Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/O5mxmJ3cAZTsVfIMDvkbVo4cSGc.roa
File: O5mxmJ3cAZTsVfIMDvkbVo4cSGc.roa (raw, json)
Hash identifier: lNqxQLmlEtgmcpYJmLUfsVz0vtxxW9f5aM3Ocg8DV50=
Subject key identifier: 3B:99:B1:98:9D:DC:01:94:EC:55:F2:0C:0E:F9:1B:56:8E:1C:48:67
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0AE9E322108B1C358B3301E997A14
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/O5mxmJ3cAZTsVfIMDvkbVo4cSGc.roa
Signing time: Wed 07 Feb 2024 05:00:50 +0000
ROA not before: Wed 07 Feb 2024 05:00:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213170
IP address blocks: 2a0f:b241:14c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:ae:9e:32:21:08:b1:c3:58:b3:30:1e:99:7a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b99b1989ddc0194ec55f20c0ef91b568e1c4867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1c:39:8d:ce:98:00:ec:b4:be:4e:87:0d:8c:
65:83:aa:4c:8f:b6:bd:8e:dd:e8:30:62:10:cd:49:
1d:2a:8a:7c:cb:ad:ca:17:55:19:14:55:85:75:3d:
2a:af:80:83:ff:07:28:d0:ab:74:ed:04:96:1c:a2:
9f:08:2f:6a:a1:14:47:21:de:28:d2:e6:56:12:5f:
22:52:15:fb:96:5a:6f:7c:b6:3d:30:21:4c:86:79:
b1:f7:9e:9d:96:39:7b:ad:af:3c:b3:07:c8:00:31:
6a:51:29:e7:2d:73:86:fe:22:18:ac:ed:6c:ce:b4:
a6:32:74:2e:37:5a:24:6c:2c:bb:f6:e6:ea:a5:dd:
0c:3f:f0:6a:db:25:4c:3e:4c:49:82:43:90:b6:71:
dc:52:30:46:b3:d5:92:b0:df:a2:34:81:f0:53:4f:
31:13:19:a7:c8:86:a0:f6:1a:0d:84:10:bf:27:d4:
a0:80:60:92:04:a4:4b:b4:0a:d9:57:9c:45:ec:81:
d2:69:6a:5d:cc:c9:20:0f:6b:d3:9e:06:fa:27:49:
dd:5f:d3:b2:82:91:c8:e9:55:e8:e1:76:39:79:b9:
c8:9f:16:a0:66:31:63:b8:05:90:7e:30:12:b1:53:
cd:c5:56:0e:bb:76:2f:18:d5:63:03:1f:55:40:97:
c8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:99:B1:98:9D:DC:01:94:EC:55:F2:0C:0E:F9:1B:56:8E:1C:48:67
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/O5mxmJ3cAZTsVfIMDvkbVo4cSGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:14c::/48
Signature Algorithm: sha256WithRSAEncryption
03:00:a3:fc:83:da:7a:a8:bd:09:32:9b:49:b4:48:db:9e:6c:
a6:bb:ad:5c:4c:fe:98:78:31:2e:9d:39:7f:fc:31:4f:08:f3:
b1:5f:41:01:2f:99:35:70:48:94:6b:9d:fc:66:67:6c:bc:5a:
95:0e:f0:b1:dd:d4:14:a9:14:d2:11:5e:0d:fa:0e:56:75:ba:
cd:c7:93:bd:a3:5a:de:27:36:99:39:f2:9b:6b:86:cd:95:fe:
8d:d5:77:ac:46:44:3e:6a:94:01:f4:de:cd:2d:7c:02:c8:51:
16:5c:a6:0b:be:94:16:46:e9:32:c8:bb:a0:25:f1:fb:7f:d8:
62:0a:35:52:8d:ea:8c:e4:48:f2:7b:f0:8e:81:87:80:1f:9f:
02:75:63:62:e5:dc:c0:d9:9c:f1:89:3c:e2:30:46:4f:91:ca:
8b:96:b6:1e:01:f9:22:1d:a7:50:0d:0d:0a:2d:be:c5:02:3a:
78:38:8b:b6:8f:44:31:7d:63:d4:15:57:c4:0a:bc:ea:1b:46:
be:be:62:f5:31:fb:9c:e3:74:2b:9a:da:fb:60:f1:e8:f5:b9:
21:b6:7f:1c:2d:1e:19:0b:ee:4a:7a:18:6a:3b:25:62:c0:a3:
d8:c0:57:61:95:c9:58:70:0e:7a:1b:47:3d:3d:3c:8c:89:ee:
71:cc:5e:f4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8K6eMiEIscNYszAemXoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjk5YjE5ODlkZGMwMTk0ZWM1NWYyMGMwZWY5MWI1NjhlMWM0ODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBw5jc6YAOy0vk6HDYxlg6pMj7a9
jt3oMGIQzUkdKop8y63KF1UZFFWFdT0qr4CD/wco0Kt07QSWHKKfCC9qoRRHId4o
0uZWEl8iUhX7llpvfLY9MCFMhnmx956dljl7ra88swfIADFqUSnnLXOG/iIYrO1s
zrSmMnQuN1okbCy79ubqpd0MP/Bq2yVMPkxJgkOQtnHcUjBGs9WSsN+iNIHwU08x
ExmnyIag9hoNhBC/J9SggGCSBKRLtArZV5xF7IHSaWpdzMkgD2vTngb6J0ndX9Oy
gpHI6VXo4XY5ebnInxagZjFjuAWQfjASsVPNxVYOu3YvGNVjAx9VQJfIfwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDuZsZid3AGU7FXyDA75G1aOHEhnMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvTzVteG1KM2NBWlRzVmZJTUR2a2JWbzRjU0djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFM
MA0GCSqGSIb3DQEBCwUAA4IBAQADAKP8g9p6qL0JMptJtEjbnmymu61cTP6YeDEu
nTl//DFPCPOxX0EBL5k1cEiUa538ZmdsvFqVDvCx3dQUqRTSEV4N+g5WdbrNx5O9
o1reJzaZOfKba4bNlf6N1XesRkQ+apQB9N7NLXwCyFEWXKYLvpQWRukyyLugJfH7
f9hiCjVSjeqM5Ejye/COgYeAH58CdWNi5dzA2ZzxiTziMEZPkcqLlrYeAfkiHadQ
DQ0KLb7FAjp4OIu2j0QxfWPUFVfECrzqG0a+vmL1Mfuc43Qrmtr7YPHo9bkhtn8c
LR4ZC+5KehhqOyViwKPYwFdhlclYcA56G0c9PTyMie5xzF70
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:08 2024 by rpki-client on console-ams.rpki-client.org