Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Bfb5PlCvR1Rco_d5Q7Nv-B8ResA.roa
File: Bfb5PlCvR1Rco_d5Q7Nv-B8ResA.roa (raw, json)
Hash identifier: UJvBt84wH4ruApuBhoqItiMhL0VXbb8ETqKwMwNz/F4=
Subject key identifier: 05:F6:F9:3E:50:AF:47:54:5C:A3:F7:79:43:B3:6F:F8:1F:11:7A:C0
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01906979A7037D555AB96FAEE1BFE5EE1FB6
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Bfb5PlCvR1Rco_d5Q7Nv-B8ResA.roa
Signing time: Sun 30 Jun 2024 14:08:18 +0000
ROA not before: Sun 30 Jun 2024 14:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 30 Jun 2024 15:04:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:69:79:a7:03:7d:55:5a:b9:6f:ae:e1:bf:e5:ee:1f:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 30 14:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05f6f93e50af47545ca3f77943b36ff81f117ac0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:71:5a:fc:54:05:09:93:62:ce:df:88:0a:02:
ea:af:69:89:51:8b:ca:40:12:79:82:29:f4:16:74:
2c:89:7f:53:0d:49:ff:43:e9:d8:0a:eb:97:5d:94:
15:92:da:bc:32:7d:24:8e:e0:70:46:7f:6c:2b:d9:
3c:cc:f0:cd:bc:2d:3e:08:51:a8:79:4b:ce:b8:81:
07:44:fb:fb:54:2e:b3:05:89:01:e3:8c:38:74:53:
64:48:74:05:9e:61:c7:bb:43:d1:43:50:a7:0c:0d:
80:03:fc:cd:d0:4e:cd:13:3f:3f:8f:62:94:56:03:
f4:eb:9d:27:32:74:c1:77:9c:09:30:7d:a5:fe:e7:
a4:47:48:8b:8a:ce:8a:93:a1:1b:eb:57:83:05:b3:
5e:a1:74:27:08:ee:82:3e:d1:1e:98:2c:c7:46:d0:
35:ad:bb:80:5d:65:cd:da:cb:86:b2:f7:02:e4:ad:
67:44:0a:7a:ee:09:02:b4:95:f6:d0:75:7f:66:d5:
49:cd:ff:50:85:59:0d:cf:a7:c8:a9:e0:f9:21:02:
bf:86:9f:8e:d0:25:5e:7b:be:bc:73:e4:b6:f2:97:
8f:8a:aa:10:60:5e:b0:5f:7d:9a:eb:9f:3d:8e:67:
9a:7c:ee:df:a7:42:d9:eb:b6:ea:f1:83:76:7a:19:
72:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:F6:F9:3E:50:AF:47:54:5C:A3:F7:79:43:B3:6F:F8:1F:11:7A:C0
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Bfb5PlCvR1Rco_d5Q7Nv-B8ResA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8d:43:fe:5f:c8:ff:b6:8c:ff:22:23:97:78:b0:63:1c:4c:15:
54:7a:9e:84:ff:a0:13:bd:b8:d2:8e:0a:41:fb:fc:40:4f:b6:
75:ef:5a:96:30:a5:f9:e2:1a:8d:37:2f:01:95:99:0e:82:af:
61:44:19:d5:43:94:7b:5c:3c:da:48:c9:8a:22:ab:2b:b5:73:
ea:b7:08:e8:bd:b1:fd:f7:21:9f:bc:7a:ea:36:7c:2d:1a:ba:
4a:78:b7:9f:7f:8a:ac:db:fa:28:ea:a8:65:04:d9:e4:21:16:
fa:fa:c3:d2:41:77:a7:e5:4c:dc:04:cc:a8:87:47:5b:ce:29:
2f:01:ee:b3:22:8f:a9:08:cb:77:bf:c4:a2:a5:48:6f:60:d5:
a5:26:69:a3:76:5c:5c:a5:f0:7d:ea:0b:89:24:83:d5:79:bc:
fe:d8:9b:a4:7f:7f:64:62:da:23:65:eb:13:62:3d:8f:3e:d1:
fc:a6:01:6a:5f:47:50:e7:de:a7:f4:f5:67:a6:bf:8a:c9:20:
38:69:7d:45:4d:9a:39:3e:4d:e9:3d:31:61:60:d4:4d:75:77:
e1:59:e7:5b:06:6c:84:28:83:2b:ee:f0:a3:dc:a6:ed:00:a5:
23:71:4f:03:cf:6b:47:5b:33:a7:de:49:80:dc:a2:0c:fb:16:
ad:3d:a5:b0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBpeacDfVVauW+u4b/l7h+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjMwMTQwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWY2ZjkzZTUwYWY0NzU0NWNhM2Y3Nzk0M2IzNmZmODFmMTE3YWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHFa/FQFCZNizt+ICgLqr2mJUYvK
QBJ5gin0FnQsiX9TDUn/Q+nYCuuXXZQVktq8Mn0kjuBwRn9sK9k8zPDNvC0+CFGo
eUvOuIEHRPv7VC6zBYkB44w4dFNkSHQFnmHHu0PRQ1CnDA2AA/zN0E7NEz8/j2KU
VgP0650nMnTBd5wJMH2l/uekR0iLis6Kk6Eb61eDBbNeoXQnCO6CPtEemCzHRtA1
rbuAXWXN2suGsvcC5K1nRAp67gkCtJX20HV/ZtVJzf9QhVkNz6fIqeD5IQK/hp+O
0CVee768c+S28pePiqoQYF6wX32a6589jmeafO7fp0LZ67bq8YN2ehlyOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAX2+T5Qr0dUXKP3eUOzb/gfEXrAMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQmZiNVBsQ3ZSMVJjb19kNVE3TnYtQjhSZXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI1D/l/I/7aM/yIjl3iw
YxxMFVR6noT/oBO9uNKOCkH7/EBPtnXvWpYwpfniGo03LwGVmQ6Cr2FEGdVDlHtc
PNpIyYoiqyu1c+q3COi9sf33IZ+8euo2fC0aukp4t59/iqzb+ijqqGUE2eQhFvr6
w9JBd6flTNwEzKiHR1vOKS8B7rMij6kIy3e/xKKlSG9g1aUmaaN2XFyl8H3qC4kk
g9V5vP7Ym6R/f2Ri2iNl6xNiPY8+0fymAWpfR1Dn3qf09Wemv4rJIDhpfUVNmjk+
Tek9MWFg1E11d+FZ51sGbIQogyvu8KPcpu0ApSNxTwPPa0dbM6feSYDcogz7Fq09
pbA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:26 2025 by rpki-client