Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OR2sHOj1PVyjMjnQcl9-S9BqIg4.roa
File: OR2sHOj1PVyjMjnQcl9-S9BqIg4.roa (raw, json)
Hash identifier: 34pOiyYmho3yoXqjonR23snsjLBJTks8Ok2JJLi2ggM=
Subject key identifier: 39:1D:AC:1C:E8:F5:3D:5C:A3:32:39:D0:72:5F:7E:4B:D0:6A:22:0E
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA8F92D62C0893CB8BBD3F3946EE559
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OR2sHOj1PVyjMjnQcl9-S9BqIg4.roa
Signing time: Tue 06 Feb 2024 18:23:16 +0000
ROA not before: Tue 06 Feb 2024 18:23:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200237
IP address blocks: 2a0f:b241:a0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a8:f9:2d:62:c0:89:3c:b8:bb:d3:f3:94:6e:e5:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:23:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=391dac1ce8f53d5ca33239d0725f7e4bd06a220e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:20:8e:fb:10:2c:3a:0f:48:67:48:ea:1a:fa:
86:84:7c:05:84:d8:df:93:a1:5d:dc:f3:3a:ea:a7:
60:a3:f1:90:fa:7e:e7:e1:dc:3b:2b:88:6a:f1:20:
59:46:8a:6e:6b:12:c5:c2:74:d0:e4:ef:83:7c:50:
e9:fb:24:08:e6:94:1a:01:ed:7f:68:5f:28:fa:33:
ea:5b:1a:49:74:2c:44:d7:23:a3:72:11:9d:08:57:
6f:a0:5c:f0:b7:cc:93:13:d7:72:1e:4d:91:23:7c:
e9:d0:b2:47:2c:1b:8e:e8:45:e3:c2:0d:9b:ad:ad:
af:78:9f:12:24:39:55:28:f0:0e:95:3b:54:44:63:
c6:4f:0d:36:1d:1b:42:83:7a:06:7f:13:b5:f3:7f:
f3:b9:cd:81:81:a2:90:fc:70:08:10:3e:b7:c9:b3:
a5:27:b9:a5:04:c0:72:a4:76:a9:73:b7:53:d8:63:
f9:e2:55:e9:6b:92:a4:38:5c:cd:5b:84:5c:01:ed:
3c:10:13:89:08:d3:06:32:f8:b6:fb:18:de:66:8d:
01:af:eb:82:5f:85:dc:0b:da:e6:0a:a6:c0:88:42:
c9:68:60:59:75:48:c9:cc:bc:13:a4:82:05:98:57:
85:02:ab:60:3f:9a:df:de:7a:19:ba:fc:4c:60:ea:
7a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:1D:AC:1C:E8:F5:3D:5C:A3:32:39:D0:72:5F:7E:4B:D0:6A:22:0E
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OR2sHOj1PVyjMjnQcl9-S9BqIg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:a0::/48
Signature Algorithm: sha256WithRSAEncryption
6d:b9:4e:47:ca:8d:d9:87:c6:75:36:cd:72:c6:01:d9:6b:f3:
84:f8:c1:8b:62:f8:e5:f9:95:fc:77:ab:d5:45:e3:c0:25:5d:
a3:a2:d6:a9:9b:3f:66:ed:8c:2e:73:89:75:0f:0c:21:59:fa:
1d:b7:a9:cb:3a:69:cc:22:82:66:82:38:08:77:d3:25:88:82:
43:58:51:12:2e:35:f3:27:23:3a:70:8d:8b:14:b6:68:86:51:
e6:c6:db:4d:4a:6f:b1:3a:10:16:b9:a0:66:8e:ce:69:e9:e5:
0e:2e:1f:5e:f9:c8:ca:95:0f:64:19:69:2a:29:7c:38:55:b1:
86:f9:0a:9d:1a:64:0e:b0:e9:82:be:93:c3:89:2f:98:29:84:
22:54:18:0b:b6:1d:33:67:0e:ed:be:ea:f3:49:14:5d:73:3e:
b9:c1:a7:42:32:0c:e8:f4:68:7f:58:2a:a2:60:39:cb:08:db:
3f:c1:13:82:5b:d1:5e:8e:2a:7e:0b:db:d6:19:5b:c1:09:6e:
a3:b6:9a:58:86:34:b9:55:32:ea:38:5c:db:1a:e3:77:ef:b6:
29:c1:80:27:1c:a3:60:b4:09:ed:1f:96:0d:9f:ea:e6:b7:47:
79:bc:d7:34:d4:b8:b2:c4:2f:0c:d6:0a:33:e9:41:27:39:18:
8e:42:d2:23
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qPktYsCJPLi70/OUbuVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTFkYWMxY2U4ZjUzZDVjYTMzMjM5ZDA3MjVmN2U0YmQwNmEyMjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSCO+xAsOg9IZ0jqGvqGhHwFhNjf
k6Fd3PM66qdgo/GQ+n7n4dw7K4hq8SBZRopuaxLFwnTQ5O+DfFDp+yQI5pQaAe1/
aF8o+jPqWxpJdCxE1yOjchGdCFdvoFzwt8yTE9dyHk2RI3zp0LJHLBuO6EXjwg2b
ra2veJ8SJDlVKPAOlTtURGPGTw02HRtCg3oGfxO183/zuc2BgaKQ/HAIED63ybOl
J7mlBMBypHapc7dT2GP54lXpa5KkOFzNW4RcAe08EBOJCNMGMvi2+xjeZo0Br+uC
X4XcC9rmCqbAiELJaGBZdUjJzLwTpIIFmFeFAqtgP5rf3noZuvxMYOp6iQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDkdrBzo9T1cozI50HJffkvQaiIOMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvT1Iyc0hPajFQVnlqTWpuUWNsOS1TOUJxSWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCg
MA0GCSqGSIb3DQEBCwUAA4IBAQBtuU5Hyo3Zh8Z1Ns1yxgHZa/OE+MGLYvjl+ZX8
d6vVRePAJV2jotapmz9m7Ywuc4l1DwwhWfodt6nLOmnMIoJmgjgId9MliIJDWFES
LjXzJyM6cI2LFLZohlHmxttNSm+xOhAWuaBmjs5p6eUOLh9e+cjKlQ9kGWkqKXw4
VbGG+QqdGmQOsOmCvpPDiS+YKYQiVBgLth0zZw7tvurzSRRdcz65wadCMgzo9Gh/
WCqiYDnLCNs/wROCW9Fejip+C9vWGVvBCW6jtppYhjS5VTLqOFzbGuN377YpwYAn
HKNgtAntH5YNn+rmt0d5vNc01LiyxC8M1goz6UEnORiOQtIj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org