Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bnjMbpjMWx406HzBIz92Ye3BCNg.roa
File: bnjMbpjMWx406HzBIz92Ye3BCNg.roa (raw, json)
Hash identifier: zKry10tZZzpkkiSzhKnvBnP9eGAVX76PZAm/Uvg7snM=
Subject key identifier: 6E:78:CC:6E:98:CC:5B:1E:34:E8:7C:C1:23:3F:76:61:ED:C1:08:D8
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 019471F37C86439F2023DB30793D6EA0637C
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bnjMbpjMWx406HzBIz92Ye3BCNg.roa
Signing time: Fri 17 Jan 2025 01:49:29 +0000
ROA not before: Fri 17 Jan 2025 01:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214016
IP address blocks: 2a0f:b244:200::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 22 Jan 2025 03:56:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:71:f3:7c:86:43:9f:20:23:db:30:79:3d:6e:a0:63:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Jan 17 01:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e78cc6e98cc5b1e34e87cc1233f7661edc108d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:05:d2:4e:c2:96:b1:2b:c6:10:e7:76:19:58:
a8:83:b0:9d:d7:5d:f5:5d:ac:aa:21:b5:4d:b4:07:
ba:22:7c:84:9c:2b:10:a8:60:2e:e0:33:75:32:d3:
d9:c8:18:0c:22:1b:99:4f:d6:40:dc:d1:ca:2f:db:
56:7f:50:64:50:be:65:45:05:dd:8f:d0:1c:92:8c:
eb:74:ca:44:01:21:48:a6:94:f6:fe:d6:f2:6e:49:
5e:a3:0d:67:85:ef:61:86:31:cb:69:63:90:38:a5:
b3:af:14:6e:c7:83:6a:00:04:ce:40:7d:0f:f1:12:
f4:58:05:6d:89:9d:54:83:ed:ff:4b:35:b0:1f:c6:
c0:c4:62:45:55:cd:18:91:89:c3:a8:34:22:d6:62:
27:23:d6:03:22:ea:b0:fc:1c:7a:41:56:ca:fd:61:
e6:9c:bc:bc:fa:5d:59:be:5f:cc:b6:4d:be:13:07:
6c:89:2b:a6:1f:69:7d:76:44:eb:e3:f7:58:59:0b:
c9:c9:e8:b4:e0:94:b6:fa:db:b5:e7:7e:44:c7:87:
9c:ce:71:b3:e6:42:70:fd:cf:6f:07:50:4c:7d:b5:
a0:b0:4e:2e:a2:b0:04:46:52:5a:cd:e0:38:24:1a:
87:56:8a:5b:bd:d3:74:b8:1f:2d:9a:08:ed:68:36:
a9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:78:CC:6E:98:CC:5B:1E:34:E8:7C:C1:23:3F:76:61:ED:C1:08:D8
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bnjMbpjMWx406HzBIz92Ye3BCNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b244:200::/40
Signature Algorithm: sha256WithRSAEncryption
6a:3d:67:f5:b2:53:76:ea:07:48:fe:0f:30:6f:bf:98:07:9f:
61:80:6f:91:79:07:3d:56:6f:05:48:20:e4:1e:95:5c:3f:1c:
14:43:c2:1c:b4:11:a8:24:9f:5f:7c:cb:83:5c:27:99:51:79:
ca:e1:1f:4c:59:73:9d:59:c9:ae:2e:33:85:e0:28:9a:9b:b6:
9f:9a:ab:fc:01:6a:74:ea:b6:4d:96:3a:52:4d:8b:32:ad:bb:
5c:4d:3b:a0:30:a9:1d:8c:2b:dd:34:96:58:aa:63:dd:84:d1:
56:3c:36:04:d1:79:25:e2:f9:da:f5:cf:95:9e:99:22:98:f8:
2f:21:65:39:e8:16:ff:84:cc:76:96:8b:58:88:26:c4:7c:71:
6d:6f:50:60:32:5b:09:86:66:49:a3:dc:29:c3:a8:af:c3:54:
4b:b7:4f:b7:b8:29:c4:2a:bc:c2:97:51:f4:89:1f:f1:f6:ed:
ee:1b:c6:25:48:37:6e:c1:5d:84:2e:b0:39:7e:60:5c:49:57:
ae:89:65:66:49:2c:93:43:2e:3c:51:98:98:c0:59:5f:f9:a6:
38:d6:10:1e:ed:7c:cc:53:50:e0:31:ad:49:8b:b8:ca:2f:6d:
c9:a1:50:45:52:6f:58:26:b9:a6:4e:68:c0:1f:b6:87:e8:67:
fb:fb:e7:cf
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZRx83yGQ58gI9sweT1uoGN8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjUwMTE3MDE0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTc4Y2M2ZTk4Y2M1YjFlMzRlODdjYzEyMzNmNzY2MWVkYzEwOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAXSTsKWsSvGEOd2GViog7Cd1131
XayqIbVNtAe6InyEnCsQqGAu4DN1MtPZyBgMIhuZT9ZA3NHKL9tWf1BkUL5lRQXd
j9AckozrdMpEASFIppT2/tbybkleow1nhe9hhjHLaWOQOKWzrxRux4NqAATOQH0P
8RL0WAVtiZ1Ug+3/SzWwH8bAxGJFVc0YkYnDqDQi1mInI9YDIuqw/Bx6QVbK/WHm
nLy8+l1Zvl/Mtk2+EwdsiSumH2l9dkTr4/dYWQvJyei04JS2+tu1535Ex4ecznGz
5kJw/c9vB1BMfbWgsE4uorAERlJazeA4JBqHVopbvdN0uB8tmgjtaDapBwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFG54zG6YzFseNOh8wSM/dmHtwQjYMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvYm5qTWJwak1XeDQwNkh6Qkl6OTJZZTNCQ05nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg+yRAIw
DQYJKoZIhvcNAQELBQADggEBAGo9Z/WyU3bqB0j+DzBvv5gHn2GAb5F5Bz1WbwVI
IOQelVw/HBRDwhy0Eagkn198y4NcJ5lRecrhH0xZc51Zya4uM4XgKJqbtp+aq/wB
anTqtk2WOlJNizKtu1xNO6AwqR2MK900lliqY92E0VY8NgTReSXi+dr1z5WemSKY
+C8hZTnoFv+EzHaWi1iIJsR8cW1vUGAyWwmGZkmj3CnDqK/DVEu3T7e4KcQqvMKX
UfSJH/H27e4bxiVIN27BXYQusDl+YFxJV66JZWZJLJNDLjxRmJjAWV/5pjjWEB7t
fMxTUOAxrUmLuMovbcmhUEVSb1gmuaZOaMAftofoZ/v7588=
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:30:50 2025 by rpki-client