Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/9tOEoH9gqBbWjSXPq6Bl4rJH4yI.roa
File: 9tOEoH9gqBbWjSXPq6Bl4rJH4yI.roa (raw, json)
Hash identifier: cFoMYmCdDD1hV0SzX13cvWHSaUKpkYs3tMWMbf/AN2Y=
Subject key identifier: F6:D3:84:A0:7F:60:A8:16:D6:8D:25:CF:AB:A0:65:E2:B2:47:E3:22
Certificate issuer: /CN=bfe9f12c96ba20683aff5c958bfad8e4c577f7fe
Certificate serial: 01856F4B8178E2C235685A95DA613B6A03D8
Authority key identifier: BF:E9:F1:2C:96:BA:20:68:3A:FF:5C:95:8B:FA:D8:E4:C5:77:F7:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/9tOEoH9gqBbWjSXPq6Bl4rJH4yI.roa
Signing time: Sun 01 Jan 2023 21:44:57 +0000
ROA not before: Sun 01 Jan 2023 21:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 395747
IP address blocks: 2a09:bac0:108::/48 maxlen: 48
2a09:bac0:133::/48 maxlen: 48
2a09:bac0:131::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:81:78:e2:c2:35:68:5a:95:da:61:3b:6a:03:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe9f12c96ba20683aff5c958bfad8e4c577f7fe
Validity
Not Before: Jan 1 21:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6d384a07f60a816d68d25cfaba065e2b247e322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:74:f3:d3:9c:ab:0b:61:86:64:5d:f7:9d:f1:
2c:65:33:9b:ed:8c:d6:10:d6:fe:2f:f5:93:45:6c:
ae:af:82:db:b1:52:2c:0e:ef:36:eb:c8:d4:4a:0f:
a3:7e:51:7d:ac:ed:94:f7:a4:0d:8b:d3:e6:be:93:
1b:3b:ac:2b:df:34:25:cc:22:02:53:0c:11:f4:43:
e6:a8:0e:f4:cf:6c:71:76:6c:ee:80:80:4c:06:4c:
15:21:f5:5d:1c:9e:f7:10:48:94:e4:9d:65:3c:4d:
9d:34:2c:bd:01:97:ef:b5:63:1d:73:86:97:70:cf:
fc:1d:91:ca:40:dd:3e:a7:06:a5:a2:9f:8b:cc:0c:
69:7d:00:a3:36:29:50:c6:3b:84:2e:bb:76:2f:60:
9c:5d:4a:99:6f:b0:f4:e1:cd:59:8d:29:ec:b2:5e:
dd:5c:28:1b:2a:c3:8e:08:7c:49:cf:21:c5:f4:35:
34:85:08:c5:b8:a6:49:2d:14:a5:49:e2:57:7a:ff:
c4:35:3f:76:36:43:da:74:b8:ef:01:b7:d8:83:16:
eb:0e:4b:32:6d:76:96:98:8d:24:67:6d:11:07:5c:
c9:b2:55:a8:89:e3:6f:17:3e:45:01:41:48:f3:b4:
c1:16:95:a0:ba:83:7d:ce:89:78:fd:e2:78:66:c8:
a1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:D3:84:A0:7F:60:A8:16:D6:8D:25:CF:AB:A0:65:E2:B2:47:E3:22
X509v3 Authority Key Identifier:
keyid:BF:E9:F1:2C:96:BA:20:68:3A:FF:5C:95:8B:FA:D8:E4:C5:77:F7:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/9tOEoH9gqBbWjSXPq6Bl4rJH4yI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:bac0:108::/48
2a09:bac0:131::/48
2a09:bac0:133::/48
Signature Algorithm: sha256WithRSAEncryption
83:49:78:98:a5:9e:6f:d8:1d:e6:6f:c1:66:ff:67:46:ce:4b:
