Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/M5KPGdR1JZdElcFBTG3vm9fKj1U.roa
File: M5KPGdR1JZdElcFBTG3vm9fKj1U.roa (raw, json)
Hash identifier: gfMnUfm1KGXqy2dDMreN1nyu5spJFYXFkXxqjj+akK8=
Subject key identifier: 33:92:8F:19:D4:75:25:97:44:95:C1:41:4C:6D:EF:9B:D7:CA:8F:55
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0C098DE0B2C8FB3E32A3065267035
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/M5KPGdR1JZdElcFBTG3vm9fKj1U.roa
Signing time: Wed 07 Feb 2024 05:00:55 +0000
ROA not before: Wed 07 Feb 2024 05:00:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216179
IP address blocks: 2a0f:b241:5e::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:c0:98:de:0b:2c:8f:b3:e3:2a:30:65:26:70:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33928f19d47525974495c1414c6def9bd7ca8f55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:39:90:89:37:c3:62:6b:8c:3e:a5:f8:51:eb:
b0:4e:39:ba:7a:e1:f7:96:ec:7f:42:d3:c5:de:b6:
17:c2:0d:7c:cb:0e:5e:c3:36:98:b2:28:84:4c:3c:
50:cf:f5:6b:99:94:37:25:fb:6c:45:ff:41:59:91:
01:bf:b5:a7:6f:ee:ee:ef:44:0a:23:e0:28:38:1f:
98:c4:b3:a4:8d:b0:b2:56:d4:24:86:44:8b:e8:7f:
e8:10:44:2c:a7:15:dd:53:c1:a5:52:21:e8:72:47:
93:75:8b:e8:84:9d:61:71:cd:a6:2c:cc:16:65:15:
90:57:1a:9c:bd:70:7e:df:b6:40:d7:1b:50:45:9e:
78:06:73:2a:a2:66:3d:f2:e8:30:c0:5a:34:4f:d5:
be:1f:f9:a0:bf:8b:83:30:c9:a5:1c:5c:09:11:5d:
a2:ce:a5:92:c4:4b:9f:0e:ea:d3:23:ee:9d:4e:ed:
00:4b:3a:43:bb:45:c3:66:38:e8:98:1e:da:37:d8:
76:90:1b:12:d0:e6:b0:81:17:3f:59:44:6a:c3:c9:
c7:cf:b1:d9:59:d9:b6:f6:d9:21:95:6f:e6:7a:a3:
fc:39:a0:dc:55:0f:33:94:d4:18:ad:0b:27:94:ab:
f8:65:a7:d7:cc:3c:35:09:35:7c:e5:f5:d9:0c:b7:
63:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:92:8F:19:D4:75:25:97:44:95:C1:41:4C:6D:EF:9B:D7:CA:8F:55
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/M5KPGdR1JZdElcFBTG3vm9fKj1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:5e::/48
Signature Algorithm: sha256WithRSAEncryption
7e:ec:75:63:31:e3:cd:5a:28:60:5e:f6:92:bf:20:8d:a5:7e:
cb:1d:57:1f:8a:94:68:fa:67:fb:ef:36:e1:82:bd:83:17:8c:
23:82:36:59:d9:0c:e6:ce:1a:93:a2:0a:72:dc:8e:44:ae:2a:
e3:0c:6d:f6:38:1e:26:ca:7b:e4:21:02:76:e9:92:93:91:df:
11:1d:4a:3b:04:fc:9b:ca:7a:79:2e:ac:3d:a1:f4:6a:f0:bd:
ae:95:ce:48:73:e5:aa:a8:a4:b8:0a:ee:09:00:09:22:c2:46:
97:a4:36:79:f2:d8:b7:4f:1f:5e:0a:a3:0a:df:9b:c4:47:bc:
05:76:30:50:2c:34:f8:a9:ac:f5:09:d8:ad:58:94:aa:63:2f:
26:47:d5:db:86:9b:b7:93:c0:c4:a0:fe:58:05:8c:79:f6:8d:
c9:dc:6e:f3:f0:d8:ef:9a:01:3a:24:03:6d:e8:d3:95:e0:3e:
f5:a5:a4:32:50:b4:ea:94:1f:fc:e9:ac:d5:fb:30:ab:4d:b9:
28:2f:aa:99:00:d5:d5:bc:d0:11:b9:27:d1:0b:f4:26:ec:b8:
da:48:63:26:40:1f:a2:f3:7b:8c:96:56:49:d6:f5:52:e1:78:
0a:c7:6f:ee:df:fc:f4:6d:54:c9:09:6c:e7:e9:bb:1c:f0:d7:
25:45:3b:b8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8MCY3gssj7PjKjBlJnA1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzkyOGYxOWQ0NzUyNTk3NDQ5NWMxNDE0YzZkZWY5YmQ3Y2E4ZjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TmQiTfDYmuMPqX4UeuwTjm6euH3
lux/QtPF3rYXwg18yw5ewzaYsiiETDxQz/VrmZQ3JftsRf9BWZEBv7Wnb+7u70QK
I+AoOB+YxLOkjbCyVtQkhkSL6H/oEEQspxXdU8GlUiHockeTdYvohJ1hcc2mLMwW
ZRWQVxqcvXB+37ZA1xtQRZ54BnMqomY98ugwwFo0T9W+H/mgv4uDMMmlHFwJEV2i
zqWSxEufDurTI+6dTu0ASzpDu0XDZjjomB7aN9h2kBsS0OawgRc/WURqw8nHz7HZ
Wdm29tkhlW/meqP8OaDcVQ8zlNQYrQsnlKv4ZafXzDw1CTV85fXZDLdj4QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDOSjxnUdSWXRJXBQUxt75vXyo9VMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvTTVLUEdkUjFKWmRFbGNGQlRHM3ZtOWZLajFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBe
MA0GCSqGSIb3DQEBCwUAA4IBAQB+7HVjMePNWihgXvaSvyCNpX7LHVcfipRo+mf7
7zbhgr2DF4wjgjZZ2QzmzhqTogpy3I5ErirjDG32OB4mynvkIQJ26ZKTkd8RHUo7
BPybynp5Lqw9ofRq8L2ulc5Ic+WqqKS4Cu4JAAkiwkaXpDZ58ti3Tx9eCqMK35vE
R7wFdjBQLDT4qaz1CditWJSqYy8mR9Xbhpu3k8DEoP5YBYx59o3J3G7z8NjvmgE6
JANt6NOV4D71paQyULTqlB/86azV+zCrTbkoL6qZANXVvNARuSfRC/Qm7LjaSGMm
QB+i83uMllZJ1vVS4XgKx2/u3/z0bVTJCWzn6bsc8NclRTu4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org