Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Pn0BdsQhkmcwJ8_bMDSvmYsEM-U.roa
File: Pn0BdsQhkmcwJ8_bMDSvmYsEM-U.roa (raw, json)
Hash identifier: 5UVyFRYZK/SCtylMqsTj5fUtNeVdU8+ZhYedVVZycw8=
Subject key identifier: 3E:7D:01:76:C4:21:92:67:30:27:CF:DB:30:34:AF:99:8B:04:33:E5
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F05D22E4D3D761E026D189C107F1B3
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Pn0BdsQhkmcwJ8_bMDSvmYsEM-U.roa
Signing time: Wed 07 Feb 2024 05:00:29 +0000
ROA not before: Wed 07 Feb 2024 05:00:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48215
IP address blocks: 2a0f:b241:111::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:5d:22:e4:d3:d7:61:e0:26:d1:89:c1:07:f1:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e7d0176c42192673027cfdb3034af998b0433e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b5:fd:9a:cf:fc:c8:60:d8:cd:be:2c:d0:19:
41:53:c4:3b:b3:4c:ad:39:1a:1c:1f:74:7c:30:37:
f2:fc:cc:ff:be:14:34:a9:09:a8:86:7e:e1:bf:b3:
27:70:3b:1b:f9:72:81:0f:aa:8c:6f:52:03:c1:c6:
d8:87:6b:ae:86:24:cd:91:1a:02:99:17:cc:6f:8e:
64:57:e3:c2:b0:42:24:84:29:6b:7e:41:f0:63:af:
05:3b:69:a0:b8:36:56:c6:1b:df:8d:43:4f:80:93:
a1:d6:68:2b:bc:7a:24:cc:6c:d5:cc:c1:40:c3:bc:
f4:3e:6a:e0:fe:d3:44:d6:ef:5a:ba:a6:19:cc:76:
d9:f4:e3:8a:5d:e2:a8:83:53:c4:0d:6f:74:e7:67:
7c:13:2d:e9:fd:23:7c:89:d3:94:50:6a:7a:2b:aa:
b5:ff:b6:e1:fb:64:5b:f5:2a:d4:27:cd:aa:0b:34:
b8:e1:55:a7:ba:56:f5:f2:ea:7d:22:76:b0:9d:44:
40:3d:77:63:66:38:79:c6:e5:33:fa:7c:7b:c9:94:
9b:94:79:f2:ca:fe:c3:f7:7e:4d:0c:dd:b9:5f:f6:
e1:2b:eb:2e:9a:09:66:16:1b:31:aa:11:62:01:db:
eb:fc:4b:79:b2:6d:fd:2b:60:bd:c7:33:26:c6:e1:
ca:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:7D:01:76:C4:21:92:67:30:27:CF:DB:30:34:AF:99:8B:04:33:E5
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Pn0BdsQhkmcwJ8_bMDSvmYsEM-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:111::/48
Signature Algorithm: sha256WithRSAEncryption
02:47:89:5a:7a:03:da:62:49:11:c9:07:31:bb:86:c9:9a:3c:
43:52:5a:87:1a:9f:ed:a0:8b:ec:76:d4:6b:d4:e4:80:85:cd:
07:7f:ed:ff:13:4c:3a:5d:ff:33:e7:f2:41:1b:af:ab:c9:91:
96:74:21:4c:f9:29:11:67:2d:56:68:31:75:5b:a2:c2:38:9c:
51:36:b9:15:bf:80:06:de:14:50:25:2a:a4:42:4a:93:77:1f:
56:2c:25:bd:ec:f3:26:db:f9:12:ac:bb:75:3d:d1:78:1d:6b:
bf:fb:2f:cd:29:c8:e1:e9:69:71:ba:ed:72:e1:b1:55:3f:98:
0b:c1:57:59:4c:bd:85:81:49:7b:4b:a9:da:0e:5c:f5:c7:dc:
fd:4d:d7:2b:2f:f1:10:cf:80:4d:8a:28:19:31:7a:bf:88:9d:
a0:46:d3:7e:73:c2:c8:0c:eb:72:e6:d7:62:5e:b8:1b:fc:25:
d0:48:d5:27:ff:be:47:d0:b2:84:ec:0f:78:28:48:92:9b:40:
86:ec:34:79:d1:27:5d:da:34:b6:f0:b1:88:98:73:d9:7f:20:
4f:b5:0e:2b:16:7b:69:76:cf:81:4c:29:38:79:74:6f:44:a9:
e9:e2:39:fd:7e:0d:2c:29:84:41:41:af:a1:49:2b:07:f0:d5:
fe:f9:d1:a7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8F0i5NPXYeAm0YnBB/GzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTdkMDE3NmM0MjE5MjY3MzAyN2NmZGIzMDM0YWY5OThiMDQzM2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLX9ms/8yGDYzb4s0BlBU8Q7s0yt
ORocH3R8MDfy/Mz/vhQ0qQmohn7hv7MncDsb+XKBD6qMb1IDwcbYh2uuhiTNkRoC
mRfMb45kV+PCsEIkhClrfkHwY68FO2mguDZWxhvfjUNPgJOh1mgrvHokzGzVzMFA
w7z0Pmrg/tNE1u9auqYZzHbZ9OOKXeKog1PEDW9052d8Ey3p/SN8idOUUGp6K6q1
/7bh+2Rb9SrUJ82qCzS44VWnulb18up9InawnURAPXdjZjh5xuUz+nx7yZSblHny
yv7D935NDN25X/bhK+sumglmFhsxqhFiAdvr/Et5sm39K2C9xzMmxuHKnwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD59AXbEIZJnMCfP2zA0r5mLBDPlMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvUG4wQmRzUWhrbWN3SjhfYk1EU3ZtWXNFTS1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQER
MA0GCSqGSIb3DQEBCwUAA4IBAQACR4laegPaYkkRyQcxu4bJmjxDUlqHGp/toIvs
dtRr1OSAhc0Hf+3/E0w6Xf8z5/JBG6+ryZGWdCFM+SkRZy1WaDF1W6LCOJxRNrkV
v4AG3hRQJSqkQkqTdx9WLCW97PMm2/kSrLt1PdF4HWu/+y/NKcjh6Wlxuu1y4bFV
P5gLwVdZTL2FgUl7S6naDlz1x9z9TdcrL/EQz4BNiigZMXq/iJ2gRtN+c8LIDOty
5tdiXrgb/CXQSNUn/75H0LKE7A94KEiSm0CG7DR50Sdd2jS28LGImHPZfyBPtQ4r
Fntpds+BTCk4eXRvRKnp4jn9fg0sKYRBQa+hSSsH8NX++dGn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org