Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/3tpzagjg9hYeoly-T4lXdArS6IY.roa
File: 3tpzagjg9hYeoly-T4lXdArS6IY.roa (raw, json)
Hash identifier: LUJ70nJYSmKMBytDvhMh4VKKppZYrGguHmyS3IlRtBM=
Subject key identifier: DE:DA:73:6A:08:E0:F6:16:1E:A2:5C:BE:4F:89:57:74:0A:D2:E8:86
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F064604D52F1847CCF06F664C61927
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/3tpzagjg9hYeoly-T4lXdArS6IY.roa
Signing time: Wed 07 Feb 2024 05:00:31 +0000
ROA not before: Wed 07 Feb 2024 05:00:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52025
IP address blocks: 2a0f:b241:f::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:64:60:4d:52:f1:84:7c:cf:06:f6:64:c6:19:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=deda736a08e0f6161ea25cbe4f8957740ad2e886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:05:b1:c7:c3:9d:44:e2:66:66:be:42:90:8a:
38:e6:75:de:9e:05:e1:12:7b:71:77:28:a3:90:00:
61:7e:21:12:c7:b0:05:fd:6a:8c:04:2b:5c:36:97:
08:f1:86:c6:ee:e1:3d:80:ed:9c:a4:cb:a2:8d:3c:
d6:35:16:01:5c:08:4e:d8:93:ed:e7:56:97:e4:12:
a7:33:79:68:4c:dd:4a:b0:15:e5:7e:1b:09:be:91:
40:41:8c:75:ff:c0:92:43:27:65:48:7c:d6:1b:64:
bd:93:12:e8:75:98:8a:a0:8e:c2:e8:97:88:15:3e:
8d:c6:b6:30:b1:5d:99:72:cb:86:38:b9:e5:e0:12:
6e:2b:2c:be:e6:65:7f:f4:5c:29:62:b5:2b:7e:f1:
3c:a7:b1:e6:b5:17:6c:9f:dd:c4:62:c0:f5:33:31:
5e:a5:ad:a8:e0:21:c1:8b:bb:8f:f5:e7:2d:d0:78:
d8:e2:3e:98:99:2b:26:bf:83:3c:28:b9:ba:a3:96:
8a:bf:d9:98:2b:5b:67:0a:33:52:08:21:b0:86:6f:
9c:bf:1e:fb:f1:d2:cc:f0:49:67:32:39:0a:0a:16:
5c:a0:eb:70:ea:ae:7f:4f:55:96:dd:51:77:28:f3:
37:04:0b:8c:90:b7:68:e4:83:f7:a5:2b:ed:83:71:
fd:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:DA:73:6A:08:E0:F6:16:1E:A2:5C:BE:4F:89:57:74:0A:D2:E8:86
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/3tpzagjg9hYeoly-T4lXdArS6IY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:f::/48
Signature Algorithm: sha256WithRSAEncryption
4e:d5:74:5a:2f:33:14:72:0b:25:cf:78:b2:13:cd:ab:62:26:
db:9f:e4:5e:28:22:b1:f4:d5:88:68:e1:a4:3b:dd:67:b2:df:
a5:96:16:f0:ea:c8:03:0c:79:34:f7:c7:28:7d:ed:52:ee:cb:
7e:a4:22:3d:78:0b:d8:26:62:17:3a:6c:bd:60:c9:f7:8b:5c:
9b:f3:c5:88:15:b2:f8:a8:cd:27:cf:b8:28:23:e4:24:8b:e0:
36:ae:ae:bd:41:67:5a:a7:ee:72:ad:53:07:f4:56:b1:2b:bc:
01:d5:e3:c8:d6:d3:f5:a7:a5:5c:d4:e8:43:f4:ae:23:dd:25:
95:91:e2:56:14:fa:52:81:7f:eb:f0:9f:60:9c:db:61:38:9e:
0b:46:68:42:a0:cc:f8:c5:a9:96:c0:cc:fb:cb:39:fc:72:6a:
36:8c:2c:2d:9a:58:f7:51:8b:44:c7:97:fd:7e:a7:0d:56:0d:
02:5b:7c:63:5f:3c:1b:9b:8b:fe:64:d2:3c:46:3a:77:a1:9f:
30:6b:6d:4e:85:a9:b4:82:58:14:68:4f:6c:a7:61:02:8a:f5:
9e:01:bb:1a:c7:c3:04:d8:fe:f3:b5:5f:93:3c:9d:b8:4b:52:
03:2f:5f:d8:d9:f7:56:07:34:0c:9f:04:71:92:36:b2:97:ef:
9a:52:df:98
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8GRgTVLxhHzPBvZkxhknMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWRhNzM2YTA4ZTBmNjE2MWVhMjVjYmU0Zjg5NTc3NDBhZDJlODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgWxx8OdROJmZr5CkIo45nXengXh
EntxdyijkABhfiESx7AF/WqMBCtcNpcI8YbG7uE9gO2cpMuijTzWNRYBXAhO2JPt
51aX5BKnM3loTN1KsBXlfhsJvpFAQYx1/8CSQydlSHzWG2S9kxLodZiKoI7C6JeI
FT6NxrYwsV2ZcsuGOLnl4BJuKyy+5mV/9FwpYrUrfvE8p7HmtRdsn93EYsD1MzFe
pa2o4CHBi7uP9ect0HjY4j6YmSsmv4M8KLm6o5aKv9mYK1tnCjNSCCGwhm+cvx77
8dLM8ElnMjkKChZcoOtw6q5/T1WW3VF3KPM3BAuMkLdo5IP3pSvtg3H9RwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN7ac2oI4PYWHqJcvk+JV3QK0uiGMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvM3RwemFnamc5aFllb2x5LVQ0bFhkQXJTNklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAP
MA0GCSqGSIb3DQEBCwUAA4IBAQBO1XRaLzMUcgslz3iyE82rYibbn+ReKCKx9NWI
aOGkO91nst+llhbw6sgDDHk098cofe1S7st+pCI9eAvYJmIXOmy9YMn3i1yb88WI
FbL4qM0nz7goI+Qki+A2rq69QWdap+5yrVMH9FaxK7wB1ePI1tP1p6Vc1OhD9K4j
3SWVkeJWFPpSgX/r8J9gnNthOJ4LRmhCoMz4xamWwMz7yzn8cmo2jCwtmlj3UYtE
x5f9fqcNVg0CW3xjXzwbm4v+ZNI8Rjp3oZ8wa21Oham0glgUaE9sp2ECivWeAbsa
x8ME2P7ztV+TPJ24S1IDL1/Y2fdWBzQMnwRxkjayl++aUt+Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:07 2024 by rpki-client on console-ams.rpki-client.org