Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/BFfD3pUYyGy41B3LNkmghj705l0.roa
File: BFfD3pUYyGy41B3LNkmghj705l0.roa (raw, json)
Hash identifier: T/DhaSwx6mw9iQ6hqwpbklttrid+1Jl9ucn0tsu1EvM=
Subject key identifier: 04:57:C3:DE:95:18:C8:6C:B8:D4:1D:CB:36:49:A0:86:3E:F4:E6:5D
Certificate issuer: /CN=ced755733e91203a17c3093ca5d9cb0392d94f61
Certificate serial: 018CC3B6F6DD1E24715E6AF809814B9B706A
Authority key identifier: CE:D7:55:73:3E:91:20:3A:17:C3:09:3C:A5:D9:CB:03:92:D9:4F:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ztdVcz6RIDoXwwk8pdnLA5LZT2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/BFfD3pUYyGy41B3LNkmghj705l0.roa
Signing time: Mon 01 Jan 2024 06:29:57 +0000
ROA not before: Mon 01 Jan 2024 06:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20965
IP address blocks: 62.40.96.0/19 maxlen: 19
83.97.92.0/22 maxlen: 22
2001:799::/32 maxlen: 32
2001:798::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f6:dd:1e:24:71:5e:6a:f8:09:81:4b:9b:70:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ced755733e91203a17c3093ca5d9cb0392d94f61
Validity
Not Before: Jan 1 06:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0457c3de9518c86cb8d41dcb3649a0863ef4e65d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6f:8a:94:89:7a:0c:37:26:97:c0:9b:48:14:
4c:e2:27:3a:e0:8e:fa:f7:d0:db:04:36:d7:10:f4:
69:e2:4d:db:54:fe:9c:0b:f4:fe:ed:89:3b:3d:c8:
36:95:e7:a1:55:87:1e:d9:e9:36:4a:24:03:c2:fc:
c1:ba:62:26:06:6d:5c:32:59:36:8d:f9:fc:80:f5:
68:78:cb:30:bb:80:b2:91:5e:9b:22:2b:52:cd:f4:
f1:d4:55:25:d2:d0:56:be:9f:6a:13:c2:62:42:ea:
16:31:8d:fb:05:eb:ae:9a:0e:c5:fe:a3:9a:5c:da:
60:ab:19:90:a2:f8:92:fa:de:e7:4a:ac:43:37:58:
18:96:0a:72:63:19:f8:48:42:a8:76:75:81:bd:08:
1a:fb:bb:1c:74:9f:8b:31:0b:15:16:62:6f:d0:3d:
d7:d2:76:cd:ef:bf:31:ba:68:bd:3a:f1:26:96:43:
49:7a:38:c3:08:89:27:fd:0d:56:a4:8c:bd:a6:a0:
d3:23:bb:6c:a2:cc:60:27:9c:41:8a:e6:2b:39:7e:
75:eb:42:97:a8:ec:38:10:a2:82:73:76:6d:7b:30:
33:0c:51:0d:08:a2:02:ca:e7:09:cc:96:28:a2:5b:
63:df:9e:7f:e1:cd:1d:3b:c5:78:09:8b:80:60:ef:
2f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:57:C3:DE:95:18:C8:6C:B8:D4:1D:CB:36:49:A0:86:3E:F4:E6:5D
X509v3 Authority Key Identifier:
keyid:CE:D7:55:73:3E:91:20:3A:17:C3:09:3C:A5:D9:CB:03:92:D9:4F:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztdVcz6RIDoXwwk8pdnLA5LZT2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/BFfD3pUYyGy41B3LNkmghj705l0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/ztdVcz6RIDoXwwk8pdnLA5LZT2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.40.96.0/19
83.97.92.0/22
IPv6:
