Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-x451K5kmeYQHpWImGF6fDGLnXE.roa
File: 1-x451K5kmeYQHpWImGF6fDGLnXE.roa (raw, json)
Hash identifier: jibHXDGvfl0MMvv+rAhzoQItfjxGZo8u45N/NW374iI=
Subject key identifier: FB:1E:39:D4:AE:64:99:E6:10:1E:95:88:98:61:7A:7C:31:8B:9D:71
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB974E1E2CB2006D078693E458B99C9
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-x451K5kmeYQHpWImGF6fDGLnXE.roa
Signing time: Tue 06 Feb 2024 18:41:16 +0000
ROA not before: Tue 06 Feb 2024 18:41:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216427
IP address blocks: 2a0f:b241:160::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b9:74:e1:e2:cb:20:06:d0:78:69:3e:45:8b:99:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:41:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb1e39d4ae6499e6101e958898617a7c318b9d71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5e:67:a8:f8:87:62:cd:f6:21:0a:41:c3:03:
09:c8:f5:c9:16:31:61:c1:1b:41:cf:3f:a4:f0:e4:
5b:1e:cd:db:9a:4a:7f:a3:45:b0:7f:b6:a3:59:b2:
26:6f:fd:54:80:99:f6:94:3d:28:ab:f2:89:e3:79:
8a:ec:29:71:d1:5c:60:1c:06:97:a4:0a:db:fc:7c:
3f:f3:59:26:62:0a:ce:26:7a:45:8e:61:0c:e0:75:
85:85:35:1d:75:d5:04:1c:f9:b8:7e:86:18:00:3f:
0d:ad:81:05:20:43:26:64:4e:9a:a9:5a:55:ab:a3:
2d:3b:be:bf:0a:b4:2e:38:99:af:cb:ba:3b:6b:35:
02:dd:ee:e3:b3:ee:e9:d4:e5:b0:a3:09:b1:49:05:
13:72:4d:d6:9c:e5:b2:fa:69:fb:17:ff:d6:8f:5e:
b0:4e:60:7d:ea:38:e9:6d:02:39:46:b6:a0:0f:10:
2c:51:cc:2e:dc:87:80:fc:44:da:4b:e7:fb:d6:f2:
b2:29:c3:72:a1:de:19:69:80:ed:70:77:72:a9:47:
99:78:81:87:05:e5:2b:56:ca:45:7f:1d:30:81:c5:
62:75:30:08:68:2a:98:82:29:e5:d9:ec:67:35:2f:
87:f4:61:87:fc:eb:6b:5e:b3:ae:7b:21:58:c1:a5:
8f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:1E:39:D4:AE:64:99:E6:10:1E:95:88:98:61:7A:7C:31:8B:9D:71
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1-x451K5kmeYQHpWImGF6fDGLnXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:160::/48
Signature Algorithm: sha256WithRSAEncryption
64:a1:48:a4:ca:03:bc:87:fa:70:bc:47:5c:88:94:f8:3d:c5:
2b:f0:fe:bd:1a:ab:8d:cd:05:43:a0:0d:38:5b:d2:4e:81:fe:
09:86:bc:79:f9:84:22:a6:40:d7:3d:a8:58:8c:a9:ee:41:6b:
79:1d:a5:30:12:9a:7a:46:52:43:3a:d9:52:ad:75:07:01:86:
92:e9:7a:7e:8e:c1:1b:22:88:d5:ba:00:49:0b:df:13:90:a0:
24:f9:6a:49:1e:38:25:0e:fc:be:e5:d7:6d:c6:e4:93:a7:81:
ad:51:72:8c:b9:02:aa:53:da:c9:b4:2c:f8:51:81:f3:cd:7c:
49:34:ad:e9:4d:5c:f8:83:f5:75:b7:55:85:f2:a6:f3:07:15:
8a:70:2c:ef:96:1c:d0:fb:db:a7:d0:60:6c:45:3c:1c:8e:c3:
83:c3:9c:ae:a1:cb:21:8c:f1:7b:c7:72:d0:d4:c5:b0:62:52:
1c:2e:65:ed:fc:95:70:db:63:14:43:0f:4d:ff:2b:7c:20:99:
aa:44:e8:2a:0b:13:82:b6:6c:fd:f6:26:ce:2f:d9:f4:2f:4f:
b5:d1:bf:93:cd:78:a4:46:3b:93:7d:6e:36:18:18:9b:a9:55:
56:c0:a7:91:13:f1:52:36:1a:9c:3c:40:ab:a2:4f:08:a0:c2:
c6:02:9d:8d
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAY1/uXTh4ssgBtB4aT5Fi5nJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTg0MTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjFlMzlkNGFlNjQ5OWU2MTAxZTk1ODg5ODYxN2E3YzMxOGI5ZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl15nqPiHYs32IQpBwwMJyPXJFjFh
wRtBzz+k8ORbHs3bmkp/o0Wwf7ajWbImb/1UgJn2lD0oq/KJ43mK7Clx0VxgHAaX
pArb/Hw/81kmYgrOJnpFjmEM4HWFhTUdddUEHPm4foYYAD8NrYEFIEMmZE6aqVpV
q6MtO76/CrQuOJmvy7o7azUC3e7js+7p1OWwowmxSQUTck3WnOWy+mn7F//Wj16w
TmB96jjpbQI5RragDxAsUcwu3IeA/ETaS+f71vKyKcNyod4ZaYDtcHdyqUeZeIGH
BeUrVspFfx0wgcVidTAIaCqYginl2exnNS+H9GGH/OtrXrOueyFYwaWPCQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPseOdSuZJnmEB6ViJhhenwxi51xMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMS14NDUxSzVrbWVZUUhwV0ltR0Y2ZkRHTG5YRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDMvYjg3ZWMwLWY3NWEtNGJiZS1iMDY3LWI3MTc5ODBlNGFk
Ni8xL2JvY1FTazIweEdOeHBfaTJwRUg4TU96ZjRnOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPskEB
YDANBgkqhkiG9w0BAQsFAAOCAQEAZKFIpMoDvIf6cLxHXIiU+D3FK/D+vRqrjc0F
Q6ANOFvSToH+CYa8efmEIqZA1z2oWIyp7kFreR2lMBKaekZSQzrZUq11BwGGkul6
fo7BGyKI1boASQvfE5CgJPlqSR44JQ78vuXXbcbkk6eBrVFyjLkCqlPaybQs+FGB
8818STSt6U1c+IP1dbdVhfKm8wcVinAs75Yc0Pvbp9BgbEU8HI7Dg8OcrqHLIYzx
e8dy0NTFsGJSHC5l7fyVcNtjFEMPTf8rfCCZqkToKgsTgrZs/fYmzi/Z9C9PtdG/
k814pEY7k31uNhgYm6lVVsCnkRPxUjYanDxAq6JPCKDCxgKdjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:07 2024 by rpki-client on console-ams.rpki-client.org