Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/V9ftHPtNSlbr416C9yJ0JzwnVpw.roa
File: V9ftHPtNSlbr416C9yJ0JzwnVpw.roa (raw, json)
Hash identifier: Mabkwp+PARZ+C3Du/8masTJajygY4yei0RgjVGsCzPk=
Subject key identifier: 57:D7:ED:1C:FB:4D:4A:56:EB:E3:5E:82:F7:22:74:27:3C:27:56:9C
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F9493E0C8E33F681CD8EC011D04C55D
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/V9ftHPtNSlbr416C9yJ0JzwnVpw.roa
Signing time: Tue 06 Feb 2024 18:00:59 +0000
ROA not before: Tue 06 Feb 2024 18:00:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203873
IP address blocks: 2a0f:b241:36::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:94:93:e0:c8:e3:3f:68:1c:d8:ec:01:1d:04:c5:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:00:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57d7ed1cfb4d4a56ebe35e82f72274273c27569c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:94:87:dc:7b:cc:c4:9e:bc:94:a4:1e:99:dd:
a9:e0:92:50:8b:50:0e:5c:bc:02:ce:51:9e:fc:f5:
f9:72:26:0f:8e:32:a4:75:ae:14:2f:ca:bc:fb:2d:
76:4d:11:39:a6:23:a5:3e:be:2f:97:e5:85:05:42:
4f:a4:a2:68:3d:3c:d0:f9:6e:db:de:fd:1b:3a:24:
f4:57:c1:00:ca:4e:da:91:a0:a2:bf:47:89:92:d3:
6c:35:fe:70:7f:01:bf:dd:27:1b:f2:16:e0:82:60:
c9:4a:c4:e5:9c:8c:83:cb:4a:37:67:a0:bc:d6:ee:
01:00:72:bf:18:ed:0a:48:b7:f1:b2:e4:16:f1:af:
cf:d5:50:a4:00:8f:3a:2d:d3:ec:97:30:ac:68:a0:
b0:b3:f9:b8:de:43:2e:90:fe:6b:06:5a:55:d7:ee:
d2:39:30:39:96:13:ba:29:1a:16:51:40:8e:aa:9f:
d7:96:37:31:f0:9a:2f:0a:64:f4:bb:f5:77:20:fb:
69:4b:3f:90:62:bd:a6:9e:cf:bc:b9:65:fc:b4:e9:
2b:56:5d:60:2f:db:00:85:7e:f3:47:6c:03:9e:d3:
8c:09:cc:be:d6:4b:5c:ea:b9:49:19:db:73:21:2e:
7f:75:e1:b8:db:a5:d6:b0:dc:90:09:e9:9d:ec:4f:
76:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:D7:ED:1C:FB:4D:4A:56:EB:E3:5E:82:F7:22:74:27:3C:27:56:9C
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/V9ftHPtNSlbr416C9yJ0JzwnVpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:36::/48
Signature Algorithm: sha256WithRSAEncryption
82:aa:01:3a:c9:97:5c:2a:3f:17:d3:9a:b0:f2:0d:f6:87:a6:
d0:e5:30:4b:3b:7d:58:42:5a:ca:43:a2:1d:f7:2e:21:b9:a4:
10:5a:7b:f6:37:95:a7:52:ae:30:0e:f3:10:81:2d:6e:12:b3:
70:df:a7:34:a8:20:d1:b4:3e:cb:c7:ec:28:c8:51:99:89:3d:
9b:76:07:4a:cc:a6:1d:bb:59:da:b4:e0:d0:2a:fe:f0:fd:f4:
e6:7c:4c:87:7c:86:ad:ad:77:31:34:9c:18:4d:3b:51:76:4f:
f5:b9:a3:8e:d0:08:de:93:b9:6b:45:88:fe:24:11:ae:31:e4:
d0:d4:c4:18:2c:d3:f6:d2:ed:e7:39:e9:25:35:b1:f7:1a:86:
bc:7f:0c:ff:40:d4:33:d9:96:16:25:58:b1:74:93:40:80:e2:
e1:44:3e:06:9b:46:7d:5d:8d:45:31:d9:20:b5:6e:87:9c:20:
bb:22:0a:21:70:4c:11:f2:cc:a4:9c:c9:6f:6a:16:e3:9f:1f:
b4:31:5c:90:f6:81:e5:32:0a:96:cf:41:7b:32:0c:88:8a:5d:
6a:1d:4b:90:2f:47:1b:f8:9f:ab:11:4f:e6:bf:1f:b1:b8:d5:
33:7b:48:55:3e:ca:d3:1c:b0:fb:84:4a:1c:13:e3:3b:de:c1:
db:f9:ef:eb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lJPgyOM/aBzY7AEdBMVdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2Q3ZWQxY2ZiNGQ0YTU2ZWJlMzVlODJmNzIyNzQyNzNjMjc1NjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5SH3HvMxJ68lKQemd2p4JJQi1AO
XLwCzlGe/PX5ciYPjjKkda4UL8q8+y12TRE5piOlPr4vl+WFBUJPpKJoPTzQ+W7b
3v0bOiT0V8EAyk7akaCiv0eJktNsNf5wfwG/3Scb8hbggmDJSsTlnIyDy0o3Z6C8
1u4BAHK/GO0KSLfxsuQW8a/P1VCkAI86LdPslzCsaKCws/m43kMukP5rBlpV1+7S
OTA5lhO6KRoWUUCOqp/Xljcx8JovCmT0u/V3IPtpSz+QYr2mns+8uWX8tOkrVl1g
L9sAhX7zR2wDntOMCcy+1ktc6rlJGdtzIS5/deG426XWsNyQCemd7E92/wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFfX7Rz7TUpW6+NegvcidCc8J1acMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvVjlmdEhQdE5TbGJyNDE2Qzl5SjBKenduVnB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQA2
MA0GCSqGSIb3DQEBCwUAA4IBAQCCqgE6yZdcKj8X05qw8g32h6bQ5TBLO31YQlrK
Q6Id9y4huaQQWnv2N5WnUq4wDvMQgS1uErNw36c0qCDRtD7Lx+woyFGZiT2bdgdK
zKYdu1natODQKv7w/fTmfEyHfIatrXcxNJwYTTtRdk/1uaOO0Ajek7lrRYj+JBGu
MeTQ1MQYLNP20u3nOeklNbH3Goa8fwz/QNQz2ZYWJVixdJNAgOLhRD4Gm0Z9XY1F
MdkgtW6HnCC7IgohcEwR8syknMlvahbjnx+0MVyQ9oHlMgqWz0F7MgyIil1qHUuQ
L0cb+J+rEU/mvx+xuNUze0hVPsrTHLD7hEocE+M73sHb+e/r
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:09 2024 by rpki-client on console-ams.rpki-client.org