ff:7d:
c8:76:c0:a5:55:56:f8:e8:e3:24:ae:24:38:6e:91:cd:81:a3:
b8:f4:7c:ec:9b:64:ce:fa:b4:5e:ea:17:e1:80:5b:d8:32:c8:
d1:08:ba:63:2e:b9:4b:0b:db:ce:95:6b:54:4c:11:a9:ee:74:
e9:df:ab:2d:be:04:55:a7:f2:5f:c3:ad:cd:39:7c:d3:fe:0d:
69:d8:23:16:8c:dd:9a:f7:50:97:3c:4b:11:02:66:36:74:21:
9c:5b:45:c2:fb:18:92:ab:23:b9:1a:ec:67:22:9d:27:5d:aa:
50:c0:2a:c7:bc:f9:49:6d:ec:cd:8f:20:ca:6f:8b:3d:ee:a9:
b1:4b:fb:70
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY2IPYNIY5SiettPQWjQvEpBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjQwMjA4MTAyMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWZjODVmYTQyMjkyNGJiMDVhMDI2ZWUyZDI3N2Q4Zjg5M2JlZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnm2GPXdK3vhiFJ1zqrmaz93M3iGT
nDMFAx0D+WxIjctpRoJdEGMCcOZMFr+XuWX8yYyBtfY01ZdQlDhegrkvETKEs7kC
d5ULv31irFevcPgIyuKTzj2zTjNW38zs4vYFBNvQTrKi4VBN2lx0eXaXXAeezWEX
EKg9ny70U0+UQD7oz5fWAFom96TV/geKuXgJ/rqgFGYJfOtyHf971Y2e0q7qK+Gl
NbbNNcuvodX41bXfRS4RZcj4H/hXVn/acDQUGXGYxfbKd1JHNnAAJqCn1NjawX0q
GVnd2P2k/81SNlGI+RApG3B7UC8mazSJkjelsyh8OQct65YzzMcEMsk9vwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFAX8hfpCKSS7BaAm7i0nfY+JO+1YMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvQmZ5Ri1rSXBKTHNGb0NidUxTZDlqNGs3N1ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvAwcBKhK+wAUA
AwcAKhK+wAUHAwcAKhK+wAUJMBIDBwAqEr7ABQsDBwQqEr7ABQAwDQYJKoZIhvcN
AQELBQADggEBACMflTNCmV7bl4KswSu62PZGX2sDR62Nnjb4DX3ZgRwJ4vSsrnZQ
bXlKm3MRksZq67cY+SC4oonUWPoE5OdWkhLAxHazGs9201DCpF8Sk1VFEEBYWb20
hFaV93qzK2BQhjejWTvllXDEf+XsSyQzSw1moska/4YAUucMkHb/fch2wKVVVvjo
4ySuJDhukc2Bo7j0fOybZM76tF7qF+GAW9gyyNEIumMuuUsL286Va1RMEanudOnf
qy2+BFWn8l/Drc05fNP+DWnYIxaM3Zr3UJc8SxECZjZ0IZxbRcL7GJKrI7ka7Gci
nSddqlDAKse8+Ult7M2PIMpviz3uqbFL+3A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org