Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/ryEofzu74zigXRKUtud9zOUvGK0.roa
File: ryEofzu74zigXRKUtud9zOUvGK0.roa (raw, json)
Hash identifier: hzY9vpMJbYxE275hUNlVIHOIktZsKGkkVVMElBD6V3g=
Subject key identifier: AF:21:28:7F:3B:BB:E3:38:A0:5D:12:94:B6:E7:7D:CC:E5:2F:18:AD
Certificate issuer: /CN=bfe9f12c96ba20683aff5c958bfad8e4c577f7fe
Certificate serial: 0191582054FCCE2B1688F2C19BBC75953738
Authority key identifier: BF:E9:F1:2C:96:BA:20:68:3A:FF:5C:95:8B:FA:D8:E4:C5:77:F7:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/ryEofzu74zigXRKUtud9zOUvGK0.roa
Signing time: Thu 15 Aug 2024 22:19:59 +0000
ROA not before: Thu 15 Aug 2024 22:19:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 395747
IP address blocks: 2a09:bac0:108::/48 maxlen: 48
2a09:bac0:131::/48 maxlen: 48
2a09:bac0:133::/48 maxlen: 48
2a09:bac0:251::/48 maxlen: 48
2a09:bac0:693::/48 maxlen: 48
2a09:bac0:748::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:58:20:54:fc:ce:2b:16:88:f2:c1:9b:bc:75:95:37:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe9f12c96ba20683aff5c958bfad8e4c577f7fe
Validity
Not Before: Aug 15 22:19:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af21287f3bbbe338a05d1294b6e77dcce52f18ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a6:60:37:69:90:be:02:8a:c8:1e:3c:c7:25:
de:68:3e:ac:9c:71:0d:9e:04:05:c0:25:bb:cf:bf:
1a:d8:25:ec:7f:31:1a:cc:34:a5:11:17:e9:95:b3:
e1:2f:e5:7c:9f:3d:2c:8e:db:5b:91:68:db:26:23:
52:72:d5:07:c0:ec:d0:ef:46:fe:87:38:d9:cf:24:
6d:e1:1a:bb:c7:e1:26:77:cb:5b:74:d1:15:69:33:
f4:2e:56:a5:d8:94:a4:44:1a:89:28:64:99:13:95:
58:d5:e8:84:a2:5f:47:ea:fa:8a:b2:fa:d2:69:8a:
e6:a0:0a:7a:22:7a:42:46:9f:ef:c3:da:29:87:21:
65:3f:49:50:a8:39:34:d0:20:00:fe:54:71:22:b1:
b1:21:43:d3:d5:d4:f9:86:e9:0c:02:e3:c5:e9:ce:
0d:48:d9:2c:9b:7c:c4:21:e1:3e:d0:bf:2d:b9:5d:
6d:9a:34:d8:93:11:8e:e8:7b:fe:f1:35:ae:10:1a:
91:c6:12:ef:91:77:3d:e0:c2:1d:a3:85:75:53:52:
63:49:0c:dd:81:a2:e8:be:c0:31:71:f9:59:f9:9e:
56:b1:b1:88:01:8c:f8:27:51:2c:51:ea:9c:8a:c6:
9f:58:6e:ab:3b:f5:73:cf:31:86:4f:77:7c:28:ef:
6e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:21:28:7F:3B:BB:E3:38:A0:5D:12:94:B6:E7:7D:CC:E5:2F:18:AD
X509v3 Authority Key Identifier:
keyid:BF:E9:F1:2C:96:BA:20:68:3A:FF:5C:95:8B:FA:D8:E4:C5:77:F7:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/ryEofzu74zigXRKUtud9zOUvGK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:bac0:108::/48
2a09:bac0:131::/48
2a09:bac0:133::/48
2a09:bac0:251::/48
2a09:bac0:693::/48
2a09:bac0:748::/48
Signature Algorithm: sha256WithRSAEncryption
