Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Ss6y77U3YSsCFsZWFTLmsZ87jqc.roa
File: Ss6y77U3YSsCFsZWFTLmsZ87jqc.roa (raw, json)
Hash identifier: jeEafHNltfcktXpV5uzBjIPe7XFah170BQaduB4c8MQ=
Subject key identifier: 4A:CE:B2:EF:B5:37:61:2B:02:16:C6:56:15:32:E6:B1:9F:3B:8E:A7
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F93A6D2F2915DB9AA7BC0C6E3046F6E
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Ss6y77U3YSsCFsZWFTLmsZ87jqc.roa
Signing time: Tue 06 Feb 2024 17:59:59 +0000
ROA not before: Tue 06 Feb 2024 17:59:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216216
IP address blocks: 2a0f:b241:2c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:93:a6:d2:f2:91:5d:b9:aa:7b:c0:c6:e3:04:6f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 17:59:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4aceb2efb537612b0216c6561532e6b19f3b8ea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c5:71:c7:6b:fe:87:b4:c7:d7:93:23:bb:55:
47:e7:bc:84:77:cc:05:90:5a:5b:56:fa:7e:d6:8a:
87:2e:1e:1b:92:3a:f9:80:36:2c:76:86:8e:0f:55:
67:ad:02:2a:0d:43:f3:c7:c5:66:61:19:82:d8:9b:
6d:d4:c1:bf:50:2a:35:54:25:36:7d:40:2b:60:fa:
9c:d4:20:0d:82:fb:76:c2:4e:51:96:81:47:9b:20:
6d:4a:91:d3:85:3e:9a:c6:08:a1:67:af:0f:2b:22:
b9:95:97:ec:14:ba:31:a0:bd:c9:d8:99:ec:63:53:
41:0f:9f:1b:b6:75:a8:98:1e:f5:23:a7:1d:d0:1f:
d7:95:60:bd:7b:f8:4c:3e:ab:d7:89:17:33:ff:49:
ee:59:f8:b3:0d:4c:03:0c:94:9c:fb:e4:4f:c0:5f:
c7:2c:98:75:61:2a:54:16:5a:75:af:21:f7:6b:08:
0e:85:76:a0:92:4d:89:9b:f3:8d:35:3b:ea:d7:af:
78:75:12:26:53:c6:8a:5b:76:dd:c0:ec:67:07:e5:
c3:36:52:a0:3e:32:19:63:da:d4:20:12:c4:a3:31:
86:78:e5:4f:8f:10:ff:0e:f2:6f:9a:e2:6a:4b:70:
74:05:59:e1:c4:44:78:99:11:93:cb:0c:c7:99:16:
9e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:CE:B2:EF:B5:37:61:2B:02:16:C6:56:15:32:E6:B1:9F:3B:8E:A7
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Ss6y77U3YSsCFsZWFTLmsZ87jqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:2c::/48
Signature Algorithm: sha256WithRSAEncryption
7e:cf:7a:04:4c:4c:7b:fe:26:12:f0:ff:0d:20:29:9f:76:a9:
ef:49:f3:39:ec:26:d7:6a:47:9c:ba:23:04:d3:35:13:3e:58:
f7:0b:e2:6f:d5:20:49:52:95:27:18:42:19:a4:5c:5e:f8:ce:
61:4c:2b:6d:ac:69:bb:85:f6:16:83:6d:2d:de:0d:56:aa:f3:
40:f3:0e:50:fe:d9:e3:a2:09:58:6d:35:ac:e6:2a:af:c8:1f:
28:4f:6d:4b:ce:bb:10:d2:18:49:c1:d7:e0:a4:96:30:6a:08:
24:0a:07:fe:26:1e:ed:d5:f1:f6:c9:a8:ad:13:57:a7:9a:64:
4c:09:e9:e1:0a:dd:b5:de:3d:ac:75:d0:9b:39:1c:f0:1f:47:
3a:05:30:0d:60:8e:9b:a6:3d:2c:5f:3b:c0:86:8e:5f:b5:a3:
2c:98:ac:fd:9c:d3:36:01:65:63:fd:15:7a:88:8d:e4:45:2b:
cb:41:ff:74:99:40:5b:48:03:ec:09:d0:a6:78:59:b9:76:04:
5a:58:68:4e:2d:f8:c1:18:9a:d2:a3:ff:b0:12:47:08:e7:9b:
53:3b:94:91:30:3e:3d:54:5d:08:b0:32:77:d9:b1:4b:fe:70:
6c:75:9b:d0:15:73:13:53:eb:0f:9b:85:fa:56:31:13:3f:17:
02:b2:1c:cf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/k6bS8pFduap7wMbjBG9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTc1OTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWNlYjJlZmI1Mzc2MTJiMDIxNmM2NTYxNTMyZTZiMTlmM2I4ZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscVxx2v+h7TH15Mju1VH57yEd8wF
kFpbVvp+1oqHLh4bkjr5gDYsdoaOD1VnrQIqDUPzx8VmYRmC2Jtt1MG/UCo1VCU2
fUArYPqc1CANgvt2wk5RloFHmyBtSpHThT6axgihZ68PKyK5lZfsFLoxoL3J2Jns
Y1NBD58btnWomB71I6cd0B/XlWC9e/hMPqvXiRcz/0nuWfizDUwDDJSc++RPwF/H
LJh1YSpUFlp1ryH3awgOhXagkk2Jm/ONNTvq1694dRImU8aKW3bdwOxnB+XDNlKg
PjIZY9rUIBLEozGGeOVPjxD/DvJvmuJqS3B0BVnhxER4mRGTywzHmRaeBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFErOsu+1N2ErAhbGVhUy5rGfO46nMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvU3M2eTc3VTNZU3NDRnNaV0ZUTG1zWjg3anFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAs
MA0GCSqGSIb3DQEBCwUAA4IBAQB+z3oETEx7/iYS8P8NICmfdqnvSfM57CbXakec
uiME0zUTPlj3C+Jv1SBJUpUnGEIZpFxe+M5hTCttrGm7hfYWg20t3g1WqvNA8w5Q
/tnjoglYbTWs5iqvyB8oT21LzrsQ0hhJwdfgpJYwaggkCgf+Jh7t1fH2yaitE1en
mmRMCenhCt213j2sddCbORzwH0c6BTANYI6bpj0sXzvAho5ftaMsmKz9nNM2AWVj
/RV6iI3kRSvLQf90mUBbSAPsCdCmeFm5dgRaWGhOLfjBGJrSo/+wEkcI55tTO5SR
MD49VF0IsDJ32bFL/nBsdZvQFXMTU+sPm4X6VjETPxcCshzP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:09 2024 by rpki-client on console-ams.rpki-client.org