Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/m9oP4vQh1zoh-wI3D3YIWOTQm9o.roa
File: m9oP4vQh1zoh-wI3D3YIWOTQm9o.roa (raw, json)
Hash identifier: XXQhk7bnJwJlVuyRaZWeOb4hHQeumz5fUn1qF6NlEqk=
Subject key identifier: 9B:DA:0F:E2:F4:21:D7:3A:21:FB:02:37:0F:76:08:58:E4:D0:9B:DA
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB7A1977B82C8000DDDF0D54F85C009
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/m9oP4vQh1zoh-wI3D3YIWOTQm9o.roa
Signing time: Tue 06 Feb 2024 18:39:17 +0000
ROA not before: Tue 06 Feb 2024 18:39:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210833
IP address blocks: 2a0f:b241:140::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b7:a1:97:7b:82:c8:00:0d:dd:f0:d5:4f:85:c0:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:39:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9bda0fe2f421d73a21fb02370f760858e4d09bda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:bd:5f:92:05:8d:b2:7c:83:b8:e3:2c:1d:a6:
35:ec:f3:43:81:8e:f9:02:bb:40:00:26:7f:83:6a:
99:da:54:2a:d8:d1:14:94:99:82:91:1d:4f:ff:21:
f6:7d:aa:1e:ff:8d:da:85:08:96:bb:cf:68:2e:07:
1f:18:25:00:07:39:c7:4f:d9:96:59:a0:73:b4:6b:
3c:09:91:de:19:ed:b8:eb:9d:c2:58:a8:72:90:ef:
3d:48:25:9c:ac:5b:63:0e:d8:9a:27:7d:81:32:76:
87:6a:9d:2c:21:de:02:89:ca:43:64:de:8b:4c:d9:
9f:3f:3e:6f:ef:bd:f7:dc:bf:7f:a4:07:97:3d:bd:
c0:74:58:d6:77:44:99:4d:52:97:81:cb:a9:73:ad:
7e:5f:f6:12:62:e4:57:e3:59:92:eb:10:8b:a7:79:
f9:4c:01:c9:0f:70:37:1b:15:89:89:a3:c1:88:4f:
28:66:35:b2:ee:d9:1e:a9:1f:a2:06:78:92:0a:88:
c0:e0:50:20:0e:ad:bf:cb:51:b3:10:35:5b:b7:c6:
0a:1e:ba:01:32:1c:79:ed:13:07:72:e2:77:98:a8:
12:72:85:da:ce:41:a4:ea:1a:ee:f6:a1:54:b9:15:
39:8d:ae:40:f3:f1:81:4a:da:43:e1:47:57:9d:13:
07:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:DA:0F:E2:F4:21:D7:3A:21:FB:02:37:0F:76:08:58:E4:D0:9B:DA
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/m9oP4vQh1zoh-wI3D3YIWOTQm9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:140::/48
Signature Algorithm: sha256WithRSAEncryption
83:02:1f:4d:00:1a:e8:a8:03:87:9d:1b:4a:2a:ae:01:42:bb:
85:a2:b9:fc:97:1d:5b:04:02:bf:c3:ca:30:98:83:d3:5a:04:
57:21:13:0b:ef:70:64:28:e8:b9:26:e5:56:af:d5:9f:d9:c9:
0a:d2:a8:9b:f5:dc:67:0b:ba:9e:b5:4b:ec:f7:00:71:ff:14:
be:a6:76:58:b1:e1:97:b7:f4:2f:e0:c3:81:ca:53:48:e4:7c:
7e:ee:e6:47:6c:12:5c:c2:1e:4e:9a:f4:91:c0:62:30:b6:a3:
d9:20:6c:4e:40:95:66:a0:9b:59:33:ac:8e:a5:82:cc:06:d4:
9a:23:bc:da:76:7e:7d:70:78:e0:bd:e6:eb:6c:d2:b1:46:05:
d0:9a:53:ad:84:fd:75:bf:e4:ea:88:3b:6a:ed:2f:94:44:ad:
b5:63:bc:51:9c:48:c9:01:82:80:3f:53:f6:92:a9:1d:12:61:
61:55:c2:74:ed:2f:f8:ea:2e:c8:07:77:9c:2c:68:44:f5:ad:
77:87:99:1c:46:5f:2d:8e:e0:c2:60:6b:98:3d:3e:89:05:57:
a7:29:94:f1:7b:d5:db:1f:35:e5:fb:5f:21:ee:7e:8c:47:07:
55:af:fb:50:0d:2b:74:01:76:fb:4f:b0:24:0b:1e:76:fa:7e:
51:db:b4:8a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/t6GXe4LIAA3d8NVPhcAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmRhMGZlMmY0MjFkNzNhMjFmYjAyMzcwZjc2MDg1OGU0ZDA5YmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzL1fkgWNsnyDuOMsHaY17PNDgY75
ArtAACZ/g2qZ2lQq2NEUlJmCkR1P/yH2faoe/43ahQiWu89oLgcfGCUABznHT9mW
WaBztGs8CZHeGe24653CWKhykO89SCWcrFtjDtiaJ32BMnaHap0sId4CicpDZN6L
TNmfPz5v77333L9/pAeXPb3AdFjWd0SZTVKXgcupc61+X/YSYuRX41mS6xCLp3n5
TAHJD3A3GxWJiaPBiE8oZjWy7tkeqR+iBniSCojA4FAgDq2/y1GzEDVbt8YKHroB
Mhx57RMHcuJ3mKgScoXazkGk6hru9qFUuRU5ja5A8/GBStpD4UdXnRMHyQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJvaD+L0Idc6IfsCNw92CFjk0JvaMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvbTlvUDR2UWgxem9oLXdJM0QzWUlXT1RRbTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFA
MA0GCSqGSIb3DQEBCwUAA4IBAQCDAh9NABroqAOHnRtKKq4BQruForn8lx1bBAK/
w8owmIPTWgRXIRML73BkKOi5JuVWr9Wf2ckK0qib9dxnC7qetUvs9wBx/xS+pnZY
seGXt/Qv4MOBylNI5Hx+7uZHbBJcwh5OmvSRwGIwtqPZIGxOQJVmoJtZM6yOpYLM
BtSaI7zadn59cHjgvebrbNKxRgXQmlOthP11v+TqiDtq7S+URK21Y7xRnEjJAYKA
P1P2kqkdEmFhVcJ07S/46i7IB3ecLGhE9a13h5kcRl8tjuDCYGuYPT6JBVenKZTx
e9XbHzXl+18h7n6MRwdVr/tQDSt0AXb7T7AkCx52+n5R27SK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org