Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/v5tb0b0tCxbCIfujcRE4SchKesU.roa
File: v5tb0b0tCxbCIfujcRE4SchKesU.roa (raw, json)
Hash identifier: HRliWV+NzqQ+LLZ0EE/hluH5KfsohlODpjCwglLoaYQ=
Subject key identifier: BF:9B:5B:D1:BD:2D:0B:16:C2:21:FB:A3:71:11:38:49:C8:4A:7A:C5
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F09B3B68C24EE394CE08D64B0389E0
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/v5tb0b0tCxbCIfujcRE4SchKesU.roa
Signing time: Wed 07 Feb 2024 05:00:45 +0000
ROA not before: Wed 07 Feb 2024 05:00:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208787
IP address blocks: 2a0f:b241:40::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:9b:3b:68:c2:4e:e3:94:ce:08:d6:4b:03:89:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf9b5bd1bd2d0b16c221fba371113849c84a7ac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:0f:2e:eb:02:d3:86:b2:23:72:75:b9:b9:2f:
1f:f8:fa:f6:73:fc:3a:8d:d6:20:48:07:e2:8a:95:
63:3b:05:5e:dd:ba:dd:2c:3d:66:fb:ad:ce:52:bc:
5a:fe:e7:41:78:69:20:d3:b0:54:f8:c5:ab:12:9c:
25:14:34:cd:44:19:af:ce:02:49:e2:dc:19:98:e9:
d5:00:40:64:35:15:c6:00:da:b3:fa:80:1c:89:cd:
70:e5:3d:50:b1:fb:2b:91:2a:1c:36:bb:e1:89:17:
88:cc:c6:94:98:5f:7e:5f:10:08:68:54:40:17:f9:
02:32:ad:f6:e7:7d:30:d0:46:1f:ba:0e:63:ef:bd:
95:c1:e0:55:2a:48:c9:f5:8b:0f:a0:90:ff:1b:d4:
b4:3f:ec:71:3e:04:6b:38:b6:36:e5:50:f5:0f:4d:
9a:5a:81:de:7b:ff:f6:a8:a7:10:09:04:a8:8a:4e:
77:a6:c9:0a:30:da:cf:80:89:01:fe:c7:41:4f:91:
3c:de:7b:4b:02:de:0b:93:76:1e:24:24:c2:5c:92:
2b:2a:1d:dd:d0:fe:f6:2b:89:7b:38:c0:8a:eb:ad:
dc:a4:2d:ee:bf:69:c6:42:0f:65:67:83:87:91:1b:
4d:17:47:47:31:df:08:92:dd:d9:7c:57:2e:42:b2:
f4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:9B:5B:D1:BD:2D:0B:16:C2:21:FB:A3:71:11:38:49:C8:4A:7A:C5
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/v5tb0b0tCxbCIfujcRE4SchKesU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:40::/48
Signature Algorithm: sha256WithRSAEncryption
67:1e:61:a1:a9:ca:4e:5b:a6:a8:df:c5:de:ad:7b:7e:89:4d:
48:b0:b8:b4:fa:e7:55:ca:b2:4a:ec:ef:52:8d:f0:07:f7:ec:
3b:7c:47:44:f5:d8:5d:13:14:26:fb:2c:87:67:31:79:b0:3c:
99:17:e7:72:ba:07:58:81:51:17:a3:1f:a3:fa:47:a1:46:74:
5c:4e:42:de:67:e2:73:52:7b:ca:e2:a6:ce:f1:7d:48:da:91:
c7:cc:b9:d5:2e:3d:b4:da:e3:12:ef:89:bc:fe:38:53:23:6d:
44:de:f4:57:dd:8e:df:d9:7c:79:21:e7:98:4c:bc:cc:51:35:
f9:6a:98:b0:65:87:56:ef:d4:6f:5b:a7:da:94:3c:3a:f9:b6:
ae:eb:9c:b2:29:82:3f:4c:86:22:97:f5:76:3e:84:06:5a:d9:
9d:15:db:cb:a8:55:c6:25:7d:8e:21:54:06:62:40:5d:de:d1:
9b:bd:ff:15:f6:e2:16:45:bc:88:ff:59:85:13:1f:fa:00:2e:
c2:6d:67:fb:d6:1b:64:26:24:11:a7:5e:64:a4:cd:f9:0c:50:
98:fd:bf:09:f2:e1:a3:4e:dd:74:ad:e9:fb:0a:28:89:7c:08:
ac:2e:7a:66:9c:b3:fd:fa:f4:40:ae:e6:24:be:59:6e:fe:2e:
98:55:ee:36
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8Js7aMJO45TOCNZLA4ngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjliNWJkMWJkMmQwYjE2YzIyMWZiYTM3MTExMzg0OWM4NGE3YWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgA8u6wLThrIjcnW5uS8f+Pr2c/w6
jdYgSAfiipVjOwVe3brdLD1m+63OUrxa/udBeGkg07BU+MWrEpwlFDTNRBmvzgJJ
4twZmOnVAEBkNRXGANqz+oAcic1w5T1QsfsrkSocNrvhiReIzMaUmF9+XxAIaFRA
F/kCMq32530w0EYfug5j772VweBVKkjJ9YsPoJD/G9S0P+xxPgRrOLY25VD1D02a
WoHee//2qKcQCQSoik53pskKMNrPgIkB/sdBT5E83ntLAt4Lk3YeJCTCXJIrKh3d
0P72K4l7OMCK663cpC3uv2nGQg9lZ4OHkRtNF0dHMd8Ikt3ZfFcuQrL0yQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL+bW9G9LQsWwiH7o3EROEnISnrFMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvdjV0YjBiMHRDeGJDSWZ1amNSRTRTY2hLZXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBA
MA0GCSqGSIb3DQEBCwUAA4IBAQBnHmGhqcpOW6ao38XerXt+iU1IsLi0+udVyrJK
7O9SjfAH9+w7fEdE9dhdExQm+yyHZzF5sDyZF+dyugdYgVEXox+j+kehRnRcTkLe
Z+JzUnvK4qbO8X1I2pHHzLnVLj202uMS74m8/jhTI21E3vRX3Y7f2Xx5IeeYTLzM
UTX5apiwZYdW79RvW6falDw6+bau65yyKYI/TIYil/V2PoQGWtmdFdvLqFXGJX2O
IVQGYkBd3tGbvf8V9uIWRbyI/1mFEx/6AC7CbWf71htkJiQRp15kpM35DFCY/b8J
8uGjTt10ren7CiiJfAisLnpmnLP9+vRAruYkvllu/i6YVe42
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:11 2024 by rpki-client on console-ams.rpki-client.org