Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/8ZiXbVe_vMl1PuGXK_CwNQvlTZY.roa
File: 8ZiXbVe_vMl1PuGXK_CwNQvlTZY.roa (raw, json)
Hash identifier: BZrS2d6i/nsFCpzFW5pr178IKX4zScQk1Yt19azD5z0=
Subject key identifier: F1:98:97:6D:57:BF:BC:C9:75:3E:E1:97:2B:F0:B0:35:0B:E5:4D:96
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F09BB5730BFC6AC90ECBC307E831F0
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/8ZiXbVe_vMl1PuGXK_CwNQvlTZY.roa
Signing time: Wed 07 Feb 2024 05:00:45 +0000
ROA not before: Wed 07 Feb 2024 05:00:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209091
IP address blocks: 2a0f:b241:13e::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:9b:b5:73:0b:fc:6a:c9:0e:cb:c3:07:e8:31:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f198976d57bfbcc9753ee1972bf0b0350be54d96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:94:3f:54:da:1f:e3:53:04:94:ff:c4:d4:26:
82:9b:fa:03:50:5e:5f:cb:00:1f:06:ba:4b:f2:c9:
eb:ef:94:69:c8:76:a6:d3:7e:5b:ae:82:9e:28:74:
1e:7e:8e:e2:d1:53:e0:da:11:27:74:62:3d:0f:c1:
3e:50:10:41:ea:3a:c9:a4:a6:44:0a:51:22:9a:95:
b8:6b:95:61:3f:b7:d5:cc:ce:d0:05:ca:b5:42:88:
c9:43:32:c5:62:4f:ea:6b:ab:4d:b3:66:23:16:a3:
cb:99:96:d1:32:e5:0a:78:cb:4f:8f:c8:14:5e:88:
18:6d:18:da:ce:fc:b4:24:01:a8:53:9d:ef:e4:c9:
ef:9e:a9:ce:89:e4:c3:31:70:fc:19:ec:67:dd:5f:
d5:0d:28:63:33:c0:8d:52:39:98:fa:dd:ac:25:71:
0c:54:1f:58:20:e3:2a:fe:35:27:50:83:31:29:5a:
12:d1:5a:8a:2e:49:00:56:ab:ca:f0:1b:3a:65:8d:
4e:a9:4a:ea:92:17:da:59:29:30:3a:5e:3f:96:27:
2e:94:77:f4:07:d5:fa:a0:03:fe:1c:ab:e9:a5:c3:
33:9e:ca:08:37:5c:b0:55:5b:e3:7a:5b:99:49:48:
8f:fb:ad:a3:bd:01:a8:b0:76:ad:79:a9:c5:bc:53:
d9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:98:97:6D:57:BF:BC:C9:75:3E:E1:97:2B:F0:B0:35:0B:E5:4D:96
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/8ZiXbVe_vMl1PuGXK_CwNQvlTZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:13e::/48
Signature Algorithm: sha256WithRSAEncryption
22:05:8f:c6:ff:f4:a2:c8:5a:ca:57:02:63:ef:4e:b2:e4:06:
91:90:90:5b:c9:c8:90:48:f6:2a:0e:bf:b2:35:fd:ec:0b:4b:
15:db:eb:dd:1c:e3:2c:12:97:52:8a:53:bd:8e:2e:30:1e:b2:
e7:7d:50:2a:7e:a3:0f:a8:1b:c6:4e:69:4a:2e:ff:6e:33:be:
14:3b:bc:90:01:1b:ba:5c:97:6a:20:b5:fa:34:5f:ae:f3:15:
e4:6d:15:5f:1f:55:65:28:b0:65:b4:c9:1d:44:62:d6:ec:fc:
ba:b2:4f:ed:0d:2f:f6:ed:be:fd:63:a5:19:37:0c:f7:7f:91:
a3:36:6c:5d:3c:d6:2e:2b:85:5e:8b:b8:6b:6f:f1:2d:9c:89:
6c:e8:bc:f6:7f:b5:60:40:d4:67:31:8a:29:19:e8:ed:18:50:
86:0b:75:8d:fe:46:ac:9b:b3:a8:ee:43:d2:57:bf:86:a2:87:
81:72:7a:7c:6d:66:6e:34:2b:39:18:e4:08:01:c3:45:de:f7:
8e:1f:73:f0:92:a6:c6:41:c9:fe:82:a5:d3:f2:be:35:46:d7:
e6:85:28:c0:45:d5:6d:cc:65:e7:7d:35:22:90:cd:e9:27:2f:
f7:43:f4:d3:f8:e2:4f:ea:70:b1:a4:ce:8a:9a:c3:29:b5:2a:
e2:9f:c1:c1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8Ju1cwv8askOy8MH6DHwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTk4OTc2ZDU3YmZiY2M5NzUzZWUxOTcyYmYwYjAzNTBiZTU0ZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JQ/VNof41MElP/E1CaCm/oDUF5f
ywAfBrpL8snr75RpyHam035broKeKHQefo7i0VPg2hEndGI9D8E+UBBB6jrJpKZE
ClEimpW4a5VhP7fVzM7QBcq1QojJQzLFYk/qa6tNs2YjFqPLmZbRMuUKeMtPj8gU
XogYbRjazvy0JAGoU53v5MnvnqnOieTDMXD8Gexn3V/VDShjM8CNUjmY+t2sJXEM
VB9YIOMq/jUnUIMxKVoS0VqKLkkAVqvK8Bs6ZY1OqUrqkhfaWSkwOl4/liculHf0
B9X6oAP+HKvppcMznsoIN1ywVVvjeluZSUiP+62jvQGosHateanFvFPZxwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPGYl21Xv7zJdT7hlyvwsDUL5U2WMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvOFppWGJWZV92TWwxUHVHWEtfQ3dOUXZsVFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQE+
MA0GCSqGSIb3DQEBCwUAA4IBAQAiBY/G//SiyFrKVwJj706y5AaRkJBbyciQSPYq
Dr+yNf3sC0sV2+vdHOMsEpdSilO9ji4wHrLnfVAqfqMPqBvGTmlKLv9uM74UO7yQ
ARu6XJdqILX6NF+u8xXkbRVfH1VlKLBltMkdRGLW7Py6sk/tDS/27b79Y6UZNwz3
f5GjNmxdPNYuK4Vei7hrb/EtnIls6Lz2f7VgQNRnMYopGejtGFCGC3WN/kasm7Oo
7kPSV7+GooeBcnp8bWZuNCs5GOQIAcNF3veOH3PwkqbGQcn+gqXT8r41RtfmhSjA
RdVtzGXnfTUikM3pJy/3Q/TT+OJP6nCxpM6KmsMptSrin8HB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org