Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/cukyMANRYqDEvEI5isS_ymZNTc0.roa
File: cukyMANRYqDEvEI5isS_ymZNTc0.roa (raw, json)
Hash identifier: 8QfOyi6hWHejL8BOFXTnBUwDAY0KsTYcD67YM2GBO+Q=
Subject key identifier: 72:E9:32:30:03:51:62:A0:C4:BC:42:39:8A:C4:BF:CA:66:4D:4D:CD
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA7237A61F9927647AF4F02EE2C071B
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/cukyMANRYqDEvEI5isS_ymZNTc0.roa
Signing time: Tue 06 Feb 2024 18:21:16 +0000
ROA not before: Tue 06 Feb 2024 18:21:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198946
IP address blocks: 2a0f:b241:7d::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a7:23:7a:61:f9:92:76:47:af:4f:02:ee:2c:07:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:21:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72e93230035162a0c4bc42398ac4bfca664d4dcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:cd:d9:0d:0f:d8:db:75:b2:a4:18:f4:c1:c8:
2c:45:79:6a:98:c5:5f:f4:62:13:9e:00:24:99:cd:
86:30:f2:84:d5:0b:c1:3d:fb:31:11:84:be:12:e2:
f0:14:f3:e2:fb:46:30:4b:dd:66:51:f9:78:12:46:
39:49:24:a6:b8:46:f8:83:20:91:9e:f6:ec:be:a0:
83:74:ef:ab:79:3c:85:1f:11:f6:c3:82:32:44:ca:
2a:1b:f3:ad:97:22:78:22:12:8b:f0:87:0a:94:e8:
20:1a:80:f1:98:49:26:c9:ee:d6:51:55:7c:fa:0a:
c6:2f:af:65:28:2b:a2:3f:a4:15:ac:68:5b:da:a7:
96:ae:d7:fc:e1:8d:46:ff:f4:6d:86:ee:cc:e9:50:
23:29:ec:54:31:6b:31:d9:82:cc:24:0a:92:30:c3:
77:88:ab:c2:76:8a:16:33:32:59:7d:38:9f:96:d7:
6a:ac:45:c2:80:39:7e:d2:18:5b:48:9d:2e:45:98:
9b:1d:b8:69:85:8b:65:f5:22:b1:e0:53:7d:d8:20:
d7:e4:7d:2e:53:08:0e:ef:2e:0a:15:02:fd:3c:55:
51:c0:d8:cc:5d:23:c3:4f:ed:0b:05:53:d1:25:79:
09:34:04:ca:b8:1f:8e:ac:bf:8a:80:1f:27:36:90:
3c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:E9:32:30:03:51:62:A0:C4:BC:42:39:8A:C4:BF:CA:66:4D:4D:CD
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/cukyMANRYqDEvEI5isS_ymZNTc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:7d::/48
Signature Algorithm: sha256WithRSAEncryption
11:07:98:69:44:dc:96:59:ca:73:66:73:53:dc:37:53:c5:45:
3d:84:44:c9:d6:d0:08:d7:23:a4:a0:35:a8:27:60:0f:70:8d:
19:42:04:7d:ef:e1:99:fa:c4:de:d0:59:0a:9c:28:54:05:70:
5d:87:43:40:a9:3e:cb:33:18:14:80:6b:bd:cc:47:40:dd:d7:
52:5a:4d:d8:7a:95:7f:61:c4:29:e9:64:22:7c:f6:7a:91:ae:
93:04:b6:bb:65:64:06:d5:07:8e:f6:aa:66:fb:ac:fa:85:8d:
00:bd:34:f6:45:be:ed:66:a1:0e:c6:ca:98:cf:9b:db:6b:66:
bc:f1:6b:09:1c:fd:7a:37:b4:95:26:98:d2:43:ca:f3:aa:9d:
d5:4f:2b:fe:ba:03:70:e9:e3:1c:0d:43:ec:4d:05:a4:fb:c1:
4d:ed:94:2f:5f:88:c3:a9:e3:85:84:88:52:f2:52:fa:ad:04:
db:91:4c:aa:e9:e9:b8:ac:93:0d:55:15:27:18:b1:be:f4:2a:
8d:e3:a5:33:c7:75:c9:9e:bd:5c:22:63:45:5a:44:a0:f8:2e:
a3:ca:05:97:3b:43:e3:de:ad:f8:84:57:26:c1:6e:97:11:05:
56:b6:8e:99:97:90:80:9f:c3:ce:4c:5d:a1:68:15:e6:15:6a:
68:91:9d:81
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/pyN6YfmSdkevTwLuLAcbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmU5MzIzMDAzNTE2MmEwYzRiYzQyMzk4YWM0YmZjYTY2NGQ0ZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg83ZDQ/Y23WypBj0wcgsRXlqmMVf
9GITngAkmc2GMPKE1QvBPfsxEYS+EuLwFPPi+0YwS91mUfl4EkY5SSSmuEb4gyCR
nvbsvqCDdO+reTyFHxH2w4IyRMoqG/OtlyJ4IhKL8IcKlOggGoDxmEkmye7WUVV8
+grGL69lKCuiP6QVrGhb2qeWrtf84Y1G//Rthu7M6VAjKexUMWsx2YLMJAqSMMN3
iKvCdooWMzJZfTifltdqrEXCgDl+0hhbSJ0uRZibHbhphYtl9SKx4FN92CDX5H0u
UwgO7y4KFQL9PFVRwNjMXSPDT+0LBVPRJXkJNATKuB+OrL+KgB8nNpA8KwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHLpMjADUWKgxLxCOYrEv8pmTU3NMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvY3VreU1BTlJZcURFdkVJNWlzU195bVpOVGMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQB9
MA0GCSqGSIb3DQEBCwUAA4IBAQARB5hpRNyWWcpzZnNT3DdTxUU9hETJ1tAI1yOk
oDWoJ2APcI0ZQgR97+GZ+sTe0FkKnChUBXBdh0NAqT7LMxgUgGu9zEdA3ddSWk3Y
epV/YcQp6WQifPZ6ka6TBLa7ZWQG1QeO9qpm+6z6hY0AvTT2Rb7tZqEOxsqYz5vb
a2a88WsJHP16N7SVJpjSQ8rzqp3VTyv+ugNw6eMcDUPsTQWk+8FN7ZQvX4jDqeOF
hIhS8lL6rQTbkUyq6em4rJMNVRUnGLG+9CqN46Uzx3XJnr1cImNFWkSg+C6jygWX
O0Pj3q34hFcmwW6XEQVWto6Zl5CAn8POTF2haBXmFWpokZ2B
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:09 2024 by rpki-client on console-ams.rpki-client.org