Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/BSjR-nGTep0SD3D3KzUfQ19buqk.roa
File: BSjR-nGTep0SD3D3KzUfQ19buqk.roa (raw, json)
Hash identifier: 7tMca+F8AZTuIng8pK3NcGigMCwbeszX56/qBmOoI8o=
Subject key identifier: 05:28:D1:FA:71:93:7A:9D:12:0F:70:F7:2B:35:1F:43:5F:5B:BA:A9
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAD8C06C288E84D25B4C52707389EBB
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/BSjR-nGTep0SD3D3KzUfQ19buqk.roa
Signing time: Tue 06 Feb 2024 18:28:16 +0000
ROA not before: Tue 06 Feb 2024 18:28:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48581
IP address blocks: 2a0f:b241:111::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:ad:8c:06:c2:88:e8:4d:25:b4:c5:27:07:38:9e:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:28:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0528d1fa71937a9d120f70f72b351f435f5bbaa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3e:bd:e1:cf:4c:d4:71:a2:ae:f9:44:ca:a0:
b5:9e:a8:47:a5:f5:b9:91:e0:d2:d0:de:8e:44:aa:
2b:3f:a4:b2:87:48:07:23:00:92:7d:6e:b3:1b:0a:
c5:20:e6:db:76:c8:b5:8c:8b:c8:f3:a6:77:ca:5d:
f4:0c:f7:c7:46:2a:72:e5:d8:a5:3d:de:8f:a5:3a:
e3:27:17:5f:13:ba:f1:87:85:b5:b9:a5:49:dd:35:
76:7e:70:53:99:ae:59:f1:35:b9:f9:1f:dc:05:17:
fd:53:ee:30:99:98:ce:05:3f:e6:5e:0c:9b:8f:0e:
1b:ee:d3:da:06:0e:f1:86:c0:72:af:1d:81:4d:5f:
78:31:43:38:9d:e8:cb:f1:0f:81:0f:60:5d:b6:d0:
d8:71:f4:5e:a9:23:ae:d7:4e:ef:b1:f8:29:d2:fb:
75:dc:70:01:4a:a1:1a:e1:10:a0:47:e3:80:95:5f:
c0:84:0e:4f:3a:95:77:72:04:84:82:0c:58:35:24:
a8:88:9f:50:63:62:2b:0b:b0:3d:bc:99:11:5c:05:
a8:9e:d5:4e:dc:55:10:99:93:af:b9:6e:3b:72:0f:
07:c0:3f:cb:9c:03:ac:e3:01:b5:a4:79:55:73:33:
8f:a5:50:94:f5:7d:ce:e3:62:3f:a1:fc:96:b0:5f:
0b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:28:D1:FA:71:93:7A:9D:12:0F:70:F7:2B:35:1F:43:5F:5B:BA:A9
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/BSjR-nGTep0SD3D3KzUfQ19buqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:111::/48
Signature Algorithm: sha256WithRSAEncryption
6f:e0:1f:b9:d6:94:04:75:43:ce:88:07:f0:be:91:98:bf:5a:
6c:02:b8:83:32:02:13:fb:1f:2b:39:43:f3:ec:76:5e:8d:53:
de:4a:4a:0b:86:04:93:98:27:5c:7f:22:a7:21:fb:63:d8:06:
12:38:b3:da:56:b0:9b:a8:8f:b6:1f:fd:49:bb:42:34:a9:21:
73:a0:c3:c8:14:0f:79:3a:cf:3e:fb:d2:51:f7:38:9f:b3:75:
1d:a9:9e:2e:00:37:b4:68:c5:16:f3:7b:30:9c:bb:c4:43:ce:
80:9a:99:39:c5:b7:15:f0:8d:43:c2:51:3f:47:ad:70:2c:31:
11:84:06:36:25:dc:b2:f1:23:de:cb:37:81:6b:d7:30:7a:43:
ef:fa:98:55:8d:8f:d2:c6:4b:3f:45:7e:48:63:17:8d:77:ae:
8a:dd:05:0b:79:ca:0c:17:4b:4c:bd:2e:93:9b:00:95:6d:56:
5d:32:c0:f2:b0:24:46:43:da:3f:80:51:85:bd:a9:b7:aa:8e:
81:69:4f:ab:c1:f9:d2:18:cb:b1:68:9b:32:b3:ab:17:5b:9d:
a8:21:04:b6:6c:fa:30:a6:77:df:a4:fe:7a:18:c5:d4:ea:b4:
d9:84:3b:de:fe:2a:ee:4f:00:4c:f1:b7:e4:c5:f6:0a:46:73:
32:b0:ae:d6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/rYwGwojoTSW0xScHOJ67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTI4ZDFmYTcxOTM3YTlkMTIwZjcwZjcyYjM1MWY0MzVmNWJiYWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoT694c9M1HGirvlEyqC1nqhHpfW5
keDS0N6ORKorP6Syh0gHIwCSfW6zGwrFIObbdsi1jIvI86Z3yl30DPfHRipy5dil
Pd6PpTrjJxdfE7rxh4W1uaVJ3TV2fnBTma5Z8TW5+R/cBRf9U+4wmZjOBT/mXgyb
jw4b7tPaBg7xhsByrx2BTV94MUM4nejL8Q+BD2BdttDYcfReqSOu107vsfgp0vt1
3HABSqEa4RCgR+OAlV/AhA5POpV3cgSEggxYNSSoiJ9QY2IrC7A9vJkRXAWontVO
3FUQmZOvuW47cg8HwD/LnAOs4wG1pHlVczOPpVCU9X3O42I/ofyWsF8LtwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAUo0fpxk3qdEg9w9ys1H0NfW7qpMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvQlNqUi1uR1RlcDBTRDNEM0t6VWZRMTlidXFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQER
MA0GCSqGSIb3DQEBCwUAA4IBAQBv4B+51pQEdUPOiAfwvpGYv1psAriDMgIT+x8r
OUPz7HZejVPeSkoLhgSTmCdcfyKnIftj2AYSOLPaVrCbqI+2H/1Ju0I0qSFzoMPI
FA95Os8++9JR9zifs3UdqZ4uADe0aMUW83swnLvEQ86Ampk5xbcV8I1DwlE/R61w
LDERhAY2Jdyy8SPeyzeBa9cwekPv+phVjY/Sxks/RX5IYxeNd66K3QULecoMF0tM
vS6TmwCVbVZdMsDysCRGQ9o/gFGFvam3qo6BaU+rwfnSGMuxaJsys6sXW52oIQS2
bPowpnffpP56GMXU6rTZhDve/iruTwBM8bfkxfYKRnMysK7W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:08 2024 by rpki-client on console-ams.rpki-client.org