Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/BEXGFccI64rtBEZpcazAnURvQww.roa
File: BEXGFccI64rtBEZpcazAnURvQww.roa (raw, json)
Hash identifier: IseSsKpj1NlSmgd4HQqUBmyKSHhWaV2Wq6IQRK1u4t4=
Subject key identifier: 04:45:C6:15:C7:08:EB:8A:ED:04:46:69:71:AC:C0:9D:44:6F:43:0C
Certificate issuer: /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Certificate serial: 0188CF87EE8C55DF5B0EDB0378114482EC10
Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/BEXGFccI64rtBEZpcazAnURvQww.roa
Signing time: Sun 18 Jun 2023 17:22:52 +0000
ROA not before: Sun 18 Jun 2023 17:22:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204010
IP address blocks: 2a05:906::/32 maxlen: 32
2a05:905::/32 maxlen: 32
2a05:907::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:cf:87:ee:8c:55:df:5b:0e:db:03:78:11:44:82:ec:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Validity
Not Before: Jun 18 17:22:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0445c615c708eb8aed04466971acc09d446f430c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4e:d4:05:4d:62:e5:29:cc:38:b4:6b:45:89:
9c:dd:8c:63:0f:e6:25:b9:2e:71:01:1c:53:f0:01:
2b:6d:64:af:38:c4:5f:ea:1f:f4:bf:9e:5c:76:09:
b9:c1:65:a4:df:f0:9f:75:e9:6e:a0:75:56:c7:c1:
4c:07:27:43:dc:d7:dd:08:30:c4:ce:14:8a:24:19:
27:e2:65:e0:4a:fe:43:88:49:2f:a6:9e:56:f3:2d:
38:a6:83:ad:62:50:34:ee:a6:7b:71:da:82:20:d3:
d3:17:2b:db:b9:62:bd:d4:08:db:2f:61:11:83:1c:
15:1e:b0:ad:c2:ce:78:2c:ba:92:c4:bf:3d:05:e2:
07:5a:5c:63:ec:c3:c0:24:21:d1:9b:f0:18:40:0d:
b1:29:fe:9d:be:c5:d1:e6:56:32:d4:83:e8:d3:af:
40:96:68:2a:43:4d:8c:77:3a:1d:bb:3b:81:f9:4d:
23:c0:08:20:24:60:5f:50:26:fe:09:58:14:cb:54:
b2:a0:0a:08:34:f0:aa:44:0f:f3:df:b7:4d:de:d9:
78:45:0e:84:61:4d:c3:54:0b:84:70:fb:c1:a1:d8:
a8:2d:20:a3:ab:29:f0:5c:8e:3c:e9:e1:ab:10:46:
42:0f:87:05:84:42:ae:d8:a8:55:f5:1c:f5:b7:d1:
da:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:45:C6:15:C7:08:EB:8A:ED:04:46:69:71:AC:C0:9D:44:6F:43:0C
X509v3 Authority Key Identifier:
keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/BEXGFccI64rtBEZpcazAnURvQww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:905::-2a05:907:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ab:3d:e8:c2:5a:0d:56:02:4d:4b:6d:f1:5b:d7:9b:cc:c9:6c:
17:df:6c:e5:1c:96:06:f2:2f:e5:16:37:b0:36:fd:01:f6:35:
04:1e:3e:d5:48:ac:7a:93:42:fd:a0:95:62:c3:df:18:2f:7a:
ec:89:a7:4e:1c:60:a6:90:aa:30:6f:7a:1a:10:cb:ed:ba:fc:
2f:59:4e:3b:69:c3:d0:68:77:02:0f:b2:4e:cd:eb:20:33:5f:
78:59:6a:99:8c:bc:d6:54:53:8d:84:f4:ab:70:c2:51:99:ee:
fc:ca:2f:f5:4b:63:63:ec:7f:fc:7a:44:4c:54:78:41:86:9b:
66:c1:32:88:82:ea:d3:6e:a1:00:65:a8:f9:31:e5:41:22:c3:
58:ed:8c:14:c0:0d:36:7b:91:85:90:dd:74:fa:e5:ea:ec:55:
81:5f:99:1a:21:dc:71:69:a8:84:3d:d6:8e:f8:7d:50:95:42:
3e:b1:cd:09:dd:99:07:b7:df:f7:0b:a2:c6:18:9a:14:eb:cb:
48:f3:c1:8e:6b:37:5c:57:c0:2e:ee:ac:b5:4d:4d:db:e2:eb:
06:65:9d:61:fd:14:57:a4:63:9d:c1:66:0b:0b:b6:3d:2f:2c:
56:b1:8b:b0:af:ac:4d:c0:5b:a9:b1:1c:71:2c:c7:ee:6a:e3:
69:d6:a4:81
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYjPh+6MVd9bDtsDeBFEguwQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5
NzMwNTEwHhcNMjMwNjE4MTcyMjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDQ1YzYxNWM3MDhlYjhhZWQwNDQ2Njk3MWFjYzA5ZDQ0NmY0MzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU7UBU1i5SnMOLRrRYmc3YxjD+Yl
uS5xARxT8AErbWSvOMRf6h/0v55cdgm5wWWk3/CfdeluoHVWx8FMBydD3NfdCDDE
zhSKJBkn4mXgSv5DiEkvpp5W8y04poOtYlA07qZ7cdqCINPTFyvbuWK91AjbL2ER
gxwVHrCtws54LLqSxL89BeIHWlxj7MPAJCHRm/AYQA2xKf6dvsXR5lYy1IPo069A
lmgqQ02MdzoduzuB+U0jwAggJGBfUCb+CVgUy1SyoAoINPCqRA/z37dN3tl4RQ6E
YU3DVAuEcPvBodioLSCjqynwXI486eGrEEZCD4cFhEKu2KhV9Rz1t9HaGQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFARFxhXHCOuK7QRGaXGswJ1Eb0MMMB8GA1UdIwQY
MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt
YTNhM2ViODc5ZjJiLzEvQkVYR0ZjY0k2NHJ0QkVacGNhekFuVVJ2UXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi
LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqBQkF
AwUDKgUJADANBgkqhkiG9w0BAQsFAAOCAQEAqz3owloNVgJNS23xW9ebzMlsF99s
5RyWBvIv5RY3sDb9AfY1BB4+1UisepNC/aCVYsPfGC967ImnThxgppCqMG96GhDL
7br8L1lOO2nD0Gh3Ag+yTs3rIDNfeFlqmYy81lRTjYT0q3DCUZnu/Mov9UtjY+x/
/HpETFR4QYabZsEyiILq026hAGWo+THlQSLDWO2MFMANNnuRhZDddPrl6uxVgV+Z
GiHccWmohD3Wjvh9UJVCPrHNCd2ZB7ff9wuixhiaFOvLSPPBjms3XFfALu6stU1N
2+LrBmWdYf0UV6RjncFmCwu2PS8sVrGLsK+sTcBbqbEccSzH7mrjadakgQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:13 2024 by rpki-client on console-fra.rpki-client.org