Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2jRgj5Zh4Cp45hxcf3b-ckJpwCA.roa
File: 2jRgj5Zh4Cp45hxcf3b-ckJpwCA.roa (raw, json)
Hash identifier: oJah1kZ6V2m5Kgl9dChV3rEJb8MFT19bbTc5vz+YrLA=
Subject key identifier: DA:34:60:8F:96:61:E0:2A:78:E6:1C:5C:7F:76:FE:72:42:69:C0:20
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FABBEEE01C0A7D2F3297B40EDDBE0AA
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2jRgj5Zh4Cp45hxcf3b-ckJpwCA.roa
Signing time: Tue 06 Feb 2024 18:26:18 +0000
ROA not before: Tue 06 Feb 2024 18:26:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209554
IP address blocks: 2a0f:b241:f5::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:ab:be:ee:01:c0:a7:d2:f3:29:7b:40:ed:db:e0:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:26:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da34608f9661e02a78e61c5c7f76fe724269c020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:15:a3:ea:03:33:f3:67:56:58:4c:a0:e2:fa:
bb:f5:b0:89:e5:1f:ac:dd:b3:48:d9:c8:8f:7a:ea:
44:1c:3e:6c:8d:e6:0f:30:e9:1c:c4:ee:8c:38:04:
1c:95:29:61:9c:55:72:3e:ea:d7:a6:06:5b:9b:cf:
d9:95:9e:be:e2:2c:07:a5:de:14:b6:42:76:e4:b0:
13:40:0f:da:14:16:a5:3d:9d:93:ac:cd:89:ef:56:
7d:28:c7:c9:50:aa:24:44:44:46:7a:02:9b:20:fd:
84:5f:23:d3:4e:40:12:34:53:1e:ae:eb:e0:bb:05:
4e:a3:23:d4:c9:b9:6e:08:e7:f2:a9:6c:28:9c:78:
fc:c2:7a:f6:54:b0:01:8c:ea:2c:ef:5c:1e:88:6e:
51:7e:14:55:bd:13:67:a4:f5:73:8e:4d:25:ca:ba:
e8:a7:a9:bf:84:f6:ce:17:eb:34:67:3f:3d:01:e3:
b0:68:c4:72:23:cc:da:12:19:b4:56:99:ed:ed:04:
b2:c4:56:4a:21:e6:20:8f:93:cb:09:3f:bf:7b:d5:
71:60:f5:e1:ad:fe:8a:0a:43:9a:1a:7a:89:e5:be:
62:43:f7:20:e1:bb:d8:31:3a:2b:b4:68:fd:4e:32:
a3:75:da:8c:fd:2d:de:46:e7:3d:94:1a:87:c5:3e:
c8:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:34:60:8F:96:61:E0:2A:78:E6:1C:5C:7F:76:FE:72:42:69:C0:20
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2jRgj5Zh4Cp45hxcf3b-ckJpwCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:f5::/48
Signature Algorithm: sha256WithRSAEncryption
4d:63:63:15:f6:85:8b:45:2a:0b:63:7f:e7:10:bf:4f:e9:83:
10:cf:40:e8:e5:d2:ad:18:ea:f7:06:90:b7:10:95:b6:4b:a0:
b1:3f:ba:1d:44:a7:94:f2:9f:f3:c6:1c:e7:73:56:89:88:7f:
2a:4e:e9:a1:29:09:28:18:b9:7a:ea:42:dc:3a:c8:2e:2e:71:
ff:3e:de:dc:8c:ad:81:9a:a6:fb:8c:79:e1:a8:ec:f0:a1:4b:
b4:88:1c:1a:db:40:b8:f1:bf:54:07:e5:12:c0:77:2d:fd:c1:
53:09:58:5a:f1:11:ec:68:9e:d4:c6:3f:0a:c2:0f:97:25:8d:
75:56:d8:07:78:b5:ee:ba:04:e3:de:68:3d:be:b0:70:f3:86:
4a:b8:40:95:3f:c4:45:f6:e1:57:f5:bb:50:b5:4a:e6:7e:ac:
5f:13:0a:7d:ff:f9:c7:23:16:86:6d:22:e5:af:20:62:16:4c:
19:05:2a:46:78:f3:e3:4e:a8:de:32:3a:52:a0:b8:aa:47:6d:
03:d8:3d:b6:2f:19:c4:29:a5:e5:9d:58:df:68:76:d2:74:b6:
d8:2b:71:42:7e:79:15:a4:a0:29:bc:39:6c:2e:e5:a7:2e:e8:
ce:09:66:fb:56:8e:8f:e6:29:d1:06:dd:b8:4d:e6:8e:26:e1:
86:b5:1f:5b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/q77uAcCn0vMpe0Dt2+CqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTM0NjA4Zjk2NjFlMDJhNzhlNjFjNWM3Zjc2ZmU3MjQyNjljMDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBWj6gMz82dWWEyg4vq79bCJ5R+s
3bNI2ciPeupEHD5sjeYPMOkcxO6MOAQclSlhnFVyPurXpgZbm8/ZlZ6+4iwHpd4U
tkJ25LATQA/aFBalPZ2TrM2J71Z9KMfJUKokRERGegKbIP2EXyPTTkASNFMeruvg
uwVOoyPUybluCOfyqWwonHj8wnr2VLABjOos71weiG5RfhRVvRNnpPVzjk0lyrro
p6m/hPbOF+s0Zz89AeOwaMRyI8zaEhm0Vpnt7QSyxFZKIeYgj5PLCT+/e9VxYPXh
rf6KCkOaGnqJ5b5iQ/cg4bvYMTortGj9TjKjddqM/S3eRuc9lBqHxT7IBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNo0YI+WYeAqeOYcXH92/nJCacAgMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMmpSZ2o1Wmg0Q3A0NWh4Y2YzYi1ja0pwd0NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQD1
MA0GCSqGSIb3DQEBCwUAA4IBAQBNY2MV9oWLRSoLY3/nEL9P6YMQz0Do5dKtGOr3
BpC3EJW2S6CxP7odRKeU8p/zxhznc1aJiH8qTumhKQkoGLl66kLcOsguLnH/Pt7c
jK2Bmqb7jHnhqOzwoUu0iBwa20C48b9UB+USwHct/cFTCVha8RHsaJ7Uxj8Kwg+X
JY11VtgHeLXuugTj3mg9vrBw84ZKuECVP8RF9uFX9btQtUrmfqxfEwp9//nHIxaG
bSLlryBiFkwZBSpGePPjTqjeMjpSoLiqR20D2D22LxnEKaXlnVjfaHbSdLbYK3FC
fnkVpKApvDlsLuWnLujOCWb7Vo6P5inRBt24TeaOJuGGtR9b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org