2001:798::/31
Signature Algorithm: sha256WithRSAEncryption
6a:b2:e6:0b:cf:db:6d:b6:3c:f9:fa:a9:ff:01:4f:82:8b:b8:
f6:2f:7d:5d:3b:0f:af:14:9e:8c:94:ae:ff:3c:1d:de:41:5d:
69:b6:62:3a:4e:44:e2:14:16:72:83:6d:ff:da:3e:6f:b8:ee:
b0:8f:27:7d:4c:69:17:af:2d:c0:31:64:d1:df:dd:7d:4a:93:
e3:de:46:7c:c8:f7:23:13:28:1a:b9:8c:95:44:5f:87:5c:60:
3a:ef:82:da:ce:46:45:2c:bf:d5:92:29:2f:ad:b4:cc:30:31:
24:0e:cc:80:3d:0a:39:95:0a:57:ff:00:5b:2c:b8:dd:d7:d7:
4e:10:95:2d:aa:57:a2:1d:a1:8b:5a:dd:7e:3d:e1:dd:04:33:
cd:ca:b2:f4:69:94:8a:c0:39:a5:12:98:34:a0:b3:59:e7:fe:
42:6e:eb:99:b1:5f:34:f8:49:ac:e3:c9:8b:a3:cf:96:75:79:
62:5f:92:3e:84:cc:5d:27:70:ca:30:8f:2e:92:f4:09:90:c3:
ae:18:85:6d:86:ab:16:cf:4b:35:71:08:6e:a2:04:96:c9:60:
73:4d:5c:8e:d8:00:b8:fc:e9:c9:ac:47:a4:64:3f:60:c0:ce:
4d:e5:07:a8:9d:dd:a9:f2:5e:42:dc:95:33:4f:62:7a:af:b1:
5b:eb:7c:dd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDtvbdHiRxXmr4CYFLm3BqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZDc1NTczM2U5MTIwM2ExN2MzMDkzY2E1ZDljYjAzOTJk
OTRmNjEwHhcNMjQwMTAxMDYyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDU3YzNkZTk1MThjODZjYjhkNDFkY2IzNjQ5YTA4NjNlZjRlNjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6G+KlIl6DDcml8CbSBRM4ic64I76
99DbBDbXEPRp4k3bVP6cC/T+7Yk7Pcg2leehVYce2ek2SiQDwvzBumImBm1cMlk2
jfn8gPVoeMswu4CykV6bIitSzfTx1FUl0tBWvp9qE8JiQuoWMY37Beuumg7F/qOa
XNpgqxmQoviS+t7nSqxDN1gYlgpyYxn4SEKodnWBvQga+7scdJ+LMQsVFmJv0D3X
0nbN778xumi9OvEmlkNJejjDCIkn/Q1WpIy9pqDTI7tsosxgJ5xBiuYrOX5160KX
qOw4EKKCc3ZtezAzDFENCKICyucJzJYooltj355/4c0dO8V4CYuAYO8v5wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFARXw96VGMhsuNQdyzZJoIY+9OZdMB8GA1UdIwQY
MBaAFM7XVXM+kSA6F8MJPKXZywOS2U9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenRkVmN6NlJJRG9Yd3drOHBkbkxBNUxaVDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jMmY2MWEtMTVmOS00YzZiLTkwZTUt
ZWY0YjY1OWVmZjhkLzEvQkZmRDNwVVl5R3k0MUIzTE5rbWdoajcwNWwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jMmY2MWEtMTVmOS00YzZiLTkwZTUtZWY0YjY1OWVmZjhk
LzEvenRkVmN6NlJJRG9Yd3drOHBkbkxBNUxaVDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFPihgAwQC
U2FcMA0EAgACMAcDBQEgAQeYMA0GCSqGSIb3DQEBCwUAA4IBAQBqsuYLz9tttjz5
+qn/AU+Ci7j2L31dOw+vFJ6MlK7/PB3eQV1ptmI6TkTiFBZyg23/2j5vuO6wjyd9
TGkXry3AMWTR3919SpPj3kZ8yPcjEygauYyVRF+HXGA674LazkZFLL/VkikvrbTM
MDEkDsyAPQo5lQpX/wBbLLjd19dOEJUtqleiHaGLWt1+PeHdBDPNyrL0aZSKwDml
Epg0oLNZ5/5CbuuZsV80+Ems48mLo8+WdXliX5I+hMxdJ3DKMI8ukvQJkMOuGIVt
hqsWz0s1cQhuogSWyWBzTVyO2AC4/OnJrEekZD9gwM5N5Qeond2p8l5C3JUzT2J6
r7Fb63zd
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:49 2025 by rpki-client