Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/bkHAiDJ0xEmBau4oG_FRkixBO8I.roa
File: bkHAiDJ0xEmBau4oG_FRkixBO8I.roa (raw, json)
Hash identifier: duu08QrZWedtitXEU1O0YRZ7SMY8UZZtM0PJzYlFPao=
Subject key identifier: 6E:41:C0:88:32:74:C4:49:81:6A:EE:28:1B:F1:51:92:2C:41:3B:C2
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0185710C3580239BB90E9913474FC6D9A89A
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/bkHAiDJ0xEmBau4oG_FRkixBO8I.roa
Signing time: Mon 02 Jan 2023 05:55:03 +0000
ROA not before: Mon 02 Jan 2023 05:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205125
IP address blocks: 2a0d:8340::/32 maxlen: 32
2a03:e2c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 27 Feb 2023 12:16:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:35:80:23:9b:b9:0e:99:13:47:4f:c6:d9:a8:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 05:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e41c0883274c449816aee281bf151922c413bc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:af:9c:7d:50:8b:31:2c:7b:83:cd:26:6b:93:
7a:b3:98:d8:d3:61:8e:7d:7f:75:9b:27:b3:3a:b0:
7e:d4:9a:71:b6:08:53:d6:5d:eb:6d:0d:57:b4:e4:
53:36:bd:1e:75:6a:ea:8a:00:3d:8c:de:2f:0d:4d:
3d:56:db:18:9c:58:e6:84:3b:d0:1d:c7:49:bc:ca:
b1:1b:81:7a:3c:36:96:cc:32:31:1b:c9:9f:04:56:
4a:4c:1e:1e:28:8d:50:93:91:b0:cd:89:8d:9e:8d:
0a:57:2d:86:1a:b9:05:f8:26:a8:80:b7:7c:bf:0d:
a5:1f:ec:98:89:02:31:9d:bb:e0:73:01:32:c9:11:
a0:a3:32:30:ab:23:eb:98:f7:63:57:62:54:37:73:
99:89:ab:9d:e2:a6:0b:d9:1f:71:e5:aa:a6:25:7a:
74:be:35:ee:bb:f9:02:32:5e:20:c6:c0:57:60:1c:
9e:3d:d1:78:15:f6:c2:9a:8a:b1:06:a9:ab:20:63:
87:e7:ed:7f:59:ff:4a:42:a2:fc:d5:28:2d:75:ba:
58:c9:db:54:01:8d:18:a7:4c:3e:9e:c5:76:80:ea:
19:0c:50:41:10:84:23:c2:8b:4a:53:34:0a:11:ef:
6d:2e:e0:7f:cc:a4:bc:7e:92:bb:cc:4d:84:85:64:
47:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:41:C0:88:32:74:C4:49:81:6A:EE:28:1B:F1:51:92:2C:41:3B:C2
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/bkHAiDJ0xEmBau4oG_FRkixBO8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:e2c0::/32
2a0d:8340::/32
Signature Algorithm: sha256WithRSAEncryption
8b:ec:2e:f2:b1:a1:42:3e:ea:33:84:66:0b:ac:35:af:1d:ac:
9c:2d:fc:d6:72:80:79:3a:e1:af:a7:10:e9:b1:4b:85:64:cb:
90:8d:b3:57:62:bb:f1:68:82:8b:09:d4:64:b4:a1:db:76:cc:
0c:e0:43:50:cf:9e:37:34:8d:4a:e2:08:55:c2:0d:b1:01:c8:
f5:95:b8:ce:25:86:74:9f:60:fb:b2:a8:e4:b7:7e:c2:a9:33:
26:fd:2d:91:0f:d4:42:cc:33:15:17:33:2a:ab:e3:7b:07:5e:
d1:3c:7f:ec:8f:04:f5:f7:6c:c3:f2:40:b8:d9:fc:fe:55:5e:
f7:22:0d:99:89:b9:96:85:89:0b:fa:31:55:83:41:8a:65:94:
40:d6:a1:d6:76:72:50:3a:87:b3:82:4c:22:44:23:2e:97:52:
62:17:50:33:c0:09:4b:5e:23:f8:c6:bc:70:8e:40:44:e3:74:
5d:e7:83:a1:62:f4:3d:4b:16:ee:bf:b0:3d:cd:62:e6:d4:72:
24:dd:fe:83:e3:e3:16:00:f3:c0:f8:8e:f2:b8:6c:f3:c7:c8:
4e:e8:d3:41:95:ae:1e:73:66:be:cc:b5:04:cf:eb:6e:96:29:
e8:67:a2:a7:ef:eb:74:be:98:8e:13:34:59:ef:41:26:49:52:
83:b9:03:80
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxDDWAI5u5DpkTR0/G2aiaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQxYzA4ODMyNzRjNDQ5ODE2YWVlMjgxYmYxNTE5MjJjNDEzYmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAka+cfVCLMSx7g80ma5N6s5jY02GO
fX91myezOrB+1JpxtghT1l3rbQ1XtORTNr0edWrqigA9jN4vDU09VtsYnFjmhDvQ
HcdJvMqxG4F6PDaWzDIxG8mfBFZKTB4eKI1Qk5GwzYmNno0KVy2GGrkF+CaogLd8
vw2lH+yYiQIxnbvgcwEyyRGgozIwqyPrmPdjV2JUN3OZiaud4qYL2R9x5aqmJXp0
vjXuu/kCMl4gxsBXYByePdF4FfbCmoqxBqmrIGOH5+1/Wf9KQqL81SgtdbpYydtU
AY0Yp0w+nsV2gOoZDFBBEIQjwotKUzQKEe9tLuB/zKS8fpK7zE2EhWRHzwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFG5BwIgydMRJgWruKBvxUZIsQTvCMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvYmtIQWlESjB4RW1CYXU0b0dfRlJraXhCTzhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgPiwAMF
ACoNg0AwDQYJKoZIhvcNAQELBQADggEBAIvsLvKxoUI+6jOEZgusNa8drJwt/NZy
gHk64a+nEOmxS4Vky5CNs1diu/FogosJ1GS0odt2zAzgQ1DPnjc0jUriCFXCDbEB
yPWVuM4lhnSfYPuyqOS3fsKpMyb9LZEP1ELMMxUXMyqr43sHXtE8f+yPBPX3bMPy
QLjZ/P5VXvciDZmJuZaFiQv6MVWDQYpllEDWodZ2clA6h7OCTCJEIy6XUmIXUDPA
CUteI/jGvHCOQETjdF3ng6Fi9D1LFu6/sD3NYubUciTd/oPj4xYA88D4jvK4bPPH
yE7o00GVrh5zZr7MtQTP626WKehnoqfv63S+mI4TNFnvQSZJUoO5A4A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org