Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/7YsdzeH9BJAye-ae7NgNXUFKdAQ.roa
File: 7YsdzeH9BJAye-ae7NgNXUFKdAQ.roa (raw, json)
Hash identifier: t77Q8CqPrfKyeZ9wdVbRSzkr29MhO8a2x1lyYMmYpCI=
Subject key identifier: ED:8B:1D:CD:E1:FD:04:90:32:7B:E6:9E:EC:D8:0D:5D:41:4A:74:04
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAE7B4CD6F3D939DB08DF4780484F4C
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/7YsdzeH9BJAye-ae7NgNXUFKdAQ.roa
Signing time: Tue 06 Feb 2024 18:29:17 +0000
ROA not before: Tue 06 Feb 2024 18:29:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56367
IP address blocks: 2a0f:b241:11c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:ae:7b:4c:d6:f3:d9:39:db:08:df:47:80:48:4f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:29:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed8b1dcde1fd0490327be69eecd80d5d414a7404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9a:99:2b:51:8e:b6:44:e3:c0:1a:c9:c4:83:
17:e5:ac:01:c9:3e:92:27:c9:b1:b9:f4:91:1c:c7:
89:2a:b7:47:57:02:a9:7c:9d:37:7e:ed:0f:25:1c:
5f:19:04:29:f7:22:e9:7f:9e:33:2f:34:77:90:65:
f7:1c:83:dd:ef:33:43:76:55:62:eb:71:15:76:b8:
e7:2c:9c:b9:dc:0f:89:6c:41:0d:ed:3b:bb:0d:f3:
5b:5d:59:43:ab:fd:57:c8:8e:5b:bf:de:ca:b2:61:
9f:04:19:d9:66:1d:e7:b8:82:1d:45:8a:0b:97:12:
15:6e:6b:7d:65:48:e3:ab:78:ca:31:28:21:1c:2b:
07:6d:34:2b:5f:d0:e2:4e:b7:8f:90:7c:bf:40:b2:
d7:72:c1:7d:b4:29:80:3f:dc:9c:c4:b8:1d:38:e9:
ec:9d:b5:c2:cb:a1:8f:6e:3c:d2:7b:2b:d0:b9:0f:
10:c5:37:ab:27:97:43:85:4a:2c:41:64:bb:26:c7:
4e:24:9e:11:56:87:57:39:6f:07:50:9c:09:6b:5c:
c7:a7:24:c8:f3:f2:34:30:77:1e:e1:66:3f:c8:1a:
69:1b:47:6f:6f:8e:d4:56:44:58:32:22:15:43:9b:
e0:10:c5:c1:3e:89:6d:6d:26:33:c8:80:ee:3e:4e:
af:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:8B:1D:CD:E1:FD:04:90:32:7B:E6:9E:EC:D8:0D:5D:41:4A:74:04
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/7YsdzeH9BJAye-ae7NgNXUFKdAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:11c::/48
Signature Algorithm: sha256WithRSAEncryption
64:66:2f:4a:64:ca:44:c0:8b:22:cd:35:28:f1:fd:0f:03:ce:
1b:c0:7d:be:25:c8:8a:e1:ee:ec:8f:a2:2e:79:06:6d:45:2e:
f1:06:c9:c4:90:4c:fd:4b:69:21:0e:c5:d4:14:4c:94:43:20:
50:16:e8:c5:5e:55:28:77:66:89:07:60:0a:f2:d0:90:7e:8c:
40:46:8c:cb:22:38:6d:bf:66:70:26:84:04:7c:3a:c6:80:07:
c7:0e:01:62:e0:04:5f:74:f2:6b:df:b0:7a:fd:bf:37:b9:b4:
d5:b5:fa:66:20:8b:57:b3:93:9c:fc:ef:d2:cd:47:c2:41:e2:
29:dd:80:10:f8:f4:8a:e7:42:5f:d4:9f:f3:06:c3:db:42:26:
42:5d:91:c5:ab:05:c9:8f:1c:94:02:c1:45:3b:12:17:0d:e8:
00:9f:bd:97:01:21:17:58:bb:9c:27:3c:8b:e3:4e:4c:59:da:
d4:af:3b:c0:8c:93:7f:5a:54:ba:17:73:12:6f:7f:3d:0d:a0:
a4:55:2b:37:c9:3a:e3:c4:a4:9d:af:ea:5b:11:b9:70:bb:01:
2c:da:40:b6:63:c8:47:90:42:e7:65:8a:c8:bd:4f:ea:d3:41:
39:6c:74:99:25:c0:4d:45:4b:bd:1b:ab:4e:d1:cf:ca:23:6a:
e9:96:cd:c1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/rntM1vPZOdsI30eASE9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDhiMWRjZGUxZmQwNDkwMzI3YmU2OWVlY2Q4MGQ1ZDQxNGE3NDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5qZK1GOtkTjwBrJxIMX5awByT6S
J8mxufSRHMeJKrdHVwKpfJ03fu0PJRxfGQQp9yLpf54zLzR3kGX3HIPd7zNDdlVi
63EVdrjnLJy53A+JbEEN7Tu7DfNbXVlDq/1XyI5bv97KsmGfBBnZZh3nuIIdRYoL
lxIVbmt9ZUjjq3jKMSghHCsHbTQrX9DiTrePkHy/QLLXcsF9tCmAP9ycxLgdOOns
nbXCy6GPbjzSeyvQuQ8QxTerJ5dDhUosQWS7JsdOJJ4RVodXOW8HUJwJa1zHpyTI
8/I0MHce4WY/yBppG0dvb47UVkRYMiIVQ5vgEMXBPoltbSYzyIDuPk6vhQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFO2LHc3h/QSQMnvmnuzYDV1BSnQEMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvN1lzZHplSDlCSkF5ZS1hZTdOZ05YVUZLZEFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEc
MA0GCSqGSIb3DQEBCwUAA4IBAQBkZi9KZMpEwIsizTUo8f0PA84bwH2+JciK4e7s
j6IueQZtRS7xBsnEkEz9S2khDsXUFEyUQyBQFujFXlUod2aJB2AK8tCQfoxARozL
Ijhtv2ZwJoQEfDrGgAfHDgFi4ARfdPJr37B6/b83ubTVtfpmIItXs5Oc/O/SzUfC
QeIp3YAQ+PSK50Jf1J/zBsPbQiZCXZHFqwXJjxyUAsFFOxIXDegAn72XASEXWLuc
JzyL405MWdrUrzvAjJN/WlS6F3MSb389DaCkVSs3yTrjxKSdr+pbEblwuwEs2kC2
Y8hHkELnZYrIvU/q00E5bHSZJcBNRUu9G6tO0c/KI2rpls3B
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:07 2024 by rpki-client on console-ams.rpki-client.org