Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2YSushnS9LbAa6_a20j37psUbJc.roa
File: 2YSushnS9LbAa6_a20j37psUbJc.roa (raw, json)
Hash identifier: ugCxsk/N+XIpG2cLeOdwarBCfu1x58iAux2FmLMZTZQ=
Subject key identifier: D9:84:AE:B2:19:D2:F4:B6:C0:6B:AF:DA:DB:48:F7:EE:9B:14:6C:97
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAD9465C00930FCAD4CB605A255EA94
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2YSushnS9LbAa6_a20j37psUbJc.roa
Signing time: Tue 06 Feb 2024 18:28:18 +0000
ROA not before: Tue 06 Feb 2024 18:28:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216430
IP address blocks: 2a0f:b241:10e::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:ad:94:65:c0:09:30:fc:ad:4c:b6:05:a2:55:ea:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:28:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d984aeb219d2f4b6c06bafdadb48f7ee9b146c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:86:33:04:92:06:20:23:2b:2d:4f:33:24:68:
4c:a9:f4:8b:39:19:85:a5:eb:6e:46:6a:43:69:0e:
63:6d:61:f8:b7:5d:ca:ac:5e:ba:e3:75:a9:73:56:
4c:d4:b2:10:3a:c9:dc:90:f7:7d:99:09:df:de:ad:
0d:5c:af:88:36:b5:a4:a8:da:1c:c1:86:52:9e:d4:
72:06:ee:0d:a9:46:a9:aa:e7:46:32:3c:47:2f:ad:
9d:d1:ab:24:ad:e1:b6:27:e7:a0:44:26:07:98:5c:
6b:9d:a7:79:69:05:18:79:97:35:fa:7d:b2:02:26:
4a:3c:e4:b2:80:89:ff:d4:0e:92:59:bf:5a:7c:09:
89:0c:71:79:ba:fa:9a:be:47:41:75:65:1b:f2:c7:
7d:29:5d:a1:cc:d3:62:1f:f5:cb:72:15:33:6b:59:
0e:27:b4:3d:5d:74:45:04:77:b3:1b:bd:65:b0:0b:
2b:05:04:60:cb:ec:a4:a7:66:3b:a5:58:de:6b:25:
ff:ae:7b:65:9a:9b:9e:23:14:ee:aa:8e:ab:ee:32:
f3:b2:2a:c8:b7:40:a5:87:11:c9:77:62:ce:5d:23:
63:10:a7:72:7f:9d:45:93:8c:43:64:8a:d8:38:08:
1b:21:9f:99:5c:f2:f3:6e:f3:15:ea:45:01:85:56:
66:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:84:AE:B2:19:D2:F4:B6:C0:6B:AF:DA:DB:48:F7:EE:9B:14:6C:97
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2YSushnS9LbAa6_a20j37psUbJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:10e::/48
Signature Algorithm: sha256WithRSAEncryption
79:bc:85:37:05:46:33:76:ff:6f:6e:5c:dc:c3:b2:c2:e4:ea:
bd:e8:23:ba:92:33:1b:04:ec:9e:bd:5a:2c:d9:3b:2b:77:d0:
fd:6e:72:e9:5d:a8:7b:5a:45:4a:12:54:97:71:6c:0a:3b:70:
de:06:7b:dd:75:06:45:a4:3d:52:94:0b:ad:81:b5:22:41:73:
69:e8:3a:34:86:00:81:b3:ad:0e:e7:30:ae:96:b9:45:7c:a8:
c3:de:c4:9f:39:07:5b:1c:0b:36:a0:ae:2e:45:76:b5:33:b6:
5f:b4:21:8d:82:6b:5c:4d:68:d8:d8:61:d4:5f:86:48:8f:dd:
f9:bc:25:5f:0b:61:f5:3d:cb:be:aa:60:4f:64:2a:80:1e:30:
d3:7f:da:91:31:9e:44:9f:92:16:4b:0f:b8:cc:a5:de:dc:19:
6b:23:ba:fb:71:87:a9:ef:9d:ea:bd:65:72:ef:4e:b8:e5:0d:
aa:d8:6d:43:38:05:e7:e9:80:79:7c:d3:06:71:60:80:2c:5d:
75:c4:e1:ec:34:b6:52:81:de:2d:ec:25:cb:3b:5b:ed:71:33:
73:33:bb:1b:3c:71:05:54:10:90:e0:9c:5f:a6:86:e2:16:46:
91:01:d1:96:d9:a4:c8:15:4a:98:6f:b2:b3:ab:05:a2:00:7a:
4c:1a:47:61
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/rZRlwAkw/K1MtgWiVeqUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTg0YWViMjE5ZDJmNGI2YzA2YmFmZGFkYjQ4ZjdlZTliMTQ2Yzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIYzBJIGICMrLU8zJGhMqfSLORmF
petuRmpDaQ5jbWH4t13KrF6643Wpc1ZM1LIQOsnckPd9mQnf3q0NXK+INrWkqNoc
wYZSntRyBu4NqUapqudGMjxHL62d0askreG2J+egRCYHmFxrnad5aQUYeZc1+n2y
AiZKPOSygIn/1A6SWb9afAmJDHF5uvqavkdBdWUb8sd9KV2hzNNiH/XLchUza1kO
J7Q9XXRFBHezG71lsAsrBQRgy+ykp2Y7pVjeayX/rntlmpueIxTuqo6r7jLzsirI
t0ClhxHJd2LOXSNjEKdyf51Fk4xDZIrYOAgbIZ+ZXPLzbvMV6kUBhVZmJwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNmErrIZ0vS2wGuv2ttI9+6bFGyXMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMllTdXNoblM5TGJBYTZfYTIwajM3cHNVYkpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEO
MA0GCSqGSIb3DQEBCwUAA4IBAQB5vIU3BUYzdv9vblzcw7LC5Oq96CO6kjMbBOye
vVos2Tsrd9D9bnLpXah7WkVKElSXcWwKO3DeBnvddQZFpD1SlAutgbUiQXNp6Do0
hgCBs60O5zCulrlFfKjD3sSfOQdbHAs2oK4uRXa1M7ZftCGNgmtcTWjY2GHUX4ZI
j935vCVfC2H1Pcu+qmBPZCqAHjDTf9qRMZ5En5IWSw+4zKXe3BlrI7r7cYep753q
vWVy70645Q2q2G1DOAXn6YB5fNMGcWCALF11xOHsNLZSgd4t7CXLO1vtcTNzM7sb
PHEFVBCQ4JxfpobiFkaRAdGW2aTIFUqYb7KzqwWiAHpMGkdh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org