Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/Bf1CkBwNEtmeZf3jFaw1urDDlwU.roa
File: Bf1CkBwNEtmeZf3jFaw1urDDlwU.roa (raw, json)
Hash identifier: euUduUEt3/xC/AqmPQG0ocqfXWbLFKYPc/zKOXQkKdo=
Subject key identifier: 05:FD:42:90:1C:0D:12:D9:9E:65:FD:E3:15:AC:35:BA:B0:C3:97:05
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 019494F18FF9F35074D1FC1D79CA742E34C3
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/Bf1CkBwNEtmeZf3jFaw1urDDlwU.roa
Signing time: Thu 23 Jan 2025 20:54:06 +0000
ROA not before: Thu 23 Jan 2025 20:54:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210464
IP address blocks: 2a0a:79c7:f7d0::/44 maxlen: 44
2a0a:79c7:f7e0::/44 maxlen: 44
2a0a:79c7:f800::/48 maxlen: 48
2a0a:79c7:f898::/48 maxlen: 48
2a0a:79c7:f899::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 24 Jan 2025 15:37:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:94:f1:8f:f9:f3:50:74:d1:fc:1d:79:ca:74:2e:34:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 23 20:54:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05fd42901c0d12d99e65fde315ac35bab0c39705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:dc:f0:06:cf:ed:29:74:a5:39:83:f9:49:b7:
dc:c6:18:b7:f0:a9:66:47:53:4a:ac:c9:74:00:bc:
97:09:c9:6e:02:7d:ae:f8:bf:98:1b:8b:2f:ae:a2:
18:ab:33:ca:3d:3e:48:bf:24:7c:55:c7:bf:ff:bd:
8e:d3:2d:29:02:8c:60:4b:89:96:21:e2:93:d3:15:
37:f1:cf:61:d9:ea:e0:05:00:96:a1:19:65:7c:a7:
71:9a:ae:d1:50:e0:c1:0f:e2:64:b7:47:9d:a8:45:
e2:8b:8c:fd:ac:1b:c7:af:bb:b2:b9:28:15:07:a6:
2f:9b:a4:a5:68:08:4f:68:c6:0e:66:49:51:2a:64:
7f:c9:de:d3:52:1b:1f:c1:12:78:8f:18:21:23:03:
1a:ae:b8:27:3a:d0:1f:ef:3e:64:e9:d5:da:d1:4b:
f9:00:a6:4f:e8:a6:85:a9:5f:e6:86:fa:15:87:3a:
d6:c4:34:ed:00:58:ca:e3:10:fd:e4:ed:5f:52:55:
1b:da:bd:1c:3c:7c:79:57:af:4d:fa:ab:45:26:4c:
90:a3:44:15:1c:fa:2b:e2:63:5b:79:9a:60:b1:22:
1e:20:52:7e:a8:2d:2c:f6:4b:40:b3:98:ac:a9:48:
66:a7:80:93:8a:43:48:07:6a:92:6f:a9:61:1e:4e:
b4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:FD:42:90:1C:0D:12:D9:9E:65:FD:E3:15:AC:35:BA:B0:C3:97:05
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/Bf1CkBwNEtmeZf3jFaw1urDDlwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:79c7:f7d0::-2a0a:79c7:f7ef:ffff:ffff:ffff:ffff:ffff
2a0a:79c7:f800::/48
2a0a:79c7:f898::/47
Signature Algorithm: sha256WithRSAEncryption
38:c8:c6:74:bf:a4:50:2e:79:08:05:a5:92:2b:bb:6e:5d:52:
db:5d:84:78:f6:31:5f:29:a5:92:72:72:0b:63:9f:dc:8a:cf:
8d:31:49:e9:e1:33:da:fc:22:a0:6e:74:e4:bd:7c:b1:f5:64:
c4:5a:8e:f3:d5:62:7f:15:69:73:bd:28:04:2e:a1:b0:ce:6f:
4f:aa:e8:2b:32:7e:96:d4:47:fe:d8:84:69:82:76:17:0d:dd:
4c:cb:92:b8:fd:b2:8b:bb:f2:3b:fb:87:43:c1:cf:f0:1c:14:
db:a1:1d:75:c2:4e:3a:e8:ca:74:87:bd:99:ae:65:37:19:49:
f7:88:69:ee:00:5c:3a:ab:2e:16:99:65:d2:2c:70:9f:85:56:
f1:fc:00:f3:67:99:3c:22:a4:52:48:6e:fe:62:87:d3:fd:2f:
17:18:58:94:cf:44:16:57:25:b4:34:03:a5:ae:d4:a4:04:8e:
05:92:1e:af:72:f3:c5:05:37:a3:af:ad:a5:75:a2:3b:ce:f7:
8a:74:b7:ad:3a:de:77:65:40:31:0a:f0:c1:22:dd:c5:c9:77:
e4:01:40:01:be:06:6f:1d:7c:20:87:ea:44:35:88:ef:0e:32:
f3:42:87:c9:75:9b:75:77:cc:d5:1e:7a:55:0c:4f:2f:7b:6c:
db:75:c3:30
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZSU8Y/581B00fwdecp0LjTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjUwMTIzMjA1NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWZkNDI5MDFjMGQxMmQ5OWU2NWZkZTMxNWFjMzViYWIwYzM5NzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodzwBs/tKXSlOYP5Sbfcxhi38Klm
R1NKrMl0ALyXCcluAn2u+L+YG4svrqIYqzPKPT5IvyR8Vce//72O0y0pAoxgS4mW
IeKT0xU38c9h2ergBQCWoRllfKdxmq7RUODBD+Jkt0edqEXii4z9rBvHr7uyuSgV
B6Yvm6SlaAhPaMYOZklRKmR/yd7TUhsfwRJ4jxghIwMarrgnOtAf7z5k6dXa0Uv5
AKZP6KaFqV/mhvoVhzrWxDTtAFjK4xD95O1fUlUb2r0cPHx5V69N+qtFJkyQo0QV
HPor4mNbeZpgsSIeIFJ+qC0s9ktAs5isqUhmp4CTikNIB2qSb6lhHk60hwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAX9QpAcDRLZnmX94xWsNbqww5cFMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvQmYxQ2tCd05FdG1lWmYzakZhdzF1ckREbHdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMBIDBwQqCnnH
99ADBwQqCnnH9+ADBwAqCnnH+AADBwEqCnnH+JgwDQYJKoZIhvcNAQELBQADggEB
ADjIxnS/pFAueQgFpZIru25dUttdhHj2MV8ppZJycgtjn9yKz40xSenhM9r8IqBu
dOS9fLH1ZMRajvPVYn8VaXO9KAQuobDOb0+q6CsyfpbUR/7YhGmCdhcN3UzLkrj9
sou78jv7h0PBz/AcFNuhHXXCTjroynSHvZmuZTcZSfeIae4AXDqrLhaZZdIscJ+F
VvH8APNnmTwipFJIbv5ih9P9LxcYWJTPRBZXJbQ0A6Wu1KQEjgWSHq9y88UFN6Ov
raV1ojvO94p0t6063ndlQDEK8MEi3cXJd+QBQAG+Bm8dfCCH6kQ1iO8OMvNCh8l1
m3V3zNUeelUMTy97bNt1wzA=
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:16:16 2025 by rpki-client