Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/mYcozbNbKWKYzFUmF9Yp3duVY7g.roa
File: mYcozbNbKWKYzFUmF9Yp3duVY7g.roa (raw, json)
Hash identifier: WlBPFFskWA1hcBDn/GRsnTMCI0ly8i6cbjvME0qD14U=
Subject key identifier: 99:87:28:CD:B3:5B:29:62:98:CC:55:26:17:D6:29:DD:DB:95:63:B8
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F05B8D69E86BC74BA43353AEBD3635
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/mYcozbNbKWKYzFUmF9Yp3duVY7g.roa
Signing time: Wed 07 Feb 2024 05:00:29 +0000
ROA not before: Wed 07 Feb 2024 05:00:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44570
IP address blocks: 2a0f:b241:110::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:5b:8d:69:e8:6b:c7:4b:a4:33:53:ae:bd:36:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=998728cdb35b296298cc552617d629dddb9563b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:f1:a1:8f:50:f3:47:0f:fd:bb:b0:c8:00:ba:
02:86:be:b2:be:1b:72:aa:8a:ac:cb:9b:68:d0:c3:
8f:2f:5d:fb:ba:ba:f7:6c:3c:0b:57:66:ee:a0:1d:
62:13:aa:82:2c:89:48:46:2a:0a:3c:28:52:1a:91:
24:22:c2:89:c5:7f:ec:a8:b7:6a:5c:c3:2f:c9:34:
3c:6c:16:57:c0:fb:40:c5:19:b8:9f:a0:2f:7c:a5:
fb:44:20:ed:ec:16:c8:fa:38:3e:e0:b4:16:a7:10:
28:aa:6f:42:26:ab:33:98:af:54:06:07:2e:c7:6a:
fb:2b:d1:63:6a:8d:01:0f:82:38:c8:3e:42:7e:5f:
c9:08:31:50:92:f3:74:f7:7b:9d:f8:d4:ed:1e:00:
b7:ac:6b:d3:5e:d7:4a:24:06:20:08:2e:9f:2d:d1:
5e:d8:14:50:bb:6a:23:32:fd:d8:04:a8:6c:af:6e:
d1:19:e9:8b:b0:2c:5f:6d:6d:7d:df:08:1f:d1:13:
34:65:b7:d0:2c:de:06:21:7a:62:51:79:76:c5:83:
e1:b1:26:a0:97:6b:8a:1a:a0:fa:02:1f:ec:1d:d0:
0c:b8:44:84:7b:34:88:bb:61:fc:ea:aa:ae:41:50:
aa:c1:a0:d9:78:2c:53:ab:de:11:59:ba:69:72:f1:
50:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:87:28:CD:B3:5B:29:62:98:CC:55:26:17:D6:29:DD:DB:95:63:B8
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/mYcozbNbKWKYzFUmF9Yp3duVY7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:110::/48
Signature Algorithm: sha256WithRSAEncryption
7f:5c:50:19:63:73:4b:62:4f:b4:07:e8:b2:d2:fc:db:ef:49:
6e:82:90:c0:ee:7e:62:06:2b:dd:8a:79:9c:8a:65:c5:16:9e:
73:0c:64:b0:43:8d:54:a7:02:82:da:e2:ad:97:fa:dc:b7:d7:
37:d8:fa:ed:67:f8:ca:52:29:fd:a9:a4:dc:06:5e:9a:5f:8c:
05:93:a4:0d:5d:a2:5f:9e:6e:d5:bf:d2:90:02:0c:c2:92:4c:
c6:e3:b8:7b:6f:d2:f0:71:75:4c:5f:c4:70:ac:00:51:f8:3e:
6a:d2:4e:00:be:44:07:46:fc:ea:3f:4f:4e:76:47:0d:6a:73:
6d:bc:79:4a:75:ba:4c:ba:5f:0a:48:ed:7a:c4:06:06:a8:5e:
dd:62:a9:66:a9:d2:9b:39:48:3d:61:94:4a:0a:ef:28:58:d9:
66:df:fa:b6:24:b4:42:78:98:1a:7c:45:eb:ff:c0:85:e0:8c:
81:fc:f2:fe:fa:30:eb:31:37:52:38:8a:3b:89:83:67:5f:0f:
8a:e2:64:92:fa:63:78:d3:96:56:05:03:84:67:37:30:24:17:
5a:23:13:00:43:11:3e:a1:fa:7a:fb:c2:e1:ba:2a:f5:fb:a7:
e5:75:5e:14:a4:00:5e:5b:ae:7b:15:a0:a4:a9:86:06:b0:93:
c8:7a:10:29
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8FuNaehrx0ukM1OuvTY1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTg3MjhjZGIzNWIyOTYyOThjYzU1MjYxN2Q2MjlkZGRiOTU2M2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9fGhj1DzRw/9u7DIALoChr6yvhty
qoqsy5to0MOPL137urr3bDwLV2buoB1iE6qCLIlIRioKPChSGpEkIsKJxX/sqLdq
XMMvyTQ8bBZXwPtAxRm4n6AvfKX7RCDt7BbI+jg+4LQWpxAoqm9CJqszmK9UBgcu
x2r7K9Fjao0BD4I4yD5Cfl/JCDFQkvN093ud+NTtHgC3rGvTXtdKJAYgCC6fLdFe
2BRQu2ojMv3YBKhsr27RGemLsCxfbW193wgf0RM0ZbfQLN4GIXpiUXl2xYPhsSag
l2uKGqD6Ah/sHdAMuESEezSIu2H86qquQVCqwaDZeCxTq94RWbppcvFQ3QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJmHKM2zWylimMxVJhfWKd3blWO4MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvbVljb3piTmJLV0tZekZVbUY5WXAzZHVWWTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB/XFAZY3NLYk+0B+iy0vzb70lugpDA7n5iBivd
inmcimXFFp5zDGSwQ41UpwKC2uKtl/rct9c32PrtZ/jKUin9qaTcBl6aX4wFk6QN
XaJfnm7Vv9KQAgzCkkzG47h7b9LwcXVMX8RwrABR+D5q0k4AvkQHRvzqP09OdkcN
anNtvHlKdbpMul8KSO16xAYGqF7dYqlmqdKbOUg9YZRKCu8oWNlm3/q2JLRCeJga
fEXr/8CF4IyB/PL++jDrMTdSOIo7iYNnXw+K4mSS+mN405ZWBQOEZzcwJBdaIxMA
QxE+ofp6+8Lhuir1+6fldV4UpABeW657FaCkqYYGsJPIehAp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org