Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-sSCpdoMsagdDNSAJ5H5ApYhoDk.roa
File: 1-sSCpdoMsagdDNSAJ5H5ApYhoDk.roa (raw, json)
Hash identifier: FF+J5MYki06PeE4qUBhBmZnr2gjbcvjLNEKcbLINRTA=
Subject key identifier: FA:C4:82:A5:DA:0C:B1:A8:1D:0C:D4:80:27:91:F9:02:96:21:A0:39
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F96A885D813FE9D0D13C2C02D1D57C3
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-sSCpdoMsagdDNSAJ5H5ApYhoDk.roa
Signing time: Tue 06 Feb 2024 18:03:16 +0000
ROA not before: Tue 06 Feb 2024 18:03:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50338
IP address blocks: 2a0f:b241:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:96:a8:85:d8:13:fe:9d:0d:13:c2:c0:2d:1d:57:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:03:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fac482a5da0cb1a81d0cd4802791f9029621a039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:03:06:47:f6:19:65:dc:bd:66:95:a3:43:2e:
be:ae:6e:d1:20:12:61:99:34:92:67:be:ce:3e:21:
c3:ff:4e:31:9d:bd:a3:7e:3e:90:3a:6e:73:ed:4c:
40:9d:e4:25:5e:e4:b5:fd:30:8b:49:b6:ec:45:d4:
4e:ad:3b:57:bc:de:0f:30:c4:97:73:46:05:9e:58:
a8:c3:f0:51:c5:97:dc:43:3a:88:51:b0:7f:53:ea:
66:c3:8a:b8:ad:81:94:d8:e6:ad:89:3a:e0:c1:4e:
d5:8b:51:d2:46:e6:08:e2:0b:ba:e8:a8:17:c0:98:
66:07:54:08:1e:5b:5b:3e:50:10:a4:a4:46:aa:a7:
5b:71:37:0b:73:1f:54:fb:67:6c:90:41:58:9d:32:
d4:2b:16:59:07:36:7f:64:f9:22:f1:bf:07:74:e2:
13:66:69:71:57:f9:86:11:15:cc:1a:96:3d:07:91:
49:1f:5b:6f:25:e1:28:9a:ae:eb:3c:eb:19:bc:74:
93:1a:a7:47:ab:3f:e1:2d:dc:f4:ed:d6:15:99:57:
4c:93:c3:a4:fc:12:58:54:5f:25:3e:3e:60:d0:c3:
6d:7b:f0:1d:04:38:a8:da:6c:25:17:4b:84:ea:39:
84:a9:c1:54:0e:8d:0e:77:90:f0:08:d8:d0:00:24:
f0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:C4:82:A5:DA:0C:B1:A8:1D:0C:D4:80:27:91:F9:02:96:21:A0:39
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-sSCpdoMsagdDNSAJ5H5ApYhoDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:64::/48
Signature Algorithm: sha256WithRSAEncryption
48:76:bd:6e:b5:1f:b2:e4:5e:ec:b8:49:ca:ba:a2:1f:c4:f5:
3b:ed:56:d2:2f:d5:d5:84:2b:44:15:32:d9:83:a2:6a:40:67:
8e:4c:d7:16:60:c9:74:15:ad:7f:a3:32:a0:b8:30:67:fd:8c:
47:9b:46:b7:9b:78:4e:7a:01:54:b2:0f:b4:59:dc:ec:aa:3e:
d3:5e:d0:dc:99:23:86:5d:d2:b2:09:ea:76:e5:ce:cb:24:69:
db:a2:14:04:f2:33:ec:bf:9d:5d:f7:ea:f1:60:52:d9:0f:83:
8a:00:6e:4c:d9:6d:17:42:3c:c4:9a:c9:b7:84:2c:a8:a0:f7:
95:f0:b8:3b:18:82:b1:7c:2f:b0:fc:b3:66:c0:e7:dd:f7:37:
25:e2:18:a4:02:c5:53:06:17:5c:90:b8:cd:68:14:50:79:79:
b9:a4:4a:9a:bc:96:ef:4d:4b:61:e5:96:5c:c0:83:6f:b5:79:
ca:66:b0:67:66:48:63:04:0a:5d:ab:c5:6e:09:b5:c3:7c:76:
33:2c:28:4d:0d:6f:48:42:68:3b:6d:bf:0a:bb:a6:cb:00:06:
6e:69:4d:d2:53:08:93:bc:87:60:1a:0f:9b:ce:62:53:4c:05:
b7:1c:cf:a5:c8:9a:4c:c9:f3:99:53:62:56:6a:2c:cc:fe:d5:
0e:1c:d6:d9
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAY1/lqiF2BP+nQ0TwsAtHVfDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWM0ODJhNWRhMGNiMWE4MWQwY2Q0ODAyNzkxZjkwMjk2MjFhMDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwMGR/YZZdy9ZpWjQy6+rm7RIBJh
mTSSZ77OPiHD/04xnb2jfj6QOm5z7UxAneQlXuS1/TCLSbbsRdROrTtXvN4PMMSX
c0YFnliow/BRxZfcQzqIUbB/U+pmw4q4rYGU2OatiTrgwU7Vi1HSRuYI4gu66KgX
wJhmB1QIHltbPlAQpKRGqqdbcTcLcx9U+2dskEFYnTLUKxZZBzZ/ZPki8b8HdOIT
ZmlxV/mGERXMGpY9B5FJH1tvJeEomq7rPOsZvHSTGqdHqz/hLdz07dYVmVdMk8Ok
/BJYVF8lPj5g0MNte/AdBDio2mwlF0uE6jmEqcFUDo0Od5DwCNjQACTwRwIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPrEgqXaDLGoHQzUgCeR+QKWIaA5MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMS1zU0NwZG9Nc2FnZEROU0FKNUg1QXBZaG9Eay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDMvYjg3ZWMwLWY3NWEtNGJiZS1iMDY3LWI3MTc5ODBlNGFk
Ni8xL2JvY1FTazIweEdOeHBfaTJwRUg4TU96ZjRnOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPskEA
ZDANBgkqhkiG9w0BAQsFAAOCAQEASHa9brUfsuRe7LhJyrqiH8T1O+1W0i/V1YQr
RBUy2YOiakBnjkzXFmDJdBWtf6MyoLgwZ/2MR5tGt5t4TnoBVLIPtFnc7Ko+017Q
3Jkjhl3SsgnqduXOyyRp26IUBPIz7L+dXffq8WBS2Q+DigBuTNltF0I8xJrJt4Qs
qKD3lfC4OxiCsXwvsPyzZsDn3fc3JeIYpALFUwYXXJC4zWgUUHl5uaRKmryW701L
YeWWXMCDb7V5ymawZ2ZIYwQKXavFbgm1w3x2MywoTQ1vSEJoO22/CrumywAGbmlN
0lMIk7yHYBoPm85iU0wFtxzPpciaTMnzmVNiVmoszP7VDhzW2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org