Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/UfrRwHCpk8Bz_BNkEP3XvUisvjM.roa
File: UfrRwHCpk8Bz_BNkEP3XvUisvjM.roa (raw, json)
Hash identifier: suV6O6DC+XdnVi9lYSu3t5KVxUKgwoeSR7rzzoOI5u0=
Subject key identifier: 51:FA:D1:C0:70:A9:93:C0:73:FC:13:64:10:FD:D7:BD:48:AC:BE:33
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F06C3DC30C629DDA0A692FF675BB02
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/UfrRwHCpk8Bz_BNkEP3XvUisvjM.roa
Signing time: Wed 07 Feb 2024 05:00:33 +0000
ROA not before: Wed 07 Feb 2024 05:00:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197736
IP address blocks: 2a0f:b241:e::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:6c:3d:c3:0c:62:9d:da:0a:69:2f:f6:75:bb:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51fad1c070a993c073fc136410fdd7bd48acbe33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:0e:78:0a:a8:e9:3c:ec:a2:15:07:cb:8e:9e:
b0:3d:b0:1b:3f:76:7d:e9:93:e6:a3:ff:3a:25:6a:
32:7e:e7:40:ad:84:6f:10:13:8e:b3:15:87:30:88:
69:1e:a7:33:dc:ac:1f:19:c1:3b:68:7a:10:f8:18:
9d:33:b9:a9:78:fe:f5:72:d6:bb:1b:35:1b:b2:94:
c3:89:2b:17:b3:f8:08:cc:28:bc:5c:ad:d9:75:45:
24:19:f9:be:6d:10:b6:7b:8a:c4:4f:64:76:91:57:
8d:b0:a9:20:9b:9c:9b:44:7f:0f:3b:c0:e6:75:15:
fd:60:21:3d:65:ac:0c:60:f0:ae:6d:aa:f5:4b:49:
2d:57:77:ba:0d:ce:45:e5:68:4b:b3:96:c1:91:ea:
4f:fb:59:ba:dd:71:71:3f:06:e4:e9:4e:31:fc:5e:
8f:ec:0a:4e:0b:59:de:f7:53:ba:c4:fe:4a:e7:8c:
1f:00:45:35:4e:2f:6b:2c:5c:66:00:56:21:b4:d8:
ff:f7:0b:39:ed:77:3a:6f:bd:3b:79:d3:43:27:4f:
fc:f7:6c:ff:fe:ee:cb:42:78:6f:e3:95:f3:d4:0b:
a7:be:c7:aa:2e:7a:c4:83:8d:db:48:6e:4a:43:04:
b6:e9:d1:70:45:6e:f4:51:31:97:bd:5b:59:fe:67:
00:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:FA:D1:C0:70:A9:93:C0:73:FC:13:64:10:FD:D7:BD:48:AC:BE:33
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/UfrRwHCpk8Bz_BNkEP3XvUisvjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:e::/48
Signature Algorithm: sha256WithRSAEncryption
59:70:1c:68:94:a0:e1:10:a5:51:ae:11:09:ee:3f:e0:f0:6e:
a3:44:a7:96:64:19:29:25:ad:f7:cd:56:b7:e8:3e:da:26:02:
1e:07:05:d4:a5:be:65:de:cf:15:a0:1e:72:7d:4d:0c:95:35:
49:bd:ac:85:69:4f:39:ff:d1:49:29:02:b8:55:99:a2:3e:24:
02:05:e1:d9:12:23:b7:6c:5e:fe:dc:83:dc:cd:23:15:01:38:
d9:03:55:0a:dd:39:1a:8b:46:77:63:83:0b:3a:7a:a5:72:54:
97:69:c8:8c:3a:be:e3:b0:0d:e2:51:96:0c:e2:3c:c1:7e:41:
67:0b:97:cb:b0:75:99:be:b6:78:1f:44:72:78:98:81:94:7e:
fe:fe:f9:1c:ab:1b:e4:8d:d6:d4:59:d9:c4:4a:31:8c:6b:46:
0b:1d:da:9f:ca:56:11:00:77:25:91:dc:dd:38:b3:ee:a0:f2:
90:b3:98:75:46:64:b4:fa:3a:31:9c:98:07:17:5f:7c:17:66:
51:05:df:6d:21:99:ea:f8:00:06:60:56:f1:32:d6:78:d5:1b:
46:ac:3c:48:e2:5f:33:47:6c:22:10:35:4e:38:01:de:3f:8d:
bd:5f:63:d6:f1:b2:a7:63:3d:c0:d4:29:57:e9:40:12:dc:01:
4a:b9:a4:af
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8Gw9wwxindoKaS/2dbsCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWZhZDFjMDcwYTk5M2MwNzNmYzEzNjQxMGZkZDdiZDQ4YWNiZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7A54CqjpPOyiFQfLjp6wPbAbP3Z9
6ZPmo/86JWoyfudArYRvEBOOsxWHMIhpHqcz3KwfGcE7aHoQ+BidM7mpeP71cta7
GzUbspTDiSsXs/gIzCi8XK3ZdUUkGfm+bRC2e4rET2R2kVeNsKkgm5ybRH8PO8Dm
dRX9YCE9ZawMYPCubar1S0ktV3e6Dc5F5WhLs5bBkepP+1m63XFxPwbk6U4x/F6P
7ApOC1ne91O6xP5K54wfAEU1Ti9rLFxmAFYhtNj/9ws57Xc6b707edNDJ0/892z/
/u7LQnhv45Xz1AunvseqLnrEg43bSG5KQwS26dFwRW70UTGXvVtZ/mcA7QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFH60cBwqZPAc/wTZBD9171IrL4zMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvVWZyUndIQ3BrOEJ6X0JOa0VQM1h2VWlzdmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAO
MA0GCSqGSIb3DQEBCwUAA4IBAQBZcBxolKDhEKVRrhEJ7j/g8G6jRKeWZBkpJa33
zVa36D7aJgIeBwXUpb5l3s8VoB5yfU0MlTVJvayFaU85/9FJKQK4VZmiPiQCBeHZ
EiO3bF7+3IPczSMVATjZA1UK3Tkai0Z3Y4MLOnqlclSXaciMOr7jsA3iUZYM4jzB
fkFnC5fLsHWZvrZ4H0RyeJiBlH7+/vkcqxvkjdbUWdnESjGMa0YLHdqfylYRAHcl
kdzdOLPuoPKQs5h1RmS0+joxnJgHF198F2ZRBd9tIZnq+AAGYFbxMtZ41RtGrDxI
4l8zR2wiEDVOOAHeP429X2PW8bKnYz3A1ClX6UAS3AFKuaSv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:09 2024 by rpki-client on console-ams.rpki-client.org