Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Ydk-U1Zqug3L92TDETKO-fd3UHg.roa
File: Ydk-U1Zqug3L92TDETKO-fd3UHg.roa (raw, json)
Hash identifier: 1mJkpSpnDcl3mBq3+zZHu+H9qwre5w9AzOuMVASUDMo=
Subject key identifier: 61:D9:3E:53:56:6A:BA:0D:CB:F7:64:C3:11:32:8E:F9:F7:77:50:78
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0C1E51C47D759F7DDB27704148C07
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Ydk-U1Zqug3L92TDETKO-fd3UHg.roa
Signing time: Wed 07 Feb 2024 05:00:55 +0000
ROA not before: Wed 07 Feb 2024 05:00:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216360
IP address blocks: 2a0f:b241:5f::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:c1:e5:1c:47:d7:59:f7:dd:b2:77:04:14:8c:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61d93e53566aba0dcbf764c311328ef9f7775078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:9b:78:b2:05:bd:76:5e:f8:e9:16:32:e0:8e:
86:85:fb:54:b7:a1:c8:ee:2e:f3:0e:72:0c:14:17:
f5:52:b4:11:f8:83:29:93:6c:c3:a0:f2:2f:99:68:
2f:c6:63:31:69:2a:e2:2e:e6:2a:41:ed:38:d6:5e:
01:3b:cd:78:3e:b8:ec:67:b4:82:bb:a8:2d:82:6d:
25:fa:7a:0e:f4:44:ef:f8:32:91:24:d5:85:d8:ae:
9e:83:c3:eb:61:23:9a:94:18:86:6f:c3:1d:13:23:
b5:c7:25:b6:83:88:c2:40:66:cc:fb:57:3a:37:bf:
9b:19:0b:e3:bd:bb:25:b9:b4:c3:a6:ed:c3:a1:41:
99:46:b9:c9:3b:45:10:dd:9e:0d:c5:20:b5:dd:53:
34:22:04:ce:4f:c4:a1:e9:76:e7:2a:0c:4c:7c:22:
b0:63:55:8e:03:94:c3:55:71:eb:2c:83:80:03:37:
ba:52:ea:45:38:ce:62:7f:d6:a1:c8:d5:be:68:c5:
2a:7c:2d:fe:3a:2c:2a:35:f0:a3:64:02:d0:28:71:
51:ad:01:3a:bf:7f:2c:b4:d7:d0:09:99:10:17:e4:
3e:24:9e:55:d1:df:21:5e:3e:06:71:4b:eb:23:20:
23:7a:ac:b1:f2:42:47:9d:20:dd:66:07:51:05:1f:
d3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:D9:3E:53:56:6A:BA:0D:CB:F7:64:C3:11:32:8E:F9:F7:77:50:78
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Ydk-U1Zqug3L92TDETKO-fd3UHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:5f::/48
Signature Algorithm: sha256WithRSAEncryption
8f:78:c8:72:e5:e1:41:16:4a:4f:62:f3:df:27:23:a8:f9:c2:
d8:85:d3:57:42:76:0b:dc:c5:14:1f:18:93:68:69:6f:df:43:
b7:05:fb:0a:88:6c:6e:66:82:90:3e:cf:11:d1:7b:06:9e:a2:
65:03:f0:49:92:a6:77:44:05:5e:c3:e8:7e:3e:90:78:58:d9:
de:ae:4a:bc:c7:2f:c3:71:c3:98:23:b4:b8:9d:f3:9e:0b:9e:
de:1e:5b:28:56:d9:56:42:ac:a9:69:3b:c2:ca:01:b3:c8:01:
71:c5:ae:c0:7f:62:44:04:4b:60:c3:b7:e9:42:29:a5:51:a5:
14:95:68:25:f1:d6:36:12:5e:4e:14:54:46:76:e1:b7:fe:92:
61:10:1f:27:83:06:63:f8:14:62:cc:ef:37:d1:f9:ba:8e:32:
f4:fd:c7:6c:b3:67:f8:67:8e:ea:41:55:42:5a:69:bc:94:d1:
4d:1d:cd:97:75:4d:9d:63:ad:0b:29:59:98:c0:70:fc:89:21:
67:57:3a:84:96:84:fe:19:bf:1f:5b:04:51:95:ea:b2:ee:c1:
db:a8:fd:a2:6c:2f:fa:1a:84:f8:77:4a:b7:c5:35:75:e7:c3:
3e:bf:57:14:66:c1:76:5a:73:5f:0d:85:4d:a6:16:0a:46:06:
08:03:ee:ef
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8MHlHEfXWffdsncEFIwHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWQ5M2U1MzU2NmFiYTBkY2JmNzY0YzMxMTMyOGVmOWY3Nzc1MDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZt4sgW9dl746RYy4I6GhftUt6HI
7i7zDnIMFBf1UrQR+IMpk2zDoPIvmWgvxmMxaSriLuYqQe041l4BO814PrjsZ7SC
u6gtgm0l+noO9ETv+DKRJNWF2K6eg8PrYSOalBiGb8MdEyO1xyW2g4jCQGbM+1c6
N7+bGQvjvbslubTDpu3DoUGZRrnJO0UQ3Z4NxSC13VM0IgTOT8Sh6XbnKgxMfCKw
Y1WOA5TDVXHrLIOAAze6UupFOM5if9ahyNW+aMUqfC3+OiwqNfCjZALQKHFRrQE6
v38stNfQCZkQF+Q+JJ5V0d8hXj4GcUvrIyAjeqyx8kJHnSDdZgdRBR/TWQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGHZPlNWaroNy/dkwxEyjvn3d1B4MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvWWRrLVUxWnF1ZzNMOTJUREVUS08tZmQzVUhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBf
MA0GCSqGSIb3DQEBCwUAA4IBAQCPeMhy5eFBFkpPYvPfJyOo+cLYhdNXQnYL3MUU
HxiTaGlv30O3BfsKiGxuZoKQPs8R0XsGnqJlA/BJkqZ3RAVew+h+PpB4WNnerkq8
xy/DccOYI7S4nfOeC57eHlsoVtlWQqypaTvCygGzyAFxxa7Af2JEBEtgw7fpQiml
UaUUlWgl8dY2El5OFFRGduG3/pJhEB8ngwZj+BRizO830fm6jjL0/cdss2f4Z47q
QVVCWmm8lNFNHc2XdU2dY60LKVmYwHD8iSFnVzqEloT+Gb8fWwRRleqy7sHbqP2i
bC/6GoT4d0q3xTV158M+v1cUZsF2WnNfDYVNphYKRgYIA+7v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:12 2024 by rpki-client on console-fra.rpki-client.org