Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/uevVngQzsz9gWt8bXal51NHQW78.roa
File: uevVngQzsz9gWt8bXal51NHQW78.roa (raw, json)
Hash identifier: WKAkrSzxzyBQWVbARo83kZtOOKJwWELVHY5aJuqPDiw=
Subject key identifier: B9:EB:D5:9E:04:33:B3:3F:60:5A:DF:1B:5D:A9:79:D4:D1:D0:5B:BF
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAF60EB8DEBCE5DC02084CBCB7EEBC8
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/uevVngQzsz9gWt8bXal51NHQW78.roa
Signing time: Tue 06 Feb 2024 18:30:16 +0000
ROA not before: Tue 06 Feb 2024 18:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60841
IP address blocks: 2a0f:b241:125::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:af:60:eb:8d:eb:ce:5d:c0:20:84:cb:cb:7e:eb:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9ebd59e0433b33f605adf1b5da979d4d1d05bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:bb:e7:0e:e1:57:92:64:b8:40:c0:c3:54:0e:
7b:82:40:c0:70:28:14:27:e8:df:7e:86:87:c5:5c:
52:5f:67:ac:ac:bd:1b:4b:53:80:08:ff:27:d3:0c:
08:6f:0a:b9:55:ee:c7:aa:81:b6:50:6d:bb:e8:e5:
4f:7c:7c:a5:66:13:10:79:43:ae:d2:92:1d:6f:5a:
b0:c8:ed:b8:53:08:22:0a:c8:84:37:8b:36:30:b9:
2e:6b:f5:22:23:c3:cd:cb:34:2c:ae:c9:a0:87:5a:
0a:e4:5f:9b:36:b9:d6:4c:a8:a4:27:d6:78:06:d8:
7c:43:58:28:87:13:e5:87:42:6a:12:49:1f:33:a3:
5f:63:ae:e8:53:dc:3b:8f:9b:aa:2f:43:90:fd:62:
74:c4:37:7a:63:68:c3:99:91:42:ce:c2:2b:46:2f:
a7:46:43:a9:66:88:d5:00:1e:9b:1f:33:af:5a:6a:
07:be:86:9b:52:8b:d6:70:38:fe:f9:03:ef:6c:52:
eb:da:31:88:24:1d:8d:6d:90:06:0a:4c:2c:ff:54:
1d:0f:54:c0:b7:65:a7:b0:9c:5a:9c:a1:97:18:cd:
50:88:75:79:5f:ac:56:62:be:7e:11:b8:0f:8e:f4:
53:85:94:49:8c:40:4b:0b:66:98:06:1c:d5:09:71:
0c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:EB:D5:9E:04:33:B3:3F:60:5A:DF:1B:5D:A9:79:D4:D1:D0:5B:BF
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/uevVngQzsz9gWt8bXal51NHQW78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:125::/48
Signature Algorithm: sha256WithRSAEncryption
74:50:2f:f3:14:f9:df:d7:67:b3:ad:a8:dd:be:12:e8:78:69:
fa:56:5c:1c:8a:19:b0:29:b5:05:0b:35:7a:7a:7a:45:20:e4:
67:fc:04:6f:c8:41:9a:fe:67:ba:9f:c7:c7:45:8d:54:02:1b:
e7:2e:5e:fb:73:00:c5:79:7f:1c:fa:72:23:1c:64:bc:46:20:
db:bd:b7:99:ae:2c:20:66:ed:e5:7d:83:3a:94:c4:48:5b:7e:
be:62:69:c7:71:ba:da:d7:1d:95:6e:77:18:38:f4:63:46:85:
8a:19:b0:de:7c:3e:af:88:d7:24:92:bb:01:9a:80:99:de:77:
4c:20:8c:bf:6a:9d:b3:8e:82:8a:e8:93:d5:8a:ab:f9:77:6e:
31:96:aa:6c:45:47:6c:f8:28:6b:f5:45:99:8d:90:10:d3:72:
07:79:33:64:ad:c6:4b:53:8b:7e:7d:5d:dd:98:53:21:92:8f:
71:54:3e:69:6b:00:b8:c0:ca:37:d8:e5:fa:2b:2c:68:6f:28:
e1:6c:e1:19:81:25:89:2a:cb:c4:0b:1a:d0:eb:af:c2:d3:e4:
a4:7b:c4:2f:02:d0:e7:1d:90:61:e3:c9:b2:a9:41:10:34:a3:
89:d3:9f:e5:2c:e5:c0:f2:b9:a0:70:8d:b6:62:20:25:cc:59:
fe:43:bb:a6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/r2DrjevOXcAghMvLfuvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWViZDU5ZTA0MzNiMzNmNjA1YWRmMWI1ZGE5NzlkNGQxZDA1YmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbvnDuFXkmS4QMDDVA57gkDAcCgU
J+jffoaHxVxSX2esrL0bS1OACP8n0wwIbwq5Ve7HqoG2UG276OVPfHylZhMQeUOu
0pIdb1qwyO24UwgiCsiEN4s2MLkua/UiI8PNyzQsrsmgh1oK5F+bNrnWTKikJ9Z4
Bth8Q1gohxPlh0JqEkkfM6NfY67oU9w7j5uqL0OQ/WJ0xDd6Y2jDmZFCzsIrRi+n
RkOpZojVAB6bHzOvWmoHvoabUovWcDj++QPvbFLr2jGIJB2NbZAGCkws/1QdD1TA
t2WnsJxanKGXGM1QiHV5X6xWYr5+EbgPjvRThZRJjEBLC2aYBhzVCXEMzwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLnr1Z4EM7M/YFrfG12pedTR0Fu/MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvdWV2Vm5nUXpzejlnV3Q4YlhhbDUxTkhRVzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEl
MA0GCSqGSIb3DQEBCwUAA4IBAQB0UC/zFPnf12ezrajdvhLoeGn6VlwcihmwKbUF
CzV6enpFIORn/ARvyEGa/me6n8fHRY1UAhvnLl77cwDFeX8c+nIjHGS8RiDbvbeZ
riwgZu3lfYM6lMRIW36+YmnHcbra1x2VbncYOPRjRoWKGbDefD6viNckkrsBmoCZ
3ndMIIy/ap2zjoKK6JPViqv5d24xlqpsRUds+Chr9UWZjZAQ03IHeTNkrcZLU4t+
fV3dmFMhko9xVD5pawC4wMo32OX6KyxobyjhbOEZgSWJKsvECxrQ66/C0+Ske8Qv
AtDnHZBh48myqUEQNKOJ05/lLOXA8rmgcI22YiAlzFn+Q7um
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:14 2024 by rpki-client on console-fra.rpki-client.org