Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/yCItZHFKTPzpmvaxwzMKpAXY0g0.roa
File: yCItZHFKTPzpmvaxwzMKpAXY0g0.roa (raw, json)
Hash identifier: jnUEyZEBbb4ei2A3uiMgeXZbNNCqQk3QYnkbTx3ihW0=
Subject key identifier: C8:22:2D:64:71:4A:4C:FC:E9:9A:F6:B1:C3:33:0A:A4:05:D8:D2:0D
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA6360481B2FBD48EDC28AE31A2BFAC
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/yCItZHFKTPzpmvaxwzMKpAXY0g0.roa
Signing time: Tue 06 Feb 2024 18:20:15 +0000
ROA not before: Tue 06 Feb 2024 18:20:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197434
IP address blocks: 2a0f:b241:70::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a6:36:04:81:b2:fb:d4:8e:dc:28:ae:31:a2:bf:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:20:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8222d64714a4cfce99af6b1c3330aa405d8d20d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:37:59:1a:fe:5c:9a:0f:7e:91:04:1e:6a:28:
40:11:96:f3:ee:d2:59:aa:8f:a5:99:2a:d1:75:81:
2d:57:40:35:34:ba:fc:93:99:15:fc:2f:de:b4:c7:
3a:6d:50:1d:44:24:b0:53:57:c5:42:99:da:f5:4c:
06:4f:43:f3:1a:37:64:17:94:33:dc:bf:bf:84:66:
b6:68:7c:de:3d:e9:58:3e:05:5f:21:b2:32:e3:a0:
24:f2:8b:57:14:03:97:68:94:3e:51:66:40:0b:22:
5c:bf:b0:9f:64:77:d7:b0:36:27:46:e6:76:62:f4:
34:42:5b:a2:83:8a:da:85:de:36:c6:69:35:e5:90:
b1:e8:76:d6:2f:f9:d6:45:c5:25:67:78:33:f9:e2:
3a:fe:be:b7:3a:75:8e:18:a1:25:c3:74:87:ea:d6:
bc:10:30:a9:b3:04:21:a1:20:2f:3a:53:47:98:65:
4a:10:ab:72:2b:f1:13:34:3e:98:e9:7f:e3:ea:6d:
9d:7b:09:87:73:9c:c2:76:4c:e5:f5:4a:bb:5d:cd:
08:f2:d0:38:b7:4a:67:dd:87:88:76:90:b2:bb:f5:
1b:b2:69:38:bf:cd:f7:f1:05:40:a5:52:48:24:6f:
15:6b:23:3d:ef:61:b0:9f:6a:73:c4:fb:d5:0c:61:
fd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:22:2D:64:71:4A:4C:FC:E9:9A:F6:B1:C3:33:0A:A4:05:D8:D2:0D
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/yCItZHFKTPzpmvaxwzMKpAXY0g0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:70::/48
Signature Algorithm: sha256WithRSAEncryption
50:45:c6:f6:cb:6c:99:71:3e:51:1c:cf:84:ed:3f:18:0e:d6:
db:bd:7a:b0:a2:67:70:6f:46:a3:87:43:ab:cb:e3:24:77:ff:
fe:cc:62:51:e8:a8:49:e9:6b:1f:3a:dd:13:66:a6:a1:a6:89:
e4:51:b6:a6:6a:7a:b7:44:87:18:e3:23:6c:41:21:c5:7a:b2:
40:cd:ad:fc:0a:79:db:ef:47:f4:d4:2b:9c:5e:e1:1f:ed:58:
43:7f:a0:a8:27:be:16:51:46:1e:bc:58:1e:ce:aa:60:81:69:
88:a4:a9:7a:69:da:98:b8:c0:70:3b:36:d9:52:51:ad:a9:bd:
aa:8d:80:d1:9c:e5:02:7e:3a:fb:38:b1:1f:d7:80:4d:97:b1:
d5:31:bb:61:92:bb:87:0c:a2:22:c5:2b:ab:65:d9:11:9e:20:
46:54:29:7b:f7:85:dc:b0:ac:42:33:a9:44:d2:d4:0e:fa:4d:
0a:b0:46:4f:e4:7c:a6:28:e6:21:cf:0c:fd:92:d1:05:68:42:
1b:6f:ff:9a:5c:76:45:ac:5e:d5:46:27:45:85:dc:aa:21:7f:
c4:f0:a0:c9:92:6b:e8:e4:57:0a:7b:7c:84:4e:aa:1e:2d:cc:
a4:e3:83:0f:c3:16:53:3b:12:b0:0a:67:e1:34:72:b5:26:60:
92:b6:be:ff
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/pjYEgbL71I7cKK4xor+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODIyMmQ2NDcxNGE0Y2ZjZTk5YWY2YjFjMzMzMGFhNDA1ZDhkMjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjdZGv5cmg9+kQQeaihAEZbz7tJZ
qo+lmSrRdYEtV0A1NLr8k5kV/C/etMc6bVAdRCSwU1fFQpna9UwGT0PzGjdkF5Qz
3L+/hGa2aHzePelYPgVfIbIy46Ak8otXFAOXaJQ+UWZACyJcv7CfZHfXsDYnRuZ2
YvQ0Qluig4rahd42xmk15ZCx6HbWL/nWRcUlZ3gz+eI6/r63OnWOGKElw3SH6ta8
EDCpswQhoSAvOlNHmGVKEKtyK/ETND6Y6X/j6m2dewmHc5zCdkzl9Uq7Xc0I8tA4
t0pn3YeIdpCyu/Ubsmk4v8338QVApVJIJG8VayM972Gwn2pzxPvVDGH9jwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMgiLWRxSkz86Zr2scMzCqQF2NINMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEveUNJdFpIRktUUHpwbXZheHd6TUtwQVhZMGcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBw
MA0GCSqGSIb3DQEBCwUAA4IBAQBQRcb2y2yZcT5RHM+E7T8YDtbbvXqwomdwb0aj
h0Ory+Mkd//+zGJR6KhJ6WsfOt0TZqahponkUbamanq3RIcY4yNsQSHFerJAza38
Cnnb70f01CucXuEf7VhDf6CoJ74WUUYevFgezqpggWmIpKl6adqYuMBwOzbZUlGt
qb2qjYDRnOUCfjr7OLEf14BNl7HVMbthkruHDKIixSurZdkRniBGVCl794XcsKxC
M6lE0tQO+k0KsEZP5HymKOYhzwz9ktEFaEIbb/+aXHZFrF7VRidFhdyqIX/E8KDJ
kmvo5FcKe3yETqoeLcyk44MPwxZTOxKwCmfhNHK1JmCStr7/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:14 2024 by rpki-client on console-fra.rpki-client.org