Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/DMJHaxOQHBPwMyn149u1ckX-bLM.roa
File: DMJHaxOQHBPwMyn149u1ckX-bLM.roa (raw, json)
Hash identifier: 7V9pNZZb55/i+pWqf729uIkqcdXmGDpQa8So2yuOC70=
Subject key identifier: 0C:C2:47:6B:13:90:1C:13:F0:33:29:F5:E3:DB:B5:72:45:FE:6C:B3
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB971FA68CDBD308C63D50FF9B48089
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/DMJHaxOQHBPwMyn149u1ckX-bLM.roa
Signing time: Tue 06 Feb 2024 18:41:16 +0000
ROA not before: Tue 06 Feb 2024 18:41:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48883
IP address blocks: 2a0f:b241:15c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b9:71:fa:68:cd:bd:30:8c:63:d5:0f:f9:b4:80:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:41:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cc2476b13901c13f03329f5e3dbb57245fe6cb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8d:e5:c5:48:5c:97:20:1c:7e:f1:b0:f7:19:
ec:c7:49:7e:87:0c:e5:66:b4:75:22:fe:3f:f1:18:
61:86:16:43:3f:57:e0:5f:a3:cb:bd:84:cc:91:11:
44:94:52:29:5c:99:a6:1b:86:79:ac:9c:2a:91:88:
39:9c:bd:69:aa:7a:82:5b:03:c6:37:d1:4a:2f:29:
c7:ec:da:e6:19:71:a7:e4:ed:47:09:f2:4a:eb:3d:
26:ff:ba:d8:57:05:54:89:c1:e2:f5:8e:a1:f2:43:
a2:b3:b7:ae:2a:b0:6a:17:12:4d:ab:2b:f2:0f:5d:
e6:18:c5:39:6c:1a:49:5f:44:05:03:7a:06:46:fe:
0c:35:71:88:f5:db:2b:ff:eb:a8:2a:63:fa:9d:fd:
b7:af:84:03:e4:37:97:12:5a:6f:61:e9:36:1a:29:
d0:a3:c4:d8:b2:98:88:82:d7:21:7d:79:b1:8f:30:
37:7d:41:fe:38:70:08:b4:62:14:e9:ef:51:90:8e:
05:91:cd:43:f5:3d:2a:76:4d:a8:67:d6:8e:5a:6d:
f3:50:01:a9:cb:5c:2e:22:ab:34:29:7e:95:bd:62:
d5:4c:46:c6:d8:0e:83:0a:c2:be:b6:7c:72:9c:01:
8b:f2:c5:67:78:02:66:c3:1d:d3:4c:79:90:91:9a:
a6:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:C2:47:6B:13:90:1C:13:F0:33:29:F5:E3:DB:B5:72:45:FE:6C:B3
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/DMJHaxOQHBPwMyn149u1ckX-bLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:15c::/48
Signature Algorithm: sha256WithRSAEncryption
2e:e0:d9:5a:66:44:c5:f8:8f:42:6c:cb:9f:50:17:b5:9a:78:
b5:f9:51:d3:d0:00:21:32:63:5a:af:53:a5:18:56:8e:90:64:
c4:5c:7a:20:de:96:df:b1:90:25:a8:18:82:13:d5:07:4c:2d:
26:80:e5:18:53:bb:83:51:11:63:a3:d3:e9:de:e1:36:c3:0c:
b4:72:d1:eb:7e:65:66:be:b9:7c:a6:3b:2f:14:8a:00:1b:19:
54:35:00:13:19:fb:9b:94:06:0e:f3:a8:17:14:90:b3:89:c1:
d0:09:b6:b5:d2:7e:91:68:6f:fa:72:85:9c:76:f9:9f:2d:de:
67:57:e8:01:ec:58:ce:6b:c6:ea:43:b8:3b:77:e7:f0:ad:3c:
f9:a8:cb:6e:74:e0:0a:73:16:0e:3d:4c:45:e4:e5:f8:5f:3f:
be:1d:2e:42:8e:10:77:82:92:bd:f3:ad:ad:24:67:fb:7b:93:
b4:f0:e6:4d:ca:8b:3c:db:9a:5b:9f:5a:23:e8:b6:be:60:66:
09:38:fd:d6:6a:4b:91:6f:b5:98:f6:cb:b8:8b:0a:68:a3:e8:
c3:cd:a9:21:41:bd:46:c8:38:36:92:0e:5d:c7:05:97:dc:92:
7c:b5:7c:de:1c:f0:e4:99:bd:fd:1e:fc:3a:61:3a:b3:1c:3a:
9b:f2:9d:df
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/uXH6aM29MIxj1Q/5tICJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTg0MTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2MyNDc2YjEzOTAxYzEzZjAzMzI5ZjVlM2RiYjU3MjQ1ZmU2Y2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsY3lxUhclyAcfvGw9xnsx0l+hwzl
ZrR1Iv4/8RhhhhZDP1fgX6PLvYTMkRFElFIpXJmmG4Z5rJwqkYg5nL1pqnqCWwPG
N9FKLynH7NrmGXGn5O1HCfJK6z0m/7rYVwVUicHi9Y6h8kOis7euKrBqFxJNqyvy
D13mGMU5bBpJX0QFA3oGRv4MNXGI9dsr/+uoKmP6nf23r4QD5DeXElpvYek2GinQ
o8TYspiIgtchfXmxjzA3fUH+OHAItGIU6e9RkI4Fkc1D9T0qdk2oZ9aOWm3zUAGp
y1wuIqs0KX6VvWLVTEbG2A6DCsK+tnxynAGL8sVneAJmwx3TTHmQkZqmoQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAzCR2sTkBwT8DMp9ePbtXJF/myzMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvRE1KSGF4T1FIQlB3TXluMTQ5dTFja1gtYkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFc
MA0GCSqGSIb3DQEBCwUAA4IBAQAu4NlaZkTF+I9CbMufUBe1mni1+VHT0AAhMmNa
r1OlGFaOkGTEXHog3pbfsZAlqBiCE9UHTC0mgOUYU7uDURFjo9Pp3uE2wwy0ctHr
fmVmvrl8pjsvFIoAGxlUNQATGfublAYO86gXFJCzicHQCba10n6RaG/6coWcdvmf
Ld5nV+gB7FjOa8bqQ7g7d+fwrTz5qMtudOAKcxYOPUxF5OX4Xz++HS5CjhB3gpK9
862tJGf7e5O08OZNyos825pbn1oj6La+YGYJOP3WakuRb7WY9su4iwpoo+jDzakh
Qb1GyDg2kg5dxwWX3JJ8tXzeHPDkmb39Hvw6YTqzHDqb8p3f
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org