fa:dd:07:b4:6c:2c:d9:be:d1:43:4e:45:7b:d1:44:be:9c:ef:
cf:6e:63:5e:f7:e0:79:1d:b5:09:a4:30:92:12:a8:84:73:71:
53:73:0c:63:e5:f6:c6:eb:b8:bd:7b:5f:02:26:f0:22:25:ba:
71:64:ff:ad:3d:9e:20:1a:f7:38:64:1a:2a:47:38:ca:91:e2:
23:bf:03:42:19:6e:56:6b:9b:75:7f:aa:62:69:ba:79:18:69:
64:26:86:e2:eb:7b:66:7e:94:e2:9b:eb:5b:f8:ba:b3:43:95:
61:0b:d8:3b:a5:50:8c:2b:4d:28:19:97:2e:35:0d:44:3d:55:
86:90:0a:87:bf:4a:8f:09:52:8c:34:56:a7:9e:fc:86:8d:7a:
eb:15:7f:1d:4d:5e:3f:d2:2b:9d:83:0a:39:32:c2:0f:43:e2:
38:5f:c6:24:03:f4:36:97:07:0c:92:4c:2e:bb:2f:94:1d:2d:
d0:44:27:30:bd:b3:d6:d5:c8:aa:0b:4a:49:19:f9:98:b3:74:
e4:31:89:23:05:57:d5:75:df:59:a3:bb:e3:66:34:da:fd:53:
48:b8:ca:40:15:90:53:56:28:1a:61:2a:fc:e0:ed:76:f0:1e:
0c:35:b8:20
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvS4F44sI1aFqV2mE7agPYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTlmMTJjOTZiYTIwNjgzYWZmNWM5NThiZmFkOGU0YzU3
N2Y3ZmUwHhcNMjMwMTAxMjE0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmQzODRhMDdmNjBhODE2ZDY4ZDI1Y2ZhYmEwNjVlMmIyNDdlMzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXTz05yrC2GGZF33nfEsZTOb7YzW
ENb+L/WTRWyur4LbsVIsDu8268jUSg+jflF9rO2U96QNi9PmvpMbO6wr3zQlzCIC
UwwR9EPmqA70z2xxdmzugIBMBkwVIfVdHJ73EEiU5J1lPE2dNCy9AZfvtWMdc4aX
cM/8HZHKQN0+pwalop+LzAxpfQCjNilQxjuELrt2L2CcXUqZb7D04c1ZjSnssl7d
XCgbKsOOCHxJzyHF9DU0hQjFuKZJLRSlSeJXev/ENT92NkPadLjvAbfYgxbrDksy
bXaWmI0kZ20RB1zJslWoieNvFz5FAUFI87TBFpWguoN9zol4/eJ4ZsihSQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPbThKB/YKgW1o0lz6ugZeKyR+MiMB8GA1UdIwQY
MBaAFL/p8SyWuiBoOv9clYv62OTFd/f+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1ueExKYTZJR2c2XzF5Vmlfclk1TVYzOV80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80Y2U1NTgtNjNkNi00NjlhLWJiNWQt
Zjc4MjBjNWU5NjZhLzEvOXRPRW9IOWdxQmJXalNYUHE2Qmw0ckpINHlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80Y2U1NTgtNjNkNi00NjlhLWJiNWQtZjc4MjBjNWU5NjZh
LzEvdi1ueExKYTZJR2c2XzF5Vmlfclk1TVYzOV80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgm6wAEI
AwcAKgm6wAExAwcAKgm6wAEzMA0GCSqGSIb3DQEBCwUAA4IBAQCDSXiYpZ5v2B3m
b8Fm/2dGzkv63Qe0bCzZvtFDTkV70US+nO/PbmNe9+B5HbUJpDCSEqiEc3FTcwxj
5fbG67i9e18CJvAiJbpxZP+tPZ4gGvc4ZBoqRzjKkeIjvwNCGW5Wa5t1f6piabp5
GGlkJobi63tmfpTim+tb+LqzQ5VhC9g7pVCMK00oGZcuNQ1EPVWGkAqHv0qPCVKM
NFannvyGjXrrFX8dTV4/0iudgwo5MsIPQ+I4X8YkA/Q2lwcMkkwuuy+UHS3QRCcw
vbPW1ciqC0pJGfmYs3TkMYkjBVfVdd9Zo7vjZjTa/VNIuMpAFZBTVigaYSr84O12
8B4MNbgg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:42 2024 by rpki-client on console-ams.rpki-client.org