Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/T-CaV2oiNqByIptBSp_E7NYh4VY.roa
File: T-CaV2oiNqByIptBSp_E7NYh4VY.roa (raw, json)
Hash identifier: Obn9mh18FV2sBsvPeZcUEpwGnVZ6Ow+b3xCLe1q0eZw=
Subject key identifier: 4F:E0:9A:57:6A:22:36:A0:72:22:9B:41:4A:9F:C4:EC:D6:21:E1:56
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAE7A9D892FA33937ACCF228EF79F4B
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/T-CaV2oiNqByIptBSp_E7NYh4VY.roa
Signing time: Tue 06 Feb 2024 18:29:17 +0000
ROA not before: Tue 06 Feb 2024 18:29:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51312
IP address blocks: 2a0f:b241:11a::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:ae:7a:9d:89:2f:a3:39:37:ac:cf:22:8e:f7:9f:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:29:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fe09a576a2236a072229b414a9fc4ecd621e156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ae:af:a9:44:f4:a5:f7:47:98:25:13:c1:89:
e5:dc:df:1a:e1:d5:5c:43:ed:86:c7:ee:65:2b:52:
23:2d:99:5c:b1:9a:fc:cf:ca:53:e3:c9:48:c2:ff:
36:6e:87:00:e4:a7:bb:3c:83:f8:8f:4b:0d:65:62:
29:83:e3:06:ee:00:23:df:4a:20:03:11:4b:b9:4a:
e2:33:c7:95:c4:ad:1b:a9:87:95:43:8d:f1:03:9e:
33:fc:f9:2d:f7:e1:24:64:da:b1:bf:2c:88:c2:82:
0c:17:96:fc:c4:f6:53:59:66:19:fc:6d:e7:58:13:
24:10:34:13:e2:cf:4e:27:c2:85:a4:e7:f0:6b:35:
ff:41:5f:5d:23:9a:37:69:22:16:49:fe:f5:20:11:
32:51:74:af:22:e0:74:5c:63:21:46:84:1b:6f:3a:
50:61:d2:88:bd:84:dd:a9:81:75:ae:b6:b6:a2:23:
36:a0:77:5f:15:69:80:7e:4d:52:03:9b:2a:9d:97:
4c:2f:aa:74:37:94:e8:55:7d:66:29:8b:60:a2:e3:
4f:db:07:f6:72:bb:a5:db:c4:c5:13:25:1b:18:50:
56:e4:10:96:30:16:52:86:48:d5:84:e4:58:8b:a8:
b4:15:e4:d1:2b:5f:1e:12:f7:00:dd:40:06:ec:0b:
9a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:E0:9A:57:6A:22:36:A0:72:22:9B:41:4A:9F:C4:EC:D6:21:E1:56
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/T-CaV2oiNqByIptBSp_E7NYh4VY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:11a::/48
Signature Algorithm: sha256WithRSAEncryption
8c:d0:62:90:30:c4:38:38:ca:4d:a5:24:d6:66:18:08:b7:ed:
3c:87:01:33:fa:f2:48:34:02:06:41:8e:5c:37:6d:1f:99:b1:
84:67:a2:39:8e:7a:46:3f:d9:6f:a8:a7:e9:5a:35:96:d3:42:
6e:46:c1:72:d6:51:04:0a:f6:83:f4:85:29:da:bc:0e:26:48:
e0:9e:a4:f7:ea:62:7a:ba:58:fe:ba:00:ba:7a:a6:a1:9a:96:
20:7f:28:07:90:58:03:cd:03:98:90:52:8a:b7:38:0a:6b:46:
63:a7:a2:c7:c4:f9:4c:53:91:27:a0:a9:d7:fb:19:a2:33:57:
39:49:96:fb:5b:69:d8:6a:cf:82:6f:de:ed:2a:76:b4:5b:9e:
75:f0:e9:e4:18:b9:9c:be:6f:40:04:de:0b:c1:ab:dc:fc:f8:
43:81:d7:ea:8f:24:de:a4:f3:2a:46:23:72:01:84:98:d9:37:
b0:5e:87:70:eb:61:38:c9:a1:65:c9:fc:ca:1d:ab:43:c4:ca:
c1:7d:1f:8d:bd:dd:f8:ef:7c:3a:83:85:6c:1c:fb:d4:58:28:
67:60:ed:06:33:8a:85:85:f1:6b:98:19:4b:51:02:4c:13:43:
59:14:1d:cb:86:95:93:ae:c7:8d:11:d2:b7:c6:24:14:46:99:
24:60:11:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/rnqdiS+jOTeszyKO959LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmUwOWE1NzZhMjIzNmEwNzIyMjliNDE0YTlmYzRlY2Q2MjFlMTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo66vqUT0pfdHmCUTwYnl3N8a4dVc
Q+2Gx+5lK1IjLZlcsZr8z8pT48lIwv82bocA5Ke7PIP4j0sNZWIpg+MG7gAj30og
AxFLuUriM8eVxK0bqYeVQ43xA54z/Pkt9+EkZNqxvyyIwoIMF5b8xPZTWWYZ/G3n
WBMkEDQT4s9OJ8KFpOfwazX/QV9dI5o3aSIWSf71IBEyUXSvIuB0XGMhRoQbbzpQ
YdKIvYTdqYF1rra2oiM2oHdfFWmAfk1SA5sqnZdML6p0N5ToVX1mKYtgouNP2wf2
crul28TFEyUbGFBW5BCWMBZShkjVhORYi6i0FeTRK18eEvcA3UAG7Aua4QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE/gmldqIjagciKbQUqfxOzWIeFWMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvVC1DYVYyb2lOcUJ5SXB0QlNwX0U3TlloNFZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEa
MA0GCSqGSIb3DQEBCwUAA4IBAQCM0GKQMMQ4OMpNpSTWZhgIt+08hwEz+vJINAIG
QY5cN20fmbGEZ6I5jnpGP9lvqKfpWjWW00JuRsFy1lEECvaD9IUp2rwOJkjgnqT3
6mJ6ulj+ugC6eqahmpYgfygHkFgDzQOYkFKKtzgKa0Zjp6LHxPlMU5EnoKnX+xmi
M1c5SZb7W2nYas+Cb97tKna0W5518OnkGLmcvm9ABN4Lwavc/PhDgdfqjyTepPMq
RiNyAYSY2TewXodw62E4yaFlyfzKHatDxMrBfR+Nvd3473w6g4VsHPvUWChnYO0G
M4qFhfFrmBlLUQJME0NZFB3LhpWTrseNEdK3xiQURpkkYBG/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:09 2024 by rpki-client on console-ams.rpki-client.org