Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/dvaMYBQ4Yzz2Cxoeo_f4dnNbIJM.roa
File: dvaMYBQ4Yzz2Cxoeo_f4dnNbIJM.roa (raw, json)
Hash identifier: 7EUwmN7eTJE1dn7/rV4GqE8obs1HInTURA6SNXlfZ4Q=
Subject key identifier: 76:F6:8C:60:14:38:63:3C:F6:0B:1A:1E:A3:F7:F8:76:73:5B:20:93
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAE7A6AEE33D9A1B0BEBA892EA8EF46
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/dvaMYBQ4Yzz2Cxoeo_f4dnNbIJM.roa
Signing time: Tue 06 Feb 2024 18:29:17 +0000
ROA not before: Tue 06 Feb 2024 18:29:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50842
IP address blocks: 2a0f:b241:11b::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:ae:7a:6a:ee:33:d9:a1:b0:be:ba:89:2e:a8:ef:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:29:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76f68c601438633cf60b1a1ea3f7f876735b2093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d0:bf:0d:a1:f3:7a:bc:c7:6c:7e:89:07:5c:
e3:d6:d9:15:f2:7e:7d:a8:f7:34:b9:53:65:23:79:
03:45:d7:c0:68:bf:6b:0b:b8:d4:93:06:95:53:ec:
7b:8b:39:f2:18:3e:75:67:22:dc:95:ea:81:f2:08:
1d:72:b6:ec:51:47:e7:93:8b:f8:38:0b:5d:87:24:
1b:ae:9b:4e:da:be:90:38:a8:51:53:c1:3f:5f:64:
e7:a7:ad:f9:19:dd:27:ba:09:4a:8f:03:79:5a:bf:
60:e0:67:d2:f7:36:91:74:db:01:01:08:ed:56:a5:
b0:a4:80:42:76:61:1f:10:d1:dd:96:fb:eb:62:2f:
e1:97:5f:23:35:02:7d:2f:8f:66:eb:b7:1b:39:83:
0e:9d:c2:0d:b9:c6:73:c8:0a:58:65:0d:33:33:4e:
a3:23:7c:d3:dd:72:0f:aa:d9:5a:0a:08:ab:b5:e0:
80:54:b5:c3:b5:3b:41:1b:49:ae:95:87:ce:9c:91:
43:c5:8e:55:d7:77:5c:63:23:56:3d:8a:52:c4:9e:
f8:65:e9:12:49:de:3f:31:4d:93:35:77:76:c2:a7:
81:5e:09:27:ff:97:0f:52:73:be:f4:66:97:c0:f2:
22:f3:d5:fd:e0:7d:f2:99:3f:08:f9:1d:55:68:22:
79:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:F6:8C:60:14:38:63:3C:F6:0B:1A:1E:A3:F7:F8:76:73:5B:20:93
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/dvaMYBQ4Yzz2Cxoeo_f4dnNbIJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:11b::/48
Signature Algorithm: sha256WithRSAEncryption
0b:33:93:75:af:5b:6a:d5:2c:8a:d4:f5:17:36:8a:20:29:9a:
e9:fc:92:90:63:61:95:c9:32:e9:fd:98:c5:d1:9d:ef:9e:2f:
0d:83:a2:06:ed:36:09:5a:b5:5a:14:b9:a1:1c:e4:4c:ff:64:
69:81:15:ea:16:3c:1e:e5:af:96:a2:52:77:d7:3d:77:fc:ac:
e5:7d:97:37:09:38:fe:bf:f5:c0:b0:21:87:b7:78:a4:51:fb:
af:b6:de:9e:f5:a2:28:e6:aa:8a:ed:b1:ec:31:28:1f:bd:32:
60:00:4c:7a:0d:aa:16:98:3c:d0:a2:8a:63:b9:31:87:6f:6e:
2f:b6:6c:76:93:8a:4b:dc:fa:24:f7:8e:0f:01:68:5b:58:50:
b4:37:97:37:10:8c:ef:06:52:a5:78:dd:3c:54:d9:67:73:93:
e9:44:f1:d9:83:45:8b:eb:dc:69:8f:60:e0:c3:84:4a:e9:f3:
60:cc:b1:3e:52:9f:62:85:e2:50:c6:cc:a9:3e:81:71:4f:64:
bf:dd:17:4b:14:2e:6e:b2:f9:d9:be:34:16:6b:8d:f0:f3:e0:
ef:ff:53:47:91:a8:4b:d3:98:34:bb:f0:ce:47:aa:83:b2:9f:
e4:87:40:e4:2e:31:ff:94:9a:c3:74:7e:c4:b3:3c:c9:fe:de:
4d:f5:a3:09
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/rnpq7jPZobC+uokuqO9GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmY2OGM2MDE0Mzg2MzNjZjYwYjFhMWVhM2Y3Zjg3NjczNWIyMDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9C/DaHzerzHbH6JB1zj1tkV8n59
qPc0uVNlI3kDRdfAaL9rC7jUkwaVU+x7iznyGD51ZyLcleqB8ggdcrbsUUfnk4v4
OAtdhyQbrptO2r6QOKhRU8E/X2Tnp635Gd0nuglKjwN5Wr9g4GfS9zaRdNsBAQjt
VqWwpIBCdmEfENHdlvvrYi/hl18jNQJ9L49m67cbOYMOncINucZzyApYZQ0zM06j
I3zT3XIPqtlaCgirteCAVLXDtTtBG0mulYfOnJFDxY5V13dcYyNWPYpSxJ74ZekS
Sd4/MU2TNXd2wqeBXgkn/5cPUnO+9GaXwPIi89X94H3ymT8I+R1VaCJ53QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHb2jGAUOGM89gsaHqP3+HZzWyCTMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvZHZhTVlCUTRZenoyQ3hvZW9fZjRkbk5iSUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEb
MA0GCSqGSIb3DQEBCwUAA4IBAQALM5N1r1tq1SyK1PUXNoogKZrp/JKQY2GVyTLp
/ZjF0Z3vni8Ng6IG7TYJWrVaFLmhHORM/2RpgRXqFjwe5a+WolJ31z13/KzlfZc3
CTj+v/XAsCGHt3ikUfuvtt6e9aIo5qqK7bHsMSgfvTJgAEx6DaoWmDzQoopjuTGH
b24vtmx2k4pL3Pok944PAWhbWFC0N5c3EIzvBlKleN08VNlnc5PpRPHZg0WL69xp
j2Dgw4RK6fNgzLE+Up9iheJQxsypPoFxT2S/3RdLFC5usvnZvjQWa43w8+Dv/1NH
kahL05g0u/DOR6qDsp/kh0DkLjH/lJrDdH7EszzJ/t5N9aMJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org