Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/720e5f-7f33-4d9d-8cde-22dd0f3928d5/1/v9wnN3i8_imKnFAD9acsRj5W6ug.roa
File: v9wnN3i8_imKnFAD9acsRj5W6ug.roa (raw, json)
Hash identifier: FYySNkZTozF/BBUs0BFbEU0QMVBMpWTkNcPTAHUGDSQ=
Subject key identifier: BF:DC:27:37:78:BC:FE:29:8A:9C:50:03:F5:A7:2C:46:3E:56:EA:E8
Certificate issuer: /CN=a81297b1d36a42de38e8480bb929b45bc9030c9d
Certificate serial: 018F1ECB8AB0A7F0780DADA2350A445BC4C2
Authority key identifier: A8:12:97:B1:D3:6A:42:DE:38:E8:48:0B:B9:29:B4:5B:C9:03:0C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBKXsdNqQt446EgLuSm0W8kDDJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/720e5f-7f33-4d9d-8cde-22dd0f3928d5/1/v9wnN3i8_imKnFAD9acsRj5W6ug.roa
Signing time: Sat 27 Apr 2024 09:03:26 +0000
ROA not before: Sat 27 Apr 2024 09:03:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3209
IP address blocks: 2a14:3241:2173::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 11 May 2024 09:39:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1e:cb:8a:b0:a7:f0:78:0d:ad:a2:35:0a:44:5b:c4:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81297b1d36a42de38e8480bb929b45bc9030c9d
Validity
Not Before: Apr 27 09:03:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfdc273778bcfe298a9c5003f5a72c463e56eae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:40:d4:00:ce:c6:19:d2:d2:c9:b7:70:f6:88:
f2:68:c8:d9:41:61:6d:c2:f6:90:a5:99:e5:46:fa:
28:3f:72:1a:dd:d2:43:64:9a:a9:2c:29:77:3b:3a:
24:07:aa:13:7f:ad:56:05:5c:10:3f:c5:df:03:7f:
20:73:f5:b4:9c:c5:8d:bc:fb:aa:bc:69:e4:71:8d:
7b:c7:76:48:a8:18:d4:f6:55:a1:6d:93:a6:59:9d:
cd:38:3e:f3:fc:17:69:fd:cb:5a:e5:48:4f:a9:62:
55:15:ec:f0:1c:bc:ac:f6:6a:0a:e9:37:3f:46:1b:
07:e6:b1:f1:b0:ff:06:91:7b:d4:28:c3:b7:74:1d:
d6:60:d7:b3:8f:36:2b:86:e2:8a:6b:ce:71:a9:fa:
cf:cd:09:ed:f4:0c:79:69:c2:6a:32:ff:47:6e:da:
63:c7:25:93:a2:16:8c:0a:64:db:d3:0b:e1:de:a1:
65:b6:e1:89:f9:ec:95:c6:43:1e:e0:6a:a3:64:21:
cf:ed:11:3d:76:e8:87:28:ea:72:e4:c0:0a:b4:4d:
52:ef:0e:0b:19:db:31:26:28:70:27:39:d4:4c:6f:
53:65:39:d6:3b:e1:59:2d:45:07:49:77:17:34:05:
ad:51:85:2d:85:50:49:80:a2:99:77:41:b1:ca:09:
1a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:DC:27:37:78:BC:FE:29:8A:9C:50:03:F5:A7:2C:46:3E:56:EA:E8
X509v3 Authority Key Identifier:
keyid:A8:12:97:B1:D3:6A:42:DE:38:E8:48:0B:B9:29:B4:5B:C9:03:0C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBKXsdNqQt446EgLuSm0W8kDDJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/720e5f-7f33-4d9d-8cde-22dd0f3928d5/1/v9wnN3i8_imKnFAD9acsRj5W6ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/720e5f-7f33-4d9d-8cde-22dd0f3928d5/1/qBKXsdNqQt446EgLuSm0W8kDDJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:3241:2173::/48