61:ed:3f:24:58:25:c5:08:c1:39:6a:a1:ba:56:1a:32:e3:5b:
de:16:0a:96:8a:ac:3e:95:ee:5b:7e:28:cc:02:72:9b:4f:6f:
53:71:a5:81:b5:5c:2d:f4:17:4a:da:bc:c8:77:fe:30:dc:4c:
d9:5b:a2:27:79:0f:3e:85:9a:ad:4d:e0:0b:df:8f:a8:a4:1f:
5b:c2:e6:5a:7b:24:5f:1a:2e:4d:c6:db:5f:f3:06:27:d3:ee:
f3:f5:ab:84:c4:f8:bc:43:80:57:1a:75:fe:82:3a:08:5c:19:
61:fc:19:83:c7:c7:30:18:2d:ac:32:01:3b:f9:74:7c:13:f7:
9d:fb:82:34:67:7c:13:a7:29:df:39:35:a1:05:af:e8:ee:a9:
7e:5f:7b:a3:55:8f:2f:01:ea:a4:e1:19:6f:6f:58:26:ac:fa:
5a:ab:fd:77:df:69:bf:b3:44:64:5f:a6:36:c5:14:0f:b5:a9:
11:fc:e5:88:dc:a2:66:32:77:53:bd:82:53:9b:ad:7e:32:2b:
60:7f:65:e9:a5:00:fa:78:b5:87:cc:37:c6:4d:0a:1d:fb:c2:
f4:06:e3:2a:9f:ea:35:dc:60:3a:8a:e3:bd:dc:a9:eb:38:49:
6b:4b:50:f6:6e:55:a3:84:03:a9:8f:bf:cd:34:af:5e:3e:40:
fe:f0:3a:a8
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZFYIFT8zisWiPLBm7x1lTc4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTlmMTJjOTZiYTIwNjgzYWZmNWM5NThiZmFkOGU0YzU3
N2Y3ZmUwHhcNMjQwODE1MjIxOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjIxMjg3ZjNiYmJlMzM4YTA1ZDEyOTRiNmU3N2RjY2U1MmYxOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6ZgN2mQvgKKyB48xyXeaD6snHEN
ngQFwCW7z78a2CXsfzEazDSlERfplbPhL+V8nz0sjttbkWjbJiNSctUHwOzQ70b+
hzjZzyRt4Rq7x+Emd8tbdNEVaTP0Llal2JSkRBqJKGSZE5VY1eiEol9H6vqKsvrS
aYrmoAp6InpCRp/vw9ophyFlP0lQqDk00CAA/lRxIrGxIUPT1dT5hukMAuPF6c4N
SNksm3zEIeE+0L8tuV1tmjTYkxGO6Hv+8TWuEBqRxhLvkXc94MIdo4V1U1JjSQzd
gaLovsAxcflZ+Z5WsbGIAYz4J1EsUeqcisafWG6rO/VzzzGGT3d8KO9uGwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFK8hKH87u+M4oF0SlLbnfczlLxitMB8GA1UdIwQY
MBaAFL/p8SyWuiBoOv9clYv62OTFd/f+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1ueExKYTZJR2c2XzF5Vmlfclk1TVYzOV80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80Y2U1NTgtNjNkNi00NjlhLWJiNWQt
Zjc4MjBjNWU5NjZhLzEvcnlFb2Z6dTc0emlnWFJLVXR1ZDl6T1V2R0swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80Y2U1NTgtNjNkNi00NjlhLWJiNWQtZjc4MjBjNWU5NjZh
LzEvdi1ueExKYTZJR2c2XzF5Vmlfclk1TVYzOV80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgm6wAEI
AwcAKgm6wAExAwcAKgm6wAEzAwcAKgm6wAJRAwcAKgm6wAaTAwcAKgm6wAdIMA0G
CSqGSIb3DQEBCwUAA4IBAQBh7T8kWCXFCME5aqG6Vhoy41veFgqWiqw+le5bfijM
AnKbT29TcaWBtVwt9BdK2rzId/4w3EzZW6IneQ8+hZqtTeAL34+opB9bwuZaeyRf
Gi5Nxttf8wYn0+7z9auExPi8Q4BXGnX+gjoIXBlh/BmDx8cwGC2sMgE7+XR8E/ed
+4I0Z3wTpynfOTWhBa/o7ql+X3ujVY8vAeqk4Rlvb1gmrPpaq/1332m/s0RkX6Y2
xRQPtakR/OWI3KJmMndTvYJTm61+Mitgf2XppQD6eLWHzDfGTQod+8L0BuMqn+o1
3GA6iuO93KnrOElrS1D2blWjhAOpj7/NNK9ePkD+8Dqo
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:53:15 2025 by rpki-client