Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/hyyC4xTAjYo_PizyXCVWPGnohi8.roa
File: hyyC4xTAjYo_PizyXCVWPGnohi8.roa (raw, json)
Hash identifier: iLSQyrxHmZ0lKbvnC+5Khg8R8Mn07kincemAtEaSEiQ=
Subject key identifier: 87:2C:82:E3:14:C0:8D:8A:3F:3E:2C:F2:5C:25:56:3C:69:E8:86:2F
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F060886B9C4CC3690F22B0DEA28554
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/hyyC4xTAjYo_PizyXCVWPGnohi8.roa
Signing time: Wed 07 Feb 2024 05:00:30 +0000
ROA not before: Wed 07 Feb 2024 05:00:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49707
IP address blocks: 2a0f:b241:118::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:60:88:6b:9c:4c:c3:69:0f:22:b0:de:a2:85:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=872c82e314c08d8a3f3e2cf25c25563c69e8862f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:85:4c:30:40:0a:d2:b6:c3:52:82:b4:42:bf:
b8:e6:e9:de:5d:ec:eb:ff:e5:e1:8d:f4:37:ce:9d:
36:f3:d6:fd:a9:83:8f:7f:f1:03:a3:da:31:0a:9a:
b0:9d:97:e9:24:00:08:0f:b4:8a:2f:cd:ed:bf:33:
67:f0:9e:76:f4:0c:0a:aa:00:7a:4d:32:47:b9:da:
17:56:c2:34:81:42:14:46:08:1f:79:af:dc:65:42:
51:0e:93:e4:a0:62:b8:39:e8:f2:23:af:25:01:e9:
b6:18:72:67:f4:d8:40:c4:fe:67:71:72:cf:79:9f:
ab:4f:ec:83:57:12:d3:59:cd:b5:41:13:b8:4f:00:
14:d1:04:85:6a:31:6c:74:be:37:b6:61:0e:88:10:
2e:33:d6:2d:b3:34:d8:8b:86:5b:a4:38:ff:66:4a:
65:81:2c:d7:fc:bd:83:22:a8:f3:7d:f7:a9:66:0d:
e2:e8:2f:71:f7:2a:88:ff:70:28:01:f3:25:2b:19:
c5:2e:f5:a3:b4:7f:33:4c:32:17:be:96:c0:65:66:
88:44:6d:f5:e5:01:08:3d:73:f4:e6:72:cf:95:02:
ff:11:7e:ff:d8:cf:86:1a:f3:98:af:3e:33:69:42:
2a:7f:bc:15:b8:65:e7:dd:b0:7a:e3:bf:24:16:8a:
a3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2C:82:E3:14:C0:8D:8A:3F:3E:2C:F2:5C:25:56:3C:69:E8:86:2F
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/hyyC4xTAjYo_PizyXCVWPGnohi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:118::/48
Signature Algorithm: sha256WithRSAEncryption
19:0d:6c:84:46:93:19:7e:c6:45:76:d8:34:4b:08:e0:dd:ea:
d1:2a:8a:c6:91:e7:e5:ce:37:eb:21:d2:72:51:79:c8:c9:f6:
84:43:06:90:34:98:b5:e1:f2:ff:91:84:07:70:11:ea:dc:9b:
b8:0e:7c:05:b6:ce:45:2f:30:24:58:50:1c:d5:d7:7d:26:b6:
69:24:0f:6b:a6:3a:32:96:ab:e3:81:e4:bd:d2:0c:33:91:a7:
28:6f:b6:f2:37:8f:82:66:e4:8a:6d:34:11:93:27:92:dd:d5:
91:73:a4:60:5b:c8:5b:48:b8:5a:5d:b7:8c:99:cf:b3:56:62:
c7:bd:fd:f7:8f:59:de:cb:88:9b:f7:9a:c6:94:55:7e:61:81:
16:1a:2d:4a:7e:bd:f6:22:f8:48:46:85:32:91:fa:55:54:a8:
98:61:04:4d:9e:55:ad:02:d7:7a:b1:5f:9a:4d:f6:34:fc:4a:
02:a5:ed:6a:1b:72:95:7a:24:ea:f9:91:84:12:f1:cd:88:ee:
28:55:0e:81:38:a6:e5:2e:d9:33:e2:76:3f:98:e2:a2:cd:04:
90:a4:9b:e9:22:8b:08:b6:c8:47:db:bf:28:e8:72:46:9b:03:
6a:78:ae:0a:0b:1a:da:83:f9:58:fd:c7:14:51:aa:7c:a7:9b:
6c:c7:79:a9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8GCIa5xMw2kPIrDeooVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzJjODJlMzE0YzA4ZDhhM2YzZTJjZjI1YzI1NTYzYzY5ZTg4NjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4VMMEAK0rbDUoK0Qr+45uneXezr
/+XhjfQ3zp0289b9qYOPf/EDo9oxCpqwnZfpJAAID7SKL83tvzNn8J529AwKqgB6
TTJHudoXVsI0gUIURggfea/cZUJRDpPkoGK4OejyI68lAem2GHJn9NhAxP5ncXLP
eZ+rT+yDVxLTWc21QRO4TwAU0QSFajFsdL43tmEOiBAuM9YtszTYi4ZbpDj/Zkpl
gSzX/L2DIqjzffepZg3i6C9x9yqI/3AoAfMlKxnFLvWjtH8zTDIXvpbAZWaIRG31
5QEIPXP05nLPlQL/EX7/2M+GGvOYrz4zaUIqf7wVuGXn3bB6478kFoqjlQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIcsguMUwI2KPz4s8lwlVjxp6IYvMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvaHl5QzR4VEFqWW9fUGl6eVhDVldQR25vaGk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEY
MA0GCSqGSIb3DQEBCwUAA4IBAQAZDWyERpMZfsZFdtg0Swjg3erRKorGkeflzjfr
IdJyUXnIyfaEQwaQNJi14fL/kYQHcBHq3Ju4DnwFts5FLzAkWFAc1dd9JrZpJA9r
pjoylqvjgeS90gwzkacob7byN4+CZuSKbTQRkyeS3dWRc6RgW8hbSLhaXbeMmc+z
VmLHvf33j1ney4ib95rGlFV+YYEWGi1Kfr32IvhIRoUykfpVVKiYYQRNnlWtAtd6
sV+aTfY0/EoCpe1qG3KVeiTq+ZGEEvHNiO4oVQ6BOKblLtkz4nY/mOKizQSQpJvp
IosItshH278o6HJGmwNqeK4KCxrag/lY/ccUUap8p5tsx3mp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org