Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OXphzkzswDjs9g7LjAKAjD1Dzvg.roa
File: OXphzkzswDjs9g7LjAKAjD1Dzvg.roa (raw, json)
Hash identifier: MyT2VsUm9U00vWA7XwRHqr0A1Wlsi8Gpz5zDZ7To0yU=
Subject key identifier: 39:7A:61:CE:4C:EC:C0:38:EC:F6:0E:CB:8C:02:80:8C:3D:43:CE:F8
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F95C8DCEBB04F3AFE3E7BBC72D5657A
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OXphzkzswDjs9g7LjAKAjD1Dzvg.roa
Signing time: Tue 06 Feb 2024 18:02:19 +0000
ROA not before: Tue 06 Feb 2024 18:02:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215716
IP address blocks: 2a0f:b241:51::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:95:c8:dc:eb:b0:4f:3a:fe:3e:7b:bc:72:d5:65:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:02:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=397a61ce4cecc038ecf60ecb8c02808c3d43cef8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b2:45:9d:3e:d1:95:f0:04:ee:fa:63:b2:2d:
e7:bc:2d:1d:eb:21:58:64:13:80:3b:ec:59:81:ca:
54:b7:3d:e0:69:f8:29:70:3f:ee:e4:90:fc:a8:70:
0c:5b:2b:e1:fe:1c:99:72:f9:c5:80:22:f9:80:60:
80:3a:85:28:0d:69:b8:c9:b4:e9:ca:50:77:6d:ed:
5e:1c:a7:40:b3:a0:83:66:d7:95:fd:b9:3e:53:10:
ad:ae:71:d1:ea:e1:42:ad:89:c9:a7:d2:d8:22:12:
b2:a2:2d:10:2f:d2:a0:aa:c4:16:19:eb:9a:4a:f4:
c0:52:16:84:65:92:88:b1:c2:3a:37:21:b5:59:5b:
5d:a1:ea:55:cf:cb:8c:66:a8:d4:ae:00:c3:41:a5:
15:d7:8f:fa:d8:84:94:d8:77:50:c9:18:10:73:f9:
d7:f2:51:71:f0:50:b0:27:87:08:a1:49:49:99:04:
f8:65:cf:57:8b:7e:8a:01:33:72:b5:e0:76:e5:fe:
dc:6d:6f:27:ce:85:51:b8:fd:96:ab:5d:b5:9e:1e:
c9:6c:77:e6:1c:6f:bf:07:92:28:2f:73:72:15:2e:
67:c1:65:a0:7c:18:7d:02:fb:1d:11:12:b4:e3:bb:
fa:41:fb:6b:a9:27:46:61:fa:cb:52:67:16:c3:c1:
d7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:7A:61:CE:4C:EC:C0:38:EC:F6:0E:CB:8C:02:80:8C:3D:43:CE:F8
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OXphzkzswDjs9g7LjAKAjD1Dzvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:51::/48
Signature Algorithm: sha256WithRSAEncryption
75:11:a9:3e:16:37:88:73:7c:2f:2b:da:a0:aa:97:43:25:cd:
ed:a2:d4:89:48:11:3f:23:e3:89:15:53:35:57:6f:2b:2a:d5:
35:a6:eb:e5:83:68:57:fc:2a:88:74:9b:97:20:4c:72:62:1a:
7e:65:47:a0:bf:0c:8b:18:ed:7e:3c:a7:3d:c8:a2:ef:b5:8d:
d9:97:fb:be:0e:da:41:36:8c:54:9e:0c:8f:5e:12:16:a0:4c:
b3:1a:75:07:32:87:bf:65:bc:bc:d4:0b:13:fb:f6:01:d4:2f:
25:a6:e7:2d:5c:e6:bb:e8:02:eb:c9:b2:19:f2:54:28:87:05:
79:17:92:1f:14:25:bf:9c:76:1a:92:9c:a2:71:3e:9b:b8:88:
28:23:58:c2:04:a8:1d:56:6b:75:55:15:d9:e1:fe:10:b7:f6:
c3:c0:4f:a4:8e:9f:09:7b:eb:68:30:1f:cd:cf:f1:d9:fa:aa:
5f:0a:98:fc:78:df:95:2a:9d:44:41:6f:7f:8c:06:0f:27:d9:
b8:80:f4:c1:58:92:24:33:ed:05:83:9c:1d:42:c0:a5:de:9e:
94:f8:1d:8f:f5:9d:d2:43:6e:07:a7:a0:11:bb:50:d2:a9:4c:
70:ba:03:c9:c2:1e:91:25:78:27:38:b9:d6:36:c1:3f:6c:b2:
86:e1:7a:41
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lcjc67BPOv4+e7xy1WV6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTdhNjFjZTRjZWNjMDM4ZWNmNjBlY2I4YzAyODA4YzNkNDNjZWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7JFnT7RlfAE7vpjsi3nvC0d6yFY
ZBOAO+xZgcpUtz3gafgpcD/u5JD8qHAMWyvh/hyZcvnFgCL5gGCAOoUoDWm4ybTp
ylB3be1eHKdAs6CDZteV/bk+UxCtrnHR6uFCrYnJp9LYIhKyoi0QL9KgqsQWGeua
SvTAUhaEZZKIscI6NyG1WVtdoepVz8uMZqjUrgDDQaUV14/62ISU2HdQyRgQc/nX
8lFx8FCwJ4cIoUlJmQT4Zc9Xi36KATNyteB25f7cbW8nzoVRuP2Wq121nh7JbHfm
HG+/B5IoL3NyFS5nwWWgfBh9AvsdERK047v6QftrqSdGYfrLUmcWw8HX3wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDl6Yc5M7MA47PYOy4wCgIw9Q874MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvT1hwaHprenN3RGpzOWc3TGpBS0FqRDFEenZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBR
MA0GCSqGSIb3DQEBCwUAA4IBAQB1Eak+FjeIc3wvK9qgqpdDJc3totSJSBE/I+OJ
FVM1V28rKtU1puvlg2hX/CqIdJuXIExyYhp+ZUegvwyLGO1+PKc9yKLvtY3Zl/u+
DtpBNoxUngyPXhIWoEyzGnUHMoe/Zby81AsT+/YB1C8lpuctXOa76ALrybIZ8lQo
hwV5F5IfFCW/nHYakpyicT6buIgoI1jCBKgdVmt1VRXZ4f4Qt/bDwE+kjp8Je+to
MB/Nz/HZ+qpfCpj8eN+VKp1EQW9/jAYPJ9m4gPTBWJIkM+0Fg5wdQsCl3p6U+B2P
9Z3SQ24Hp6ARu1DSqUxwugPJwh6RJXgnOLnWNsE/bLKG4XpB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org