Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/jdD13oujjZBohO94bF3SybRQy2E.roa
File: jdD13oujjZBohO94bF3SybRQy2E.roa (raw, json)
Hash identifier: LT4DbUWyBoG02U+3UhH/bUm51j1NftlodkDKA8nLWN4=
Subject key identifier: 8D:D0:F5:DE:8B:A3:8D:90:68:84:EF:78:6C:5D:D2:C9:B4:50:CB:61
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F09D7F0BE31C5BA786DCC177A3C832
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/jdD13oujjZBohO94bF3SybRQy2E.roa
Signing time: Wed 07 Feb 2024 05:00:46 +0000
ROA not before: Wed 07 Feb 2024 05:00:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209265
IP address blocks: 2a0f:b241:43::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:9d:7f:0b:e3:1c:5b:a7:86:dc:c1:77:a3:c8:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8dd0f5de8ba38d906884ef786c5dd2c9b450cb61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:dc:2b:7d:24:0c:2c:c5:2e:9c:16:b2:51:80:
5f:e4:00:33:60:85:ed:fd:85:dd:67:a4:b8:4e:20:
3a:b9:d5:3e:8c:eb:5e:8a:70:66:8f:97:85:18:74:
ca:16:d3:3a:eb:a0:d8:79:76:8f:39:db:9a:a6:83:
d8:5d:ae:46:d2:a1:8b:45:f2:56:0a:3a:42:9a:0c:
a2:8b:05:02:5e:52:cb:46:d6:8f:94:50:5b:3b:49:
b0:27:55:f4:24:1b:a3:2a:ab:8e:69:45:de:3c:e0:
e8:34:d3:0d:36:07:d1:ff:c0:cd:98:5e:c0:68:9f:
a0:b8:a0:12:93:81:5f:67:57:10:70:aa:84:f7:5a:
0b:e7:4f:33:70:12:77:cb:cb:3c:59:31:52:7c:a2:
28:87:5c:2a:57:69:1e:d6:5f:d9:63:0c:41:66:2c:
71:a4:44:76:9a:b5:6c:8f:71:ba:0d:b0:1e:81:41:
8b:6f:83:79:89:a1:50:90:32:75:97:bf:d9:94:b0:
d3:4e:0b:de:ff:d1:3d:b8:52:1d:33:ce:99:8b:c5:
52:02:ce:dc:17:d8:7d:33:fb:ab:91:4a:91:4c:73:
05:da:c6:40:69:e1:84:bd:94:f3:04:d2:11:d2:c1:
a0:28:df:74:d9:1e:4a:21:c8:b7:c3:a8:c1:4a:42:
a7:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D0:F5:DE:8B:A3:8D:90:68:84:EF:78:6C:5D:D2:C9:B4:50:CB:61
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/jdD13oujjZBohO94bF3SybRQy2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:43::/48
Signature Algorithm: sha256WithRSAEncryption
4a:67:c3:23:30:d1:15:da:52:56:d9:e4:ca:33:cf:2a:22:1b:
99:48:27:59:83:6d:c8:13:4d:0b:53:a3:85:14:a9:8c:aa:f1:
d2:4d:34:71:e2:76:71:f1:9a:be:d7:d1:e8:64:df:81:5d:a9:
31:d1:3e:a9:e6:a0:27:b0:84:3c:1d:f0:3a:a6:40:40:dc:c6:
ee:a1:b0:c1:b3:83:da:8a:f2:6f:f6:bb:e8:b0:51:47:48:d2:
47:ff:47:aa:e6:37:12:a0:68:62:0f:6c:74:b4:2b:59:b1:fa:
86:c9:09:02:1a:65:5a:78:f0:f8:52:2e:62:f4:24:cf:9f:a9:
69:4a:e1:9a:4a:eb:72:c5:fb:f1:8e:a0:39:8a:40:a6:86:97:
99:38:6d:cb:3c:d5:c0:94:80:6b:5a:b3:20:91:3a:8d:8d:5f:
c8:3d:bc:a9:d1:04:57:23:44:16:17:a4:83:a6:b1:fa:a2:11:
f6:48:89:d6:9b:b9:86:88:b0:24:33:93:bd:66:22:17:ad:44:
82:ab:77:c4:58:9a:59:df:c2:e7:70:6a:a8:6b:9b:40:5d:2d:
ac:35:a9:ac:40:88:14:38:d7:22:6b:a7:71:fa:79:31:0b:b2:
15:cd:78:04:a4:69:c8:6c:6e:18:3a:9c:11:2d:d5:a0:1b:53:
82:e6:b1:3b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8J1/C+McW6eG3MF3o8gyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGQwZjVkZThiYTM4ZDkwNjg4NGVmNzg2YzVkZDJjOWI0NTBjYjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9wrfSQMLMUunBayUYBf5AAzYIXt
/YXdZ6S4TiA6udU+jOteinBmj5eFGHTKFtM666DYeXaPOduapoPYXa5G0qGLRfJW
CjpCmgyiiwUCXlLLRtaPlFBbO0mwJ1X0JBujKquOaUXePODoNNMNNgfR/8DNmF7A
aJ+guKASk4FfZ1cQcKqE91oL508zcBJ3y8s8WTFSfKIoh1wqV2ke1l/ZYwxBZixx
pER2mrVsj3G6DbAegUGLb4N5iaFQkDJ1l7/ZlLDTTgve/9E9uFIdM86Zi8VSAs7c
F9h9M/urkUqRTHMF2sZAaeGEvZTzBNIR0sGgKN902R5KIci3w6jBSkKnDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI3Q9d6Lo42QaITveGxd0sm0UMthMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvamREMTNvdWpqWkJvaE85NGJGM1N5YlJReTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBD
MA0GCSqGSIb3DQEBCwUAA4IBAQBKZ8MjMNEV2lJW2eTKM88qIhuZSCdZg23IE00L
U6OFFKmMqvHSTTRx4nZx8Zq+19HoZN+BXakx0T6p5qAnsIQ8HfA6pkBA3MbuobDB
s4PaivJv9rvosFFHSNJH/0eq5jcSoGhiD2x0tCtZsfqGyQkCGmVaePD4Ui5i9CTP
n6lpSuGaSutyxfvxjqA5ikCmhpeZOG3LPNXAlIBrWrMgkTqNjV/IPbyp0QRXI0QW
F6SDprH6ohH2SInWm7mGiLAkM5O9ZiIXrUSCq3fEWJpZ38LncGqoa5tAXS2sNams
QIgUONcia6dx+nkxC7IVzXgEpGnIbG4YOpwRLdWgG1OC5rE7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org