Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/YROsVrFmM9_Y5kClZM1WYAoRlsM.roa
File: YROsVrFmM9_Y5kClZM1WYAoRlsM.roa (raw, json)
Hash identifier: 3kUo/HdFd30c+6hcFgEky+muQdRm0m00wBlELoLBJLw=
Subject key identifier: 61:13:AC:56:B1:66:33:DF:D8:E6:40:A5:64:CD:56:60:0A:11:96:C3
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F082B74A41E1D008F3850362DA4E04
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/YROsVrFmM9_Y5kClZM1WYAoRlsM.roa
Signing time: Wed 07 Feb 2024 05:00:39 +0000
ROA not before: Wed 07 Feb 2024 05:00:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200267
IP address blocks: 2a0f:b241:b0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:82:b7:4a:41:e1:d0:08:f3:85:03:62:da:4e:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6113ac56b16633dfd8e640a564cd56600a1196c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:62:da:11:46:e1:f0:20:7c:71:e0:ed:b2:d6:
ee:a9:4a:9c:eb:87:d9:24:b5:68:4d:91:4b:c3:d4:
8c:9b:0a:67:db:b3:e7:a4:0e:a3:c0:e2:cd:3d:5e:
24:56:30:63:31:62:a8:f9:a3:20:83:6f:3d:fe:a7:
7f:d9:1c:ec:77:86:80:2a:4f:72:5f:f1:f0:4c:90:
83:65:78:46:e9:6a:67:ca:ce:d6:27:78:62:46:08:
75:41:a3:1e:6b:80:a6:e3:4f:50:67:f3:75:af:e1:
48:20:c1:30:f8:40:d1:f7:c1:b3:61:e1:c8:e2:c5:
73:4f:06:fa:53:8b:9a:ed:d6:f2:88:63:70:6b:0c:
44:1c:9b:96:cc:06:3a:45:b0:30:69:ce:44:6a:10:
92:d3:70:a8:ad:f8:33:f5:93:c8:46:dd:b4:13:8b:
e9:12:77:71:ee:4c:f9:ac:cf:20:51:21:6b:96:a6:
15:ca:54:92:e8:fa:11:13:6e:ee:01:d6:12:e1:4a:
b4:4b:ff:ea:23:80:bd:d7:72:01:34:1b:3f:51:f1:
66:b4:05:11:b8:31:74:6b:af:45:9c:7f:a1:1c:e7:
0b:99:c3:36:dd:c1:40:3c:65:f0:be:f4:72:7d:ac:
e9:51:fc:89:2d:1e:f9:2c:64:5a:2e:98:6a:06:03:
ca:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:13:AC:56:B1:66:33:DF:D8:E6:40:A5:64:CD:56:60:0A:11:96:C3
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/YROsVrFmM9_Y5kClZM1WYAoRlsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:b0::/48
Signature Algorithm: sha256WithRSAEncryption
8c:6d:de:ab:75:74:0d:90:80:7a:da:87:73:6c:96:63:40:be:
2b:42:d9:8d:9c:d5:18:e5:57:79:86:f0:4c:76:65:3b:d7:1a:
fe:e1:d7:8c:2f:28:00:ba:db:78:e7:a9:b8:21:b6:37:63:ca:
8a:b5:c2:da:2c:ce:e1:a2:17:76:a8:98:84:b5:bd:c2:28:83:
ed:cf:e8:25:0f:a3:57:92:4d:73:4a:a2:dc:e4:3b:09:31:c4:
f5:c8:f0:66:02:35:17:8a:0e:e8:f3:00:b0:92:de:6a:16:07:
96:5a:ac:5c:72:2c:ce:7a:97:f8:c3:82:55:38:4a:ed:59:bd:
70:c6:e6:a1:aa:94:ca:23:19:dc:33:1e:97:7a:87:64:59:a8:
19:94:45:7f:b5:35:2e:08:92:74:c8:22:0b:fa:c9:79:d5:d0:
de:69:2b:66:11:2b:49:1c:af:4e:39:b3:8a:e4:e2:0f:f2:58:
e6:f2:36:de:ff:42:03:b7:37:ae:7c:bb:12:77:06:76:f8:6d:
0f:57:65:ca:b2:b8:b8:2c:61:b4:0a:69:95:31:81:2d:20:6d:
64:44:69:2d:57:3e:7f:3c:c1:a1:f1:02:f5:7d:61:94:23:af:
49:d9:fc:0a:69:11:4d:d0:8d:7c:2b:84:49:ab:3f:e6:d9:d4:
7b:d8:47:36
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8IK3SkHh0AjzhQNi2k4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTEzYWM1NmIxNjYzM2RmZDhlNjQwYTU2NGNkNTY2MDBhMTE5NmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGLaEUbh8CB8ceDtstbuqUqc64fZ
JLVoTZFLw9SMmwpn27PnpA6jwOLNPV4kVjBjMWKo+aMgg289/qd/2Rzsd4aAKk9y
X/HwTJCDZXhG6Wpnys7WJ3hiRgh1QaMea4Cm409QZ/N1r+FIIMEw+EDR98GzYeHI
4sVzTwb6U4ua7dbyiGNwawxEHJuWzAY6RbAwac5EahCS03Corfgz9ZPIRt20E4vp
Endx7kz5rM8gUSFrlqYVylSS6PoRE27uAdYS4Uq0S//qI4C913IBNBs/UfFmtAUR
uDF0a69FnH+hHOcLmcM23cFAPGXwvvRyfazpUfyJLR75LGRaLphqBgPKRwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGETrFaxZjPf2OZApWTNVmAKEZbDMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvWVJPc1ZyRm1NOV9ZNWtDbFpNMVdZQW9SbHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCw
MA0GCSqGSIb3DQEBCwUAA4IBAQCMbd6rdXQNkIB62odzbJZjQL4rQtmNnNUY5Vd5
hvBMdmU71xr+4deMLygAutt456m4IbY3Y8qKtcLaLM7hohd2qJiEtb3CKIPtz+gl
D6NXkk1zSqLc5DsJMcT1yPBmAjUXig7o8wCwkt5qFgeWWqxccizOepf4w4JVOErt
Wb1wxuahqpTKIxncMx6XeodkWagZlEV/tTUuCJJ0yCIL+sl51dDeaStmEStJHK9O
ObOK5OIP8ljm8jbe/0IDtzeufLsSdwZ2+G0PV2XKsri4LGG0CmmVMYEtIG1kRGkt
Vz5/PMGh8QL1fWGUI69J2fwKaRFN0I18K4RJqz/m2dR72Ec2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org