Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sONrh9sGzfv8muB47JTZNw2pQ9w.roa
File: sONrh9sGzfv8muB47JTZNw2pQ9w.roa (raw, json)
Hash identifier: r0vRgwtk8PsRqpNHb83PQRh+fAi3DrAwv1cD/xonEdg=
Subject key identifier: B0:E3:6B:87:DB:06:CD:FB:FC:9A:E0:78:EC:94:D9:37:0D:A9:43:DC
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0667C3AB77FDE5C9E3C9D4FBCCF94
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sONrh9sGzfv8muB47JTZNw2pQ9w.roa
Signing time: Wed 07 Feb 2024 05:00:32 +0000
ROA not before: Wed 07 Feb 2024 05:00:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58339
IP address blocks: 2a0f:b241:122::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:66:7c:3a:b7:7f:de:5c:9e:3c:9d:4f:bc:cf:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0e36b87db06cdfbfc9ae078ec94d9370da943dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ac:9a:d5:de:ed:95:cb:cd:06:e9:58:d5:a9:
79:95:66:c0:0c:3b:18:d1:5c:01:0e:c7:c4:1e:fb:
9d:ee:fc:26:d2:c5:3a:b2:a0:ce:9f:5e:3a:3a:a0:
a5:7f:92:bb:ed:d7:1d:cb:9e:ec:5a:5e:c0:0b:49:
91:90:a4:b6:96:6f:54:c2:9e:10:a5:a2:d5:9e:67:
9b:48:1d:c7:b5:5f:9d:dd:0f:01:45:0f:b8:f4:61:
26:73:b5:3f:9e:04:f5:af:9e:31:14:e3:c2:47:08:
bd:34:9f:a3:82:8e:42:8b:2a:fb:33:fc:06:70:f8:
d5:6d:d3:b5:da:81:ed:f4:dd:ea:c4:3e:46:aa:db:
ac:42:2c:72:d8:77:7e:1c:83:db:c5:31:60:30:7c:
e8:80:5b:3d:6d:dc:7a:83:df:dd:45:8c:e5:a2:68:
5d:d0:ac:1e:91:1f:5c:1c:9b:76:58:24:35:e4:eb:
ca:82:3e:bd:b3:6f:1e:53:cf:b7:8e:55:ec:80:9e:
96:fe:e9:fa:f1:45:66:66:a0:4f:69:1e:39:bd:8f:
9d:91:6f:03:f4:cb:41:03:a9:21:dc:e7:ac:b2:02:
cd:8a:9a:a3:50:67:fa:f9:90:36:e9:45:fb:23:2f:
0a:fa:97:81:1b:bc:b8:57:08:66:8e:6a:98:62:9f:
b4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E3:6B:87:DB:06:CD:FB:FC:9A:E0:78:EC:94:D9:37:0D:A9:43:DC
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sONrh9sGzfv8muB47JTZNw2pQ9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:122::/48
Signature Algorithm: sha256WithRSAEncryption
63:34:26:17:84:a1:3d:12:2f:9c:11:8e:8e:d5:e5:57:52:0c:
87:ca:fa:1d:9a:4c:c9:5f:57:40:0a:14:6a:91:6c:02:08:00:
f5:01:78:a4:a0:96:1b:f9:17:d9:76:ef:e5:8f:96:a3:c2:dc:
3f:30:a8:22:a1:2f:d4:41:19:80:ba:8a:10:cf:61:f4:53:13:
b7:4d:03:bd:a3:79:76:e1:fb:2b:d5:70:a5:16:e5:86:12:cd:
64:86:16:46:22:7a:8d:c5:97:fb:58:64:13:dd:a9:90:90:82:
70:89:66:de:9d:15:e0:73:25:67:aa:b7:f9:64:88:3d:ab:d9:
b2:e3:35:8e:11:cb:94:6d:01:75:bb:42:2f:c0:74:d7:a9:bc:
a1:b1:58:92:ec:b6:a0:71:fd:c3:3c:98:92:7e:c7:1e:b5:12:
80:b7:27:33:a1:4a:47:6a:6f:18:e2:0e:b9:4f:2f:fb:d6:d4:
93:60:d3:38:c8:1d:19:de:2b:a8:c0:10:9b:6d:c7:72:d1:44:
8e:bd:8d:c4:e7:37:7a:53:7f:47:b6:e1:f4:43:59:6f:d6:48:
23:a1:af:6b:bc:01:d9:46:07:06:8b:a8:59:76:80:7b:41:5b:
06:ea:e1:c1:9f:b3:b8:6f:48:59:6e:a1:80:a5:83:ed:c5:cb:
8e:b9:24:be
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8GZ8Ord/3lyePJ1PvM+UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGUzNmI4N2RiMDZjZGZiZmM5YWUwNzhlYzk0ZDkzNzBkYTk0M2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6ya1d7tlcvNBulY1al5lWbADDsY
0VwBDsfEHvud7vwm0sU6sqDOn146OqClf5K77dcdy57sWl7AC0mRkKS2lm9Uwp4Q
paLVnmebSB3HtV+d3Q8BRQ+49GEmc7U/ngT1r54xFOPCRwi9NJ+jgo5Ciyr7M/wG
cPjVbdO12oHt9N3qxD5GqtusQixy2Hd+HIPbxTFgMHzogFs9bdx6g9/dRYzlomhd
0KwekR9cHJt2WCQ15OvKgj69s28eU8+3jlXsgJ6W/un68UVmZqBPaR45vY+dkW8D
9MtBA6kh3OessgLNipqjUGf6+ZA26UX7Iy8K+peBG7y4VwhmjmqYYp+0vQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLDja4fbBs37/JrgeOyU2TcNqUPcMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvc09Ocmg5c0d6ZnY4bXVCNDdKVFpOdzJwUTl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEi
MA0GCSqGSIb3DQEBCwUAA4IBAQBjNCYXhKE9Ei+cEY6O1eVXUgyHyvodmkzJX1dA
ChRqkWwCCAD1AXikoJYb+RfZdu/lj5ajwtw/MKgioS/UQRmAuooQz2H0UxO3TQO9
o3l24fsr1XClFuWGEs1khhZGInqNxZf7WGQT3amQkIJwiWbenRXgcyVnqrf5ZIg9
q9my4zWOEcuUbQF1u0IvwHTXqbyhsViS7Lagcf3DPJiSfscetRKAtyczoUpHam8Y
4g65Ty/71tSTYNM4yB0Z3iuowBCbbcdy0USOvY3E5zd6U39HtuH0Q1lv1kgjoa9r
vAHZRgcGi6hZdoB7QVsG6uHBn7O4b0hZbqGApYPtxcuOuSS+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:11 2024 by rpki-client on console-ams.rpki-client.org