Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-Vmn0Petf5yOltL4bW5ScXiu13U.roa
File: 1-Vmn0Petf5yOltL4bW5ScXiu13U.roa (raw, json)
Hash identifier: W1zrEiPXOrEQeJpZ82Av0pJr/HJ+s3/r6Jmz4RZDAXI=
Subject key identifier: F9:59:A7:D0:F7:AD:7F:9C:8E:96:D2:F8:6D:6E:52:71:78:AE:D7:75
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA80F619B6FA219AFC707404479FDC2
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-Vmn0Petf5yOltL4bW5ScXiu13U.roa
Signing time: Tue 06 Feb 2024 18:22:16 +0000
ROA not before: Tue 06 Feb 2024 18:22:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199914
IP address blocks: 2a0f:b241:8f::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a8:0f:61:9b:6f:a2:19:af:c7:07:40:44:79:fd:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:22:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f959a7d0f7ad7f9c8e96d2f86d6e527178aed775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5a:a3:94:b7:52:7b:2a:8d:f7:7b:9f:16:89:
a2:38:cf:7a:7f:b1:56:45:15:50:c7:dd:8c:80:ca:
2a:cc:a0:39:9f:cb:29:4d:78:9c:ec:2c:dc:05:9c:
77:b9:99:82:a6:e0:02:c8:d3:a6:b7:b3:ad:c3:4f:
f2:44:c5:23:97:36:96:45:aa:5c:2d:5f:5c:0a:ef:
a7:f2:0a:8d:21:d8:aa:67:44:c9:0b:3c:5e:7d:32:
35:ed:0d:8c:0f:91:89:de:f0:54:cd:5d:9e:44:2f:
f5:1c:6e:00:de:30:fc:98:3f:69:61:39:37:6f:40:
9d:b9:29:2d:c4:6f:b1:07:0e:a1:89:88:34:87:6c:
1f:ac:ba:38:da:63:db:e6:5e:ea:39:ad:89:78:8c:
21:83:c4:fe:6c:b6:9b:4c:bb:10:f7:be:fd:3d:ee:
f0:a1:85:1c:ca:0b:d6:e1:59:a3:d3:e8:f9:5f:59:
82:e2:a8:ef:49:4f:cc:27:10:ae:3a:48:d3:5b:fd:
0e:90:6d:15:0e:d4:7a:b8:1a:d4:18:cb:25:ae:d5:
7e:81:e4:13:89:96:ea:9f:69:9a:db:32:b5:f1:ec:
76:20:a7:93:ff:d1:13:d4:ec:17:a6:d2:68:14:38:
03:d0:e1:a8:2c:83:83:1a:28:2f:2f:fc:29:47:0d:
6e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:59:A7:D0:F7:AD:7F:9C:8E:96:D2:F8:6D:6E:52:71:78:AE:D7:75
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-Vmn0Petf5yOltL4bW5ScXiu13U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:8f::/48
Signature Algorithm: sha256WithRSAEncryption
79:29:ca:b6:9b:ed:b1:4e:46:90:6b:03:1d:77:76:e2:cf:dd:
e0:76:07:0e:00:cf:49:d1:ba:10:12:13:f9:0a:74:b5:bd:ea:
de:1f:58:92:0b:7c:66:6b:43:2e:2d:74:80:ce:51:51:99:6e:
70:b6:99:06:fa:b7:16:77:df:8c:3b:6e:a9:3e:90:a0:36:99:
69:fe:e7:88:48:64:bf:63:fb:c8:2b:6b:ba:a2:f5:9f:93:e8:
ae:af:29:46:0b:17:b6:3c:79:13:81:05:ba:a2:3e:3d:9a:59:
c2:93:78:35:b3:95:72:d4:a9:26:24:44:93:15:fc:6b:6c:67:
97:63:41:3b:09:ff:ab:99:d0:ac:3d:c0:d7:9a:8e:d1:84:59:
49:88:c4:ad:46:17:df:f4:e3:c5:b2:8b:c5:b5:12:58:4a:3a:
79:d8:b7:a3:a1:95:5b:12:87:9a:79:48:70:24:68:47:77:5d:
d8:31:9e:00:8a:77:ba:bf:74:b6:a1:d9:e2:42:de:97:69:79:
ec:62:67:a2:09:20:0a:39:69:24:68:25:01:01:fd:f9:3b:f0:
52:1a:24:75:8d:8d:6c:c9:0f:5a:63:12:72:9a:78:57:21:cd:
20:1d:99:27:73:27:6e:4f:6f:c6:af:75:83:1b:59:71:9c:9e:
d9:c4:b7:ec
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAY1/qA9hm2+iGa/HB0BEef3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTU5YTdkMGY3YWQ3ZjljOGU5NmQyZjg2ZDZlNTI3MTc4YWVkNzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1qjlLdSeyqN93ufFomiOM96f7FW
RRVQx92MgMoqzKA5n8spTXic7CzcBZx3uZmCpuACyNOmt7Otw0/yRMUjlzaWRapc
LV9cCu+n8gqNIdiqZ0TJCzxefTI17Q2MD5GJ3vBUzV2eRC/1HG4A3jD8mD9pYTk3
b0CduSktxG+xBw6hiYg0h2wfrLo42mPb5l7qOa2JeIwhg8T+bLabTLsQ9779Pe7w
oYUcygvW4Vmj0+j5X1mC4qjvSU/MJxCuOkjTW/0OkG0VDtR6uBrUGMslrtV+geQT
iZbqn2ma2zK18ex2IKeT/9ET1OwXptJoFDgD0OGoLIODGigvL/wpRw1uJQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPlZp9D3rX+cjpbS+G1uUnF4rtd1MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMS1WbW4wUGV0ZjV5T2x0TDRiVzVTY1hpdTEzVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDMvYjg3ZWMwLWY3NWEtNGJiZS1iMDY3LWI3MTc5ODBlNGFk
Ni8xL2JvY1FTazIweEdOeHBfaTJwRUg4TU96ZjRnOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPskEA
jzANBgkqhkiG9w0BAQsFAAOCAQEAeSnKtpvtsU5GkGsDHXd24s/d4HYHDgDPSdG6
EBIT+Qp0tb3q3h9Ykgt8ZmtDLi10gM5RUZlucLaZBvq3FnffjDtuqT6QoDaZaf7n
iEhkv2P7yCtruqL1n5Porq8pRgsXtjx5E4EFuqI+PZpZwpN4NbOVctSpJiREkxX8
a2xnl2NBOwn/q5nQrD3A15qO0YRZSYjErUYX3/TjxbKLxbUSWEo6edi3o6GVWxKH
mnlIcCRoR3dd2DGeAIp3ur90tqHZ4kLel2l57GJnogkgCjlpJGglAQH9+TvwUhok
dY2NbMkPWmMScpp4VyHNIB2ZJ3Mnbk9vxq91gxtZcZye2cS37A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:07 2024 by rpki-client on console-ams.rpki-client.org