Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/yvVPSFnkFiX3uVo7_NBxF45CMVk.roa
File: yvVPSFnkFiX3uVo7_NBxF45CMVk.roa (raw, json)
Hash identifier: JlD1iz5UoA9ABjQJtz1avR1O4oQqw2QQRdE7sElUNd4=
Subject key identifier: CA:F5:4F:48:59:E4:16:25:F7:B9:5A:3B:FC:D0:71:17:8E:42:31:59
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F07FC8ECC5BFEDCE6542DE3EB2B1FA
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/yvVPSFnkFiX3uVo7_NBxF45CMVk.roa
Signing time: Wed 07 Feb 2024 05:00:38 +0000
ROA not before: Wed 07 Feb 2024 05:00:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200101
IP address blocks: 2a0f:b241:1a::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:7f:c8:ec:c5:bf:ed:ce:65:42:de:3e:b2:b1:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caf54f4859e41625f7b95a3bfcd071178e423159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bc:9c:e8:68:18:26:a7:b6:bb:6f:2f:47:32:
42:32:02:9f:af:1e:ad:61:30:3f:cd:9a:69:56:c8:
23:15:f7:4e:0a:7f:1f:81:ae:26:4e:aa:94:cc:b3:
71:dd:03:62:e1:a1:30:4b:52:d5:a9:0e:5b:f0:5a:
88:7d:82:2f:30:ba:f8:d6:eb:e2:fa:b8:2a:02:bd:
87:e4:38:87:52:57:94:27:72:5b:37:27:e2:9e:6a:
55:f6:a7:ea:39:30:86:3c:87:bf:e3:5c:01:56:64:
a7:b0:08:50:5f:ee:c8:ed:85:1d:49:17:6c:67:05:
5b:bf:f4:4b:d5:09:e3:60:de:64:60:89:44:4a:6e:
fc:bb:8d:5a:cc:46:b9:01:dc:ec:cb:40:c1:00:f7:
cd:d2:61:9c:a1:95:f9:de:2b:31:e6:22:19:1d:f3:
1d:de:e2:f5:6e:d8:57:55:0c:8e:0a:3e:e2:4d:21:
31:96:f5:30:a3:63:fb:99:2a:1e:b7:25:a4:bb:f7:
14:f7:d3:38:86:45:96:3d:4d:22:13:5e:f3:66:7e:
a8:60:73:d6:1c:37:da:59:ec:12:89:d4:25:b4:3f:
5a:4f:af:bf:b5:e6:58:d4:0b:54:a9:75:b5:df:06:
d7:aa:86:d4:37:17:62:18:32:e7:a1:e7:0c:63:0f:
2d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F5:4F:48:59:E4:16:25:F7:B9:5A:3B:FC:D0:71:17:8E:42:31:59
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/yvVPSFnkFiX3uVo7_NBxF45CMVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:1a::/48
Signature Algorithm: sha256WithRSAEncryption
32:21:c6:39:05:fd:7b:f7:4d:b4:67:b7:12:cb:70:3d:4b:7e:
27:f7:43:0f:c7:74:16:b7:4d:f2:16:09:3d:40:e5:14:23:a1:
7b:97:ad:d7:97:d3:f0:2b:4e:3f:cd:b5:0e:f3:3a:e6:89:50:
c0:5a:2b:20:51:41:2b:69:fa:80:81:5d:b3:2b:40:b9:43:da:
ea:f2:d0:96:77:41:ac:6a:c1:a3:d9:63:9e:a4:95:77:b5:ce:
4e:10:85:79:05:ac:34:0f:b4:d8:5e:fa:15:2c:ce:4c:f0:74:
d6:0e:19:e2:f8:fa:b5:04:87:4a:b7:31:2a:fb:6b:8b:11:8f:
89:5d:ff:78:d8:c2:7a:98:c4:98:7d:06:62:d6:c7:f1:75:b9:
e3:52:cb:ab:fa:c5:c4:06:0a:a2:ef:93:ee:e8:8d:87:b3:ff:
68:ce:dc:56:33:63:3b:af:fa:42:0b:e5:4e:ec:a9:83:9a:91:
e1:d7:38:6b:02:0e:84:a4:a4:3f:df:e7:76:10:15:fa:8a:36:
98:87:03:53:5a:18:0c:ef:1e:9f:45:53:6e:25:60:e4:48:2a:
c8:69:15:56:4b:de:c9:54:8c:66:3c:c2:ce:38:d7:8f:f1:01:
fb:e7:99:bb:62:ea:ac:27:8e:98:f7:a3:e6:37:22:cb:60:b6:
f3:a6:0d:d8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8H/I7MW/7c5lQt4+srH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWY1NGY0ODU5ZTQxNjI1ZjdiOTVhM2JmY2QwNzExNzhlNDIzMTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLyc6GgYJqe2u28vRzJCMgKfrx6t
YTA/zZppVsgjFfdOCn8fga4mTqqUzLNx3QNi4aEwS1LVqQ5b8FqIfYIvMLr41uvi
+rgqAr2H5DiHUleUJ3JbNyfinmpV9qfqOTCGPIe/41wBVmSnsAhQX+7I7YUdSRds
ZwVbv/RL1QnjYN5kYIlESm78u41azEa5Adzsy0DBAPfN0mGcoZX53isx5iIZHfMd
3uL1bthXVQyOCj7iTSExlvUwo2P7mSoetyWku/cU99M4hkWWPU0iE17zZn6oYHPW
HDfaWewSidQltD9aT6+/teZY1AtUqXW13wbXqobUNxdiGDLnoecMYw8t9QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMr1T0hZ5BYl97laO/zQcReOQjFZMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEveXZWUFNGbmtGaVgzdVZvN19OQnhGNDVDTVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAa
MA0GCSqGSIb3DQEBCwUAA4IBAQAyIcY5Bf179020Z7cSy3A9S34n90MPx3QWt03y
Fgk9QOUUI6F7l63Xl9PwK04/zbUO8zrmiVDAWisgUUErafqAgV2zK0C5Q9rq8tCW
d0GsasGj2WOepJV3tc5OEIV5Baw0D7TYXvoVLM5M8HTWDhni+Pq1BIdKtzEq+2uL
EY+JXf942MJ6mMSYfQZi1sfxdbnjUsur+sXEBgqi75Pu6I2Hs/9oztxWM2M7r/pC
C+VO7KmDmpHh1zhrAg6EpKQ/3+d2EBX6ijaYhwNTWhgM7x6fRVNuJWDkSCrIaRVW
S97JVIxmPMLOONeP8QH755m7YuqsJ46Y96PmNyLLYLbzpg3Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:14 2024 by rpki-client on console-fra.rpki-client.org