Signature Algorithm: sha256WithRSAEncryption
76:36:a3:cc:8a:ca:1d:24:78:76:79:02:32:7d:49:b4:6a:9f:
37:26:70:cf:04:c5:bf:de:ad:2d:9b:a7:95:2a:f6:f2:2e:95:
d2:cb:87:dc:c6:af:b2:19:94:b9:d6:6b:d3:e3:c5:04:0b:c0:
0f:a9:c9:85:ad:c9:fa:18:86:58:e2:45:08:25:6e:e1:81:12:
50:08:ea:fe:cd:4f:c2:6b:ce:30:ed:8b:6e:27:f1:f5:e8:b0:
42:ad:1a:ed:6a:e0:d0:72:4c:b4:b3:0c:fd:39:dc:a5:83:31:
88:8f:bf:af:42:d8:c1:9a:59:55:88:74:82:68:82:06:62:4b:
f0:0d:af:8c:20:63:fc:e0:b6:87:cb:09:ef:22:30:c9:86:11:
1e:06:dd:27:eb:1b:81:57:bf:ae:ec:80:9e:e6:9e:37:c1:83:
fa:ae:bd:c0:59:87:fd:1f:6a:d5:79:be:f3:54:e7:87:26:0b:
ed:ce:43:2d:07:80:17:fd:ac:86:d2:53:db:b7:39:0f:8a:61:
f5:c2:06:1c:d6:69:6f:ef:06:ff:cb:f0:2e:42:19:e1:69:ce:
ac:e1:d5:24:59:aa:ba:81:29:82:7a:e6:e7:6e:7a:5c:d2:0d:
6d:49:07:07:95:04:03:c4:81:8e:ed:58:af:5f:81:ae:44:ad:
ac:b2:da:7a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY8ey4qwp/B4Da2iNQpEW8TCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MTI5N2IxZDM2YTQyZGUzOGU4NDgwYmI5MjliNDViYzkw
MzBjOWQwHhcNMjQwNDI3MDkwMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmRjMjczNzc4YmNmZTI5OGE5YzUwMDNmNWE3MmM0NjNlNTZlYWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUDUAM7GGdLSybdw9ojyaMjZQWFt
wvaQpZnlRvooP3Ia3dJDZJqpLCl3OzokB6oTf61WBVwQP8XfA38gc/W0nMWNvPuq
vGnkcY17x3ZIqBjU9lWhbZOmWZ3NOD7z/Bdp/cta5UhPqWJVFezwHLys9moK6Tc/
RhsH5rHxsP8GkXvUKMO3dB3WYNezjzYrhuKKa85xqfrPzQnt9Ax5acJqMv9Hbtpj
xyWTohaMCmTb0wvh3qFltuGJ+eyVxkMe4GqjZCHP7RE9duiHKOpy5MAKtE1S7w4L
GdsxJihwJznUTG9TZTnWO+FZLUUHSXcXNAWtUYUthVBJgKKZd0GxygkabwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL/cJzd4vP4pipxQA/WnLEY+VuroMB8GA1UdIwQY
MBaAFKgSl7HTakLeOOhIC7kptFvJAwydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUJLWHNkTnFRdDQ0NkVnTHVTbTBXOGtEREowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83MjBlNWYtN2YzMy00ZDlkLThjZGUt
MjJkZDBmMzkyOGQ1LzEvdjl3bk4zaThfaW1LbkZBRDlhY3NSajVXNnVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83MjBlNWYtN2YzMy00ZDlkLThjZGUtMjJkZDBmMzkyOGQ1
LzEvcUJLWHNkTnFRdDQ0NkVnTHVTbTBXOGtEREowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhQyQSFz
MA0GCSqGSIb3DQEBCwUAA4IBAQB2NqPMisodJHh2eQIyfUm0ap83JnDPBMW/3q0t
m6eVKvbyLpXSy4fcxq+yGZS51mvT48UEC8APqcmFrcn6GIZY4kUIJW7hgRJQCOr+
zU/Ca84w7YtuJ/H16LBCrRrtauDQcky0swz9OdylgzGIj7+vQtjBmllViHSCaIIG
YkvwDa+MIGP84LaHywnvIjDJhhEeBt0n6xuBV7+u7ICe5p43wYP6rr3AWYf9H2rV
eb7zVOeHJgvtzkMtB4AX/ayG0lPbtzkPimH1wgYc1mlv7wb/y/AuQhnhac6s4dUk
Waq6gSmCeubnbnpc0g1tSQcHlQQDxIGO7VivX4GuRK2sstp6
Generated at Sat May 11 10:49:12 2024 by rpki-client on console-fra.rpki-client.org