Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/4BdzJEnESbOGoY2OeCsNL2kBSM4.roa
File: 4BdzJEnESbOGoY2OeCsNL2kBSM4.roa (raw, json)
Hash identifier: 50sMgh3Nn7zbvFbqgI+zqecNaw6f3P86uFUL/KL8+cE=
Subject key identifier: E0:17:73:24:49:C4:49:B3:86:A1:8D:8E:78:2B:0D:2F:69:01:48:CE
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0808222F5F1A3BAFAA252DAA223B8
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/4BdzJEnESbOGoY2OeCsNL2kBSM4.roa
Signing time: Wed 07 Feb 2024 05:00:38 +0000
ROA not before: Wed 07 Feb 2024 05:00:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200141
IP address blocks: 2a0f:b241:95::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:80:82:22:f5:f1:a3:ba:fa:a2:52:da:a2:23:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e017732449c449b386a18d8e782b0d2f690148ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0e:c2:be:b0:33:ae:e5:3c:5b:de:52:28:27:
82:c0:bc:11:4b:71:11:4f:bc:91:45:7b:72:73:04:
09:52:2b:4b:b8:a9:64:33:2e:0e:d2:82:60:0e:98:
71:9a:f8:9a:35:12:b5:05:e8:97:b4:1c:f4:e5:16:
71:1e:d5:fd:d7:2e:f2:4d:d3:dd:ec:15:1b:a6:df:
74:06:3f:71:f3:a8:a0:2c:38:45:87:52:0b:2f:39:
81:41:4d:f7:29:db:5b:b0:3f:45:ec:31:ac:06:4a:
5f:b8:8f:f4:7b:ce:94:78:bc:19:81:e7:d9:45:74:
89:f4:f0:1e:d6:42:74:81:b5:52:d2:cf:bc:d8:3d:
52:c2:2c:6f:2c:ff:92:1f:92:1f:9d:b9:5b:e9:e3:
f0:a9:28:30:94:b1:2b:13:4b:a4:46:9c:92:94:55:
5d:58:d3:88:0f:94:b8:3d:14:f0:cd:d7:20:81:d9:
5a:99:38:7a:44:84:1f:1a:90:5f:2d:78:91:c0:bc:
8b:89:12:d9:3c:b1:ea:49:c4:bf:28:52:53:64:e2:
bd:b7:69:8e:0a:ba:a4:64:1d:93:7e:e0:62:40:27:
96:86:d4:01:3d:6e:80:57:aa:a6:d0:ed:5c:5f:ad:
e4:b5:8f:d0:c1:33:07:32:ca:b5:d2:fa:94:c9:69:
7e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:17:73:24:49:C4:49:B3:86:A1:8D:8E:78:2B:0D:2F:69:01:48:CE
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/4BdzJEnESbOGoY2OeCsNL2kBSM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:95::/48
Signature Algorithm: sha256WithRSAEncryption
55:af:b9:2a:9a:91:70:19:eb:96:4b:f8:48:4c:39:e3:0e:52:
d2:b5:83:20:a5:95:e1:55:94:44:76:9c:e5:48:c9:ec:5a:53:
83:a8:f5:f0:f5:cb:83:13:26:07:9f:83:d3:6a:0f:d8:7a:87:
9d:2d:9c:39:c6:78:35:e6:48:85:89:72:6c:23:57:34:c8:7f:
8d:8e:a8:e0:9a:ac:24:56:fd:b9:26:0e:91:e7:50:45:0c:75:
46:fc:5c:58:4b:0c:c8:96:e3:21:24:b5:27:a8:f7:3c:f0:c2:
8b:4f:21:14:8e:23:3b:62:94:36:bb:65:0c:bf:b7:31:ee:05:
16:35:53:e9:e0:bd:d9:5b:88:15:7e:d9:fc:de:85:05:08:5a:
c4:96:ad:17:ba:9b:93:b6:46:e6:6a:a7:f2:24:06:47:52:49:
df:d4:3d:56:99:a7:60:3a:6a:84:d0:fa:13:2b:af:6b:f7:4a:
5b:29:d1:cf:a9:0f:86:00:95:a0:4d:0f:20:28:bc:89:fc:ce:
4c:1d:4f:20:8e:70:40:bb:da:9f:f9:73:01:42:80:b9:58:c2:
67:26:a3:59:c9:74:3f:04:1c:10:cf:4d:a7:a1:43:84:55:2d:
31:26:5c:fc:6f:45:d9:b9:29:fd:c0:ea:80:29:58:2f:a3:5d:
99:a7:44:fd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8ICCIvXxo7r6olLaoiO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDE3NzMyNDQ5YzQ0OWIzODZhMThkOGU3ODJiMGQyZjY5MDE0OGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiw7CvrAzruU8W95SKCeCwLwRS3ER
T7yRRXtycwQJUitLuKlkMy4O0oJgDphxmviaNRK1BeiXtBz05RZxHtX91y7yTdPd
7BUbpt90Bj9x86igLDhFh1ILLzmBQU33KdtbsD9F7DGsBkpfuI/0e86UeLwZgefZ
RXSJ9PAe1kJ0gbVS0s+82D1SwixvLP+SH5Ifnblb6ePwqSgwlLErE0ukRpySlFVd
WNOID5S4PRTwzdcggdlamTh6RIQfGpBfLXiRwLyLiRLZPLHqScS/KFJTZOK9t2mO
CrqkZB2TfuBiQCeWhtQBPW6AV6qm0O1cX63ktY/QwTMHMsq10vqUyWl+lQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOAXcyRJxEmzhqGNjngrDS9pAUjOMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvNEJkekpFbkVTYk9Hb1kyT2VDc05MMmtCU000LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCV
MA0GCSqGSIb3DQEBCwUAA4IBAQBVr7kqmpFwGeuWS/hITDnjDlLStYMgpZXhVZRE
dpzlSMnsWlODqPXw9cuDEyYHn4PTag/YeoedLZw5xng15kiFiXJsI1c0yH+Njqjg
mqwkVv25Jg6R51BFDHVG/FxYSwzIluMhJLUnqPc88MKLTyEUjiM7YpQ2u2UMv7cx
7gUWNVPp4L3ZW4gVftn83oUFCFrElq0XupuTtkbmaqfyJAZHUknf1D1WmadgOmqE
0PoTK69r90pbKdHPqQ+GAJWgTQ8gKLyJ/M5MHU8gjnBAu9qf+XMBQoC5WMJnJqNZ
yXQ/BBwQz02noUOEVS0xJlz8b0XZuSn9wOqAKVgvo12Zp0T9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:07 2024 by rpki-client on console-ams.rpki-client.org