Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/3h9-SWOfAVL0ZfB0BojlvH8NetM.roa
File: 3h9-SWOfAVL0ZfB0BojlvH8NetM.roa (raw, json)
Hash identifier: 3S2zQAdgQVLVUtSoXiJVxKsMfHUfPYc6zJEITxMm1GU=
Subject key identifier: DE:1F:7E:49:63:9F:01:52:F4:65:F0:74:06:88:E5:BC:7F:0D:7A:D3
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0AD0AEBF882C29453F0DB24FAA781
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/3h9-SWOfAVL0ZfB0BojlvH8NetM.roa
Signing time: Wed 07 Feb 2024 05:00:50 +0000
ROA not before: Wed 07 Feb 2024 05:00:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212532
IP address blocks: 2a0f:b241:c0::/48 maxlen: 48
2a0f:b241:102::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:ad:0a:eb:f8:82:c2:94:53:f0:db:24:fa:a7:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de1f7e49639f0152f465f0740688e5bc7f0d7ad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:12:7f:7b:91:e7:a2:8d:15:d4:da:79:e0:4f:
6a:c1:6d:4d:06:97:f5:ac:b3:36:2c:75:3e:a0:be:
12:8e:ec:1c:19:3b:6f:f8:45:a9:f0:62:d5:a5:be:
7e:66:91:67:00:da:9d:ca:52:5a:aa:ec:23:92:36:
3c:ef:fa:da:24:ca:55:ea:5d:b8:f5:06:45:e2:04:
d0:9c:82:35:0e:42:f0:17:9b:ab:bf:c6:80:aa:88:
64:23:9a:e2:3a:3c:57:c4:ac:2c:5f:95:e0:77:7d:
7c:20:8c:98:2a:6f:78:15:71:b5:bb:cd:70:6f:57:
80:3b:e2:d5:91:61:78:5d:de:b5:d1:14:ba:1a:7e:
97:4e:1b:fa:ed:54:f4:f2:73:e5:df:b0:de:0f:87:
92:46:e6:a4:db:ae:e4:ad:1d:18:74:0d:99:03:cb:
8e:e2:1f:58:46:8c:f6:ba:b7:74:bb:b4:9f:f5:95:
ae:13:e2:4d:4a:79:37:9f:32:75:bb:28:48:77:f8:
50:f7:95:ab:ce:1a:10:63:01:30:3e:08:af:b3:80:
7b:30:2d:82:66:52:e3:99:46:ae:22:97:b6:6b:f9:
ee:a8:d1:9f:73:87:5e:05:3c:4d:ae:49:96:ce:34:
31:2e:bb:38:a6:a4:0a:4c:c6:13:da:dc:bb:b8:22:
a1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:1F:7E:49:63:9F:01:52:F4:65:F0:74:06:88:E5:BC:7F:0D:7A:D3
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/3h9-SWOfAVL0ZfB0BojlvH8NetM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:c0::/48
2a0f:b241:102::/48
Signature Algorithm: sha256WithRSAEncryption
21:90:e6:d2:fa:b6:e0:99:08:be:6f:46:c4:ab:62:a1:2d:0e:
65:99:97:cf:62:0a:70:7f:80:1f:cb:8f:f4:9d:83:d0:74:e9:
11:b2:2b:c7:a3:37:f8:43:a5:39:b6:73:28:5f:19:87:f4:dc:
f3:f0:7c:22:4a:6a:b3:87:a7:1f:d7:09:e0:7d:05:39:eb:06:
12:0e:83:3e:f7:ab:8e:df:9c:fa:94:b7:3d:73:e6:26:2f:70:
04:1a:d3:60:2c:f4:5d:34:f2:96:c9:ce:f9:81:3b:71:b9:ac:
9c:15:67:5c:11:06:99:5d:c4:27:a3:73:bb:1e:29:58:f4:37:
13:83:a2:a4:70:1e:9e:1f:1a:8f:06:7e:9c:25:29:d1:e8:f7:
fc:71:10:98:bc:e9:67:aa:ca:e3:6b:19:bb:b5:a6:b6:dc:ba:
91:95:f5:de:38:b1:9b:2e:4f:6a:4e:a4:2f:5a:f7:dc:9e:05:
c5:34:11:86:0d:2b:ea:44:07:04:98:12:b0:0b:4e:b1:f5:ab:
ec:e2:ae:61:e8:31:2e:f4:ae:30:11:1b:94:f1:45:21:6e:9a:
ca:42:8d:35:36:54:dd:4d:7a:d6:ac:e6:1e:3d:b8:a1:f1:74:
2b:3f:53:eb:3b:13:44:5b:f7:13:e3:7e:90:33:56:c8:14:11:
c8:15:ae:66
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2B8K0K6/iCwpRT8Nsk+qeBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTFmN2U0OTYzOWYwMTUyZjQ2NWYwNzQwNjg4ZTViYzdmMGQ3YWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRJ/e5Hnoo0V1Np54E9qwW1NBpf1
rLM2LHU+oL4SjuwcGTtv+EWp8GLVpb5+ZpFnANqdylJaquwjkjY87/raJMpV6l24
9QZF4gTQnII1DkLwF5urv8aAqohkI5riOjxXxKwsX5Xgd318IIyYKm94FXG1u81w
b1eAO+LVkWF4Xd610RS6Gn6XThv67VT08nPl37DeD4eSRuak267krR0YdA2ZA8uO
4h9YRoz2urd0u7Sf9ZWuE+JNSnk3nzJ1uyhId/hQ95WrzhoQYwEwPgivs4B7MC2C
ZlLjmUauIpe2a/nuqNGfc4deBTxNrkmWzjQxLrs4pqQKTMYT2ty7uCKh1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN4ffkljnwFS9GXwdAaI5bx/DXrTMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvM2g5LVNXT2ZBVkwwWmZCMEJvamx2SDhOZXRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg+yQQDA
AwcAKg+yQQECMA0GCSqGSIb3DQEBCwUAA4IBAQAhkObS+rbgmQi+b0bEq2KhLQ5l
mZfPYgpwf4Afy4/0nYPQdOkRsivHozf4Q6U5tnMoXxmH9Nzz8HwiSmqzh6cf1wng
fQU56wYSDoM+96uO35z6lLc9c+YmL3AEGtNgLPRdNPKWyc75gTtxuaycFWdcEQaZ
XcQno3O7HilY9DcTg6KkcB6eHxqPBn6cJSnR6Pf8cRCYvOlnqsrjaxm7taa23LqR
lfXeOLGbLk9qTqQvWvfcngXFNBGGDSvqRAcEmBKwC06x9avs4q5h6DEu9K4wERuU
8UUhbprKQo01NlTdTXrWrOYePbih8XQrP1PrOxNEW/cT436QM1bIFBHIFa5m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org