Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/AodOhv2M6vADluTk2UhC1Atap5I.roa
File: AodOhv2M6vADluTk2UhC1Atap5I.roa (raw, json)
Hash identifier: 5JaddmACK8FcXr4uDbUP3ik7otSa3cCm1cbk+8YZOtQ=
Subject key identifier: 02:87:4E:86:FD:8C:EA:F0:03:96:E4:E4:D9:48:42:D4:0B:5A:A7:92
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F09AB6B4839B5CBBD17A1450E3349D
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/AodOhv2M6vADluTk2UhC1Atap5I.roa
Signing time: Wed 07 Feb 2024 05:00:45 +0000
ROA not before: Wed 07 Feb 2024 05:00:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208548
IP address blocks: 2a0f:b241:161::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:9a:b6:b4:83:9b:5c:bb:d1:7a:14:50:e3:34:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02874e86fd8ceaf00396e4e4d94842d40b5aa792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:89:a4:5c:30:cd:7f:da:ef:4d:5c:b7:93:33:
9e:a3:50:95:59:ad:5e:52:80:ae:17:45:9d:a4:9b:
2d:a8:72:41:ca:11:fe:34:72:8c:22:8e:87:b6:83:
43:4f:ec:55:98:b4:96:1d:9e:c1:ad:0c:09:98:95:
08:9a:f7:33:2a:53:4d:f4:1f:35:17:4f:02:d9:b7:
2e:17:36:c1:8a:c3:77:0f:05:dd:33:29:c7:bb:9f:
c8:63:cd:c1:ab:1f:d5:c1:8b:7e:37:96:20:03:86:
c1:af:66:83:50:6d:b3:b8:e5:1c:79:04:d2:fa:60:
c7:a2:3e:7d:8f:62:b8:79:a3:10:7b:94:c7:64:a5:
66:9a:a7:0e:c6:a2:b8:e3:7a:0d:9e:c1:05:60:1d:
0d:f9:ed:e1:a6:69:60:e0:4c:65:77:78:3e:82:d2:
d2:1f:12:4b:f7:7a:5e:c5:a6:5b:6f:d1:5d:ed:7c:
92:83:79:c6:98:b9:31:86:0b:8b:85:6e:0a:e6:e4:
b9:c8:70:77:a9:f5:44:0a:81:87:a3:bb:77:38:c4:
96:3a:09:37:0e:e8:d9:ed:a0:dc:06:41:e3:ae:4e:
1c:b9:da:79:aa:56:5d:db:8b:5e:ba:a3:5c:63:3e:
a5:af:1c:13:95:0a:ac:bc:10:67:9c:3d:eb:5f:eb:
76:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:87:4E:86:FD:8C:EA:F0:03:96:E4:E4:D9:48:42:D4:0B:5A:A7:92
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/AodOhv2M6vADluTk2UhC1Atap5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:161::/48
Signature Algorithm: sha256WithRSAEncryption
6d:26:ab:04:33:e0:52:1d:fb:6f:96:d5:2d:83:58:25:65:3b:
93:38:08:9b:25:81:48:c8:ba:88:b5:26:82:60:a3:31:2c:8b:
0f:d6:a2:77:df:2a:f2:17:24:56:bb:12:e3:8d:bc:0f:01:ae:
c3:a3:7a:40:b3:df:6e:f0:9e:ce:22:d8:5d:eb:17:4e:e3:cc:
86:b5:49:b9:b1:0b:c9:f4:bc:90:ec:e7:e4:3e:34:d3:40:b6:
2f:22:53:56:0b:1f:34:29:25:4c:a1:f0:e4:7e:b6:0e:7c:3c:
6c:d0:56:dc:75:eb:ae:97:8e:ba:fd:2e:7b:6c:25:6f:ac:21:
75:3c:3e:33:7f:67:ee:7b:38:b4:ca:4d:63:16:b4:33:d9:dc:
11:7e:63:b6:6f:2e:33:f7:f4:44:7d:4e:aa:60:b9:65:6c:50:
9b:d0:ec:10:d1:74:63:6d:81:24:87:e8:8a:1f:0c:b8:19:e4:
cc:45:9d:5f:03:c8:f2:b1:95:18:42:d5:c8:e1:aa:da:50:4a:
c9:fc:26:33:31:5f:76:2a:9f:f8:45:76:2a:91:f3:69:d1:f5:
37:ac:b2:61:2f:c9:8b:94:09:5c:ed:03:63:50:ff:93:32:31:
d2:bd:d9:a8:8e:66:73:ca:6f:bb:42:1c:ad:e7:3b:18:c7:b3:
d3:24:cf:23
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8Jq2tIObXLvRehRQ4zSdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjg3NGU4NmZkOGNlYWYwMDM5NmU0ZTRkOTQ4NDJkNDBiNWFhNzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlomkXDDNf9rvTVy3kzOeo1CVWa1e
UoCuF0WdpJstqHJByhH+NHKMIo6HtoNDT+xVmLSWHZ7BrQwJmJUImvczKlNN9B81
F08C2bcuFzbBisN3DwXdMynHu5/IY83Bqx/VwYt+N5YgA4bBr2aDUG2zuOUceQTS
+mDHoj59j2K4eaMQe5THZKVmmqcOxqK443oNnsEFYB0N+e3hpmlg4Exld3g+gtLS
HxJL93pexaZbb9Fd7XySg3nGmLkxhguLhW4K5uS5yHB3qfVECoGHo7t3OMSWOgk3
DujZ7aDcBkHjrk4cudp5qlZd24teuqNcYz6lrxwTlQqsvBBnnD3rX+t2TwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAKHTob9jOrwA5bk5NlIQtQLWqeSMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvQW9kT2h2Mk02dkFEbHVUazJVaEMxQXRhcDVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFh
MA0GCSqGSIb3DQEBCwUAA4IBAQBtJqsEM+BSHftvltUtg1glZTuTOAibJYFIyLqI
tSaCYKMxLIsP1qJ33yryFyRWuxLjjbwPAa7Do3pAs99u8J7OIthd6xdO48yGtUm5
sQvJ9LyQ7OfkPjTTQLYvIlNWCx80KSVMofDkfrYOfDxs0Fbcdeuul466/S57bCVv
rCF1PD4zf2fuezi0yk1jFrQz2dwRfmO2by4z9/REfU6qYLllbFCb0OwQ0XRjbYEk
h+iKHwy4GeTMRZ1fA8jysZUYQtXI4araUErJ/CYzMV92Kp/4RXYqkfNp0fU3rLJh
L8mLlAlc7QNjUP+TMjHSvdmojmZzym+7Qhyt5zsYx7PTJM8j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org