Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2Gd2FdgABqf0VipSnyFIy5gyxew.roa
File: 2Gd2FdgABqf0VipSnyFIy5gyxew.roa (raw, json)
Hash identifier: EGkanHhAt6/Ere95Y6iks+iK3TCnmw4HdtvJGYW9SE4=
Subject key identifier: D8:67:76:15:D8:00:06:A7:F4:56:2A:52:9F:21:48:CB:98:32:C5:EC
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F07BC9D5F8D7C8A08F9701C9EDC137
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2Gd2FdgABqf0VipSnyFIy5gyxew.roa
Signing time: Wed 07 Feb 2024 05:00:37 +0000
ROA not before: Wed 07 Feb 2024 05:00:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199741
IP address blocks: 2a0f:b241:8c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:7b:c9:d5:f8:d7:c8:a0:8f:97:01:c9:ed:c1:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8677615d80006a7f4562a529f2148cb9832c5ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:70:f4:82:e4:84:9b:2f:80:35:70:0f:9f:d9:
27:a4:97:ba:95:4a:3e:72:7f:cc:40:66:fa:00:e9:
0c:d9:01:4d:ac:c8:e7:ed:64:5c:2d:f5:e1:9a:ba:
5b:8e:42:a1:8d:e3:b7:0a:88:f2:60:3b:a3:e7:8b:
00:d3:e5:2b:64:bc:e2:ab:db:3c:c8:c8:73:72:af:
55:df:27:29:cf:7a:ae:67:34:63:0b:5a:74:da:b4:
09:f9:d1:ba:37:90:00:30:b5:9f:5e:1b:5b:34:6d:
13:e8:bf:b6:13:56:5e:0d:d9:ed:92:ba:4c:37:92:
36:bf:75:d4:0c:de:15:05:35:3b:cb:ba:dc:40:2e:
3e:53:cc:40:8a:ff:71:64:4d:14:3d:8a:88:ea:1d:
ae:68:df:39:a3:6e:70:96:99:79:93:ab:1e:04:92:
71:bd:76:8a:c0:c4:a2:f8:39:59:12:b7:4b:ec:e3:
8b:50:cf:7f:fe:15:1b:07:96:a3:a7:22:b7:49:24:
91:16:31:c4:3a:7c:d1:1e:9e:86:2e:39:b6:a8:af:
ee:4d:3e:67:3c:4d:de:41:7a:25:c0:43:cf:f2:9b:
00:95:b1:f9:75:c1:42:74:c6:e8:98:bf:af:62:e9:
5e:80:24:a7:a5:41:bd:69:83:26:a3:90:32:e2:12:
02:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:67:76:15:D8:00:06:A7:F4:56:2A:52:9F:21:48:CB:98:32:C5:EC
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2Gd2FdgABqf0VipSnyFIy5gyxew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:8c::/48
Signature Algorithm: sha256WithRSAEncryption
71:f4:35:1e:c3:19:6a:94:86:5e:60:3a:ae:f4:f9:db:5e:72:
26:1b:c4:aa:bb:44:5d:65:c2:3e:c0:c3:64:7a:2e:55:fe:03:
39:82:ef:0a:ae:03:bd:4a:b7:04:64:20:b7:16:64:9d:f6:93:
3c:aa:dd:3b:17:1f:ce:5d:6d:d9:0d:d7:71:85:4a:ba:ba:9f:
fd:7b:2c:9b:21:04:d8:d0:d7:ee:67:56:87:2d:e1:60:c4:61:
98:c5:72:83:ed:24:6a:1c:f5:9a:1b:e5:b4:1f:24:78:da:0e:
9a:45:af:6b:ba:f5:c0:0f:75:8c:49:99:c5:8c:85:08:51:a9:
58:31:84:be:2e:86:ee:10:97:1d:f2:4c:ed:42:c8:4d:bc:44:
94:9b:0f:ff:92:e7:65:7b:ab:32:b9:10:9d:cb:cd:2c:81:fa:
28:3b:e1:77:1c:0f:76:b7:1f:17:1a:91:17:f3:7e:8d:ee:b1:
ea:80:49:97:36:8b:b6:2e:ef:b8:0c:c5:cb:2f:11:a8:b8:ef:
33:42:43:ec:e4:73:69:d8:49:8c:fa:c4:03:f0:8f:d3:cb:3f:
d3:22:ba:eb:17:a8:3b:1e:f8:f1:7c:d2:87:a0:66:1b:ad:13:
b3:e1:7f:9b:23:bf:5a:66:7a:53:52:f2:50:e1:da:cd:2f:76:
3d:51:60:4f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8HvJ1fjXyKCPlwHJ7cE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODY3NzYxNWQ4MDAwNmE3ZjQ1NjJhNTI5ZjIxNDhjYjk4MzJjNWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3D0guSEmy+ANXAPn9knpJe6lUo+
cn/MQGb6AOkM2QFNrMjn7WRcLfXhmrpbjkKhjeO3CojyYDuj54sA0+UrZLziq9s8
yMhzcq9V3ycpz3quZzRjC1p02rQJ+dG6N5AAMLWfXhtbNG0T6L+2E1ZeDdntkrpM
N5I2v3XUDN4VBTU7y7rcQC4+U8xAiv9xZE0UPYqI6h2uaN85o25wlpl5k6seBJJx
vXaKwMSi+DlZErdL7OOLUM9//hUbB5ajpyK3SSSRFjHEOnzRHp6GLjm2qK/uTT5n
PE3eQXolwEPP8psAlbH5dcFCdMbomL+vYulegCSnpUG9aYMmo5Ay4hICtQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNhndhXYAAan9FYqUp8hSMuYMsXsMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMkdkMkZkZ0FCcWYwVmlwU255Rkl5NWd5eGV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCM
MA0GCSqGSIb3DQEBCwUAA4IBAQBx9DUewxlqlIZeYDqu9PnbXnImG8Squ0RdZcI+
wMNkei5V/gM5gu8KrgO9SrcEZCC3FmSd9pM8qt07Fx/OXW3ZDddxhUq6up/9eyyb
IQTY0NfuZ1aHLeFgxGGYxXKD7SRqHPWaG+W0HyR42g6aRa9ruvXAD3WMSZnFjIUI
UalYMYS+LobuEJcd8kztQshNvESUmw//kudle6syuRCdy80sgfooO+F3HA92tx8X
GpEX836N7rHqgEmXNou2Lu+4DMXLLxGouO8zQkPs5HNp2EmM+sQD8I/Tyz/TIrrr
F6g7HvjxfNKHoGYbrROz4X+bI79aZnpTUvJQ4drNL3Y9UWBP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org