Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/BRFDeFy_a7hT4LFzhOe5LSi2_mQ.roa
File: BRFDeFy_a7hT4LFzhOe5LSi2_mQ.roa (raw, json)
Hash identifier: IGOh736Q7kgjEe7OtAK3KIMMnANb/GsCvX4IgDKUB1I=
Subject key identifier: 05:11:43:78:5C:BF:6B:B8:53:E0:B1:73:84:E7:B9:2D:28:B6:FE:64
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018F2F95F72FA3DF834B2B757A8C1D2F4B76
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/BRFDeFy_a7hT4LFzhOe5LSi2_mQ.roa
Signing time: Tue 30 Apr 2024 15:18:28 +0000
ROA not before: Tue 30 Apr 2024 15:18:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205227
IP address blocks: 2a03:b2c0::/29 maxlen: 29
2a09:9c0::/29 maxlen: 29
2a09:7240::/29 maxlen: 29
2a09:a780::/29 maxlen: 29
2a09:a780::/30 maxlen: 30
2a09:a784::/30 maxlen: 30
2a0d:df40::/29 maxlen: 29
2a0e:be00::/29 maxlen: 29
2a10:3980::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 06 May 2024 09:10:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2f:95:f7:2f:a3:df:83:4b:2b:75:7a:8c:1d:2f:4b:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Apr 30 15:18:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=051143785cbf6bb853e0b17384e7b92d28b6fe64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:23:6c:44:3e:21:d0:7a:90:c0:f6:b9:3c:19:
35:59:4f:be:85:ee:a8:ab:02:f0:87:da:59:30:82:
ff:cf:c0:d8:ca:97:08:07:b3:04:00:03:eb:cf:4c:
9d:3f:18:7f:a3:15:9a:bc:1e:45:0b:5d:3e:a0:ab:
4d:03:c4:04:f3:15:e3:0e:a4:e2:14:52:48:cf:ac:
ec:9c:7b:09:65:96:d8:33:3e:f1:0c:d2:cd:8e:9f:
cd:51:3b:9e:1f:dd:af:a5:f1:06:1e:17:c5:aa:8d:
20:ca:21:3d:58:1e:17:c9:2a:6c:96:cc:13:7e:ce:
33:06:35:13:dd:a9:11:3e:ac:59:ff:65:57:de:c9:
d9:c3:80:54:7b:2e:dd:c4:85:c4:a5:58:3f:f5:0a:
42:57:85:50:01:d9:3b:e6:d8:a1:0d:ce:1d:89:54:
28:22:31:6e:d0:2a:0f:e1:08:ef:c8:39:6a:3f:2a:
9a:2a:69:8f:1f:f1:de:78:a8:af:b6:e5:15:0b:55:
43:7e:09:35:17:1c:73:ad:ca:4f:92:01:e9:c4:76:
1c:ab:81:e5:19:0f:9e:d6:54:fe:24:39:5f:73:26:
96:d2:02:ec:27:17:7f:2b:b8:70:d8:43:72:e0:b1:
c5:ec:b7:e5:d1:62:e3:1e:9d:cd:61:54:89:d1:ec:
4f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:11:43:78:5C:BF:6B:B8:53:E0:B1:73:84:E7:B9:2D:28:B6:FE:64
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/BRFDeFy_a7hT4LFzhOe5LSi2_mQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:b2c0::/29
2a09:9c0::/29
2a09:7240::/29
2a09:a780::/29
2a0d:df40::/29
2a0e:be00::/29
2a10:3980::/29
Signature Algorithm: sha256WithRSAEncryption
15:9e:37:81:e9:49:11:79:2c:38:1e:c6:7c:62:07:38:96:c9:
36:6d:13:74:0f:39:a4:e6:d7:c1:e1:ef:9b:f5:ff:3a:a7:f1:
03:0d:e2:cf:ba:b4:c7:4d:6f:77:45:19:d2:bc:2d:53:e1:15:
3a:d6:40:d7:5c:a1:a4:f2:9b:92:36:c8:a4:ad:14:b2:0a:20:
68:f5:18:f7:82:38:c9:17:04:e1:73:2a:ed:6b:f2:9d:35:45:
cb:1a:fc:f9:ff:ba:15:8b:99:4f:0f:db:21:18:11:91:91:e9:
2f:e0:4d:91:37:08:16:4f:68:c0:df:a3:37:2a:71:e8:f4:e0:
21:01:b0:29:e4:5a:5a:f1:cf:88:ff:43:c4:4a:fe:80:8d:a5:
dd:03:0f:4f:ce:17:45:5a:ad:21:4f:b9:db:b1:11:c7:3e:6a:
f4:48:b3:d6:6d:22:48:26:d3:1d:ca:73:d3:10:da:52:d5:15:
40:37:ad:df:22:96:56:82:85:c4:f2:c2:f1:a3:17:2f:46:17:
2c:e4:29:37:7a:2c:0d:60:e2:57:d2:de:e3:8c:3f:9e:bf:b7:
54:5b:21:00:ea:07:36:02:f8:1c:46:89:d7:52:26:99:76:54:
a4:7f:2a:5d:09:6a:00:ab:6e:98:34:5e:84:a4:c3:30:24:ff:
8b:24:cd:5f
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY8vlfcvo9+DSyt1eowdL0t2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQwNDMwMTUxODI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTExNDM3ODVjYmY2YmI4NTNlMGIxNzM4NGU3YjkyZDI4YjZmZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCNsRD4h0HqQwPa5PBk1WU++he6o
qwLwh9pZMIL/z8DYypcIB7MEAAPrz0ydPxh/oxWavB5FC10+oKtNA8QE8xXjDqTi
FFJIz6zsnHsJZZbYMz7xDNLNjp/NUTueH92vpfEGHhfFqo0gyiE9WB4XySpslswT
fs4zBjUT3akRPqxZ/2VX3snZw4BUey7dxIXEpVg/9QpCV4VQAdk75tihDc4diVQo
IjFu0CoP4QjvyDlqPyqaKmmPH/HeeKivtuUVC1VDfgk1FxxzrcpPkgHpxHYcq4Hl
GQ+e1lT+JDlfcyaW0gLsJxd/K7hw2ENy4LHF7Lfl0WLjHp3NYVSJ0exP2wIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFAURQ3hcv2u4U+Cxc4TnuS0otv5kMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvQlJGRGVGeV9hN2hUNExGemhPZTVMU2kyX21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKgOywAMF
AyoJCcADBQMqCXJAAwUDKgmngAMFAyoN30ADBQMqDr4AAwUDKhA5gDANBgkqhkiG
9w0BAQsFAAOCAQEAFZ43gelJEXksOB7GfGIHOJbJNm0TdA85pObXweHvm/X/Oqfx
Aw3iz7q0x01vd0UZ0rwtU+EVOtZA11yhpPKbkjbIpK0UsgogaPUY94I4yRcE4XMq
7WvynTVFyxr8+f+6FYuZTw/bIRgRkZHpL+BNkTcIFk9owN+jNypx6PTgIQGwKeRa
WvHPiP9DxEr+gI2l3QMPT84XRVqtIU+527ERxz5q9Eiz1m0iSCbTHcpz0xDaUtUV
QDet3yKWVoKFxPLC8aMXL0YXLOQpN3osDWDiV9Le44w/nr+3VFshAOoHNgL4HEaJ
11ImmXZUpH8qXQlqAKtumDRehKTDMCT/iyTNXw==
-----END CERTIFICATE-----
Generated at Mon May 6 13:59:36 2024 by rpki-client on console-fra.rpki-client.org