Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/pUj-33vGAwkXv0XJjOoRePGXuYI.roa
File: pUj-33vGAwkXv0XJjOoRePGXuYI.roa (raw, json)
Hash identifier: 6re3nLUTngoyHjATig7v+CYbY+vLW5nfeTNYDSw9dww=
Subject key identifier: A5:48:FE:DF:7B:C6:03:09:17:BF:45:C9:8C:EA:11:78:F1:97:B9:82
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA6365C7F574B3B4319862EEB8C4E3E
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/pUj-33vGAwkXv0XJjOoRePGXuYI.roa
Signing time: Tue 06 Feb 2024 18:20:15 +0000
ROA not before: Tue 06 Feb 2024 18:20:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197815
IP address blocks: 2a0f:b241:71::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a6:36:5c:7f:57:4b:3b:43:19:86:2e:eb:8c:4e:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:20:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a548fedf7bc6030917bf45c98cea1178f197b982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:49:5e:60:f3:f4:59:59:be:fb:a9:c1:37:53:
a5:33:72:80:83:b4:3b:09:d3:8b:de:41:c3:71:65:
8b:35:6c:00:34:69:b2:95:fe:7b:25:46:63:0d:3f:
bb:be:5f:c9:ca:42:2c:e2:b5:3c:cb:8f:4e:c9:7c:
ad:af:6c:6d:50:f2:d8:09:f4:97:9b:22:96:82:f3:
84:99:19:e7:f6:f1:fc:d4:6f:ff:57:59:bc:e7:40:
8c:02:b5:7e:b6:3f:3a:c3:8b:ca:e4:89:9e:f7:2d:
4f:2d:f1:aa:51:ba:25:c7:85:26:29:b4:0a:1d:6c:
ca:f2:95:e2:1f:84:b8:64:f9:23:15:d0:aa:ae:52:
02:f5:14:fe:57:62:ed:e6:38:6b:74:15:c2:f9:ec:
a4:43:08:06:b7:ed:6b:04:79:c7:a2:87:e9:e1:55:
35:14:36:f7:21:ea:5e:dc:ee:9c:65:98:70:78:ed:
f5:11:a5:55:b9:7d:23:9a:f1:29:80:73:66:ae:12:
10:a4:54:5f:74:a2:06:43:69:6e:47:4c:a4:90:a3:
c5:12:1f:fc:4c:61:48:bf:d1:25:c9:4d:d2:57:23:
1c:4c:0f:03:09:d3:71:7c:a5:cc:38:e3:76:bd:fd:
29:46:eb:fe:38:d4:68:49:28:97:f5:17:c8:3c:5c:
ac:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:48:FE:DF:7B:C6:03:09:17:BF:45:C9:8C:EA:11:78:F1:97:B9:82
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/pUj-33vGAwkXv0XJjOoRePGXuYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:71::/48
Signature Algorithm: sha256WithRSAEncryption
43:c0:f6:1a:1e:cf:4e:a1:cc:0b:cb:50:ec:ad:8a:80:35:c3:
63:b9:24:3f:78:df:a0:3a:b5:ce:27:d5:8f:8c:13:e7:41:3e:
e8:6d:2c:ce:81:2d:48:79:c6:27:ed:11:40:b0:55:55:5c:f3:
75:fb:cf:c1:a9:31:00:c8:bf:1a:ed:e6:e6:b2:d6:b9:87:92:
93:c8:c7:30:c8:6d:5e:7f:f5:00:b1:ff:e1:10:48:ea:12:48:
d4:fb:81:59:24:dc:55:fb:6b:7d:ad:18:37:3c:ca:f6:4e:6f:
08:ae:da:04:b9:2f:b8:d1:d0:d3:bf:23:58:95:36:70:44:ff:
14:6e:5d:ea:5a:77:cf:d6:4a:77:2e:43:83:f7:30:14:50:70:
df:46:01:12:51:07:0e:dd:49:05:e5:33:4b:f7:56:ea:06:d4:
f1:cc:d6:ac:0b:b1:96:88:11:68:2f:01:60:88:56:20:f8:ec:
ea:6b:6e:b1:a3:a4:9c:5d:f0:60:08:d4:cd:84:1b:5d:33:d5:
89:8f:7b:67:50:64:df:1f:9c:12:7b:4a:e6:e6:cf:cf:a4:9b:
2a:17:a6:42:ed:2f:5c:a7:2b:60:b5:92:a0:e1:7b:97:45:0a:
f2:26:50:82:8e:b5:7e:80:c2:2c:c0:8f:fb:23:c0:39:4c:6e:
a4:c6:b6:e1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/pjZcf1dLO0MZhi7rjE4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTQ4ZmVkZjdiYzYwMzA5MTdiZjQ1Yzk4Y2VhMTE3OGYxOTdiOTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEleYPP0WVm++6nBN1OlM3KAg7Q7
CdOL3kHDcWWLNWwANGmylf57JUZjDT+7vl/JykIs4rU8y49OyXytr2xtUPLYCfSX
myKWgvOEmRnn9vH81G//V1m850CMArV+tj86w4vK5Ime9y1PLfGqUbolx4UmKbQK
HWzK8pXiH4S4ZPkjFdCqrlIC9RT+V2Lt5jhrdBXC+eykQwgGt+1rBHnHoofp4VU1
FDb3Iepe3O6cZZhweO31EaVVuX0jmvEpgHNmrhIQpFRfdKIGQ2luR0ykkKPFEh/8
TGFIv9ElyU3SVyMcTA8DCdNxfKXMOON2vf0pRuv+ONRoSSiX9RfIPFysaQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKVI/t97xgMJF79FyYzqEXjxl7mCMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvcFVqLTMzdkdBd2tYdjBYSmpPb1JlUEdYdVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBx
MA0GCSqGSIb3DQEBCwUAA4IBAQBDwPYaHs9OocwLy1DsrYqANcNjuSQ/eN+gOrXO
J9WPjBPnQT7obSzOgS1IecYn7RFAsFVVXPN1+8/BqTEAyL8a7ebmsta5h5KTyMcw
yG1ef/UAsf/hEEjqEkjU+4FZJNxV+2t9rRg3PMr2Tm8IrtoEuS+40dDTvyNYlTZw
RP8Ubl3qWnfP1kp3LkOD9zAUUHDfRgESUQcO3UkF5TNL91bqBtTxzNasC7GWiBFo
LwFgiFYg+Ozqa26xo6ScXfBgCNTNhBtdM9WJj3tnUGTfH5wSe0rm5s/PpJsqF6ZC
7S9cpytgtZKg4XuXRQryJlCCjrV+gMIswI/7I8A5TG6kxrbh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:13 2024 by rpki-client on console-fra.rpki-client.org