Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sAiOM0LCNd4vc-DvYK-a_cKsrt4.roa
File: sAiOM0LCNd4vc-DvYK-a_cKsrt4.roa (raw, json)
Hash identifier: f2hfnGtQaRweJNuz1DvuLYcmg/MG5kjHFcP1L/wkQQY=
Subject key identifier: B0:08:8E:33:42:C2:35:DE:2F:73:E0:EF:60:AF:9A:FD:C2:AC:AE:DE
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0B2C0538F642E97C9ABBBF9713E9C
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sAiOM0LCNd4vc-DvYK-a_cKsrt4.roa
Signing time: Wed 07 Feb 2024 05:00:51 +0000
ROA not before: Wed 07 Feb 2024 05:00:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215634
IP address blocks: 2a0f:b241:4e::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:b2:c0:53:8f:64:2e:97:c9:ab:bb:f9:71:3e:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0088e3342c235de2f73e0ef60af9afdc2acaede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f6:19:82:a6:98:9e:d1:fe:7b:a8:0b:2c:a6:
98:db:99:37:32:ff:37:9d:ae:d4:cb:5b:90:e0:97:
16:0e:9e:65:d1:67:45:12:43:30:b5:d8:7a:e5:57:
19:93:1b:c0:b6:17:fe:5f:0b:17:c1:95:80:6d:1c:
3f:eb:7c:79:8c:f3:ff:00:d1:c6:58:6a:40:ab:e3:
1b:b1:88:72:1c:e6:50:f7:79:e9:e0:c8:bb:54:e0:
e2:0f:a0:8e:38:dd:38:e2:62:22:45:2d:51:56:3e:
20:2f:4b:62:7f:0f:ff:39:78:82:b8:19:d0:07:18:
59:15:3e:3e:46:59:b8:04:4c:31:f0:20:ca:ba:31:
90:ce:0f:d8:a8:08:0d:6b:32:a7:ef:c9:1a:d3:04:
54:f4:64:76:82:e3:3b:47:7b:c1:4c:bb:eb:e9:9f:
18:ce:53:f7:08:c6:11:d4:ee:83:66:4e:4e:ce:2b:
0b:62:55:24:61:6e:a2:9d:a8:14:20:5a:b3:ea:c4:
4c:ae:00:9b:5c:b2:96:e6:49:18:05:26:0f:85:6f:
c0:3f:b5:e4:f3:62:60:f6:35:28:6f:2d:a0:88:ca:
d9:c6:31:66:55:9e:2e:c6:4c:0c:60:39:0b:59:c4:
b2:6d:68:0b:8d:dd:c4:05:f7:2c:53:f1:6c:00:26:
4e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:08:8E:33:42:C2:35:DE:2F:73:E0:EF:60:AF:9A:FD:C2:AC:AE:DE
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sAiOM0LCNd4vc-DvYK-a_cKsrt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:4e::/48
Signature Algorithm: sha256WithRSAEncryption
11:90:82:ea:bc:ad:61:b7:dc:31:91:98:49:24:c1:58:dc:c1:
44:4d:95:39:b3:5c:55:fa:04:78:aa:0a:5b:96:eb:7d:d5:f5:
69:40:14:50:7a:33:a6:ac:11:e9:ab:78:ee:73:e2:04:f3:79:
b4:dc:f6:20:07:1d:e9:79:3c:8d:42:21:e7:a4:29:2b:b7:b9:
82:86:60:f0:91:84:66:68:83:75:aa:dc:fd:63:8f:bd:45:aa:
55:e1:58:5b:ea:bb:a9:59:a4:f9:9d:74:ef:d7:b4:10:79:41:
aa:95:8d:c5:50:25:7e:2f:aa:45:a5:b9:dd:0e:68:df:0d:cc:
df:35:c8:85:49:9f:1e:81:85:d7:e9:4d:e1:d5:ef:35:67:75:
82:56:29:4b:ee:cb:1f:2b:c7:8d:e5:90:23:21:6b:85:03:64:
6a:27:2d:f0:16:27:71:24:05:a1:59:45:9d:b9:70:ff:85:d3:
52:46:57:d7:6d:e7:d0:60:49:4c:b7:82:32:82:19:42:b1:8b:
83:c8:5e:a7:74:e4:07:c2:d3:6b:d2:78:96:24:7a:7f:19:1e:
31:d3:3c:63:83:09:66:e5:12:9c:06:7d:05:9c:cc:e8:d5:fb:
77:68:18:98:69:d8:fd:7e:58:6c:85:7a:7b:02:74:d5:2d:9e:
a6:39:df:b8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8LLAU49kLpfJq7v5cT6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDA4OGUzMzQyYzIzNWRlMmY3M2UwZWY2MGFmOWFmZGMyYWNhZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPYZgqaYntH+e6gLLKaY25k3Mv83
na7Uy1uQ4JcWDp5l0WdFEkMwtdh65VcZkxvAthf+XwsXwZWAbRw/63x5jPP/ANHG
WGpAq+MbsYhyHOZQ93np4Mi7VODiD6COON044mIiRS1RVj4gL0tifw//OXiCuBnQ
BxhZFT4+Rlm4BEwx8CDKujGQzg/YqAgNazKn78ka0wRU9GR2guM7R3vBTLvr6Z8Y
zlP3CMYR1O6DZk5OzisLYlUkYW6inagUIFqz6sRMrgCbXLKW5kkYBSYPhW/AP7Xk
82Jg9jUoby2giMrZxjFmVZ4uxkwMYDkLWcSybWgLjd3EBfcsU/FsACZOnQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLAIjjNCwjXeL3Pg72Cvmv3CrK7eMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvc0FpT00wTENOZDR2Yy1EdllLLWFfY0tzcnQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBO
MA0GCSqGSIb3DQEBCwUAA4IBAQARkILqvK1ht9wxkZhJJMFY3MFETZU5s1xV+gR4
qgpblut91fVpQBRQejOmrBHpq3juc+IE83m03PYgBx3peTyNQiHnpCkrt7mChmDw
kYRmaIN1qtz9Y4+9RapV4Vhb6rupWaT5nXTv17QQeUGqlY3FUCV+L6pFpbndDmjf
DczfNciFSZ8egYXX6U3h1e81Z3WCVilL7ssfK8eN5ZAjIWuFA2RqJy3wFidxJAWh
WUWduXD/hdNSRlfXbefQYElMt4IyghlCsYuDyF6ndOQHwtNr0niWJHp/GR4x0zxj
gwlm5RKcBn0FnMzo1ft3aBiYadj9flhshXp7AnTVLZ6mOd+4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:11 2024 by rpki-client on console-ams.rpki-client.org