Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/876203-e8fd-472f-afc2-990385559d1c/1/BGDWVX_LLlbx3kqY9fFrPifeHVo.roa
File: BGDWVX_LLlbx3kqY9fFrPifeHVo.roa (raw, json)
Hash identifier: 2YYYGV45QIsRK7UF+2FZhyLXI9BR1kWwqP/D6lJoEy0=
Subject key identifier: 04:60:D6:55:7F:CB:2E:56:F1:DE:4A:98:F5:F1:6B:3E:27:DE:1D:5A
Certificate issuer: /CN=61ce2e57f6f862ca3056e5fd5b3e6eac35540401
Certificate serial: 018CC72594757411A3A7A1210960167DA22A
Authority key identifier: 61:CE:2E:57:F6:F8:62:CA:30:56:E5:FD:5B:3E:6E:AC:35:54:04:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yc4uV_b4YsowVuX9Wz5urDVUBAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/876203-e8fd-472f-afc2-990385559d1c/1/BGDWVX_LLlbx3kqY9fFrPifeHVo.roa
Signing time: Mon 01 Jan 2024 22:29:37 +0000
ROA not before: Mon 01 Jan 2024 22:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38938
IP address blocks: 2a04:8900::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:94:75:74:11:a3:a7:a1:21:09:60:16:7d:a2:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61ce2e57f6f862ca3056e5fd5b3e6eac35540401
Validity
Not Before: Jan 1 22:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0460d6557fcb2e56f1de4a98f5f16b3e27de1d5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e4:e1:b9:8b:7f:08:f1:f2:00:fd:8c:2c:74:
20:f7:a3:88:2a:ea:fd:92:a3:9e:e6:69:1d:d6:f6:
bb:b6:25:83:4d:31:8f:80:e2:c2:94:b4:b3:ab:a2:
6e:df:ac:f5:44:cd:16:c3:08:69:b7:9e:2b:2c:dc:
8a:f0:5d:2d:f9:ad:b4:32:0a:7f:dc:72:bf:f9:c9:
ce:7d:a4:b5:e0:1b:d2:0b:25:c5:69:be:16:fd:92:
c6:d6:6a:49:f6:e5:11:5e:26:bb:c2:cb:37:c1:2b:
91:f1:a5:6c:c8:08:d4:32:01:e6:f9:db:6a:27:f1:
08:09:14:d6:52:3b:b5:9a:b4:1e:b2:fb:53:39:8f:
43:97:26:48:14:40:8a:15:3e:e9:78:8a:bd:95:ed:
41:74:e5:58:fc:9e:05:02:22:8a:ed:8e:15:37:10:
0f:00:f7:aa:71:cb:a3:ec:72:1f:8d:e9:db:02:be:
db:16:70:94:2a:3b:10:6c:04:31:62:ed:67:4d:87:
0d:78:21:55:78:b6:81:93:80:8f:77:b3:14:80:a7:
eb:f6:7a:37:66:cc:87:14:7c:64:5c:3c:2d:35:d9:
27:9d:cc:d8:1d:66:74:2b:b3:0f:93:92:7c:74:d7:
7e:2c:95:7e:4b:52:a4:b7:b2:6c:85:05:5f:9f:0c:
4e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:60:D6:55:7F:CB:2E:56:F1:DE:4A:98:F5:F1:6B:3E:27:DE:1D:5A
X509v3 Authority Key Identifier:
keyid:61:CE:2E:57:F6:F8:62:CA:30:56:E5:FD:5B:3E:6E:AC:35:54:04:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yc4uV_b4YsowVuX9Wz5urDVUBAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/876203-e8fd-472f-afc2-990385559d1c/1/BGDWVX_LLlbx3kqY9fFrPifeHVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/876203-e8fd-472f-afc2-990385559d1c/1/Yc4uV_b4YsowVuX9Wz5urDVUBAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:8900::/29
