Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OcPi2eryhklt25p7iqrk-elTL3g.roa
File: OcPi2eryhklt25p7iqrk-elTL3g.roa (raw, json)
Hash identifier: khcFQu+XnHoOcvQkLHZaZ5xTtCUN19rqFBW1KS3pnfU=
Subject key identifier: 39:C3:E2:D9:EA:F2:86:49:6D:DB:9A:7B:8A:AA:E4:F9:E9:53:2F:78
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0997B79D238FFD41A4CEA38BEA256
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OcPi2eryhklt25p7iqrk-elTL3g.roa
Signing time: Wed 07 Feb 2024 05:00:45 +0000
ROA not before: Wed 07 Feb 2024 05:00:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207621
IP address blocks: 2a0f:b241:3e::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:99:7b:79:d2:38:ff:d4:1a:4c:ea:38:be:a2:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39c3e2d9eaf286496ddb9a7b8aaae4f9e9532f78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:99:15:2f:c4:11:e0:6d:8b:f8:0f:65:5d:15:
e5:11:28:a8:b1:02:6d:0e:37:06:1a:89:b2:f6:6c:
ae:a6:2e:8f:e2:4b:66:93:34:8f:bc:2e:fe:13:98:
a5:d2:99:e8:dc:db:a4:51:3d:cb:05:4b:25:52:08:
26:d2:db:65:e2:33:55:25:97:20:2d:00:97:01:a4:
fd:03:08:f5:29:ae:25:4d:e8:4c:fb:2d:4f:70:51:
ed:1c:85:b0:4c:27:ba:b6:20:3c:7b:7b:e5:a9:eb:
b3:b6:3d:a1:95:3f:c8:9c:e5:78:2f:45:87:47:cb:
33:26:4a:b0:8f:db:8a:63:cc:9f:4d:c7:53:06:f2:
c4:b9:42:98:73:55:01:8c:2a:c8:d7:f5:ab:07:0e:
30:37:18:02:31:5e:57:6c:d9:27:c0:8f:8b:74:2c:
71:00:aa:0d:5b:01:04:a3:14:45:3c:aa:d2:86:2d:
a5:c3:b8:21:9f:82:a3:04:40:cf:5d:1b:b3:54:64:
b7:42:d6:dd:86:49:36:6a:51:65:82:3d:cc:2d:03:
c1:f1:92:30:9e:b1:36:5d:a3:91:7d:33:37:c4:90:
8f:f6:06:6d:d2:cb:a3:be:5c:6b:7d:c5:1f:3b:78:
22:07:e1:d3:ba:b1:97:54:e4:6d:a6:6d:1e:3d:7e:
21:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C3:E2:D9:EA:F2:86:49:6D:DB:9A:7B:8A:AA:E4:F9:E9:53:2F:78
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OcPi2eryhklt25p7iqrk-elTL3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:3e::/48
Signature Algorithm: sha256WithRSAEncryption
67:83:27:fd:61:c7:25:7b:70:53:77:8f:f4:9b:38:44:24:c7:
fc:01:d6:9f:9b:f5:b1:51:24:fc:41:12:04:cc:22:84:02:81:
81:64:3e:65:34:ec:f8:27:e1:ea:14:32:11:1b:92:f7:fe:d4:
8b:da:87:09:f5:0b:d4:f4:19:2d:95:6e:e9:84:6f:05:7a:eb:
a1:4c:86:65:1a:36:22:3f:aa:b8:54:c5:63:7f:1f:e8:8d:2d:
31:9a:2a:49:ef:81:2c:29:19:49:48:9c:a2:7c:d3:fc:88:16:
d6:02:6f:0c:4a:41:a7:dd:0f:50:ba:22:73:fa:45:d7:2a:06:
41:74:64:91:e3:04:41:14:88:a1:d8:e3:11:e2:5a:de:51:a2:
cb:24:86:98:ba:57:4f:ce:6c:34:a8:1c:bc:c9:0a:87:55:9f:
a2:15:4e:57:c8:53:5b:3d:d2:82:11:d2:ad:bb:73:7a:05:fa:
4b:66:c0:23:7f:a8:f5:62:2a:3f:3e:b4:62:e5:a7:56:6e:53:
c6:aa:d1:c0:0f:16:53:b5:f8:17:cc:23:c9:aa:15:41:00:6d:
dd:2d:6f:2e:4e:a1:e2:ac:d1:fe:13:53:e4:63:b8:ca:8d:18:
8b:ff:7c:18:33:61:3c:88:22:8a:64:b5:c6:a0:ea:07:4a:48:
27:19:d6:16
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8Jl7edI4/9QaTOo4vqJWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWMzZTJkOWVhZjI4NjQ5NmRkYjlhN2I4YWFhZTRmOWU5NTMyZjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZkVL8QR4G2L+A9lXRXlESiosQJt
DjcGGomy9myupi6P4ktmkzSPvC7+E5il0pno3NukUT3LBUslUggm0ttl4jNVJZcg
LQCXAaT9Awj1Ka4lTehM+y1PcFHtHIWwTCe6tiA8e3vlqeuztj2hlT/InOV4L0WH
R8szJkqwj9uKY8yfTcdTBvLEuUKYc1UBjCrI1/WrBw4wNxgCMV5XbNknwI+LdCxx
AKoNWwEEoxRFPKrShi2lw7ghn4KjBEDPXRuzVGS3Qtbdhkk2alFlgj3MLQPB8ZIw
nrE2XaORfTM3xJCP9gZt0sujvlxrfcUfO3giB+HTurGXVORtpm0ePX4hcwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDnD4tnq8oZJbduae4qq5PnpUy94MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvT2NQaTJlcnloa2x0MjVwN2lxcmstZWxUTDNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQA+
MA0GCSqGSIb3DQEBCwUAA4IBAQBngyf9Yccle3BTd4/0mzhEJMf8Adafm/WxUST8
QRIEzCKEAoGBZD5lNOz4J+HqFDIRG5L3/tSL2ocJ9QvU9BktlW7phG8FeuuhTIZl
GjYiP6q4VMVjfx/ojS0xmipJ74EsKRlJSJyifNP8iBbWAm8MSkGn3Q9QuiJz+kXX
KgZBdGSR4wRBFIih2OMR4lreUaLLJIaYuldPzmw0qBy8yQqHVZ+iFU5XyFNbPdKC
EdKtu3N6BfpLZsAjf6j1Yio/PrRi5adWblPGqtHADxZTtfgXzCPJqhVBAG3dLW8u
TqHirNH+E1PkY7jKjRiL/3wYM2E8iCKKZLXGoOoHSkgnGdYW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org