Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1kapKBXCz4eOXGen-PXdnhMdmyc.roa
File: 1kapKBXCz4eOXGen-PXdnhMdmyc.roa (raw, json)
Hash identifier: A9md6L4IwV9cRvzXBIlN6mNXO4LVNdqpFTzcETV8wAs=
Subject key identifier: D6:46:A9:28:15:C2:CF:87:8E:5C:67:A7:F8:F5:DD:9E:13:1D:9B:27
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FA7222CF81E8C358CAD646B870A6ADC
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1kapKBXCz4eOXGen-PXdnhMdmyc.roa
Signing time: Tue 06 Feb 2024 18:21:16 +0000
ROA not before: Tue 06 Feb 2024 18:21:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198804
IP address blocks: 2a0f:b241:7c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:a7:22:2c:f8:1e:8c:35:8c:ad:64:6b:87:0a:6a:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:21:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d646a92815c2cf878e5c67a7f8f5dd9e131d9b27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7f:67:77:14:cd:45:dd:81:83:50:1e:dd:63:
e8:37:41:76:6c:77:0d:3c:a4:9c:50:a8:a6:b0:5f:
6a:32:74:d1:fa:fb:8f:40:27:16:79:6a:e3:a2:94:
1f:80:ca:9e:8a:62:97:b4:17:4a:e6:68:f9:71:74:
f5:ea:56:b2:4d:b9:35:88:23:ec:7c:66:fe:be:d9:
12:c4:65:3d:ba:55:ec:72:65:8b:f6:34:86:28:35:
2e:99:15:0a:57:f4:f7:68:16:c7:54:07:bb:0a:7f:
a7:0e:13:61:16:fe:4e:5b:ea:90:43:dd:aa:85:b8:
8d:59:b0:73:49:bf:ba:48:90:52:c2:f8:b6:e3:67:
25:24:c7:8f:ec:bd:d2:b5:5f:e6:d4:9f:66:6b:74:
1f:02:22:3e:8d:a2:a9:81:62:2e:04:32:71:2b:84:
54:e0:e8:bb:e3:08:99:31:18:80:25:5e:0c:e2:21:
2f:c4:82:0b:ff:6c:bf:7a:32:2d:59:e5:30:3b:72:
9c:05:1e:36:4e:57:7b:89:88:84:d2:23:d2:0e:d9:
9d:cc:44:4d:94:9d:57:24:6b:f0:2c:30:0c:9d:31:
ae:64:09:02:af:c6:1d:5d:08:31:55:1a:42:32:7f:
05:ff:b2:3c:bd:af:51:78:2d:6c:80:42:cf:5f:a0:
8f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:46:A9:28:15:C2:CF:87:8E:5C:67:A7:F8:F5:DD:9E:13:1D:9B:27
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/1kapKBXCz4eOXGen-PXdnhMdmyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:7c::/48
Signature Algorithm: sha256WithRSAEncryption
47:2d:7d:67:28:c4:cd:69:d9:3c:b0:de:00:fb:7c:93:b2:a4:
ac:00:4a:c7:25:50:79:b3:83:e2:e3:f3:9b:12:ee:96:3d:cc:
52:54:9d:be:b7:85:33:a9:02:b6:06:9c:80:ee:5e:5a:49:11:
02:70:f2:13:d5:68:34:c6:5b:9f:37:39:c6:51:b9:3c:e5:70:
30:76:6f:1c:63:05:de:ef:8d:33:c4:3b:a1:d7:57:0f:bd:92:
63:59:59:71:f5:15:dd:89:29:7c:30:cc:4c:35:be:0b:b9:7a:
e4:b8:ab:bb:f0:b7:e2:e2:41:d1:7f:71:1a:ae:3e:96:a3:d6:
24:e8:cc:8f:2c:9e:16:69:d3:a2:09:7e:6a:ab:71:b3:d5:f7:
e2:a1:d0:2c:0b:9e:cf:ac:b5:61:63:48:31:a5:65:9b:ea:6d:
76:d8:e4:21:76:bd:83:2f:28:51:fe:2d:1e:8f:40:94:6a:9e:
ea:c9:d0:a3:dd:5b:d4:c2:25:13:14:2d:26:2c:2e:e4:e7:84:
19:88:40:4d:1b:64:09:2c:56:90:f3:63:31:2a:40:d5:f8:31:
00:fa:ac:22:db:d7:e6:ae:1d:8f:07:4b:4b:fc:3d:3d:49:bc:
3f:81:25:02:e4:8c:b2:47:93:7b:66:d3:b1:14:86:1f:4f:13:
1b:12:54:87
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/pyIs+B6MNYytZGuHCmrcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQ2YTkyODE1YzJjZjg3OGU1YzY3YTdmOGY1ZGQ5ZTEzMWQ5YjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhH9ndxTNRd2Bg1Ae3WPoN0F2bHcN
PKScUKimsF9qMnTR+vuPQCcWeWrjopQfgMqeimKXtBdK5mj5cXT16layTbk1iCPs
fGb+vtkSxGU9ulXscmWL9jSGKDUumRUKV/T3aBbHVAe7Cn+nDhNhFv5OW+qQQ92q
hbiNWbBzSb+6SJBSwvi242clJMeP7L3StV/m1J9ma3QfAiI+jaKpgWIuBDJxK4RU
4Oi74wiZMRiAJV4M4iEvxIIL/2y/ejItWeUwO3KcBR42Tld7iYiE0iPSDtmdzERN
lJ1XJGvwLDAMnTGuZAkCr8YdXQgxVRpCMn8F/7I8va9ReC1sgELPX6CPIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNZGqSgVws+Hjlxnp/j13Z4THZsnMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMWthcEtCWEN6NGVPWEdlbi1QWGRuaE1kbXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQB8
MA0GCSqGSIb3DQEBCwUAA4IBAQBHLX1nKMTNadk8sN4A+3yTsqSsAErHJVB5s4Pi
4/ObEu6WPcxSVJ2+t4UzqQK2BpyA7l5aSRECcPIT1Wg0xlufNznGUbk85XAwdm8c
YwXe740zxDuh11cPvZJjWVlx9RXdiSl8MMxMNb4LuXrkuKu78Lfi4kHRf3Earj6W
o9Yk6MyPLJ4WadOiCX5qq3Gz1ffiodAsC57PrLVhY0gxpWWb6m122OQhdr2DLyhR
/i0ej0CUap7qydCj3VvUwiUTFC0mLC7k54QZiEBNG2QJLFaQ82MxKkDV+DEA+qwi
29fmrh2PB0tL/D09Sbw/gSUC5IyyR5N7ZtOxFIYfTxMbElSH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org