Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2rqg0E5mGnhGIT1U0_PlnAVeQLo.roa
File: 2rqg0E5mGnhGIT1U0_PlnAVeQLo.roa (raw, json)
Hash identifier: PomMZaj3eA6Nj9AvU8mGDc26kMwcjkE+O0/LJVgCdkM=
Subject key identifier: DA:BA:A0:D0:4E:66:1A:78:46:21:3D:54:D3:F3:E5:9C:05:5E:40:BA
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0B1D0D2F3CE15832C241215D7D55F
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2rqg0E5mGnhGIT1U0_PlnAVeQLo.roa
Signing time: Wed 07 Feb 2024 05:00:51 +0000
ROA not before: Wed 07 Feb 2024 05:00:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215605
IP address blocks: 2a0f:b241:4c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:b1:d0:d2:f3:ce:15:83:2c:24:12:15:d7:d5:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dabaa0d04e661a7846213d54d3f3e59c055e40ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4b:83:09:ed:52:fc:8e:d3:e4:c8:7a:99:09:
9c:88:f1:f7:73:8e:ba:a6:4a:dc:d9:ff:d8:49:73:
49:7f:ad:5e:0a:cf:63:0e:7c:7d:f7:ed:a5:05:bb:
d7:80:00:8d:16:e0:e1:61:3d:d0:5b:4c:52:71:11:
7c:93:34:0f:4c:87:3e:b9:3b:32:4c:73:47:90:50:
0e:38:12:66:68:13:79:e3:77:e9:50:6c:62:b1:b0:
76:8e:fd:13:d5:c2:d9:fe:e0:1f:51:50:55:06:4a:
b1:98:18:d5:84:7d:b6:60:76:71:4f:53:8b:13:ca:
63:7d:3f:49:c9:1f:0f:ce:08:ce:bb:62:ad:8b:6b:
7b:b2:96:e8:3b:75:3f:67:12:b7:b6:6d:db:06:a4:
51:d6:d3:7b:aa:4e:b4:32:cd:7d:7f:d2:ad:b2:b1:
82:7e:f8:16:43:ee:fb:aa:6a:c4:4d:57:58:93:38:
50:0d:81:a3:c3:bc:3f:8e:18:85:ed:b4:3a:e1:74:
58:27:0f:56:45:54:ef:4b:46:27:29:2b:81:70:c4:
e7:dc:c6:56:b2:a6:e8:6e:69:11:5b:5a:73:93:6f:
77:30:63:62:65:42:2e:c1:dc:2f:50:97:a6:40:5e:
b7:ea:d2:95:27:d3:a5:25:4b:8a:10:d5:da:19:13:
29:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:BA:A0:D0:4E:66:1A:78:46:21:3D:54:D3:F3:E5:9C:05:5E:40:BA
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/2rqg0E5mGnhGIT1U0_PlnAVeQLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:4c::/48
Signature Algorithm: sha256WithRSAEncryption
79:dc:a0:db:5e:2b:37:8d:6a:c4:0b:ae:42:ec:e6:00:ef:da:
eb:8a:53:7c:7d:cc:23:5e:ba:57:f3:bd:8d:64:34:54:03:60:
b5:fa:e4:07:4b:56:72:40:88:c1:73:90:87:91:f3:f3:d7:52:
87:27:79:5e:5b:a0:fd:ca:d9:e9:a5:e7:f1:04:13:27:52:b1:
cc:b0:9f:78:9b:75:1e:2a:47:1c:22:2a:7b:b5:10:68:4f:ed:
9e:8f:98:a4:ce:5d:39:3c:5f:1d:b4:64:77:54:20:5d:48:56:
81:fd:2d:a9:27:4e:c9:d8:a5:69:f1:cc:c4:f8:e0:8f:49:b4:
dc:73:be:b9:5f:79:b0:58:eb:69:66:3a:e1:9e:a3:b5:77:17:
ae:8c:a7:8e:5d:a8:c3:61:d0:cd:03:5d:b2:82:de:d8:6a:9b:
d0:5a:d2:c9:9e:2c:f7:ae:e4:20:bd:89:0d:01:82:7e:4e:d0:
92:5d:6f:8b:51:9d:cb:7a:30:61:04:b4:56:b0:04:d5:a3:5a:
61:54:cb:73:d6:e1:3f:85:13:dc:17:11:09:d9:cd:9b:ab:d2:
f8:68:66:1a:ba:d0:46:ea:af:b7:c4:69:63:21:f0:cf:50:97:
d3:9b:98:4f:2e:29:ac:9a:11:6f:13:5d:74:82:c0:3c:56:3f:
dc:55:a3:b7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8LHQ0vPOFYMsJBIV19VfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWJhYTBkMDRlNjYxYTc4NDYyMTNkNTRkM2YzZTU5YzA1NWU0MGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkuDCe1S/I7T5Mh6mQmciPH3c466
pkrc2f/YSXNJf61eCs9jDnx99+2lBbvXgACNFuDhYT3QW0xScRF8kzQPTIc+uTsy
THNHkFAOOBJmaBN543fpUGxisbB2jv0T1cLZ/uAfUVBVBkqxmBjVhH22YHZxT1OL
E8pjfT9JyR8PzgjOu2Kti2t7spboO3U/ZxK3tm3bBqRR1tN7qk60Ms19f9KtsrGC
fvgWQ+77qmrETVdYkzhQDYGjw7w/jhiF7bQ64XRYJw9WRVTvS0YnKSuBcMTn3MZW
sqbobmkRW1pzk293MGNiZUIuwdwvUJemQF636tKVJ9OlJUuKENXaGRMpgwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNq6oNBOZhp4RiE9VNPz5ZwFXkC6MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvMnJxZzBFNW1HbmhHSVQxVTBfUGxuQVZlUUxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBM
MA0GCSqGSIb3DQEBCwUAA4IBAQB53KDbXis3jWrEC65C7OYA79rrilN8fcwjXrpX
872NZDRUA2C1+uQHS1ZyQIjBc5CHkfPz11KHJ3leW6D9ytnppefxBBMnUrHMsJ94
m3UeKkccIip7tRBoT+2ej5ikzl05PF8dtGR3VCBdSFaB/S2pJ07J2KVp8czE+OCP
SbTcc765X3mwWOtpZjrhnqO1dxeujKeOXajDYdDNA12ygt7YapvQWtLJniz3ruQg
vYkNAYJ+TtCSXW+LUZ3LejBhBLRWsATVo1phVMtz1uE/hRPcFxEJ2c2bq9L4aGYa
utBG6q+3xGljIfDPUJfTm5hPLimsmhFvE110gsA8Vj/cVaO3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org