Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/0I-NGfVU-S8eDouqZk68zU6lgeQ.roa
File: 0I-NGfVU-S8eDouqZk68zU6lgeQ.roa (raw, json)
Hash identifier: HQ392vUeKt+zQT78XFhScR/pAOWK5Nh6W0tSylvTPBY=
Subject key identifier: D0:8F:8D:19:F5:54:F9:2F:1E:0E:8B:AA:66:4E:BC:CD:4E:A5:81:E4
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F96AEECCCFB9F94F8BCDEEA1254CF70
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/0I-NGfVU-S8eDouqZk68zU6lgeQ.roa
Signing time: Tue 06 Feb 2024 18:03:17 +0000
ROA not before: Tue 06 Feb 2024 18:03:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216091
IP address blocks: 2a0f:b241:5c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:96:ae:ec:cc:fb:9f:94:f8:bc:de:ea:12:54:cf:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:03:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d08f8d19f554f92f1e0e8baa664ebccd4ea581e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:84:c4:39:1b:e4:c8:fd:6e:97:49:3a:46:b0:
d6:65:56:52:25:68:31:8b:05:77:6c:8e:84:ea:1a:
c5:ed:6c:fc:cf:d7:10:ff:ec:69:9d:bf:8a:67:6b:
0f:4c:e4:ef:d1:2e:69:af:46:0b:ae:e1:c9:ff:ba:
96:fa:02:3b:ca:4c:58:4a:78:cf:18:df:8e:bd:51:
e4:36:79:91:2d:64:d9:43:ae:7f:e0:af:ed:ab:a5:
94:33:3f:20:03:9a:12:61:3c:88:f9:14:4c:23:fc:
99:d1:ba:3c:c0:78:5b:60:6b:ab:37:85:5a:55:8f:
f8:fc:50:9a:81:6d:82:5c:5f:76:da:97:00:10:bd:
29:1c:29:c9:83:fc:43:a6:71:6b:af:09:80:8e:06:
83:4f:de:7f:ce:94:5a:78:93:7b:c3:1f:94:1e:68:
d6:87:1a:83:a1:f1:59:0c:6f:4f:be:7b:7a:7f:c2:
94:7b:6b:a7:66:4d:fa:28:d6:d6:0b:7f:bd:4a:a1:
20:e8:d3:ed:a6:d3:48:65:be:35:b0:6e:b6:1a:26:
ca:7e:da:b9:79:4c:c9:58:b8:57:29:c2:c1:c6:2b:
1d:da:f3:53:84:3b:1f:ad:08:83:f6:cc:1c:46:de:
4c:bd:4c:20:b3:45:59:d0:78:a9:53:8d:06:3d:21:
de:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:8F:8D:19:F5:54:F9:2F:1E:0E:8B:AA:66:4E:BC:CD:4E:A5:81:E4
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/0I-NGfVU-S8eDouqZk68zU6lgeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:5c::/48
Signature Algorithm: sha256WithRSAEncryption
4d:d3:ae:b1:bb:c5:d0:ac:86:52:e9:eb:af:32:15:2d:74:ab:
7a:09:90:9c:88:cc:1d:19:4f:90:46:86:8e:a6:3f:19:23:f7:
29:d1:21:2e:4e:be:a3:c4:46:e8:2d:22:0d:3b:8e:5d:d0:cb:
f9:02:09:60:b9:58:ea:75:81:03:fb:2d:e1:b1:6f:eb:0b:b0:
ba:87:09:dc:06:ec:77:2a:cb:21:12:fe:15:58:7e:df:47:4e:
dd:af:56:78:4c:95:a6:ca:05:aa:be:20:2f:4a:95:40:15:71:
48:52:f2:28:00:91:79:cc:67:7d:24:5c:00:22:c8:36:92:8a:
94:37:2e:2b:f9:96:27:ce:7f:90:6b:df:fd:fa:59:1e:0c:e3:
26:5d:16:ae:a1:00:73:52:94:33:de:88:25:83:50:a4:02:c4:
06:62:62:6b:59:1e:95:5e:d5:e1:7a:53:99:10:b2:e9:4a:9d:
d1:cc:00:75:2c:af:cd:cd:c4:fe:3a:c4:09:16:5c:f9:51:e9:
ad:59:fb:18:75:91:29:f2:43:f7:56:41:d3:91:96:30:ef:1c:
a6:6a:71:d5:f2:fd:02:ba:c0:0b:05:9f:00:15:07:01:8a:07:
30:49:b5:73:98:ed:e1:d4:af:ee:28:81:80:e4:52:50:36:eb:
59:c1:bc:51
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lq7szPuflPi83uoSVM9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDhmOGQxOWY1NTRmOTJmMWUwZThiYWE2NjRlYmNjZDRlYTU4MWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4TEORvkyP1ul0k6RrDWZVZSJWgx
iwV3bI6E6hrF7Wz8z9cQ/+xpnb+KZ2sPTOTv0S5pr0YLruHJ/7qW+gI7ykxYSnjP
GN+OvVHkNnmRLWTZQ65/4K/tq6WUMz8gA5oSYTyI+RRMI/yZ0bo8wHhbYGurN4Va
VY/4/FCagW2CXF922pcAEL0pHCnJg/xDpnFrrwmAjgaDT95/zpRaeJN7wx+UHmjW
hxqDofFZDG9Pvnt6f8KUe2unZk36KNbWC3+9SqEg6NPtptNIZb41sG62GibKftq5
eUzJWLhXKcLBxisd2vNThDsfrQiD9swcRt5MvUwgs0VZ0HipU40GPSHekQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNCPjRn1VPkvHg6LqmZOvM1OpYHkMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMEktTkdmVlUtUzhlRG91cVprNjh6VTZsZ2VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBc
MA0GCSqGSIb3DQEBCwUAA4IBAQBN066xu8XQrIZS6euvMhUtdKt6CZCciMwdGU+Q
RoaOpj8ZI/cp0SEuTr6jxEboLSINO45d0Mv5AglguVjqdYED+y3hsW/rC7C6hwnc
Bux3KsshEv4VWH7fR07dr1Z4TJWmygWqviAvSpVAFXFIUvIoAJF5zGd9JFwAIsg2
koqUNy4r+ZYnzn+Qa9/9+lkeDOMmXRauoQBzUpQz3oglg1CkAsQGYmJrWR6VXtXh
elOZELLpSp3RzAB1LK/NzcT+OsQJFlz5UemtWfsYdZEp8kP3VkHTkZYw7xymanHV
8v0CusALBZ8AFQcBigcwSbVzmO3h1K/uKIGA5FJQNutZwbxR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org