Signature Algorithm: sha256WithRSAEncryption
15:3c:f9:7c:48:a9:8c:dc:c6:00:85:ce:ae:f2:a8:38:24:25:
3f:43:66:f3:20:11:b2:05:85:37:75:40:a7:ef:e0:66:e7:83:
93:83:c3:6a:f5:b8:3e:30:05:91:70:3b:d5:2c:d8:44:10:cd:
e8:ad:cd:ee:ee:7b:7d:7b:ef:ee:4b:5b:69:a0:8b:b0:aa:e4:
64:2a:17:6b:6d:d2:68:30:d4:56:18:c3:a3:5e:73:50:00:e8:
56:c7:9e:03:37:de:1f:d3:9b:40:cb:4d:e0:7e:5e:bc:ac:32:
a5:81:46:a0:46:f7:9b:9d:80:03:35:95:5c:c9:30:70:be:ff:
49:d4:28:00:82:df:8e:d2:11:cf:35:d6:84:a0:da:fc:ec:95:
12:7e:90:63:5f:87:80:75:b2:db:45:c3:c2:2f:f6:ce:32:04:
d2:59:4c:09:1a:f4:ed:68:ec:79:d5:9f:98:25:3c:a3:86:92:
dd:72:25:f2:65:64:15:a2:72:5c:90:96:a8:7b:43:e6:e5:68:
45:c2:47:95:cc:46:70:cf:2c:2a:a8:8d:c4:b7:32:c7:48:11:
ba:cd:7b:b8:e3:f8:24:ca:56:a3:db:f9:13:ee:c2:78:f6:17:
cd:31:32:3a:37:91:08:42:c8:26:97:89:2f:e9:9d:d4:74:39:
bf:09:20:90
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHJZR1dBGjp6EhCWAWfaIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxY2UyZTU3ZjZmODYyY2EzMDU2ZTVmZDViM2U2ZWFjMzU1
NDA0MDEwHhcNMjQwMTAxMjIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDYwZDY1NTdmY2IyZTU2ZjFkZTRhOThmNWYxNmIzZTI3ZGUxZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeThuYt/CPHyAP2MLHQg96OIKur9
kqOe5mkd1va7tiWDTTGPgOLClLSzq6Ju36z1RM0Wwwhpt54rLNyK8F0t+a20Mgp/
3HK/+cnOfaS14BvSCyXFab4W/ZLG1mpJ9uURXia7wss3wSuR8aVsyAjUMgHm+dtq
J/EICRTWUju1mrQesvtTOY9DlyZIFECKFT7peIq9le1BdOVY/J4FAiKK7Y4VNxAP
APeqccuj7HIfjenbAr7bFnCUKjsQbAQxYu1nTYcNeCFVeLaBk4CPd7MUgKfr9no3
ZsyHFHxkXDwtNdknnczYHWZ0K7MPk5J8dNd+LJV+S1Kkt7JshQVfnwxOnQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFARg1lV/yy5W8d5KmPXxaz4n3h1aMB8GA1UdIwQY
MBaAFGHOLlf2+GLKMFbl/Vs+bqw1VAQBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWM0dVZfYjRZc293VnVYOVd6NXVyRFZVQkFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84NzYyMDMtZThmZC00NzJmLWFmYzIt
OTkwMzg1NTU5ZDFjLzEvQkdEV1ZYX0xMbGJ4M2txWTlmRnJQaWZlSFZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84NzYyMDMtZThmZC00NzJmLWFmYzItOTkwMzg1NTU5ZDFj
LzEvWWM0dVZfYjRZc293VnVYOVd6NXVyRFZVQkFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgSJADAN
BgkqhkiG9w0BAQsFAAOCAQEAFTz5fEipjNzGAIXOrvKoOCQlP0Nm8yARsgWFN3VA
p+/gZueDk4PDavW4PjAFkXA71SzYRBDN6K3N7u57fXvv7ktbaaCLsKrkZCoXa23S
aDDUVhjDo15zUADoVseeAzfeH9ObQMtN4H5evKwypYFGoEb3m52AAzWVXMkwcL7/
SdQoAILfjtIRzzXWhKDa/OyVEn6QY1+HgHWy20XDwi/2zjIE0llMCRr07WjsedWf
mCU8o4aS3XIl8mVkFaJyXJCWqHtD5uVoRcJHlcxGcM8sKqiNxLcyx0gRus17uOP4
JMpWo9v5E+7CePYXzTEyOjeRCELIJpeJL+md1HQ5vwkgkA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:32 2025 by rpki-client