Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/bFoQbjvm2zIp3ixdE_nqe30kfuo.roa
File: bFoQbjvm2zIp3ixdE_nqe30kfuo.roa (raw, json)
Hash identifier: N2N1Y1A6qjeEchW0jM5D6YYd81zUDnLLeQbsjtS/Eqo=
Subject key identifier: 6C:5A:10:6E:3B:E6:DB:32:29:DE:2C:5D:13:F9:EA:7B:7D:24:7E:EA
Certificate issuer: /CN=bfb493457b2f02e69b85f718dcc16a9a9ef0fcd1
Certificate serial: 01856F26DF8EC623BE02DB5988330B8EE667
Authority key identifier: BF:B4:93:45:7B:2F:02:E6:9B:85:F7:18:DC:C1:6A:9A:9E:F0:FC:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/bFoQbjvm2zIp3ixdE_nqe30kfuo.roa
Signing time: Sun 01 Jan 2023 21:04:56 +0000
ROA not before: Sun 01 Jan 2023 21:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 93.94.3.0/24 maxlen: 24
2a03:1e03::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:df:8e:c6:23:be:02:db:59:88:33:0b:8e:e6:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb493457b2f02e69b85f718dcc16a9a9ef0fcd1
Validity
Not Before: Jan 1 21:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c5a106e3be6db3229de2c5d13f9ea7b7d247eea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:59:fb:bb:63:48:87:6a:e8:20:af:7c:b4:8f:
c9:d2:e4:d6:ae:63:cf:c0:27:17:0c:c2:2e:d1:34:
7d:13:ce:e6:a7:62:87:3c:c2:8b:38:1e:05:4c:ed:
d0:45:50:f4:a5:d5:8c:84:be:e4:cd:0d:a8:a0:bc:
60:66:63:e1:68:c0:9c:d7:6e:49:0c:fd:90:8d:42:
40:99:31:ef:e2:35:12:b4:45:5e:ae:51:60:a2:4b:
6d:8f:d6:e1:55:85:47:b2:d4:0b:09:93:ab:4a:b8:
17:fd:fe:91:5a:11:7a:b8:7b:05:07:7f:4b:b0:70:
6c:24:59:1d:7c:a1:78:fd:dc:0b:a5:98:42:aa:d9:
c3:b9:7c:92:5e:68:fb:70:bd:7e:7e:a1:82:c5:f1:
f3:f5:f2:63:55:8c:f6:c2:97:75:51:ff:72:41:a8:
25:8c:60:7e:7c:ec:75:1b:c9:df:1b:42:1f:8c:c1:
76:14:5c:43:2c:43:7d:99:ac:ce:ba:32:46:88:ee:
25:93:47:15:ef:36:cc:9a:f1:33:38:61:15:c0:9d:
f6:c4:a3:f8:61:32:47:a0:af:c9:3d:3a:93:da:93:
b5:c0:1e:d1:c9:3d:97:29:b1:d7:95:81:64:be:0a:
0a:c0:29:84:5e:e9:dd:95:6d:2b:5d:b2:63:5b:26:
a6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:5A:10:6E:3B:E6:DB:32:29:DE:2C:5D:13:F9:EA:7B:7D:24:7E:EA
X509v3 Authority Key Identifier:
keyid:BF:B4:93:45:7B:2F:02:E6:9B:85:F7:18:DC:C1:6A:9A:9E:F0:FC:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/bFoQbjvm2zIp3ixdE_nqe30kfuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/v7STRXsvAuabhfcY3MFqmp7w_NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.3.0/24
IPv6:
2a03:1e03::/48
Signature Algorithm: sha256WithRSAEncryption
b5:bf:83:b7:17:9c:a5:5d:51:e5:fa:7e:14:15:b3:db:1e:ae:
