Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/mmOY2ALMv6bmntjbJEx9tILpbdg.roa
File: mmOY2ALMv6bmntjbJEx9tILpbdg.roa (raw, json)
Hash identifier: NfaTypZHBMyYlBb/N0IrkJcIR0H2/szU6wsRgNovCis=
Subject key identifier: 9A:63:98:D8:02:CC:BF:A6:E6:9E:D8:DB:24:4C:7D:B4:82:E9:6D:D8
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB6B5D2E5C974F81E37A1C5579CEC1B
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/mmOY2ALMv6bmntjbJEx9tILpbdg.roa
Signing time: Tue 06 Feb 2024 18:38:17 +0000
ROA not before: Tue 06 Feb 2024 18:38:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200502
IP address blocks: 2a0f:b241:131::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b6:b5:d2:e5:c9:74:f8:1e:37:a1:c5:57:9c:ec:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:38:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a6398d802ccbfa6e69ed8db244c7db482e96dd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:30:89:ff:6d:a9:f0:67:b7:37:c5:93:1f:de:
7c:93:14:2b:06:21:29:f8:45:51:13:54:b3:7b:4f:
de:cd:d4:15:66:a4:a9:97:31:18:af:38:f2:1b:52:
e7:d3:3b:2b:31:00:ff:88:bd:65:eb:63:61:6f:63:
76:b7:91:4a:32:82:51:f9:d2:df:12:5b:39:91:99:
01:5b:61:e4:fb:87:1f:ea:a5:7a:d0:cf:71:9b:27:
31:39:ac:e5:ad:34:0d:be:fb:da:dd:81:6f:70:9a:
07:11:14:0f:81:84:a6:1e:fc:72:c8:89:8e:66:d0:
1b:e6:d0:b2:4d:7d:ac:b1:6a:35:4b:2b:18:d3:32:
ce:5b:83:33:83:7d:b1:9e:a4:c6:25:dc:88:37:d6:
fd:b1:ea:a1:2c:01:5c:ad:a2:ae:09:6b:dc:b0:e0:
a7:4b:5a:d6:fe:d2:ed:c0:50:4f:32:7b:18:23:c0:
b6:99:4f:3d:7d:3c:d6:63:14:1f:d8:fb:4d:d4:5f:
56:0f:c6:77:b1:83:15:1f:36:be:5e:b9:41:aa:3b:
37:c8:2d:b5:36:6c:23:d3:c2:b7:18:36:83:33:32:
b7:00:49:dd:93:6c:b5:46:a2:85:01:7d:d2:12:bd:
ef:70:e4:c0:a9:fc:33:d5:98:67:36:27:56:36:0b:
31:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:63:98:D8:02:CC:BF:A6:E6:9E:D8:DB:24:4C:7D:B4:82:E9:6D:D8
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/mmOY2ALMv6bmntjbJEx9tILpbdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:131::/48
Signature Algorithm: sha256WithRSAEncryption
1d:d6:33:6b:7b:79:73:02:b5:ef:fb:cb:16:e3:20:88:67:ee:
7f:0c:3a:30:c0:61:11:84:e4:36:fc:a4:ca:c5:06:de:d2:ae:
70:72:fe:6c:a6:ae:f0:d6:47:87:fa:33:9c:45:76:81:1b:bb:
8d:d6:ce:9f:38:91:1d:2e:9d:c0:f9:3a:ea:4f:42:09:6a:38:
ba:a9:14:ec:53:2b:24:c8:b0:2a:df:8e:f0:da:14:07:53:9d:
32:4d:47:38:56:a6:50:18:0c:d6:73:4f:3b:1a:e0:6f:a5:14:
8b:7b:86:d9:40:bc:4e:53:c3:59:fb:b7:11:81:a7:af:96:95:
90:2f:2d:13:c6:87:59:08:32:b9:2a:35:93:30:62:91:0d:0e:
3e:29:8c:54:78:2b:36:7b:22:f1:67:81:e0:58:cd:5f:5c:f6:
55:c8:9a:89:ca:81:95:5b:29:19:ec:7c:0b:70:d0:a1:d6:45:
54:25:03:f8:d7:1a:3f:ac:e0:34:1a:4c:82:b3:aa:7a:75:a0:
e1:1f:4b:6b:d0:8e:bd:e8:df:f1:6f:fe:59:45:c2:0d:b5:94:
f5:97:11:95:35:65:78:7c:d5:99:e1:f2:7e:55:b5:bf:ca:7b:
d5:e5:de:0f:ad:b3:16:40:b6:d1:57:a1:75:c2:f5:63:b8:21:
ce:ee:74:1b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/trXS5cl0+B43ocVXnOwbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTYzOThkODAyY2NiZmE2ZTY5ZWQ4ZGIyNDRjN2RiNDgyZTk2ZGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDCJ/22p8Ge3N8WTH958kxQrBiEp
+EVRE1Sze0/ezdQVZqSplzEYrzjyG1Ln0zsrMQD/iL1l62Nhb2N2t5FKMoJR+dLf
Els5kZkBW2Hk+4cf6qV60M9xmycxOazlrTQNvvva3YFvcJoHERQPgYSmHvxyyImO
ZtAb5tCyTX2ssWo1SysY0zLOW4Mzg32xnqTGJdyIN9b9seqhLAFcraKuCWvcsOCn
S1rW/tLtwFBPMnsYI8C2mU89fTzWYxQf2PtN1F9WD8Z3sYMVHza+XrlBqjs3yC21
Nmwj08K3GDaDMzK3AEndk2y1RqKFAX3SEr3vcOTAqfwz1ZhnNidWNgsxWQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJpjmNgCzL+m5p7Y2yRMfbSC6W3YMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvbW1PWTJBTE12NmJtbnRqYkpFeDl0SUxwYmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEx
MA0GCSqGSIb3DQEBCwUAA4IBAQAd1jNre3lzArXv+8sW4yCIZ+5/DDowwGERhOQ2
/KTKxQbe0q5wcv5spq7w1keH+jOcRXaBG7uN1s6fOJEdLp3A+TrqT0IJaji6qRTs
UyskyLAq347w2hQHU50yTUc4VqZQGAzWc087GuBvpRSLe4bZQLxOU8NZ+7cRgaev
lpWQLy0TxodZCDK5KjWTMGKRDQ4+KYxUeCs2eyLxZ4HgWM1fXPZVyJqJyoGVWykZ
7HwLcNCh1kVUJQP41xo/rOA0GkyCs6p6daDhH0tr0I696N/xb/5ZRcINtZT1lxGV
NWV4fNWZ4fJ+VbW/ynvV5d4PrbMWQLbRV6F1wvVjuCHO7nQb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:10 2024 by rpki-client on console-ams.rpki-client.org