Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/u5XkdlngcnkK_R0LlgNspNXkTmY.roa
File: u5XkdlngcnkK_R0LlgNspNXkTmY.roa (raw, json)
Hash identifier: 94666dRmZalg/zvLTqe+C6yEANmq0ph2IzjzDFDFiIk=
Subject key identifier: BB:95:E4:76:59:E0:72:79:0A:FD:1D:0B:96:03:6C:A4:D5:E4:4E:66
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAACEC00EF1E2B37B0E2C2929413E90
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/u5XkdlngcnkK_R0LlgNspNXkTmY.roa
Signing time: Tue 06 Feb 2024 18:25:16 +0000
ROA not before: Tue 06 Feb 2024 18:25:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201444
IP address blocks: 2a0f:b241:dd::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:aa:ce:c0:0e:f1:e2:b3:7b:0e:2c:29:29:41:3e:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:25:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb95e47659e072790afd1d0b96036ca4d5e44e66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:bf:b9:09:a2:93:3f:c1:17:15:f6:fe:52:98:
da:3c:c0:ea:af:4b:3a:8f:12:56:87:e1:ec:c3:3a:
66:6f:af:07:1a:96:87:90:c3:81:19:4f:db:74:0c:
f6:18:9e:a8:63:eb:f5:05:54:de:59:c2:67:95:40:
b6:95:bd:07:c3:26:5e:e2:59:06:40:fa:9a:a8:a1:
c8:75:23:83:d5:82:ab:a8:3a:a3:9d:e4:1a:e7:06:
22:86:3f:c5:8d:ca:6f:89:86:2d:ef:2c:9a:10:45:
62:62:95:d6:3a:9d:a9:26:03:88:2c:2c:15:d3:38:
0a:3d:1a:bb:10:71:8c:c4:6d:fb:e3:31:12:4d:76:
7f:b7:ff:16:82:f6:6e:c9:f8:9a:ed:a3:84:b0:86:
88:43:e5:a2:bc:55:cf:24:70:0d:6e:6d:1b:57:c1:
b1:7b:aa:42:ff:7c:f0:e9:af:57:af:48:1b:b3:e4:
01:ba:80:58:41:c1:08:c4:e4:e5:4b:96:57:6e:55:
8c:ef:89:8e:b7:0b:49:c6:af:ee:99:6c:58:7f:e1:
e7:db:f5:7c:0c:a1:c3:98:e1:c9:40:a4:6d:0a:d0:
e2:bb:71:68:35:18:d3:e7:14:b4:f5:96:94:25:b0:
91:b1:f2:78:dc:be:40:89:3e:58:2b:4f:28:ee:5f:
c2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:95:E4:76:59:E0:72:79:0A:FD:1D:0B:96:03:6C:A4:D5:E4:4E:66
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/u5XkdlngcnkK_R0LlgNspNXkTmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:dd::/48
Signature Algorithm: sha256WithRSAEncryption
67:cd:5a:87:f3:8e:ae:c9:22:8c:a0:c8:83:24:22:2c:34:11:
27:a0:9f:8c:a8:49:e6:18:4f:16:4a:ed:e7:1f:3e:09:ad:fd:
70:20:74:2d:49:0a:42:60:09:9b:9e:e0:cf:0a:7b:8a:02:9f:
55:71:7a:0c:ac:79:ff:80:9a:97:91:91:1c:65:28:26:1a:bb:
32:ed:a4:d8:29:7c:d3:bc:87:73:80:96:53:c3:b7:28:ed:2e:
04:94:16:2c:35:1c:46:c6:54:f6:f3:90:6d:06:42:2b:be:44:
d2:6f:87:df:46:f8:58:a6:44:8b:a0:ed:7f:f2:a8:33:41:12:
da:c0:10:76:66:4a:35:6d:27:4e:48:b3:f3:66:ea:a2:a8:d4:
27:31:a8:65:ac:b2:ea:82:29:78:06:96:43:c7:d8:24:b8:7e:
48:07:3a:0d:bf:25:eb:36:3d:85:39:e1:52:2f:35:36:85:45:
4b:10:da:18:2b:e0:dc:61:6b:48:e1:e2:18:23:4e:ce:9b:dc:
4b:6e:33:68:aa:d7:f9:25:8e:bc:14:72:9c:5a:12:71:67:3e:
3a:65:7d:ec:10:21:f9:a3:ff:33:fb:00:9e:fd:51:be:c7:71:
f0:ce:0d:4b:8f:b2:da:07:4d:34:de:d6:3e:a8:fa:e1:b1:bc:
99:b3:78:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qs7ADvHis3sOLCkpQT6QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjk1ZTQ3NjU5ZTA3Mjc5MGFmZDFkMGI5NjAzNmNhNGQ1ZTQ0ZTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhr+5CaKTP8EXFfb+UpjaPMDqr0s6
jxJWh+Hswzpmb68HGpaHkMOBGU/bdAz2GJ6oY+v1BVTeWcJnlUC2lb0HwyZe4lkG
QPqaqKHIdSOD1YKrqDqjneQa5wYihj/FjcpviYYt7yyaEEViYpXWOp2pJgOILCwV
0zgKPRq7EHGMxG374zESTXZ/t/8WgvZuyfia7aOEsIaIQ+WivFXPJHANbm0bV8Gx
e6pC/3zw6a9Xr0gbs+QBuoBYQcEIxOTlS5ZXblWM74mOtwtJxq/umWxYf+Hn2/V8
DKHDmOHJQKRtCtDiu3FoNRjT5xS09ZaUJbCRsfJ43L5AiT5YK08o7l/CrQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLuV5HZZ4HJ5Cv0dC5YDbKTV5E5mMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvdTVYa2RsbmdjbmtLX1IwTGxnTnNwTlhrVG1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDd
MA0GCSqGSIb3DQEBCwUAA4IBAQBnzVqH846uySKMoMiDJCIsNBEnoJ+MqEnmGE8W
Su3nHz4Jrf1wIHQtSQpCYAmbnuDPCnuKAp9VcXoMrHn/gJqXkZEcZSgmGrsy7aTY
KXzTvIdzgJZTw7co7S4ElBYsNRxGxlT285BtBkIrvkTSb4ffRvhYpkSLoO1/8qgz
QRLawBB2Zko1bSdOSLPzZuqiqNQnMahlrLLqgil4BpZDx9gkuH5IBzoNvyXrNj2F
OeFSLzU2hUVLENoYK+DcYWtI4eIYI07Om9xLbjNoqtf5JY68FHKcWhJxZz46ZX3s
ECH5o/8z+wCe/VG+x3Hwzg1Lj7LaB0003tY+qPrhsbyZs3jA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:11 2024 by rpki-client on console-ams.rpki-client.org