Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sY96obC4myK0feC-ynBGToFcXAw.roa
File: sY96obC4myK0feC-ynBGToFcXAw.roa (raw, json)
Hash identifier: ZgLOYjCjb70xq1RDw8EFRDK42uRSunBekR/DF998GRI=
Subject key identifier: B1:8F:7A:A1:B0:B8:9B:22:B4:7D:E0:BE:CA:70:46:4E:81:5C:5C:0C
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F96A5DBC0E8FC278AA809747125A8C7
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sY96obC4myK0feC-ynBGToFcXAw.roa
Signing time: Tue 06 Feb 2024 18:03:15 +0000
ROA not before: Tue 06 Feb 2024 18:03:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44317
IP address blocks: 2a0f:b241:5f::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:96:a5:db:c0:e8:fc:27:8a:a8:09:74:71:25:a8:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:03:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b18f7aa1b0b89b22b47de0beca70464e815c5c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4d:6f:37:ca:ae:92:19:3d:a9:ff:b0:78:44:
ad:99:a5:a4:13:d1:ba:5d:5d:f0:16:c6:92:05:6b:
f0:e0:ac:39:4e:70:8b:be:7d:29:a8:61:4f:38:27:
7f:0e:0f:cd:87:31:48:1c:f1:7a:54:08:85:88:3b:
d6:fd:52:34:26:d3:55:db:88:a8:ed:26:a3:5a:c5:
25:63:a2:2f:af:63:cd:c1:2c:3f:8a:9e:72:62:ce:
85:60:23:4b:35:ed:70:bf:5b:d1:06:d4:41:a4:83:
e4:1b:46:4a:4c:96:1d:06:65:a4:63:2d:43:78:cd:
9a:ca:4b:d4:8d:db:b5:34:62:d1:0d:27:95:40:4c:
82:fe:30:7d:22:e6:79:89:0d:33:22:93:31:f4:29:
a8:44:e6:50:0e:8e:3a:50:b0:9c:f0:85:eb:8c:59:
83:bf:27:b2:fc:15:8e:69:3e:02:3f:7c:7c:4f:48:
f7:95:b0:8c:cb:4a:aa:43:6a:b9:fc:fe:e7:92:7e:
61:49:15:82:d3:3e:78:89:ac:85:8d:2e:52:b4:5b:
26:bd:aa:1b:e9:94:62:35:a0:30:95:e2:2a:38:41:
5d:96:20:0f:04:5b:f9:c6:0d:70:25:83:65:f5:12:
c6:84:ea:98:91:32:81:f7:2d:5e:7d:48:64:0d:66:
2a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:8F:7A:A1:B0:B8:9B:22:B4:7D:E0:BE:CA:70:46:4E:81:5C:5C:0C
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sY96obC4myK0feC-ynBGToFcXAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:5f::/48
Signature Algorithm: sha256WithRSAEncryption
82:ab:94:f4:37:35:dc:0d:c4:f3:c1:a1:d2:ff:a2:70:75:5e:
ed:99:4e:81:89:e1:99:4c:b3:3f:32:4f:11:d5:0a:a3:15:d2:
51:eb:8d:6f:c8:4e:4c:8c:2e:a3:74:c7:c7:13:81:2c:e9:a4:
b5:5b:a1:38:44:24:aa:af:f3:7e:9b:df:1f:a8:34:73:93:ad:
b0:35:df:10:57:55:6a:3f:7e:35:f4:4d:0e:61:2b:08:a3:21:
ba:16:d1:ef:40:73:e6:1e:ce:0b:ee:e7:80:32:20:dd:ba:03:
9a:89:a8:ea:a8:4b:eb:c7:94:04:f2:db:c1:61:b9:86:d4:69:
a1:98:ed:c7:0d:0b:60:f0:6b:78:ea:b3:13:51:f1:8d:17:5b:
24:06:6d:e2:cc:46:a6:e2:bf:90:f6:0e:10:c1:a9:75:b9:c3:
c3:f3:74:36:39:6c:fd:ed:32:68:8c:81:72:cc:fc:04:25:82:
d6:6f:55:28:2a:c1:67:e8:f6:61:8b:b8:4d:fa:eb:36:25:9b:
2a:a4:d6:ec:e3:d9:aa:27:dd:f9:31:df:92:53:bf:cd:29:4b:
8a:a9:e2:b3:40:68:3d:39:50:20:8d:37:34:0b:b2:72:54:86:
36:40:67:50:8c:df:e8:32:6d:b5:e5:55:c4:68:ef:66:27:b1:
ef:f7:86:f7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lqXbwOj8J4qoCXRxJajHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMThmN2FhMWIwYjg5YjIyYjQ3ZGUwYmVjYTcwNDY0ZTgxNWM1YzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqk1vN8qukhk9qf+weEStmaWkE9G6
XV3wFsaSBWvw4Kw5TnCLvn0pqGFPOCd/Dg/NhzFIHPF6VAiFiDvW/VI0JtNV24io
7SajWsUlY6Ivr2PNwSw/ip5yYs6FYCNLNe1wv1vRBtRBpIPkG0ZKTJYdBmWkYy1D
eM2aykvUjdu1NGLRDSeVQEyC/jB9IuZ5iQ0zIpMx9CmoROZQDo46ULCc8IXrjFmD
vyey/BWOaT4CP3x8T0j3lbCMy0qqQ2q5/P7nkn5hSRWC0z54iayFjS5StFsmvaob
6ZRiNaAwleIqOEFdliAPBFv5xg1wJYNl9RLGhOqYkTKB9y1efUhkDWYqgQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLGPeqGwuJsitH3gvspwRk6BXFwMMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvc1k5Nm9iQzRteUswZmVDLXluQkdUb0ZjWEF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBf
MA0GCSqGSIb3DQEBCwUAA4IBAQCCq5T0NzXcDcTzwaHS/6JwdV7tmU6BieGZTLM/
Mk8R1QqjFdJR641vyE5MjC6jdMfHE4Es6aS1W6E4RCSqr/N+m98fqDRzk62wNd8Q
V1VqP3419E0OYSsIoyG6FtHvQHPmHs4L7ueAMiDdugOaiajqqEvrx5QE8tvBYbmG
1GmhmO3HDQtg8Gt46rMTUfGNF1skBm3izEam4r+Q9g4Qwal1ucPD83Q2OWz97TJo
jIFyzPwEJYLWb1UoKsFn6PZhi7hN+us2JZsqpNbs49mqJ935Md+SU7/NKUuKqeKz
QGg9OVAgjTc0C7JyVIY2QGdQjN/oMm215VXEaO9mJ7Hv94b3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:13 2024 by rpki-client on console-fra.rpki-client.org