Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bCcRM_XR-oCSJ97Q9BPGNTe593A.roa
File: bCcRM_XR-oCSJ97Q9BPGNTe593A.roa (raw, json)
Hash identifier: jFFvS4Kta5uadUga3PKtgLB5eyqDfYHRjq5CtLrBpGI=
Subject key identifier: 6C:27:11:33:F5:D1:FA:80:92:27:DE:D0:F4:13:C6:35:37:B9:F7:70
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019114819F34EBFC4468489068EF387BA2C4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bCcRM_XR-oCSJ97Q9BPGNTe593A.roa
Signing time: Fri 02 Aug 2024 19:12:04 +0000
ROA not before: Fri 02 Aug 2024 19:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 02 Aug 2024 20:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:14:81:9f:34:eb:fc:44:68:48:90:68:ef:38:7b:a2:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 2 19:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c271133f5d1fa809227ded0f413c63537b9f770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:83:bd:bb:51:35:f8:9a:f6:38:00:40:9a:a9:
21:37:79:e5:2c:9f:20:5e:20:7e:d8:ba:eb:c9:f4:
b2:f2:fc:ba:18:d4:97:7c:81:b1:7d:3c:ff:18:1f:
ea:8c:3c:7f:1f:d6:34:58:76:ea:95:08:8b:41:75:
d9:32:6f:40:36:01:68:db:ca:8c:b1:06:33:36:c3:
99:46:aa:85:12:7c:94:5f:9f:9a:c4:5e:8a:df:3a:
f5:28:62:73:2d:65:5c:95:02:c7:4b:de:b0:be:2d:
a4:6e:31:4d:7a:13:17:09:86:cc:50:f6:f9:3c:b1:
c4:5b:c0:0a:2e:21:ba:c2:cd:9d:7c:be:d9:a7:d8:
80:1f:9b:ba:0f:7e:c9:d9:f7:94:a8:90:1f:ef:d5:
57:be:93:5c:f2:56:37:ce:48:84:cf:25:93:fc:ae:
d6:9b:8a:ce:12:5e:62:ec:90:9b:09:84:a3:ae:df:
27:bb:98:7f:1e:2b:ae:06:2f:3e:74:2e:7f:62:ef:
98:ca:d6:63:d3:c3:c9:89:05:a1:e8:16:3b:16:21:
92:3e:68:69:73:11:ac:ef:55:67:e8:f8:1d:66:ea:
1b:08:f7:63:60:62:7f:5b:26:52:74:dd:1b:65:a2:
f4:60:28:11:12:fc:25:0d:2a:58:7a:e8:3e:fa:d0:
e7:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:27:11:33:F5:D1:FA:80:92:27:DE:D0:F4:13:C6:35:37:B9:F7:70
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/bCcRM_XR-oCSJ97Q9BPGNTe593A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
5b:ca:61:2d:eb:40:94:b6:57:18:94:9c:75:e7:42:83:e2:e4:
45:14:66:67:90:c7:fb:44:34:0f:03:67:5a:5d:f4:c0:2b:dd:
b0:f4:77:66:45:ad:23:05:1d:a6:a3:c3:4d:d9:f1:93:ef:a6:
71:c2:b2:88:21:c9:d0:fd:85:dd:ab:7f:97:85:fc:21:b0:25:
b2:04:85:00:ca:78:2c:35:a6:cc:db:68:b4:66:2c:21:2f:ec:
44:e4:ef:3b:b4:0c:fa:b1:f5:6b:ea:3d:5e:69:3f:6f:62:98:
d4:73:f6:53:0e:f7:d9:8b:ee:fc:b5:18:b2:22:4e:25:5f:6f:
2c:66:23:6a:58:3d:08:70:78:1b:c9:db:dc:15:99:d2:25:c5:
4f:1f:30:99:0a:67:e7:fa:41:6d:7e:91:a6:b9:a1:25:41:40:
60:9f:6c:10:e2:11:3b:1f:fa:2f:af:d5:cf:5f:59:d2:59:ef:
e9:f7:b8:0a:b8:4c:47:2e:68:7e:18:05:df:93:02:5c:09:46:
20:b5:9a:94:56:cb:dd:d4:83:5c:6b:9f:04:a6:8a:85:91:fd:
01:a1:76:6d:e0:1c:f4:1a:ef:48:6b:f4:6b:32:14:93:ab:7a:
01:1a:47:62:43:bf:bb:2e:1b:da:0e:3d:a5:af:1f:56:75:32:
79:85:d2:62
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZEUgZ806/xEaEiQaO84e6LEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODAyMTkxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzI3MTEzM2Y1ZDFmYTgwOTIyN2RlZDBmNDEzYzYzNTM3YjlmNzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4O9u1E1+Jr2OABAmqkhN3nlLJ8g
XiB+2LrryfSy8vy6GNSXfIGxfTz/GB/qjDx/H9Y0WHbqlQiLQXXZMm9ANgFo28qM
sQYzNsOZRqqFEnyUX5+axF6K3zr1KGJzLWVclQLHS96wvi2kbjFNehMXCYbMUPb5
PLHEW8AKLiG6ws2dfL7Zp9iAH5u6D37J2feUqJAf79VXvpNc8lY3zkiEzyWT/K7W
m4rOEl5i7JCbCYSjrt8nu5h/HiuuBi8+dC5/Yu+YytZj08PJiQWh6BY7FiGSPmhp
cxGs71Vn6PgdZuobCPdjYGJ/WyZSdN0bZaL0YCgREvwlDSpYeug++tDngwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGwnETP10fqAkife0PQTxjU3ufdwMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYkNjUk1fWFItb0NTSjk3UTlCUEdOVGU1OTNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAW8phLetAlLZXGJScdedCg+Lk
RRRmZ5DH+0Q0DwNnWl30wCvdsPR3ZkWtIwUdpqPDTdnxk++mccKyiCHJ0P2F3at/
l4X8IbAlsgSFAMp4LDWmzNtotGYsIS/sROTvO7QM+rH1a+o9Xmk/b2KY1HP2Uw73
2Yvu/LUYsiJOJV9vLGYjalg9CHB4G8nb3BWZ0iXFTx8wmQpn5/pBbX6RprmhJUFA
YJ9sEOIROx/6L6/Vz19Z0lnv6fe4CrhMRy5ofhgF35MCXAlGILWalFbL3dSDXGuf
BKaKhZH9AaF2beAc9BrvSGv0azIUk6t6ARpHYkO/uy4b2g49pa8fVnUyeYXSYg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:19:58 2025 by rpki-client