Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/j0yhW6UEzQqvdzWRJSu4e1rTcEg.roa
File: j0yhW6UEzQqvdzWRJSu4e1rTcEg.roa (raw, json)
Hash identifier: REuPO1kbrLG1sAdW/DKhI1OgyCRvUY9BAZZWYxvwrY4=
Subject key identifier: 8F:4C:A1:5B:A5:04:CD:0A:AF:77:35:91:25:2B:B8:7B:5A:D3:70:48
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAD90594CCC16D0029551F87C6790C1
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/j0yhW6UEzQqvdzWRJSu4e1rTcEg.roa
Signing time: Tue 06 Feb 2024 18:28:17 +0000
ROA not before: Tue 06 Feb 2024 18:28:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216113
IP address blocks: 2a0f:b241:109::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:ad:90:59:4c:cc:16:d0:02:95:51:f8:7c:67:90:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:28:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f4ca15ba504cd0aaf773591252bb87b5ad37048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e3:ee:40:27:7d:26:b7:ba:9b:c1:39:62:81:
17:ea:42:1b:cf:48:10:c0:9a:2d:d9:ae:5a:38:cb:
9e:8e:ea:40:86:0f:50:28:bd:ab:90:26:e6:38:a5:
d3:98:88:20:3f:98:6f:15:78:e9:6c:ee:16:99:ac:
3d:7b:1e:a9:40:e2:0d:20:f6:53:f9:59:84:36:5e:
8e:13:7d:f6:ec:be:3a:fa:26:05:f5:be:e8:0d:e3:
ee:07:1d:36:8b:1e:91:ff:0e:d0:ed:00:2e:73:88:
44:ea:d4:7c:3b:5a:6b:7e:83:8f:c5:27:72:a7:df:
64:9a:e9:d1:b0:10:e3:f1:a2:4d:95:cf:72:50:6f:
aa:44:53:be:34:3b:67:3f:8c:df:67:b5:3c:3a:84:
58:78:c4:11:ca:6a:d5:c8:e9:4f:d5:f0:1f:28:bc:
ec:07:d0:92:14:a6:3d:97:e6:89:75:8c:4d:c2:67:
2d:74:c5:0a:9f:58:d4:9b:1b:04:5b:a9:b4:0d:17:
81:22:70:8b:81:ea:a8:8a:f0:77:20:6a:bf:36:ae:
2c:f4:cf:1a:41:97:d9:80:22:5f:65:7c:fb:fe:25:
98:37:a2:1e:8a:bd:8c:39:42:d2:f1:20:2e:c6:42:
93:ec:6a:0b:fd:89:8d:04:37:53:22:de:69:15:5d:
90:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:4C:A1:5B:A5:04:CD:0A:AF:77:35:91:25:2B:B8:7B:5A:D3:70:48
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/j0yhW6UEzQqvdzWRJSu4e1rTcEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:109::/48
Signature Algorithm: sha256WithRSAEncryption
12:99:a2:50:86:79:23:8a:a3:0b:ee:b5:1c:34:aa:21:d0:91:
11:10:9b:3c:8a:0e:ef:81:81:94:95:37:b8:d6:9b:b1:a8:29:
d1:f7:13:93:37:b3:af:43:11:92:b0:d1:8e:4f:98:62:80:ce:
e5:da:35:4e:a7:45:f0:4b:76:5a:41:71:99:04:40:49:33:e6:
bd:1c:4e:bc:4d:fc:4e:ae:5b:ee:4c:6b:cf:99:60:36:cb:d2:
20:f5:20:53:95:18:07:e8:b8:05:9d:be:2d:31:be:ab:34:ce:
8e:5f:ef:51:63:f4:4c:de:5d:3e:06:d8:cb:a0:f5:76:c9:63:
4e:34:6f:1e:69:a4:c7:9c:25:e0:00:69:fe:31:39:7c:82:19:
fa:bc:72:35:2b:15:66:92:b1:d0:7b:af:31:e4:f7:8d:f5:19:
72:3d:ba:10:2d:fb:02:a4:8f:01:47:c7:32:2b:7d:51:be:d5:
10:bc:c8:c1:38:5c:b7:0f:dc:5c:09:7e:21:76:b1:41:e2:22:
c0:12:10:2c:c9:73:cd:b8:80:e7:b9:28:c7:91:69:e3:04:bf:
ad:4c:57:b4:51:f4:8c:c3:b2:70:f8:63:27:38:a5:38:f8:bc:
26:1e:25:dd:c9:99:b8:e4:6d:e8:8b:4d:7a:67:1c:2e:85:03:
3a:a2:72:eb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/rZBZTMwW0AKVUfh8Z5DBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjRjYTE1YmE1MDRjZDBhYWY3NzM1OTEyNTJiYjg3YjVhZDM3MDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuPuQCd9Jre6m8E5YoEX6kIbz0gQ
wJot2a5aOMuejupAhg9QKL2rkCbmOKXTmIggP5hvFXjpbO4Wmaw9ex6pQOINIPZT
+VmENl6OE3327L46+iYF9b7oDePuBx02ix6R/w7Q7QAuc4hE6tR8O1prfoOPxSdy
p99kmunRsBDj8aJNlc9yUG+qRFO+NDtnP4zfZ7U8OoRYeMQRymrVyOlP1fAfKLzs
B9CSFKY9l+aJdYxNwmctdMUKn1jUmxsEW6m0DReBInCLgeqoivB3IGq/Nq4s9M8a
QZfZgCJfZXz7/iWYN6Ieir2MOULS8SAuxkKT7GoL/YmNBDdTIt5pFV2QGQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI9MoVulBM0Kr3c1kSUruHta03BIMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvajB5aFc2VUV6UXF2ZHpXUkpTdTRlMXJUY0VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEJ
MA0GCSqGSIb3DQEBCwUAA4IBAQASmaJQhnkjiqML7rUcNKoh0JEREJs8ig7vgYGU
lTe41puxqCnR9xOTN7OvQxGSsNGOT5higM7l2jVOp0XwS3ZaQXGZBEBJM+a9HE68
TfxOrlvuTGvPmWA2y9Ig9SBTlRgH6LgFnb4tMb6rNM6OX+9RY/RM3l0+BtjLoPV2
yWNONG8eaaTHnCXgAGn+MTl8ghn6vHI1KxVmkrHQe68x5PeN9RlyPboQLfsCpI8B
R8cyK31RvtUQvMjBOFy3D9xcCX4hdrFB4iLAEhAsyXPNuIDnuSjHkWnjBL+tTFe0
UfSMw7Jw+GMnOKU4+LwmHiXdyZm45G3oi016ZxwuhQM6onLr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org