Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/7yvlpRpwUdHnDs0j6-l6B84R_QA.roa
File: 7yvlpRpwUdHnDs0j6-l6B84R_QA.roa (raw, json)
Hash identifier: 69xg49zA2gEih+1Xita6I2n5YYBCVAZOpve6XoyHOzQ=
Subject key identifier: EF:2B:E5:A5:1A:70:51:D1:E7:0E:CD:23:EB:E9:7A:07:CE:11:FD:00
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F95C69E3B091CA08883A8D0427C38A0
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/7yvlpRpwUdHnDs0j6-l6B84R_QA.roa
Signing time: Tue 06 Feb 2024 18:02:18 +0000
ROA not before: Tue 06 Feb 2024 18:02:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215647
IP address blocks: 2a0f:b241:4e::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:95:c6:9e:3b:09:1c:a0:88:83:a8:d0:42:7c:38:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:02:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef2be5a51a7051d1e70ecd23ebe97a07ce11fd00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7e:ad:dd:79:d1:fb:2b:db:0d:85:a9:e0:4c:
17:ab:e7:72:1d:04:f1:78:9e:eb:54:1d:92:ca:9f:
f5:3a:40:2e:4a:49:6c:4d:1e:f8:f5:d6:e8:21:39:
64:0c:c3:88:67:ca:bc:6f:09:ae:99:2f:8b:60:49:
20:17:c2:1f:f9:a8:ac:b0:b5:13:08:62:23:1b:c6:
50:6e:36:c7:a6:09:c0:b3:9a:d1:d2:85:b7:39:2c:
15:6a:e8:44:e5:40:a7:56:b5:67:5f:75:53:85:81:
23:ae:0f:78:d2:bd:1f:95:1b:e3:5e:67:e4:22:7e:
8c:0f:41:a0:9f:d7:0c:59:a6:38:dc:93:64:f1:ee:
e4:cd:c8:71:9b:0d:ee:4d:4c:a7:3f:09:42:36:12:
d8:67:51:d7:58:ba:99:09:30:d6:69:09:99:03:27:
33:ca:50:fc:e5:97:13:a9:7c:e3:53:c3:72:92:2c:
a9:fd:11:b4:26:5d:30:85:46:65:77:58:13:a4:44:
03:c6:19:59:7d:57:b3:e9:14:be:49:ef:54:a6:24:
5d:01:42:e9:85:c3:28:f6:21:5f:0c:2e:07:67:bc:
c1:ff:25:91:1f:00:55:a4:70:d5:bd:c4:b2:c5:a1:
5d:17:57:d1:98:15:c2:d5:c2:14:64:fc:bd:b4:2f:
44:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:2B:E5:A5:1A:70:51:D1:E7:0E:CD:23:EB:E9:7A:07:CE:11:FD:00
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/7yvlpRpwUdHnDs0j6-l6B84R_QA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:4e::/48
Signature Algorithm: sha256WithRSAEncryption
3a:79:af:ef:bb:0a:df:aa:67:c0:7b:6c:c7:a7:7d:ce:92:90:
00:97:8d:67:8d:81:e5:cc:ff:76:70:5c:b7:8c:f9:b4:9c:95:
d9:83:e1:5e:a9:f7:9f:9c:c2:43:61:96:2f:bb:24:8e:ee:2e:
84:cf:0a:82:a0:c6:9c:c3:da:e3:cc:27:48:49:72:a3:6e:48:
d3:29:29:2e:e4:84:69:ed:42:4b:e6:61:94:75:9e:c0:f2:38:
f0:c5:3b:d9:22:96:52:e1:ea:9f:01:cd:9f:e1:6b:21:19:00:
a8:be:fc:bc:6c:86:69:99:96:a4:6a:1c:99:97:b3:2f:a7:b3:
70:e7:46:9e:12:f1:2b:06:c4:99:26:bc:c0:fa:32:1c:dd:07:
00:4c:ae:a7:f5:f0:e9:12:9b:d0:08:1e:af:1f:f1:b9:4d:bf:
a6:02:16:74:68:92:da:86:81:a6:2e:b9:25:ee:5d:be:82:e0:
05:11:a0:5b:33:99:bc:30:07:10:4e:88:22:48:5f:ba:2c:20:
52:71:af:8a:7f:cd:45:40:ca:99:1c:4c:3a:86:12:32:15:9b:
57:90:8c:80:d7:1b:e2:82:db:b5:d0:ad:62:b2:8d:6a:e5:d9:
09:95:9c:8a:9f:bc:7e:b0:34:4d:08:0d:5d:b6:38:73:aa:59:
d3:21:98:ea
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lcaeOwkcoIiDqNBCfDigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjJiZTVhNTFhNzA1MWQxZTcwZWNkMjNlYmU5N2EwN2NlMTFmZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArn6t3XnR+yvbDYWp4EwXq+dyHQTx
eJ7rVB2Syp/1OkAuSklsTR749dboITlkDMOIZ8q8bwmumS+LYEkgF8If+aissLUT
CGIjG8ZQbjbHpgnAs5rR0oW3OSwVauhE5UCnVrVnX3VThYEjrg940r0flRvjXmfk
In6MD0Ggn9cMWaY43JNk8e7kzchxmw3uTUynPwlCNhLYZ1HXWLqZCTDWaQmZAycz
ylD85ZcTqXzjU8Nykiyp/RG0Jl0whUZld1gTpEQDxhlZfVez6RS+Se9UpiRdAULp
hcMo9iFfDC4HZ7zB/yWRHwBVpHDVvcSyxaFdF1fRmBXC1cIUZPy9tC9EoQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFO8r5aUacFHR5w7NI+vpegfOEf0AMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvN3l2bHBScHdVZEhuRHMwajYtbDZCODRSX1FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQBO
MA0GCSqGSIb3DQEBCwUAA4IBAQA6ea/vuwrfqmfAe2zHp33OkpAAl41njYHlzP92
cFy3jPm0nJXZg+FeqfefnMJDYZYvuySO7i6EzwqCoMacw9rjzCdISXKjbkjTKSku
5IRp7UJL5mGUdZ7A8jjwxTvZIpZS4eqfAc2f4WshGQCovvy8bIZpmZakahyZl7Mv
p7Nw50aeEvErBsSZJrzA+jIc3QcATK6n9fDpEpvQCB6vH/G5Tb+mAhZ0aJLahoGm
Lrkl7l2+guAFEaBbM5m8MAcQTogiSF+6LCBSca+Kf81FQMqZHEw6hhIyFZtXkIyA
1xvigtu10K1iso1q5dkJlZyKn7x+sDRNCA1dtjhzqlnTIZjq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:07 2024 by rpki-client on console-ams.rpki-client.org