Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OnVVgALin4NCodVExQGOus6vLwo.roa
File: OnVVgALin4NCodVExQGOus6vLwo.roa (raw, json)
Hash identifier: cXfGElhvvjZaBea9ftvr9CMHdXKUS36CsAVmcuCZugE=
Subject key identifier: 3A:75:55:80:02:E2:9F:83:42:A1:D5:44:C5:01:8E:BA:CE:AF:2F:0A
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81EBA9938B48812E287A3D43A6C1D5E1
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OnVVgALin4NCodVExQGOus6vLwo.roa
Signing time: Wed 07 Feb 2024 04:55:21 +0000
ROA not before: Wed 07 Feb 2024 04:55:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200227
IP address blocks: 2a0f:b241:67::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:eb:a9:93:8b:48:81:2e:28:7a:3d:43:a6:c1:d5:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 04:55:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a75558002e29f8342a1d544c5018ebaceaf2f0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ec:81:5b:bd:8c:67:e4:11:c4:9e:66:10:00:
fb:49:1d:a4:99:33:cf:4d:e3:06:f8:34:ef:c7:b0:
ee:6b:3b:a9:80:e0:55:c0:90:f9:8f:47:11:6a:ec:
98:49:5f:46:2a:5e:77:50:11:67:49:3a:d2:49:08:
69:90:a1:71:85:2a:d4:07:71:9f:e7:22:b9:86:fd:
be:5e:1e:89:18:ff:1b:ad:b6:46:c2:bc:c5:25:2b:
f8:cf:94:e1:5e:1a:3b:ce:f6:bd:cc:9d:e0:c7:ab:
01:e5:72:c4:8c:af:94:d5:ea:fb:32:a5:92:1e:40:
83:97:83:32:2c:11:98:cc:62:94:29:28:85:cb:3e:
f3:29:8b:4b:1b:62:49:18:c1:ed:e1:87:c8:8c:af:
80:51:c7:56:48:7a:bd:50:21:a7:9d:ea:b0:bc:68:
11:39:a3:3e:69:4d:44:4f:59:a4:79:ed:07:8a:6c:
71:18:52:0a:03:23:a0:0d:11:3d:92:bd:e6:5c:27:
d6:0a:12:60:2b:c3:51:03:b6:86:54:2a:2c:e8:7d:
37:71:a2:de:33:b4:8a:e3:9d:51:6a:fa:7b:c4:0c:
94:7c:17:96:43:f4:09:04:56:c8:59:3b:35:2a:ab:
c2:61:a2:65:06:5d:09:38:4b:20:1d:c5:5e:a9:69:
42:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:75:55:80:02:E2:9F:83:42:A1:D5:44:C5:01:8E:BA:CE:AF:2F:0A
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OnVVgALin4NCodVExQGOus6vLwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:67::/48
Signature Algorithm: sha256WithRSAEncryption
25:78:18:ef:35:88:7d:fb:ab:95:6d:ce:dd:df:6f:1e:52:52:
e1:56:28:4d:5b:22:a5:cf:97:91:a9:cb:17:bc:bf:e0:83:6a:
ad:c2:3d:83:09:68:15:5e:4e:99:92:78:77:bd:67:26:95:f7:
93:17:f6:8d:5d:4f:90:cf:7d:64:6d:60:ff:97:73:48:a9:1e:
77:fa:1e:67:0b:d3:95:be:63:9e:fa:05:9f:11:04:f7:2e:1e:
30:70:cc:fc:13:fd:31:4a:76:f0:dc:d2:fd:88:0f:7d:6a:ab:
ac:37:85:e6:62:5e:0c:eb:27:3a:cb:df:62:ba:e8:7a:ef:c8:
ca:61:82:cd:99:df:d6:9f:00:ff:d9:58:33:cd:d9:fc:4b:0c:
2a:e2:52:f3:8e:fd:a4:05:dc:5c:40:cf:9d:c8:4a:23:e8:9e:
5d:44:67:c4:f8:73:39:81:54:8f:5f:32:fb:94:33:c9:97:f8:
a3:05:74:ac:88:be:03:ea:f3:e5:53:e9:e9:60:33:d1:44:45:
61:56:34:c6:9a:39:d0:1f:a2:2f:4c:0d:50:22:52:05:5c:ab:
b0:75:49:c5:f2:a2:d6:b4:e3:c9:59:db:4d:3c:9d:d0:3d:10:
3f:7f:fe:37:52:b7:da:25:2d:7e:28:e8:7e:60:62:da:ea:7d:
d2:12:a8:e7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B66mTi0iBLih6PUOmwdXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDQ1NTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTc1NTU4MDAyZTI5ZjgzNDJhMWQ1NDRjNTAxOGViYWNlYWYyZjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uyBW72MZ+QRxJ5mEAD7SR2kmTPP
TeMG+DTvx7DuazupgOBVwJD5j0cRauyYSV9GKl53UBFnSTrSSQhpkKFxhSrUB3Gf
5yK5hv2+Xh6JGP8brbZGwrzFJSv4z5ThXho7zva9zJ3gx6sB5XLEjK+U1er7MqWS
HkCDl4MyLBGYzGKUKSiFyz7zKYtLG2JJGMHt4YfIjK+AUcdWSHq9UCGnneqwvGgR
OaM+aU1ET1mkee0HimxxGFIKAyOgDRE9kr3mXCfWChJgK8NRA7aGVCos6H03caLe
M7SK451Ravp7xAyUfBeWQ/QJBFbIWTs1KqvCYaJlBl0JOEsgHcVeqWlCdwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDp1VYAC4p+DQqHVRMUBjrrOry8KMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvT25WVmdBTGluNE5Db2RWRXhRR091czZ2THdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBn
MA0GCSqGSIb3DQEBCwUAA4IBAQAleBjvNYh9+6uVbc7d328eUlLhVihNWyKlz5eR
qcsXvL/gg2qtwj2DCWgVXk6Zknh3vWcmlfeTF/aNXU+Qz31kbWD/l3NIqR53+h5n
C9OVvmOe+gWfEQT3Lh4wcMz8E/0xSnbw3NL9iA99aqusN4XmYl4M6yc6y99iuuh6
78jKYYLNmd/WnwD/2Vgzzdn8Swwq4lLzjv2kBdxcQM+dyEoj6J5dRGfE+HM5gVSP
XzL7lDPJl/ijBXSsiL4D6vPlU+npYDPRREVhVjTGmjnQH6IvTA1QIlIFXKuwdUnF
8qLWtOPJWdtNPJ3QPRA/f/43UrfaJS1+KOh+YGLa6n3SEqjn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org