Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/3ktpkZjEYVi0hVbNNKMhSS31tjI.roa
File: 3ktpkZjEYVi0hVbNNKMhSS31tjI.roa (raw, json)
Hash identifier: tCZglhpz77PiAUytW7TrXxO9NXiozqlh37NcIuOM71o=
Subject key identifier: DE:4B:69:91:98:C4:61:58:B4:85:56:CD:34:A3:21:49:2D:F5:B6:32
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F085DFB43715DD9AB54F0707FC0A0A
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/3ktpkZjEYVi0hVbNNKMhSS31tjI.roa
Signing time: Wed 07 Feb 2024 05:00:40 +0000
ROA not before: Wed 07 Feb 2024 05:00:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200840
IP address blocks: 2a0f:b241:d5::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:85:df:b4:37:15:dd:9a:b5:4f:07:07:fc:0a:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de4b699198c46158b48556cd34a321492df5b632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b7:94:89:df:4c:13:e4:20:df:40:24:17:a1:
fc:01:b7:08:99:1c:a3:1b:d7:9b:1d:4f:e1:6f:c5:
6b:61:42:2e:4c:48:83:64:7f:a3:63:78:53:64:b7:
84:13:c0:a6:b5:29:be:22:97:29:6a:04:3a:a3:0b:
9b:ac:59:bd:20:61:c5:01:9e:24:46:2f:2a:49:e6:
e0:41:27:ce:67:fa:f5:f7:90:12:26:c2:fa:02:45:
d5:c6:d0:4d:9a:53:59:77:d4:a5:18:19:9d:59:d0:
67:7e:c6:38:75:c9:1a:e3:fe:50:ef:5e:77:6d:5b:
14:35:d5:9a:bb:18:10:44:cd:d0:1e:e4:76:6a:33:
d9:3a:f5:15:17:d5:b8:25:27:b7:3f:78:43:f1:9e:
eb:5e:5e:8f:4f:f9:85:e1:78:63:be:e9:7b:7f:50:
a6:57:bd:fd:f2:b9:16:26:c8:67:dd:43:8e:fb:f1:
89:58:7e:3b:12:bb:f3:90:7c:26:5f:1b:fd:ee:48:
a2:3e:2c:a3:8e:3c:5f:c3:95:d3:e7:8f:bf:93:9c:
f1:2f:f4:ae:0d:1d:7b:e7:cd:0e:80:6d:e4:76:9e:
be:c9:36:49:fa:40:42:ab:be:4a:38:e6:44:43:d7:
0a:bd:41:03:43:2d:f6:dd:a7:d3:e5:96:28:97:ef:
ee:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:4B:69:91:98:C4:61:58:B4:85:56:CD:34:A3:21:49:2D:F5:B6:32
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/3ktpkZjEYVi0hVbNNKMhSS31tjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:d5::/48
Signature Algorithm: sha256WithRSAEncryption
78:29:cd:bb:92:9c:35:ef:29:ab:ce:c9:10:58:fd:d0:68:c5:
95:51:58:63:a1:1b:0f:84:fe:49:39:19:b2:39:1d:c7:b1:96:
97:c4:0b:ae:32:b0:c5:f5:33:28:79:e7:40:b0:19:49:8c:7d:
92:fb:30:60:c8:3c:5e:de:95:b8:87:3d:d7:c0:03:e5:30:ce:
c5:84:e2:66:1e:94:3c:7b:b3:1a:a7:01:0f:e4:57:fd:31:19:
69:17:c4:9f:ad:f7:dc:c1:27:c8:f7:bc:d4:48:48:83:fc:e3:
11:a3:19:eb:56:55:dd:97:54:4a:8f:a8:b3:8e:eb:5e:40:34:
a3:ff:34:c5:2b:0b:4c:8f:90:ab:67:cd:38:76:25:1b:82:ad:
a3:cc:ef:0e:6e:85:20:d9:87:f0:1e:ef:38:bc:e0:5e:88:21:
7a:b8:96:63:07:d6:4a:ec:b0:b4:1f:ce:fa:97:78:c6:76:80:
e1:f2:ae:19:16:a2:61:72:0d:9f:95:43:14:e1:60:6f:ca:cb:
29:12:62:dc:71:e8:02:06:3f:5a:ef:5c:f1:cc:17:88:7f:bf:
ec:19:4d:97:29:50:d1:ba:05:62:0d:2b:35:40:8a:01:43:6a:
56:47:c6:90:e4:cc:8e:5c:9c:8f:7a:ad:ee:dc:30:21:8a:7b:
cd:5f:8e:1c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8IXftDcV3Zq1TwcH/AoKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTRiNjk5MTk4YzQ2MTU4YjQ4NTU2Y2QzNGEzMjE0OTJkZjViNjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAureUid9ME+Qg30AkF6H8AbcImRyj
G9ebHU/hb8VrYUIuTEiDZH+jY3hTZLeEE8CmtSm+IpcpagQ6owubrFm9IGHFAZ4k
Ri8qSebgQSfOZ/r195ASJsL6AkXVxtBNmlNZd9SlGBmdWdBnfsY4dcka4/5Q7153
bVsUNdWauxgQRM3QHuR2ajPZOvUVF9W4JSe3P3hD8Z7rXl6PT/mF4Xhjvul7f1Cm
V7398rkWJshn3UOO+/GJWH47ErvzkHwmXxv97kiiPiyjjjxfw5XT54+/k5zxL/Su
DR17580OgG3kdp6+yTZJ+kBCq75KOOZEQ9cKvUEDQy323afT5ZYol+/uNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN5LaZGYxGFYtIVWzTSjIUkt9bYyMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvM2t0cGtaakVZVmkwaFZiTk5LTWhTUzMxdGpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDV
MA0GCSqGSIb3DQEBCwUAA4IBAQB4Kc27kpw17ymrzskQWP3QaMWVUVhjoRsPhP5J
ORmyOR3HsZaXxAuuMrDF9TMoeedAsBlJjH2S+zBgyDxe3pW4hz3XwAPlMM7FhOJm
HpQ8e7MapwEP5Ff9MRlpF8SfrffcwSfI97zUSEiD/OMRoxnrVlXdl1RKj6izjute
QDSj/zTFKwtMj5CrZ804diUbgq2jzO8OboUg2YfwHu84vOBeiCF6uJZjB9ZK7LC0
H876l3jGdoDh8q4ZFqJhcg2flUMU4WBvysspEmLccegCBj9a71zxzBeIf7/sGU2X
KVDRugViDSs1QIoBQ2pWR8aQ5MyOXJyPeq3u3DAhinvNX44c
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org