Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/xV81kaQdKMA-_iGhJCcH71hWWSc.roa
File: xV81kaQdKMA-_iGhJCcH71hWWSc.roa (raw, json)
Hash identifier: YJpnunDOwvgwvuqzjJNPADC5KE784LOe2gah8TUgyo4=
Subject key identifier: C5:5F:35:91:A4:1D:28:C0:3E:FE:21:A1:24:27:07:EF:58:56:59:27
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB5CD037F1E2F1C2AC7BBEE91CAF572
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/xV81kaQdKMA-_iGhJCcH71hWWSc.roa
Signing time: Tue 06 Feb 2024 18:37:17 +0000
ROA not before: Tue 06 Feb 2024 18:37:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198535
IP address blocks: 2a0f:b241:12b::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b5:cd:03:7f:1e:2f:1c:2a:c7:bb:ee:91:ca:f5:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:37:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c55f3591a41d28c03efe21a1242707ef58565927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:1e:72:0a:ed:db:c4:a8:df:5f:ac:fe:39:34:
e5:b8:bd:6c:51:ea:ad:28:b0:e1:42:af:20:55:33:
92:63:89:63:42:85:34:97:1a:2a:38:4b:c3:58:92:
6f:bd:38:9a:08:03:42:e6:9d:70:29:52:dd:5b:58:
34:a1:4b:c4:e5:bc:c0:2f:eb:c2:5a:59:b6:82:64:
ac:72:75:61:f9:08:7a:ad:4c:f7:13:95:89:6f:01:
ca:82:b3:2e:17:78:d1:7c:86:66:c0:8d:f9:f8:11:
45:5f:44:fc:b6:27:6f:b9:27:d4:42:0a:6a:e1:7c:
4e:58:ad:84:13:b5:a0:9c:89:33:d5:01:0e:98:12:
62:2f:93:d4:da:7c:09:25:1e:8d:ab:6f:83:ea:7a:
8a:81:1b:c6:40:57:2f:c0:fa:6e:35:a1:2f:b8:c9:
79:88:18:19:93:23:79:6c:3c:63:41:af:e7:a0:00:
23:ce:1e:0d:9e:4d:79:05:29:5b:70:b7:42:2f:29:
f8:ff:02:1e:10:a9:20:4e:c5:35:0d:26:fd:7f:b6:
06:49:c6:31:68:61:84:3d:81:4e:13:a0:9e:14:35:
b2:7f:5d:71:07:65:65:f5:62:11:f3:b1:b5:cb:11:
20:c7:f1:5e:91:48:fc:39:f0:48:1a:66:b2:fe:40:
67:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:5F:35:91:A4:1D:28:C0:3E:FE:21:A1:24:27:07:EF:58:56:59:27
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/xV81kaQdKMA-_iGhJCcH71hWWSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:12b::/48
Signature Algorithm: sha256WithRSAEncryption
6b:d1:ec:d5:62:ae:ce:b7:70:2c:73:ce:46:64:2b:39:b7:cd:
ef:20:82:5a:4c:f5:19:0c:fa:f4:13:6b:02:cb:c5:06:0c:1e:
db:5c:74:f4:f1:3c:c4:8b:00:cf:dd:73:1f:40:39:97:d0:27:
f5:c5:a9:e2:46:cb:48:30:3f:a2:da:33:86:b8:a1:06:8c:f1:
04:da:e9:b2:35:07:79:24:fa:41:9b:3c:a1:69:cc:4f:b8:b0:
6c:8d:3c:3e:f8:1f:12:04:bd:af:8c:70:6f:3a:de:3a:46:9a:
fc:fd:4c:3e:96:5e:2d:c6:93:57:62:97:02:8e:f3:01:84:3d:
b1:96:49:12:01:6a:97:a8:41:cc:4b:bf:b1:a3:bd:9f:b5:85:
f4:d3:4f:96:a9:c8:58:ee:64:ec:4a:6d:7d:c1:1c:aa:42:22:
83:ab:60:a5:7c:b8:2a:6b:a4:96:a2:0e:db:4c:7c:2b:6f:58:
9b:f1:9f:01:e9:77:fb:3a:79:cc:70:02:ef:be:c7:a4:58:27:
c9:08:21:10:42:eb:51:a2:f2:90:ab:fd:87:4f:2c:28:19:a2:
c7:3c:75:7e:69:e9:6e:25:1d:10:e3:d8:f5:b4:4d:63:bb:92:
78:2f:c3:15:b9:5f:0a:92:c5:62:a2:b8:c6:57:5f:85:a2:be:
ea:95:83:72
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/tc0Dfx4vHCrHu+6RyvVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzNzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTVmMzU5MWE0MWQyOGMwM2VmZTIxYTEyNDI3MDdlZjU4NTY1OTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhx5yCu3bxKjfX6z+OTTluL1sUeqt
KLDhQq8gVTOSY4ljQoU0lxoqOEvDWJJvvTiaCANC5p1wKVLdW1g0oUvE5bzAL+vC
Wlm2gmSscnVh+Qh6rUz3E5WJbwHKgrMuF3jRfIZmwI35+BFFX0T8tidvuSfUQgpq
4XxOWK2EE7WgnIkz1QEOmBJiL5PU2nwJJR6Nq2+D6nqKgRvGQFcvwPpuNaEvuMl5
iBgZkyN5bDxjQa/noAAjzh4Nnk15BSlbcLdCLyn4/wIeEKkgTsU1DSb9f7YGScYx
aGGEPYFOE6CeFDWyf11xB2Vl9WIR87G1yxEgx/FekUj8OfBIGmay/kBn/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMVfNZGkHSjAPv4hoSQnB+9YVlknMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEveFY4MWthUWRLTUEtX2lHaEpDY0g3MWhXV1NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEr
MA0GCSqGSIb3DQEBCwUAA4IBAQBr0ezVYq7Ot3Asc85GZCs5t83vIIJaTPUZDPr0
E2sCy8UGDB7bXHT08TzEiwDP3XMfQDmX0Cf1xaniRstIMD+i2jOGuKEGjPEE2umy
NQd5JPpBmzyhacxPuLBsjTw++B8SBL2vjHBvOt46Rpr8/Uw+ll4txpNXYpcCjvMB
hD2xlkkSAWqXqEHMS7+xo72ftYX000+WqchY7mTsSm19wRyqQiKDq2ClfLgqa6SW
og7bTHwrb1ib8Z8B6Xf7OnnMcALvvsekWCfJCCEQQutRovKQq/2HTywoGaLHPHV+
aeluJR0Q49j1tE1ju5J4L8MVuV8KksViorjGV1+For7qlYNy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:11 2024 by rpki-client on console-ams.rpki-client.org