Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1dSKu86hZRYAdYQCpseJYlC8Qls.roa
File: 1dSKu86hZRYAdYQCpseJYlC8Qls.roa (raw, json)
Hash identifier: Vaf9V4QjxGZwRWVlxOP7De7G2br4hvhSmXqEA6t7eI0=
Subject key identifier: D5:D4:8A:BB:CE:A1:65:16:00:75:84:02:A6:C7:89:62:50:BC:42:5B
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB889B72A36D2E94D7DD08DD39AAE54
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1dSKu86hZRYAdYQCpseJYlC8Qls.roa
Signing time: Tue 06 Feb 2024 18:40:16 +0000
ROA not before: Tue 06 Feb 2024 18:40:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213253
IP address blocks: 2a0f:b241:14b::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b8:89:b7:2a:36:d2:e9:4d:7d:d0:8d:d3:9a:ae:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:40:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5d48abbcea1651600758402a6c7896250bc425b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a2:3a:99:ac:a1:a8:5a:03:f8:2a:32:86:d9:
c1:07:27:af:12:ed:73:ee:7d:1a:1a:ef:f2:8d:ee:
b6:16:e4:3c:29:d9:a2:eb:52:f4:b6:bf:28:3c:21:
ed:3a:45:03:a8:d4:93:2a:aa:0d:e4:2e:89:ac:4e:
49:b5:7d:cc:41:c9:68:be:45:e7:48:d0:8d:21:b6:
fd:11:e4:9f:71:99:3f:8d:db:c7:50:ef:78:8d:58:
f0:97:89:58:a9:5d:87:ff:91:70:77:79:64:12:a8:
b1:05:c7:6b:13:4d:71:a4:13:b1:12:78:23:dc:84:
3e:31:31:5b:74:ca:8a:30:35:b9:ea:7b:6e:5d:9c:
e4:27:cc:61:68:ee:d7:2a:6a:f3:5d:15:4f:37:1c:
ca:57:13:fa:ea:95:77:70:36:58:30:38:c9:24:57:
41:3d:8c:cf:f0:de:33:6b:fb:64:4f:35:3e:4a:da:
c6:73:45:ec:bf:50:88:ef:94:bb:5e:8c:01:4b:62:
ed:29:08:98:5d:20:f4:ea:21:7a:65:20:19:20:58:
80:0d:ff:33:51:79:dd:96:d3:37:74:eb:3e:a3:60:
13:a7:ed:15:f8:fd:95:db:0a:cb:7e:9a:1c:fd:9e:
fa:d1:48:fc:0d:a9:b2:de:92:52:42:bd:5d:f4:a1:
32:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:D4:8A:BB:CE:A1:65:16:00:75:84:02:A6:C7:89:62:50:BC:42:5B
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1dSKu86hZRYAdYQCpseJYlC8Qls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:14b::/48
Signature Algorithm: sha256WithRSAEncryption
30:1b:04:c1:61:f4:7e:1f:bd:b5:2a:36:e9:9e:cf:28:d7:84:
d0:93:74:50:34:34:4e:fc:ec:74:03:95:da:86:c0:51:cb:05:
50:4a:57:ab:80:90:65:37:99:5a:9b:b2:cb:d3:0d:91:1f:c8:
08:d7:56:d0:10:31:4d:78:a4:b1:ae:48:7e:63:19:05:a8:ba:
53:e7:14:96:94:27:74:ae:c9:7a:eb:92:89:a0:d6:90:e8:8c:
f4:69:62:94:33:16:70:20:a8:09:9a:1c:01:ff:51:9d:e5:84:
ea:ae:66:cc:bf:5e:9e:c0:a3:e3:d7:ae:23:28:2f:2f:f0:1d:
a0:15:0b:3f:cc:14:f8:b5:de:a2:82:71:ad:94:9b:e5:fc:93:
0a:1b:55:63:f6:ec:92:99:c7:b0:e3:a9:2e:8a:a7:c3:f4:09:
62:ee:72:08:71:64:2f:8b:5b:c4:32:50:27:24:2f:75:97:4e:
10:a3:ed:7b:99:34:70:25:7f:d8:26:16:1f:a0:42:2e:e4:8c:
30:39:74:23:aa:d1:e0:bb:aa:2f:8c:fc:e8:46:6a:0f:ef:7d:
5c:30:20:f3:e0:02:45:36:54:1d:38:3c:a1:34:8a:96:c8:6f:
7a:79:e4:7e:2f:68:7f:ad:0d:a5:90:dc:36:bf:70:72:54:8a:
0c:45:cf:90
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/uIm3KjbS6U190I3Tmq5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTg0MDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWQ0OGFiYmNlYTE2NTE2MDA3NTg0MDJhNmM3ODk2MjUwYmM0MjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKI6mayhqFoD+CoyhtnBByevEu1z
7n0aGu/yje62FuQ8Kdmi61L0tr8oPCHtOkUDqNSTKqoN5C6JrE5JtX3MQclovkXn
SNCNIbb9EeSfcZk/jdvHUO94jVjwl4lYqV2H/5Fwd3lkEqixBcdrE01xpBOxEngj
3IQ+MTFbdMqKMDW56ntuXZzkJ8xhaO7XKmrzXRVPNxzKVxP66pV3cDZYMDjJJFdB
PYzP8N4za/tkTzU+StrGc0Xsv1CI75S7XowBS2LtKQiYXSD06iF6ZSAZIFiADf8z
UXndltM3dOs+o2ATp+0V+P2V2wrLfpoc/Z760Uj8Damy3pJSQr1d9KEyXQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNXUirvOoWUWAHWEAqbHiWJQvEJbMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMWRTS3U4NmhaUllBZFlRQ3BzZUpZbEM4UWxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFL
MA0GCSqGSIb3DQEBCwUAA4IBAQAwGwTBYfR+H721Kjbpns8o14TQk3RQNDRO/Ox0
A5XahsBRywVQSlergJBlN5lam7LL0w2RH8gI11bQEDFNeKSxrkh+YxkFqLpT5xSW
lCd0rsl665KJoNaQ6Iz0aWKUMxZwIKgJmhwB/1Gd5YTqrmbMv16ewKPj164jKC8v
8B2gFQs/zBT4td6ignGtlJvl/JMKG1Vj9uySmcew46kuiqfD9Ali7nIIcWQvi1vE
MlAnJC91l04Qo+17mTRwJX/YJhYfoEIu5IwwOXQjqtHgu6ovjPzoRmoP731cMCDz
4AJFNlQdODyhNIqWyG96eeR+L2h/rQ2lkNw2v3ByVIoMRc+Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:07 2024 by rpki-client on console-ams.rpki-client.org