Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Kes5M_VBI20gGtOgA8jTEwxh0n0.roa
File: Kes5M_VBI20gGtOgA8jTEwxh0n0.roa (raw, json)
Hash identifier: 6v4cs9yJ+WUXWKzT1QUVCtRX5ClaePB8faM2PrzxaBw=
Subject key identifier: 29:EB:39:33:F5:41:23:6D:20:1A:D3:A0:03:C8:D3:13:0C:61:D2:7D
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA639AC49FFADE13E8E623B30771FEC
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Kes5M_VBI20gGtOgA8jTEwxh0n0.roa
Signing time: Tue 06 Feb 2024 18:20:16 +0000
ROA not before: Tue 06 Feb 2024 18:20:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198308
IP address blocks: 2a0f:b241:78::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a6:39:ac:49:ff:ad:e1:3e:8e:62:3b:30:77:1f:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:20:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29eb3933f541236d201ad3a003c8d3130c61d27d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ae:51:74:86:46:9c:25:41:02:c6:69:17:3a:
46:dc:c1:05:8d:f0:2b:3e:7a:e5:43:46:7f:e2:a0:
03:3a:66:30:bb:2e:d2:ba:2e:09:77:9c:d2:eb:7b:
46:2c:30:d3:17:7e:16:45:64:ea:f6:a9:4d:3f:16:
25:cf:c9:86:a3:cc:b2:de:eb:e6:77:a2:2e:e3:b9:
af:7e:89:a1:a4:54:08:83:c3:c4:06:a4:01:0d:d6:
ec:a1:5e:4d:9b:c4:4c:8f:23:81:4b:ee:66:9f:b2:
91:70:21:ef:79:23:f5:fa:b5:ab:64:72:f6:c5:8a:
1c:74:3c:0c:99:cf:55:a4:8e:a4:a5:43:3f:97:04:
df:dc:ca:20:3b:46:75:e8:4f:4b:36:51:69:1d:cd:
c9:ef:f0:d5:73:76:49:79:7d:fe:64:de:84:56:de:
7a:d0:1c:bd:40:f4:72:c2:c4:1d:3d:34:4b:74:1f:
04:28:c8:df:60:0d:d8:d7:29:a5:90:50:2c:7d:11:
9c:43:f7:4e:a7:0d:d5:09:f1:0d:c1:06:09:24:a3:
6d:5a:00:dc:44:49:91:1c:fc:48:d8:7d:ce:dc:39:
e0:90:fd:0c:2f:7f:fc:54:11:11:f4:6e:7b:7b:f7:
89:31:91:f8:e8:57:1a:66:dc:e8:b3:b4:bf:87:22:
f3:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:EB:39:33:F5:41:23:6D:20:1A:D3:A0:03:C8:D3:13:0C:61:D2:7D
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Kes5M_VBI20gGtOgA8jTEwxh0n0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:78::/48
Signature Algorithm: sha256WithRSAEncryption
75:e6:9e:2e:08:b2:4a:e1:96:a6:f6:f5:fc:13:c8:27:08:2b:
90:86:4c:85:46:85:7f:ca:36:51:f4:62:77:16:cb:81:72:d4:
cb:c1:cf:03:1b:e6:1e:aa:81:f1:f1:d0:74:ca:e5:7d:36:60:
49:3d:88:4a:2c:28:c6:be:4c:20:e2:2a:fe:22:a0:46:cd:76:
65:21:2a:0a:38:f6:29:9d:d9:8e:cc:ed:93:2d:e0:b4:91:0b:
55:f6:df:25:f9:96:4f:6f:a5:fb:b0:7d:8b:6c:b5:92:ca:32:
db:11:8c:31:07:ff:86:45:e2:6b:de:e2:b7:88:60:9b:37:d8:
f9:78:53:33:57:7f:48:bf:b2:7f:a8:f6:6b:2d:4b:b3:51:9f:
5f:6f:e2:3b:46:97:8e:2d:c3:66:ea:69:7d:bb:5c:0f:0f:48:
cc:4b:54:07:49:53:14:73:6f:b8:7a:ef:ce:16:4f:b3:eb:72:
9a:e8:d1:a5:fd:a8:41:44:e2:07:d8:8a:e8:cf:e4:ef:f2:09:
d7:e9:c0:27:69:0c:fc:a3:e1:6d:6b:f8:50:59:f2:00:65:e8:
e4:75:3a:e7:75:26:0f:18:08:22:52:87:c5:7d:6e:10:8d:01:
6f:bd:92:1d:63:5c:00:18:1c:86:b9:f7:76:81:8a:01:bb:e7:
cb:72:e6:aa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/pjmsSf+t4T6OYjswdx/sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWViMzkzM2Y1NDEyMzZkMjAxYWQzYTAwM2M4ZDMxMzBjNjFkMjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsa5RdIZGnCVBAsZpFzpG3MEFjfAr
PnrlQ0Z/4qADOmYwuy7Sui4Jd5zS63tGLDDTF34WRWTq9qlNPxYlz8mGo8yy3uvm
d6Iu47mvfomhpFQIg8PEBqQBDdbsoV5Nm8RMjyOBS+5mn7KRcCHveSP1+rWrZHL2
xYocdDwMmc9VpI6kpUM/lwTf3MogO0Z16E9LNlFpHc3J7/DVc3ZJeX3+ZN6EVt56
0By9QPRywsQdPTRLdB8EKMjfYA3Y1ymlkFAsfRGcQ/dOpw3VCfENwQYJJKNtWgDc
REmRHPxI2H3O3DngkP0ML3/8VBER9G57e/eJMZH46FcaZtzos7S/hyLzXwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCnrOTP1QSNtIBrToAPI0xMMYdJ9MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvS2VzNU1fVkJJMjBnR3RPZ0E4alRFd3hoMG4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQB4
MA0GCSqGSIb3DQEBCwUAA4IBAQB15p4uCLJK4Zam9vX8E8gnCCuQhkyFRoV/yjZR
9GJ3FsuBctTLwc8DG+YeqoHx8dB0yuV9NmBJPYhKLCjGvkwg4ir+IqBGzXZlISoK
OPYpndmOzO2TLeC0kQtV9t8l+ZZPb6X7sH2LbLWSyjLbEYwxB/+GReJr3uK3iGCb
N9j5eFMzV39Iv7J/qPZrLUuzUZ9fb+I7RpeOLcNm6ml9u1wPD0jMS1QHSVMUc2+4
eu/OFk+z63Ka6NGl/ahBROIH2Iroz+Tv8gnX6cAnaQz8o+Fta/hQWfIAZejkdTrn
dSYPGAgiUofFfW4QjQFvvZIdY1wAGByGufd2gYoBu+fLcuaq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org