25:8e:05:04:ee:44:9e:13:06:7b:20:01:e0:51:73:82:21:f1:
e4:65:7a:87:f7:0a:fb:ac:df:41:b6:4f:be:30:35:64:12:87:
ec:e1:b8:4e:f5:e0:03:d3:bb:24:2f:ac:12:ed:cb:81:26:cb:
57:94:1f:8e:7c:69:6d:3c:6a:46:ba:5a:a7:a7:f0:93:fd:b8:
0e:d7:54:85:fd:c3:fb:2a:4e:dc:3a:d7:fe:71:27:e5:a0:f0:
c8:a2:f7:d6:d3:b1:d9:80:8f:5d:4a:c2:53:d9:6c:9a:e2:5c:
1b:75:6e:24:9e:2c:a8:6a:93:a3:45:c6:0c:5a:79:f7:f3:29:
f8:3f:fd:a3:16:f9:e7:80:e3:9f:a3:16:87:2b:bc:4b:e2:c5:
54:4a:b8:65:7d:fa:ef:44:13:79:e8:e8:3b:cf:e0:5c:96:1d:
ae:dc:a4:b2:42:67:d4:0d:eb:da:60:f1:ce:32:98:eb:6b:e2:
02:91:56:a5:42:47:9c:dd:45:9e:92:d1:ae:92:4e:54:7c:ed:
a3:05:69:d4:89:37:13:16:d1:4e:f6:ff:16:af:53:f9:ac:c9:
b0:00:58:15:c9:f4:21:73:20:91:3c:42:7f:cf:9f:c3:27:ce:
5f:01:43:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvJt+OxiO+AttZiDMLjuZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjQ5MzQ1N2IyZjAyZTY5Yjg1ZjcxOGRjYzE2YTlhOWVm
MGZjZDEwHhcNMjMwMTAxMjEwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzVhMTA2ZTNiZTZkYjMyMjlkZTJjNWQxM2Y5ZWE3YjdkMjQ3ZWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVn7u2NIh2roIK98tI/J0uTWrmPP
wCcXDMIu0TR9E87mp2KHPMKLOB4FTO3QRVD0pdWMhL7kzQ2ooLxgZmPhaMCc125J
DP2QjUJAmTHv4jUStEVerlFgokttj9bhVYVHstQLCZOrSrgX/f6RWhF6uHsFB39L
sHBsJFkdfKF4/dwLpZhCqtnDuXySXmj7cL1+fqGCxfHz9fJjVYz2wpd1Uf9yQagl
jGB+fOx1G8nfG0IfjMF2FFxDLEN9mazOujJGiO4lk0cV7zbMmvEzOGEVwJ32xKP4
YTJHoK/JPTqT2pO1wB7RyT2XKbHXlYFkvgoKwCmEXundlW0rXbJjWyamgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGxaEG475tsyKd4sXRP56nt9JH7qMB8GA1UdIwQY
MBaAFL+0k0V7LwLmm4X3GNzBapqe8PzRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdTVFJYc3ZBdWFiaGZjWTNNRnFtcDd3X05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hNDE0MWQtODQ5OC00MmY0LWIyZjMt
MWY2NDA5ODQ4MTUwLzEvYkZvUWJqdm0yeklwM2l4ZEVfbnFlMzBrZnVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hNDE0MWQtODQ5OC00MmY0LWIyZjMtMWY2NDA5ODQ4MTUw
LzEvdjdTVFJYc3ZBdWFiaGZjWTNNRnFtcDd3X05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAXV4DMA8E
AgACMAkDBwAqAx4DAAAwDQYJKoZIhvcNAQELBQADggEBALW/g7cXnKVdUeX6fhQV
s9seriWOBQTuRJ4TBnsgAeBRc4Ih8eRleof3Cvus30G2T74wNWQSh+zhuE714APT
uyQvrBLty4Emy1eUH458aW08aka6Wqen8JP9uA7XVIX9w/sqTtw61/5xJ+Wg8Mii
99bTsdmAj11KwlPZbJriXBt1biSeLKhqk6NFxgxaeffzKfg//aMW+eeA45+jFocr
vEvixVRKuGV9+u9EE3no6DvP4FyWHa7cpLJCZ9QN69pg8c4ymOtr4gKRVqVCR5zd
RZ6S0a6STlR87aMFadSJNxMW0U72/xavU/msybAAWBXJ9CFzIJE8Qn/Pn8Mnzl8B
QwU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:30 2024 by rpki-client on console-fra.rpki-client.org