Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/SsLDe5UPf1KYbtPsHzBdxVm5Bes.roa
File: SsLDe5UPf1KYbtPsHzBdxVm5Bes.roa (raw, json)
Hash identifier: 86V4NiAJBruh2faCVYDX5AXZz/pMdu20KayPORJsnyA=
Subject key identifier: 4A:C2:C3:7B:95:0F:7F:52:98:6E:D3:EC:1F:30:5D:C5:59:B9:05:EB
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAE7E3A88CE753E33B121BF5F0034C8
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/SsLDe5UPf1KYbtPsHzBdxVm5Bes.roa
Signing time: Tue 06 Feb 2024 18:29:18 +0000
ROA not before: Tue 06 Feb 2024 18:29:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59678
IP address blocks: 2a0f:b241:123::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:ae:7e:3a:88:ce:75:3e:33:b1:21:bf:5f:00:34:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:29:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ac2c37b950f7f52986ed3ec1f305dc559b905eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:47:94:d9:31:60:cf:e0:cf:a7:5e:03:2a:6b:
b0:cf:06:ee:b8:d7:96:fa:20:da:b6:29:a2:a5:43:
c6:bd:c8:9d:30:e6:2f:54:da:cc:a4:99:b6:ef:49:
2e:56:0b:1d:2b:c8:5f:de:89:d6:5e:32:6a:9b:f6:
2f:11:63:f7:b8:94:75:aa:da:ec:5d:56:64:4d:df:
53:c4:7c:d7:71:0e:e3:b5:22:d2:18:fc:9f:9a:9c:
b3:2c:fa:79:7d:fe:fc:8d:ae:68:d6:cd:89:9e:70:
80:80:dd:d9:67:3b:92:d3:71:ec:97:a8:61:d3:77:
9a:b0:7e:90:19:8f:44:e9:75:3f:06:f3:10:de:bb:
bb:06:69:e0:de:57:ae:ea:5e:77:4a:84:c7:92:0b:
2e:26:a9:87:f1:a6:69:5d:38:53:e9:e4:d2:25:19:
c4:5f:30:c1:96:dc:79:8b:35:dc:84:bf:6f:4e:4a:
64:bc:70:ff:57:b1:6c:0d:5b:a0:9d:ae:2e:59:c2:
e5:38:aa:93:f5:dd:02:32:fb:ab:bd:c2:e1:7d:28:
c6:46:c2:40:1f:3e:ad:62:01:3b:b0:dc:43:10:c3:
78:b1:98:f0:9a:1d:a3:c8:40:37:7e:8c:bc:04:f4:
82:1e:49:17:b1:e3:f2:32:1c:c2:7d:84:f2:6e:96:
ee:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:C2:C3:7B:95:0F:7F:52:98:6E:D3:EC:1F:30:5D:C5:59:B9:05:EB
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/SsLDe5UPf1KYbtPsHzBdxVm5Bes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:123::/48
Signature Algorithm: sha256WithRSAEncryption
5c:9a:40:36:c0:d7:35:b9:01:3d:3e:b6:fd:85:0c:3d:43:b0:
66:ad:4f:f7:43:67:cb:64:23:7c:00:15:b1:75:eb:22:50:fc:
85:dc:e2:dd:f1:59:d5:2e:d5:d0:a2:eb:38:7a:5b:86:ed:8e:
d1:b6:d1:f6:40:c5:e0:9d:5c:b3:42:a6:e0:fa:ff:e4:81:41:
82:17:00:16:0a:ac:06:ef:2c:7c:75:b0:08:55:eb:74:47:f8:
06:cc:cd:73:e5:cb:60:f7:bf:d6:79:55:6d:8a:41:f7:97:08:
8a:4b:13:c9:78:33:b0:ff:dc:94:fa:cc:9e:79:ac:b0:fe:56:
7b:b0:d3:a4:a1:9b:cd:f6:02:dd:f9:70:bd:0c:12:ab:2d:52:
dd:55:f2:8e:f7:b5:e9:04:c2:03:a4:a3:51:fa:91:d6:11:59:
36:94:d5:a2:d4:07:2a:5f:8b:a8:e6:25:57:5c:9f:2e:ed:ec:
4d:5a:b1:65:d1:f6:0d:fd:70:1a:90:8e:91:c8:e7:d8:91:c7:
36:02:b5:04:83:ba:5b:d4:77:53:eb:50:45:56:d1:81:bb:89:
09:d4:60:0f:de:6d:ce:5c:64:0f:90:7a:1e:91:89:84:7d:33:
33:eb:98:d9:a2:52:dc:5f:69:d5:72:a1:8e:a5:ce:b3:49:eb:
03:d8:f4:dc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/rn46iM51PjOxIb9fADTIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWMyYzM3Yjk1MGY3ZjUyOTg2ZWQzZWMxZjMwNWRjNTU5YjkwNWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUeU2TFgz+DPp14DKmuwzwbuuNeW
+iDatimipUPGvcidMOYvVNrMpJm270kuVgsdK8hf3onWXjJqm/YvEWP3uJR1qtrs
XVZkTd9TxHzXcQ7jtSLSGPyfmpyzLPp5ff78ja5o1s2JnnCAgN3ZZzuS03Hsl6hh
03easH6QGY9E6XU/BvMQ3ru7Bmng3leu6l53SoTHkgsuJqmH8aZpXThT6eTSJRnE
XzDBltx5izXchL9vTkpkvHD/V7FsDVugna4uWcLlOKqT9d0CMvurvcLhfSjGRsJA
Hz6tYgE7sNxDEMN4sZjwmh2jyEA3foy8BPSCHkkXsePyMhzCfYTybpbupwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFErCw3uVD39SmG7T7B8wXcVZuQXrMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvU3NMRGU1VVBmMUtZYnRQc0h6QmR4Vm01QmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEj
MA0GCSqGSIb3DQEBCwUAA4IBAQBcmkA2wNc1uQE9Prb9hQw9Q7BmrU/3Q2fLZCN8
ABWxdesiUPyF3OLd8VnVLtXQous4eluG7Y7RttH2QMXgnVyzQqbg+v/kgUGCFwAW
CqwG7yx8dbAIVet0R/gGzM1z5ctg97/WeVVtikH3lwiKSxPJeDOw/9yU+syeeayw
/lZ7sNOkoZvN9gLd+XC9DBKrLVLdVfKO97XpBMIDpKNR+pHWEVk2lNWi1AcqX4uo
5iVXXJ8u7exNWrFl0fYN/XAakI6RyOfYkcc2ArUEg7pb1HdT61BFVtGBu4kJ1GAP
3m3OXGQPkHoekYmEfTMz65jZolLcX2nVcqGOpc6zSesD2PTc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org