Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bltOnUvRRBVuE_Zo9J3K237LHDE.roa
File: bltOnUvRRBVuE_Zo9J3K237LHDE.roa (raw, json)
Hash identifier: zsLnEc5vj9+3i29OQwudcFTuE02kNHy68fb/D0xozAU=
Subject key identifier: 6E:5B:4E:9D:4B:D1:44:15:6E:13:F6:68:F4:9D:CA:DB:7E:CB:1C:31
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F95BDC78E0F7672CDFDCA7AFBAD861A
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bltOnUvRRBVuE_Zo9J3K237LHDE.roa
Signing time: Tue 06 Feb 2024 18:02:16 +0000
ROA not before: Tue 06 Feb 2024 18:02:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209265
IP address blocks: 2a0f:b241:43::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:95:bd:c7:8e:0f:76:72:cd:fd:ca:7a:fb:ad:86:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:02:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e5b4e9d4bd144156e13f668f49dcadb7ecb1c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b5:77:ef:ae:bb:13:f8:58:21:ef:37:2b:ac:
01:50:18:9c:89:95:63:a1:c4:ba:b6:22:5e:97:ba:
97:da:48:23:cf:eb:10:9d:ba:51:19:13:ee:a0:2f:
23:89:6c:ef:1b:fa:6e:0f:11:2e:87:fc:2e:47:89:
42:d7:f8:47:f8:67:63:0d:1f:8b:57:10:53:e3:bd:
56:03:9b:b1:f3:4a:62:d8:43:16:4a:e8:1d:35:c4:
52:18:f4:df:c1:f8:cc:ab:a6:59:4f:32:7a:a4:20:
82:ed:3e:3b:99:cc:83:b4:4d:94:71:6e:38:de:3f:
7e:9e:59:8d:f2:9b:ea:c7:b7:a1:70:3d:8a:40:21:
27:0e:dc:9e:5b:8d:2b:48:15:a0:33:fd:da:3f:66:
89:c3:f7:77:16:41:63:52:92:fc:6a:96:b2:df:f7:
53:ee:a0:ac:fe:14:bc:a2:63:e2:b9:e2:e8:f4:2f:
65:26:3a:1e:c5:02:4a:cc:b0:67:91:a7:a8:31:19:
8e:0c:93:1f:24:ce:1c:4d:b3:91:f5:43:9c:48:0b:
c2:10:5d:55:7a:1f:e3:65:0b:c8:8e:d1:6f:8e:77:
0f:ea:dc:f1:47:24:4c:e2:0f:1c:e6:67:56:70:ad:
67:0d:a9:a9:48:68:48:e5:c6:a9:95:38:cd:7b:f8:
ee:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:5B:4E:9D:4B:D1:44:15:6E:13:F6:68:F4:9D:CA:DB:7E:CB:1C:31
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bltOnUvRRBVuE_Zo9J3K237LHDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:43::/48
Signature Algorithm: sha256WithRSAEncryption
24:f3:5c:f5:26:cb:49:f4:11:85:1d:89:f9:45:49:f3:6e:a9:
bb:73:a5:02:d7:e5:0d:e7:d4:99:4f:5c:96:66:cb:d7:fe:9b:
f3:c5:64:5d:d9:ea:7d:a0:82:78:8f:05:fa:66:33:6d:93:ab:
5e:2b:f4:32:79:a1:a9:78:5b:bc:46:ae:78:ae:b9:8d:27:cd:
0b:35:b6:7b:2b:61:19:45:d9:e2:e2:04:ff:52:39:da:db:ba:
90:9d:6b:36:f9:e0:ec:1f:f0:25:00:c6:c1:11:f9:ad:82:4c:
5e:2a:2a:b8:7f:9a:1e:8a:54:b8:f7:1d:06:9e:b1:02:94:eb:
cc:69:e2:03:79:a2:2b:de:d2:9b:74:4a:6d:63:f9:ef:fc:95:
01:e6:b2:42:88:b7:a7:9c:4a:39:e2:26:76:dd:59:28:64:45:
8f:cb:60:68:b1:e7:18:83:4d:01:67:ac:7c:c4:bb:f7:e8:d0:
b8:58:64:18:c5:7c:98:7c:3b:14:7e:d2:48:04:e7:ab:b7:8e:
79:94:eb:6e:d6:b0:39:e3:22:c0:8a:1e:e3:f6:cd:e8:68:42:
f7:0b:59:8c:d1:ee:c0:0b:1c:74:46:8d:15:f9:1b:25:fc:e4:
fc:f9:9e:56:6f:d6:a5:32:d8:58:30:3c:4c:53:a3:e5:d1:27:
56:72:cc:d2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lb3Hjg92cs39ynr7rYYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTViNGU5ZDRiZDE0NDE1NmUxM2Y2NjhmNDlkY2FkYjdlY2IxYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7V37667E/hYIe83K6wBUBiciZVj
ocS6tiJel7qX2kgjz+sQnbpRGRPuoC8jiWzvG/puDxEuh/wuR4lC1/hH+GdjDR+L
VxBT471WA5ux80pi2EMWSugdNcRSGPTfwfjMq6ZZTzJ6pCCC7T47mcyDtE2UcW44
3j9+nlmN8pvqx7ehcD2KQCEnDtyeW40rSBWgM/3aP2aJw/d3FkFjUpL8apay3/dT
7qCs/hS8omPiueLo9C9lJjoexQJKzLBnkaeoMRmODJMfJM4cTbOR9UOcSAvCEF1V
eh/jZQvIjtFvjncP6tzxRyRM4g8c5mdWcK1nDampSGhI5caplTjNe/juYwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG5bTp1L0UQVbhP2aPSdytt+yxwxMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvYmx0T25VdlJSQlZ1RV9abzlKM0syMzdMSERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBD
MA0GCSqGSIb3DQEBCwUAA4IBAQAk81z1JstJ9BGFHYn5RUnzbqm7c6UC1+UN59SZ
T1yWZsvX/pvzxWRd2ep9oIJ4jwX6ZjNtk6teK/QyeaGpeFu8Rq54rrmNJ80LNbZ7
K2EZRdni4gT/Ujna27qQnWs2+eDsH/AlAMbBEfmtgkxeKiq4f5oeilS49x0GnrEC
lOvMaeIDeaIr3tKbdEptY/nv/JUB5rJCiLennEo54iZ23VkoZEWPy2BosecYg00B
Z6x8xLv36NC4WGQYxXyYfDsUftJIBOert455lOtu1rA54yLAih7j9s3oaEL3C1mM
0e7ACxx0Ro0V+Rsl/OT8+Z5Wb9alMthYMDxMU6Pl0SdWcszS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:09 2024 by rpki-client on console-ams.rpki-client.org