Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/vhnJ7FPTWfbrOzJPPLPEux7gb5s.roa
File: vhnJ7FPTWfbrOzJPPLPEux7gb5s.roa (raw, json)
Hash identifier: z6aT59BDGbRBt63vBnIqmMBRRUvnqZt6TIxyVnZJCXI=
Subject key identifier: BE:19:C9:EC:53:D3:59:F6:EB:3B:32:4F:3C:B3:C4:BB:1E:E0:6F:9B
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB6BAEC7082F6837C70D53BB6513C5C
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/vhnJ7FPTWfbrOzJPPLPEux7gb5s.roa
Signing time: Tue 06 Feb 2024 18:38:18 +0000
ROA not before: Tue 06 Feb 2024 18:38:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204882
IP address blocks: 2a0f:b241:138::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b6:ba:ec:70:82:f6:83:7c:70:d5:3b:b6:51:3c:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:38:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be19c9ec53d359f6eb3b324f3cb3c4bb1ee06f9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ec:50:7a:62:a4:de:37:0c:57:31:f3:c9:c6:
59:7b:f5:d6:ec:8e:9f:56:04:5b:88:36:13:92:3d:
a5:89:00:d7:0f:83:55:83:ff:66:42:f4:e5:cb:8a:
58:6c:8a:04:87:8e:33:98:68:22:78:df:01:f4:06:
ac:f5:a3:f7:68:85:53:aa:b2:3b:a3:98:30:51:97:
8f:7c:79:bc:dc:b9:ce:b1:8a:fe:e1:09:b1:33:83:
f1:0e:46:38:7b:51:9f:12:8f:19:3b:1b:c0:31:61:
46:30:31:bc:05:ab:67:5d:ff:a0:d7:4a:53:6d:6a:
97:ea:51:a8:06:27:39:01:52:e7:a4:5d:bf:48:46:
3d:d5:34:ab:e8:da:51:3c:39:29:d5:27:73:6a:74:
07:5f:09:cf:b2:33:a2:5b:49:70:56:c0:88:2a:10:
3a:99:5c:0c:83:cd:ac:87:9e:c5:73:88:74:a9:ed:
32:8e:71:6a:44:2b:00:50:0b:61:cc:77:ef:25:00:
5d:7f:c5:c5:a1:11:82:d3:e5:d4:b4:a1:1b:b3:ed:
6c:2a:9b:8b:0e:e6:00:1a:1a:00:35:d9:b0:53:2e:
0a:b8:ce:be:e1:40:9a:21:c7:0d:5a:2b:8b:9a:83:
e8:43:eb:f4:91:dc:44:aa:fa:4c:5d:b7:c4:81:b8:
8a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:19:C9:EC:53:D3:59:F6:EB:3B:32:4F:3C:B3:C4:BB:1E:E0:6F:9B
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/vhnJ7FPTWfbrOzJPPLPEux7gb5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:138::/48
Signature Algorithm: sha256WithRSAEncryption
15:81:a5:0c:48:93:11:5c:85:47:5e:a2:c5:43:43:a8:a6:8f:
01:eb:f1:a1:63:2e:74:e0:2d:c2:d9:15:e9:ea:ed:bc:85:16:
0b:08:c8:63:59:09:75:62:c4:f3:d6:fd:97:80:99:1d:de:60:
a8:68:cb:68:21:14:44:e5:c0:b5:c2:0c:9d:9c:42:31:07:56:
cd:a7:cc:8a:68:09:6a:73:74:87:28:af:65:8b:d4:fc:72:2d:
18:e0:2b:3b:ea:71:00:1e:86:4d:e6:44:bb:2e:a5:bb:a0:1a:
4e:8f:85:2e:20:c9:6a:e2:24:08:02:f0:fc:a7:8f:e2:67:b4:
85:55:75:8f:51:3e:31:7d:2d:a3:16:70:9a:44:b2:ca:4a:c1:
82:2d:4d:95:b7:15:d5:c6:7a:84:20:42:a7:18:bd:d2:5a:a9:
be:bc:c4:93:2f:99:af:0c:9e:38:2e:03:e9:e3:9a:85:51:6d:
e7:ca:21:b1:96:90:3c:8b:54:d8:49:a0:6b:27:ea:0a:95:80:
c3:ec:8c:27:2a:09:87:86:81:75:17:2a:fa:22:89:24:ad:64:
9b:05:c2:f3:5d:e1:f9:13:60:a2:7b:dd:d8:41:2a:e3:8c:0e:
1b:a4:9d:70:0f:a3:49:57:bc:30:0f:89:dd:65:80:e1:5c:7f:
71:18:21:57
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/trrscIL2g3xw1Tu2UTxcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTE5YzllYzUzZDM1OWY2ZWIzYjMyNGYzY2IzYzRiYjFlZTA2ZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOxQemKk3jcMVzHzycZZe/XW7I6f
VgRbiDYTkj2liQDXD4NVg/9mQvTly4pYbIoEh44zmGgieN8B9Aas9aP3aIVTqrI7
o5gwUZePfHm83LnOsYr+4QmxM4PxDkY4e1GfEo8ZOxvAMWFGMDG8BatnXf+g10pT
bWqX6lGoBic5AVLnpF2/SEY91TSr6NpRPDkp1SdzanQHXwnPsjOiW0lwVsCIKhA6
mVwMg82sh57Fc4h0qe0yjnFqRCsAUAthzHfvJQBdf8XFoRGC0+XUtKEbs+1sKpuL
DuYAGhoANdmwUy4KuM6+4UCaIccNWiuLmoPoQ+v0kdxEqvpMXbfEgbiKZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL4ZyexT01n26zsyTzyzxLse4G+bMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvdmhuSjdGUFRXZmJyT3pKUFBMUEV1eDdnYjVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQE4
MA0GCSqGSIb3DQEBCwUAA4IBAQAVgaUMSJMRXIVHXqLFQ0Oopo8B6/GhYy504C3C
2RXp6u28hRYLCMhjWQl1YsTz1v2XgJkd3mCoaMtoIRRE5cC1wgydnEIxB1bNp8yK
aAlqc3SHKK9li9T8ci0Y4Cs76nEAHoZN5kS7LqW7oBpOj4UuIMlq4iQIAvD8p4/i
Z7SFVXWPUT4xfS2jFnCaRLLKSsGCLU2VtxXVxnqEIEKnGL3SWqm+vMSTL5mvDJ44
LgPp45qFUW3nyiGxlpA8i1TYSaBrJ+oKlYDD7IwnKgmHhoF1Fyr6IokkrWSbBcLz
XeH5E2Cie93YQSrjjA4bpJ1wD6NJV7wwD4ndZYDhXH9xGCFX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:14 2024 by rpki-client on console-fra.rpki-client.org