Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OuCsW4OmxSAmnyPjsQN177g0r0s.roa
File: OuCsW4OmxSAmnyPjsQN177g0r0s.roa (raw, json)
Hash identifier: kS78QlIPhM6hldJclyjMxThC4+SiRbtypArd6Ke3Rxg=
Subject key identifier: 3A:E0:AC:5B:83:A6:C5:20:26:9F:23:E3:B1:03:75:EF:B8:34:AF:4B
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81EBA8C852F86E9DC20BF06443517924
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OuCsW4OmxSAmnyPjsQN177g0r0s.roa
Signing time: Wed 07 Feb 2024 04:55:21 +0000
ROA not before: Wed 07 Feb 2024 04:55:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199689
IP address blocks: 2a0f:b241:164::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:eb:a8:c8:52:f8:6e:9d:c2:0b:f0:64:43:51:79:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 04:55:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ae0ac5b83a6c520269f23e3b10375efb834af4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:50:34:5a:06:3e:be:c6:04:54:32:56:82:dd:
2d:e5:21:99:7d:ca:40:31:29:93:76:71:c2:b7:0a:
99:86:f7:9a:d4:e0:30:93:0e:ae:2f:bd:01:1e:d8:
59:d4:d8:6f:75:59:ac:45:01:b2:9d:94:fe:e9:54:
db:34:76:21:72:0d:71:bc:53:42:c8:5c:54:ba:fe:
4a:bf:92:59:7a:29:7b:a0:e2:64:42:e6:01:cd:ee:
79:2d:be:56:c5:cb:0d:18:88:0c:1c:7b:27:50:15:
2d:4c:55:2e:75:7e:ad:c2:70:82:b1:d8:bc:1e:19:
cc:ef:1e:d4:3b:16:6c:5e:95:6c:f6:75:9e:db:bd:
3c:50:c5:14:f7:15:8f:ed:b6:d9:e1:ac:e2:23:df:
3d:32:ba:8c:35:61:5b:93:72:ff:92:f7:91:c2:b8:
ca:48:d3:d5:a8:ab:a9:3e:a8:8e:57:a1:54:99:b8:
2a:cd:7a:f5:41:19:d6:5b:2f:b3:9e:c5:cc:dd:cb:
46:12:05:7c:fd:04:ea:c2:71:d1:b3:20:ca:62:f2:
a9:0e:1c:68:c3:fe:8e:dd:61:66:6c:a6:55:98:3c:
16:b5:61:20:52:81:73:f0:18:3b:4b:9b:20:75:c1:
60:ab:95:ff:61:1c:c5:27:47:a4:d1:e1:17:67:d1:
5a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E0:AC:5B:83:A6:C5:20:26:9F:23:E3:B1:03:75:EF:B8:34:AF:4B
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OuCsW4OmxSAmnyPjsQN177g0r0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:164::/48
Signature Algorithm: sha256WithRSAEncryption
59:69:ea:df:fe:56:91:50:63:5d:03:94:46:b6:ce:21:0b:f4:
67:95:32:3c:5a:a6:15:82:cb:24:7b:80:75:fd:0e:cf:2c:52:
f9:f3:b9:38:0e:3e:9f:73:13:81:ec:19:da:93:a2:0a:d8:6f:
a6:d2:05:a8:38:11:3c:42:cb:9c:aa:8f:57:3c:57:69:bf:51:
e6:9e:f5:68:62:41:63:c2:cc:cf:39:b6:da:e3:b7:f2:ef:7a:
98:e9:d6:e3:dd:44:f5:75:76:b5:40:48:22:59:79:f5:de:6f:
f7:a9:06:41:5d:bb:04:1f:d5:aa:13:c4:fd:39:72:f4:34:ef:
20:58:0c:aa:74:d1:da:47:8a:80:f1:ed:d4:15:b3:66:5c:84:
38:c9:dd:e5:de:9a:38:fb:c7:eb:df:d1:d9:3e:f9:37:f1:4d:
dc:99:a8:a2:6f:57:90:dd:da:83:e7:0e:4d:a2:ba:a9:09:18:
cb:b5:8b:a8:33:00:21:0c:44:e7:da:f7:c7:48:f4:f7:0d:dd:
8b:8b:79:f9:cf:38:2d:a2:fd:8b:17:f0:d8:45:5d:7a:15:bf:
d1:a4:82:73:b4:31:54:76:0f:62:96:5b:3a:e0:22:76:c5:dc:
b0:38:be:54:4b:c8:6a:0b:f4:41:99:e2:3b:d6:ff:4c:3e:84:
bd:7d:c3:43
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B66jIUvhuncIL8GRDUXkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDQ1NTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWUwYWM1YjgzYTZjNTIwMjY5ZjIzZTNiMTAzNzVlZmI4MzRhZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFA0WgY+vsYEVDJWgt0t5SGZfcpA
MSmTdnHCtwqZhvea1OAwkw6uL70BHthZ1NhvdVmsRQGynZT+6VTbNHYhcg1xvFNC
yFxUuv5Kv5JZeil7oOJkQuYBze55Lb5WxcsNGIgMHHsnUBUtTFUudX6twnCCsdi8
HhnM7x7UOxZsXpVs9nWe2708UMUU9xWP7bbZ4aziI989MrqMNWFbk3L/kveRwrjK
SNPVqKupPqiOV6FUmbgqzXr1QRnWWy+znsXM3ctGEgV8/QTqwnHRsyDKYvKpDhxo
w/6O3WFmbKZVmDwWtWEgUoFz8Bg7S5sgdcFgq5X/YRzFJ0ek0eEXZ9FaPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDrgrFuDpsUgJp8j47EDde+4NK9LMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvT3VDc1c0T214U0FtbnlQanNRTjE3N2cwcjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFk
MA0GCSqGSIb3DQEBCwUAA4IBAQBZaerf/laRUGNdA5RGts4hC/RnlTI8WqYVgssk
e4B1/Q7PLFL587k4Dj6fcxOB7Bnak6IK2G+m0gWoOBE8Qsucqo9XPFdpv1HmnvVo
YkFjwszPObba47fy73qY6dbj3UT1dXa1QEgiWXn13m/3qQZBXbsEH9WqE8T9OXL0
NO8gWAyqdNHaR4qA8e3UFbNmXIQ4yd3l3po4+8fr39HZPvk38U3cmaiib1eQ3dqD
5w5NorqpCRjLtYuoMwAhDETn2vfHSPT3Dd2Li3n5zzgtov2LF/DYRV16Fb/RpIJz
tDFUdg9ills64CJ2xdywOL5US8hqC/RBmeI71v9MPoS9fcND
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:08 2024 by rpki-client on console-ams.rpki-client.org