Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OtmhqW_PTUys1v_2oGGVUhDn9_E.roa
File: OtmhqW_PTUys1v_2oGGVUhDn9_E.roa (raw, json)
Hash identifier: OCZQ52Pqwscz/MoG56oPdvYGd8zIowxzZJPhbCR8PqU=
Subject key identifier: 3A:D9:A1:A9:6F:CF:4D:4C:AC:D6:FF:F6:A0:61:95:52:10:E7:F7:F1
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F064CA17B5DF2792FB1EEC4222D155
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OtmhqW_PTUys1v_2oGGVUhDn9_E.roa
Signing time: Wed 07 Feb 2024 05:00:31 +0000
ROA not before: Wed 07 Feb 2024 05:00:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57194
IP address blocks: 2a0f:b241:11e::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:64:ca:17:b5:df:27:92:fb:1e:ec:42:22:d1:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ad9a1a96fcf4d4cacd6fff6a061955210e7f7f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ca:68:e4:27:12:2e:97:f4:4e:d1:97:ba:51:
30:c1:70:b1:9f:9f:ff:66:c7:0f:73:a7:dd:eb:f0:
f7:38:f2:66:54:ce:45:80:62:51:d3:e2:66:5f:18:
f3:36:cc:5c:87:c7:c8:81:d6:f6:5d:56:a6:30:da:
99:e8:04:cd:3b:37:1d:da:c6:fd:3d:41:5a:0b:5e:
ad:c6:b8:b1:f3:e6:66:98:2e:53:83:d0:1b:f7:75:
04:28:35:b5:0c:ab:8f:25:0c:ff:3a:60:30:1d:67:
3b:74:c3:ee:4a:d6:33:6f:01:9d:b4:17:f0:02:15:
63:00:28:d4:bf:65:31:ee:68:3d:23:ee:ef:95:15:
c1:b1:e2:b3:a3:4c:fd:08:19:80:da:2c:ec:0d:fd:
c5:60:28:b9:93:0a:7c:50:9c:33:0f:9b:26:75:73:
9e:5e:b9:3d:f6:08:4b:91:9d:0a:d1:1d:9a:13:db:
dd:1f:45:42:0a:05:e2:48:d9:7a:cf:50:f3:41:1a:
d7:d3:cb:99:07:2a:f9:47:cc:d9:65:08:41:34:00:
69:8b:0f:7c:ca:40:09:c6:a7:e3:d5:29:51:6c:5d:
ec:8d:2c:c4:03:f7:1e:a9:98:e7:53:5f:25:66:2b:
cc:18:56:b7:c4:c9:5c:19:4e:24:08:0b:d6:9c:df:
60:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D9:A1:A9:6F:CF:4D:4C:AC:D6:FF:F6:A0:61:95:52:10:E7:F7:F1
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/OtmhqW_PTUys1v_2oGGVUhDn9_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:11e::/48
Signature Algorithm: sha256WithRSAEncryption
26:7d:62:3d:9c:02:3b:e6:8e:da:8b:a4:1a:cf:77:71:8a:9b:
c4:d4:ab:ac:8b:fb:41:2a:a1:63:66:89:3b:85:b0:ab:96:a9:
93:3f:ca:39:19:5c:1f:6d:32:2c:f0:3d:b2:37:19:41:eb:de:
db:2b:9b:e8:bd:21:c1:92:7a:46:a0:27:3a:40:aa:62:48:5e:
1a:71:cf:4a:fa:0e:8e:a7:cc:90:3b:2a:65:b5:4c:37:31:73:
fd:f2:dd:4c:d2:da:ea:2e:af:47:e7:a4:af:2c:4a:9f:b4:6d:
e8:85:49:67:b8:41:cc:e7:2f:1c:c9:65:e8:99:95:79:38:77:
61:8d:1c:1b:3b:1b:66:d7:7d:a4:41:cd:5a:03:20:02:5b:c3:
f6:a3:cb:cd:e2:46:12:ed:8f:4e:8f:a8:23:c0:f0:c8:22:43:
07:3e:31:25:83:9c:b6:5d:b2:8d:25:d1:c3:f9:8b:d2:36:88:
ca:3a:d1:36:21:d7:ab:e1:74:ac:dd:53:34:5f:8f:72:be:b1:
b3:ff:ae:d4:6c:80:0a:e1:aa:c9:14:01:22:66:df:cf:17:07:
1d:d6:9e:6b:87:7a:56:84:41:8a:51:77:d7:74:0e:75:db:83:
a4:b7:73:ea:4c:68:f1:74:11:bf:47:59:41:a1:98:e5:a0:67:
8e:76:fd:a7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8GTKF7XfJ5L7HuxCItFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWQ5YTFhOTZmY2Y0ZDRjYWNkNmZmZjZhMDYxOTU1MjEwZTdmN2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMpo5CcSLpf0TtGXulEwwXCxn5//
ZscPc6fd6/D3OPJmVM5FgGJR0+JmXxjzNsxch8fIgdb2XVamMNqZ6ATNOzcd2sb9
PUFaC16txrix8+ZmmC5Tg9Ab93UEKDW1DKuPJQz/OmAwHWc7dMPuStYzbwGdtBfw
AhVjACjUv2Ux7mg9I+7vlRXBseKzo0z9CBmA2izsDf3FYCi5kwp8UJwzD5smdXOe
Xrk99ghLkZ0K0R2aE9vdH0VCCgXiSNl6z1DzQRrX08uZByr5R8zZZQhBNABpiw98
ykAJxqfj1SlRbF3sjSzEA/ceqZjnU18lZivMGFa3xMlcGU4kCAvWnN9gOwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDrZoalvz01MrNb/9qBhlVIQ5/fxMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvT3RtaHFXX1BUVXlzMXZfMm9HR1ZVaERuOV9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEe
MA0GCSqGSIb3DQEBCwUAA4IBAQAmfWI9nAI75o7ai6Qaz3dxipvE1Kusi/tBKqFj
Zok7hbCrlqmTP8o5GVwfbTIs8D2yNxlB697bK5vovSHBknpGoCc6QKpiSF4acc9K
+g6Op8yQOypltUw3MXP98t1M0trqLq9H56SvLEqftG3ohUlnuEHM5y8cyWXomZV5
OHdhjRwbOxtm132kQc1aAyACW8P2o8vN4kYS7Y9Oj6gjwPDIIkMHPjElg5y2XbKN
JdHD+YvSNojKOtE2Ider4XSs3VM0X49yvrGz/67UbIAK4arJFAEiZt/PFwcd1p5r
h3pWhEGKUXfXdA5124Okt3PqTGjxdBG/R1lBoZjloGeOdv2n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org