Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/5ON526Zha9n_gQc3JSJqlf9M924.roa
File: 5ON526Zha9n_gQc3JSJqlf9M924.roa (raw, json)
Hash identifier: Mbiv8ovXJrvIijJ07RHFlPJh1EmyPM8sR3IBwYKdLvY=
Subject key identifier: E4:E3:79:DB:A6:61:6B:D9:FF:81:07:37:25:22:6A:95:FF:4C:F7:6E
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAACB0F9679A1C6E1F24DEFDD6312A7
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/5ON526Zha9n_gQc3JSJqlf9M924.roa
Signing time: Tue 06 Feb 2024 18:25:15 +0000
ROA not before: Tue 06 Feb 2024 18:25:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200954
IP address blocks: 2a0f:b241:da::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:aa:cb:0f:96:79:a1:c6:e1:f2:4d:ef:dd:63:12:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:25:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4e379dba6616bd9ff81073725226a95ff4cf76e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7a:37:f0:c9:30:2f:14:d8:20:3b:48:64:3d:
30:2f:07:c6:5c:b4:6d:5c:86:7c:a1:e0:58:ab:2b:
82:76:50:73:db:5b:4f:be:f6:5d:cc:4c:45:1c:a1:
d3:1d:0f:b0:90:b2:8f:fd:fb:6a:9e:1c:54:b0:5b:
32:38:d8:0a:9d:6e:99:5d:5b:86:c9:da:fe:67:29:
7c:69:21:50:cb:67:c4:cf:d0:66:44:33:19:0f:17:
6e:53:87:9c:25:3b:fa:00:5d:8a:2b:e1:d1:28:92:
87:e6:5d:15:fb:1b:3e:82:6d:3f:4f:eb:6f:fc:9e:
cf:f5:d0:da:11:80:07:9a:ae:af:80:ba:46:74:b4:
75:16:6d:68:15:6c:cd:04:af:c5:9c:1b:fc:b0:4c:
99:75:57:c1:d2:46:98:76:11:23:2d:e7:a4:1f:d8:
71:a1:8d:65:22:be:7b:31:2b:be:c7:af:30:e8:c7:
92:08:2e:25:a1:d5:30:54:9a:78:23:10:94:9b:65:
9c:c2:d1:f3:17:c0:62:6b:65:ba:15:64:c2:9d:2f:
d5:fa:5a:41:8f:88:4c:29:c0:ac:9f:e7:21:a5:51:
00:72:b1:7b:6d:89:31:dd:d1:c5:ea:8f:10:24:e7:
81:93:9d:4b:49:82:91:32:e3:e3:81:f4:4c:70:72:
7e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E3:79:DB:A6:61:6B:D9:FF:81:07:37:25:22:6A:95:FF:4C:F7:6E
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/5ON526Zha9n_gQc3JSJqlf9M924.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:da::/48
Signature Algorithm: sha256WithRSAEncryption
2d:ed:a7:1f:8f:1f:54:04:78:9e:7c:0b:e9:a9:56:49:bd:a7:
a7:9b:63:2f:53:97:d5:fd:e7:93:5b:c3:de:fa:f0:4f:d2:78:
40:cd:19:54:83:c9:4a:ae:ce:7b:ce:99:16:8d:e7:75:62:46:
c0:fb:ff:5b:f7:d2:50:42:6b:10:13:ee:11:0f:ad:68:6a:61:
6d:42:05:57:1a:e1:e7:c7:56:ee:ed:ce:92:27:b9:cd:38:36:
38:99:11:d8:ca:64:0d:49:d5:64:c6:fc:54:ef:d2:f4:64:06:
90:2a:5b:4c:e8:a5:81:72:0f:50:f4:e7:fa:6a:cc:0d:cb:03:
6b:08:73:7f:00:e5:b7:9b:d9:43:e3:15:97:66:bb:63:1b:d2:
da:07:b2:da:35:6b:7d:db:e1:5c:e3:ca:33:16:33:14:15:81:
69:e6:7a:a2:61:e8:de:f2:35:49:25:8c:94:5e:eb:bb:39:8d:
90:56:44:3b:7b:66:35:75:18:9a:fa:3a:c3:f8:6f:ad:35:18:
c3:19:dc:90:14:ad:cf:b2:1f:db:4a:87:cb:83:9e:58:bd:53:
8f:f6:04:57:7e:71:84:f1:f4:9a:fb:6f:0f:f7:97:ad:32:63:
2e:99:d1:8c:06:37:32:05:2d:cd:d8:23:fe:4c:cb:27:59:0e:
02:21:86:8d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qssPlnmhxuHyTe/dYxKnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGUzNzlkYmE2NjE2YmQ5ZmY4MTA3MzcyNTIyNmE5NWZmNGNmNzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHo38MkwLxTYIDtIZD0wLwfGXLRt
XIZ8oeBYqyuCdlBz21tPvvZdzExFHKHTHQ+wkLKP/ftqnhxUsFsyONgKnW6ZXVuG
ydr+Zyl8aSFQy2fEz9BmRDMZDxduU4ecJTv6AF2KK+HRKJKH5l0V+xs+gm0/T+tv
/J7P9dDaEYAHmq6vgLpGdLR1Fm1oFWzNBK/FnBv8sEyZdVfB0kaYdhEjLeekH9hx
oY1lIr57MSu+x68w6MeSCC4lodUwVJp4IxCUm2WcwtHzF8Bia2W6FWTCnS/V+lpB
j4hMKcCsn+chpVEAcrF7bYkx3dHF6o8QJOeBk51LSYKRMuPjgfRMcHJ+CwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOTjedumYWvZ/4EHNyUiapX/TPduMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvNU9ONTI2WmhhOW5fZ1FjM0pTSnFsZjlNOTI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDa
MA0GCSqGSIb3DQEBCwUAA4IBAQAt7acfjx9UBHiefAvpqVZJvaenm2MvU5fV/eeT
W8Pe+vBP0nhAzRlUg8lKrs57zpkWjed1YkbA+/9b99JQQmsQE+4RD61oamFtQgVX
GuHnx1bu7c6SJ7nNODY4mRHYymQNSdVkxvxU79L0ZAaQKltM6KWBcg9Q9Of6aswN
ywNrCHN/AOW3m9lD4xWXZrtjG9LaB7LaNWt92+Fc48ozFjMUFYFp5nqiYeje8jVJ
JYyUXuu7OY2QVkQ7e2Y1dRia+jrD+G+tNRjDGdyQFK3Psh/bSofLg55YvVOP9gRX
fnGE8fSa+28P95etMmMumdGMBjcyBS3N2CP+TMsnWQ4CIYaN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org