Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OQWhM4u-jHjzVuGYlar6YtKXscc.roa
File: OQWhM4u-jHjzVuGYlar6YtKXscc.roa (raw, json)
Hash identifier: rYFkqE6s1zHren1aU8qbDosZcFwSrGw9eVhheVg/wEs=
Subject key identifier: 39:05:A1:33:8B:BE:8C:78:F3:56:E1:98:95:AA:FA:62:D2:97:B1:C7
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F95BFF57EFD9E0BD391395EAA08BCED
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OQWhM4u-jHjzVuGYlar6YtKXscc.roa
Signing time: Tue 06 Feb 2024 18:02:16 +0000
ROA not before: Tue 06 Feb 2024 18:02:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210508
IP address blocks: 2a0f:b241:47::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:95:bf:f5:7e:fd:9e:0b:d3:91:39:5e:aa:08:bc:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:02:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3905a1338bbe8c78f356e19895aafa62d297b1c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0f:fc:3e:c3:1f:82:ff:e3:7d:d1:2a:25:0f:
50:b6:2f:97:18:9d:ab:27:37:3b:65:c8:11:80:73:
d8:0a:e1:d0:07:9f:c6:26:5d:62:c6:aa:84:3c:93:
5b:1d:72:ab:c4:1e:9e:e0:80:de:fa:78:a8:1f:22:
18:e9:2d:c9:7d:41:74:ff:ae:0f:10:8f:7a:df:6e:
ca:c9:e8:08:4c:b2:81:ee:1b:78:35:c0:7e:41:15:
f3:ec:4d:88:5e:98:f0:b8:bf:12:00:68:86:69:e5:
69:12:d6:98:3d:94:8c:01:40:76:c9:72:d7:5c:72:
93:43:7d:06:34:aa:dc:9c:70:66:31:02:84:c7:a8:
db:ef:fd:3a:dd:b8:1b:aa:e4:ca:b2:80:3f:61:a2:
04:f2:e8:3b:4f:35:ef:9c:b6:aa:4c:ce:b5:91:ae:
31:43:13:b3:f9:3b:bc:6a:be:7a:89:1c:39:92:e2:
db:c1:52:d9:21:c4:ca:59:25:73:9f:36:79:a8:26:
a4:a3:4a:c5:21:9c:91:b4:c4:da:2a:29:59:be:69:
30:74:c4:60:b7:c7:d2:6f:56:15:62:0b:6e:04:57:
52:82:97:85:9d:2d:e5:e0:ce:08:58:3b:6f:1e:6a:
a8:b8:d7:65:67:24:4e:33:a6:b8:72:09:df:0b:92:
c4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:05:A1:33:8B:BE:8C:78:F3:56:E1:98:95:AA:FA:62:D2:97:B1:C7
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OQWhM4u-jHjzVuGYlar6YtKXscc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:47::/48
Signature Algorithm: sha256WithRSAEncryption
83:1c:3e:a0:68:14:d4:c2:2e:05:68:be:46:d7:05:90:36:20:
4a:34:6c:b8:ec:23:a9:00:ea:3f:47:fe:e0:7f:50:b7:68:5a:
50:e2:b8:4c:18:b5:5b:75:4d:7c:01:eb:59:c2:2d:96:7f:cc:
7d:73:92:f6:71:24:ee:fd:27:47:54:8f:cd:fe:74:23:56:89:
e3:33:7a:b0:8d:3e:5b:da:11:93:a3:2b:ca:1c:f1:93:ba:be:
10:b6:41:5c:83:87:e3:10:59:fd:b8:9c:6f:57:b2:3b:6c:45:
91:31:20:d5:4a:d9:2f:7f:30:b0:e2:c6:8c:fe:f0:bb:a9:24:
f6:28:2b:ad:28:2f:24:3b:fe:80:57:2e:c4:20:1f:54:c1:2c:
66:be:d3:72:da:57:34:6f:23:5b:d2:59:0e:a6:fc:81:42:de:
15:86:a8:04:12:cb:99:7f:da:e6:a4:a0:67:42:37:26:14:e5:
75:b5:4d:38:d9:f2:31:2f:32:b7:e9:9b:09:18:c3:39:20:d9:
2c:c2:e5:70:2b:f7:ab:a4:65:91:a5:bb:a0:83:5e:9f:a6:75:
b6:23:fb:0b:c6:cb:ff:8b:dd:53:da:43:7d:76:bd:41:3f:01:
fc:24:cd:5a:c0:19:7d:8a:0e:5d:c7:79:87:bb:63:24:b0:d5:
51:98:89:71
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lb/1fv2eC9OROV6qCLztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTA1YTEzMzhiYmU4Yzc4ZjM1NmUxOTg5NWFhZmE2MmQyOTdiMWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQ/8PsMfgv/jfdEqJQ9Qti+XGJ2r
Jzc7ZcgRgHPYCuHQB5/GJl1ixqqEPJNbHXKrxB6e4IDe+nioHyIY6S3JfUF0/64P
EI96327KyegITLKB7ht4NcB+QRXz7E2IXpjwuL8SAGiGaeVpEtaYPZSMAUB2yXLX
XHKTQ30GNKrcnHBmMQKEx6jb7/063bgbquTKsoA/YaIE8ug7TzXvnLaqTM61ka4x
QxOz+Tu8ar56iRw5kuLbwVLZIcTKWSVznzZ5qCako0rFIZyRtMTaKilZvmkwdMRg
t8fSb1YVYgtuBFdSgpeFnS3l4M4IWDtvHmqouNdlZyROM6a4cgnfC5LEtQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDkFoTOLvox481bhmJWq+mLSl7HHMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvT1FXaE00dS1qSGp6VnVHWWxhcjZZdEtYc2NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBH
MA0GCSqGSIb3DQEBCwUAA4IBAQCDHD6gaBTUwi4FaL5G1wWQNiBKNGy47COpAOo/
R/7gf1C3aFpQ4rhMGLVbdU18AetZwi2Wf8x9c5L2cSTu/SdHVI/N/nQjVonjM3qw
jT5b2hGToyvKHPGTur4QtkFcg4fjEFn9uJxvV7I7bEWRMSDVStkvfzCw4saM/vC7
qST2KCutKC8kO/6AVy7EIB9UwSxmvtNy2lc0byNb0lkOpvyBQt4VhqgEEsuZf9rm
pKBnQjcmFOV1tU042fIxLzK36ZsJGMM5INkswuVwK/erpGWRpbugg16fpnW2I/sL
xsv/i91T2kN9dr1BPwH8JM1awBl9ig5dx3mHu2MksNVRmIlx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org