Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/0qpM2GFMDSp0hqVOH8F3crJMk6I.roa
File: 0qpM2GFMDSp0hqVOH8F3crJMk6I.roa (raw, json)
Hash identifier: kKHzDEZgz7WlS87EniDvdhBB4UF1M3hSG+BAboDaSZ0=
Subject key identifier: D2:AA:4C:D8:61:4C:0D:2A:74:86:A5:4E:1F:C1:77:72:B2:4C:93:A2
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FABB7DF254FF6B474483B4D4DFF3986
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/0qpM2GFMDSp0hqVOH8F3crJMk6I.roa
Signing time: Tue 06 Feb 2024 18:26:16 +0000
ROA not before: Tue 06 Feb 2024 18:26:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205027
IP address blocks: 2a0f:b241:ea::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:ab:b7:df:25:4f:f6:b4:74:48:3b:4d:4d:ff:39:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:26:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2aa4cd8614c0d2a7486a54e1fc17772b24c93a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ea:29:30:80:4a:58:68:98:f9:ac:b9:4d:10:
d6:83:e7:c1:05:df:8c:94:38:60:7b:9b:79:cd:47:
e3:4e:c2:ce:d9:d3:f6:e8:7f:0a:c5:8f:77:8e:c7:
ca:23:38:b5:24:8a:a6:0e:76:86:b7:9e:ca:5f:d0:
b3:e3:f3:5c:72:de:4f:30:9f:2e:cd:98:53:05:90:
9a:f9:aa:9d:e8:86:83:a3:5a:12:0c:78:3c:18:37:
a3:92:e3:d4:23:b5:d4:ff:59:77:f2:af:03:3d:ba:
06:a9:51:c6:61:31:b2:3f:88:90:34:b3:74:b5:8d:
1a:24:a6:65:fa:7a:55:37:11:ab:b5:34:68:4f:9b:
98:c7:1b:04:06:69:a8:2e:73:0e:88:4f:eb:78:97:
2f:97:6f:b4:47:29:a3:ea:51:79:2f:f9:fc:70:da:
a3:1a:74:38:80:7e:89:b3:41:e9:6b:84:f9:7e:f4:
ae:0f:34:49:06:f7:08:4b:ae:a3:6c:4f:0a:10:2b:
4c:7f:0f:ee:ed:d7:51:19:39:ea:19:a0:3d:51:e2:
02:8e:aa:e8:13:71:b8:4f:39:7c:8c:99:0e:79:2b:
9a:af:62:7a:21:7e:10:33:a8:87:37:dd:b0:c3:77:
08:41:ac:27:03:16:2d:f5:5f:9a:17:52:84:8f:93:
71:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:AA:4C:D8:61:4C:0D:2A:74:86:A5:4E:1F:C1:77:72:B2:4C:93:A2
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/0qpM2GFMDSp0hqVOH8F3crJMk6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:ea::/48
Signature Algorithm: sha256WithRSAEncryption
25:1d:b7:a7:09:8e:5c:ac:aa:62:d2:4b:b3:53:fe:47:4e:54:
4e:c1:c3:b7:d3:10:c6:62:9a:19:41:97:f2:03:9d:f5:c5:c0:
76:6d:20:5c:f5:80:a9:9b:e5:9c:18:15:7f:51:d0:43:ec:4c:
f2:4b:96:7d:c2:d1:46:b3:0b:72:11:fb:d8:9f:90:0f:75:15:
65:76:7b:01:9e:a6:d0:38:c5:1b:cf:2c:ad:bb:e8:2b:04:77:
0b:a3:c5:b0:7d:58:e2:b6:fd:af:80:03:54:87:61:39:66:8d:
09:55:9d:8b:b4:ea:3c:90:fb:df:a8:38:5e:48:2e:0b:1d:b1:
c1:51:9a:b3:1d:19:97:49:5a:ac:e1:41:59:e7:fc:46:57:40:
03:da:0f:45:a8:31:8f:9c:d8:65:ef:2a:b7:f2:40:0d:ff:b3:
ce:51:95:da:ff:63:93:bb:d7:f6:a0:55:0e:c7:79:0a:8b:92:
ff:27:f1:8a:84:63:fd:5d:b8:61:2a:91:64:e4:68:ce:ec:83:
ad:d3:92:7a:f2:c3:83:b0:2b:d4:c0:2a:67:b6:db:ce:67:c8:
03:95:59:0b:06:4a:be:62:fa:28:28:90:33:5c:2c:75:e8:15:
d2:b3:9e:63:39:33:f9:7b:5c:02:c2:da:96:92:31:38:bd:40:
ec:0c:bb:de
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/q7ffJU/2tHRIO01N/zmGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmFhNGNkODYxNGMwZDJhNzQ4NmE1NGUxZmMxNzc3MmIyNGM5M2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOopMIBKWGiY+ay5TRDWg+fBBd+M
lDhge5t5zUfjTsLO2dP26H8KxY93jsfKIzi1JIqmDnaGt57KX9Cz4/Ncct5PMJ8u
zZhTBZCa+aqd6IaDo1oSDHg8GDejkuPUI7XU/1l38q8DPboGqVHGYTGyP4iQNLN0
tY0aJKZl+npVNxGrtTRoT5uYxxsEBmmoLnMOiE/reJcvl2+0Rymj6lF5L/n8cNqj
GnQ4gH6Js0Hpa4T5fvSuDzRJBvcIS66jbE8KECtMfw/u7ddRGTnqGaA9UeICjqro
E3G4Tzl8jJkOeSuar2J6IX4QM6iHN92ww3cIQawnAxYt9V+aF1KEj5NxXwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNKqTNhhTA0qdIalTh/Bd3KyTJOiMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMHFwTTJHRk1EU3AwaHFWT0g4RjNjckpNazZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDq
MA0GCSqGSIb3DQEBCwUAA4IBAQAlHbenCY5crKpi0kuzU/5HTlROwcO30xDGYpoZ
QZfyA531xcB2bSBc9YCpm+WcGBV/UdBD7EzyS5Z9wtFGswtyEfvYn5APdRVldnsB
nqbQOMUbzyytu+grBHcLo8WwfVjitv2vgANUh2E5Zo0JVZ2LtOo8kPvfqDheSC4L
HbHBUZqzHRmXSVqs4UFZ5/xGV0AD2g9FqDGPnNhl7yq38kAN/7POUZXa/2OTu9f2
oFUOx3kKi5L/J/GKhGP9XbhhKpFk5GjO7IOt05J68sODsCvUwCpnttvOZ8gDlVkL
Bkq+YvooKJAzXCx16BXSs55jOTP5e1wCwtqWkjE4vUDsDLve
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org