Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2Ea2hwEOQiwVfIbSWTZzs3v_aQo.roa
File: 2Ea2hwEOQiwVfIbSWTZzs3v_aQo.roa (raw, json)
Hash identifier: L7ReCbTplUClv19or+BukIr2Es9r8Z6L/y9uJcTWRGA=
Subject key identifier: D8:46:B6:87:01:0E:42:2C:15:7C:86:D2:59:36:73:B3:7B:FF:69:0A
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0A7674F5B942985EF3E6E5AC81B97
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2Ea2hwEOQiwVfIbSWTZzs3v_aQo.roa
Signing time: Wed 07 Feb 2024 05:00:48 +0000
ROA not before: Wed 07 Feb 2024 05:00:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211407
IP address blocks: 2a0f:b241:fd::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:a7:67:4f:5b:94:29:85:ef:3e:6e:5a:c8:1b:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d846b687010e422c157c86d2593673b37bff690a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1a:69:e4:4d:29:59:22:9b:a2:2f:aa:d5:09:
ba:ef:aa:b0:6e:c3:42:a2:ad:4a:45:58:34:78:0f:
92:af:54:9a:4b:55:c7:f0:8e:a5:4d:ca:34:db:d6:
13:4f:32:63:68:27:a1:c2:42:2b:7a:5f:cd:98:e3:
1b:51:93:d4:33:69:5e:98:58:15:4f:90:23:29:d0:
b8:8d:2c:d1:a3:9a:9a:c7:65:70:55:e4:b0:44:ee:
7c:4f:58:41:b9:da:fb:84:c5:fc:de:84:f0:7f:2f:
7e:f9:83:be:33:52:bf:9f:0a:1f:bb:b6:3f:bb:4a:
fb:69:f4:73:c4:b2:c2:ae:65:f3:83:4b:11:d4:46:
06:75:61:9a:dd:78:74:73:1a:e6:2b:be:f1:f6:39:
05:d7:fd:ce:5e:2c:61:30:3d:91:cb:4f:50:75:76:
29:83:70:bd:d4:b9:cd:d2:e3:c8:1b:89:fe:86:b9:
c4:e5:7c:91:53:3b:fe:8b:ee:0e:02:9c:d6:db:b2:
5e:a8:43:d7:cf:63:db:3a:f9:65:af:5c:b2:c5:0e:
cc:8a:35:9c:3c:a8:e6:51:dd:d6:83:51:6d:52:3b:
0d:b8:28:cd:b3:ef:15:b6:81:00:a5:49:5a:85:1f:
32:ef:79:4a:7b:cc:5e:6d:89:3c:34:1c:61:ca:2a:
f1:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:46:B6:87:01:0E:42:2C:15:7C:86:D2:59:36:73:B3:7B:FF:69:0A
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2Ea2hwEOQiwVfIbSWTZzs3v_aQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:fd::/48
Signature Algorithm: sha256WithRSAEncryption
65:9f:b1:e9:97:31:ac:6e:07:2d:39:99:c2:c5:2b:1f:0c:cf:
9b:37:84:af:a3:71:be:52:04:52:a6:65:2a:a3:e4:81:80:5e:
c7:fd:89:93:a5:15:7a:f8:32:49:64:15:da:e5:e7:76:bd:1e:
fb:f2:64:8d:61:7a:29:09:38:14:16:dd:4a:0e:e9:de:10:f0:
78:37:e6:94:0f:1d:3c:f5:ab:53:8c:a8:61:98:4a:8f:c0:b7:
de:08:7b:f9:b8:cf:7c:15:22:21:3c:09:15:be:68:9b:69:bb:
85:08:45:4c:1d:fe:96:6e:f6:1f:c3:ac:e6:3a:2b:f1:69:fc:
93:cc:58:ed:49:19:2d:b4:62:18:cc:64:f0:d3:9c:01:be:76:
e8:f0:a3:c8:4e:c1:7b:73:c4:0b:ac:98:55:4d:a5:35:5e:ce:
35:8f:50:bf:16:57:1c:de:e5:2e:6a:de:46:1b:00:d0:9e:f7:
95:14:50:14:38:50:a3:73:6b:2f:b3:35:f5:b4:ca:c3:47:62:
2a:4d:f4:b0:55:db:2e:f9:33:4d:d1:b9:6a:05:02:b9:73:63:
7f:0d:b6:bc:bd:92:00:7f:c0:8c:26:17:32:cc:57:69:bb:53:
1f:13:1a:d3:9b:dc:63:71:59:b2:ba:82:14:a3:ba:87:ff:98:
b9:36:53:e1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8KdnT1uUKYXvPm5ayBuXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODQ2YjY4NzAxMGU0MjJjMTU3Yzg2ZDI1OTM2NzNiMzdiZmY2OTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhpp5E0pWSKboi+q1Qm676qwbsNC
oq1KRVg0eA+Sr1SaS1XH8I6lTco029YTTzJjaCehwkIrel/NmOMbUZPUM2lemFgV
T5AjKdC4jSzRo5qax2VwVeSwRO58T1hBudr7hMX83oTwfy9++YO+M1K/nwofu7Y/
u0r7afRzxLLCrmXzg0sR1EYGdWGa3Xh0cxrmK77x9jkF1/3OXixhMD2Ry09QdXYp
g3C91LnN0uPIG4n+hrnE5XyRUzv+i+4OApzW27JeqEPXz2PbOvllr1yyxQ7MijWc
PKjmUd3Wg1FtUjsNuCjNs+8VtoEApUlahR8y73lKe8xebYk8NBxhyirxqwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNhGtocBDkIsFXyG0lk2c7N7/2kKMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMkVhMmh3RU9RaXdWZkliU1dUWnpzM3ZfYVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQD9
MA0GCSqGSIb3DQEBCwUAA4IBAQBln7HplzGsbgctOZnCxSsfDM+bN4Svo3G+UgRS
pmUqo+SBgF7H/YmTpRV6+DJJZBXa5ed2vR778mSNYXopCTgUFt1KDuneEPB4N+aU
Dx089atTjKhhmEqPwLfeCHv5uM98FSIhPAkVvmibabuFCEVMHf6WbvYfw6zmOivx
afyTzFjtSRkttGIYzGTw05wBvnbo8KPITsF7c8QLrJhVTaU1Xs41j1C/Flcc3uUu
at5GGwDQnveVFFAUOFCjc2svszX1tMrDR2IqTfSwVdsu+TNN0blqBQK5c2N/Dba8
vZIAf8CMJhcyzFdpu1MfExrTm9xjcVmyuoIUo7qH/5i5NlPh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:07 2024 by rpki-client on console-ams.rpki-client.org