Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/8aZb_q0wp1jGOipgoZNn_ox0AWA.roa
File: 8aZb_q0wp1jGOipgoZNn_ox0AWA.roa (raw, json)
Hash identifier: zwLTJDNNqfJ4mkNrtvQz6Qb+VlMQxGb92IL5XjVbjro=
Subject key identifier: F1:A6:5B:FE:AD:30:A7:58:C6:3A:2A:60:A1:93:67:FE:8C:74:01:60
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FAAD1960BB8DDE52992A005BEF59A89
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/8aZb_q0wp1jGOipgoZNn_ox0AWA.roa
Signing time: Tue 06 Feb 2024 18:25:17 +0000
ROA not before: Tue 06 Feb 2024 18:25:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202400
IP address blocks: 2a0f:b241:e1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:aa:d1:96:0b:b8:dd:e5:29:92:a0:05:be:f5:9a:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:25:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1a65bfead30a758c63a2a60a19367fe8c740160
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:55:c4:8d:3f:15:88:49:90:ea:dd:21:4e:6a:
a0:08:f9:80:39:59:99:e0:d8:9e:d6:c4:58:a1:24:
2c:70:67:f8:47:07:83:c1:cb:b7:26:9d:a2:77:09:
7e:1b:ff:7c:af:d1:d6:70:4c:df:ec:93:01:ed:3c:
80:42:fa:55:b8:c3:92:87:e4:4e:a1:84:08:ad:71:
bc:74:7f:58:ad:a3:d9:7c:00:61:0e:1a:16:24:46:
aa:6c:76:c4:7e:94:de:71:14:b7:9b:24:51:a4:a5:
20:08:6d:97:f4:3f:9c:5b:59:bb:b4:6d:25:3c:c3:
2b:9a:02:41:2e:e7:96:d3:6d:c5:92:f5:55:8b:e2:
f6:4b:97:9f:6d:da:bf:cb:d9:0b:72:d7:22:2a:9f:
ae:d6:53:cd:e9:75:8a:13:e9:04:bf:ee:a7:a9:a7:
1a:9e:fe:38:26:9a:e7:f9:66:d6:95:d0:23:93:ed:
ec:1f:1f:56:4a:13:19:fc:d3:af:94:ce:6c:f1:12:
49:83:bb:a7:96:93:f7:14:2e:67:b3:fe:5e:80:24:
67:31:c0:b3:1c:26:b7:34:0a:d9:10:1c:09:59:e0:
76:97:4d:fa:11:17:d5:7d:fc:fb:85:94:a6:57:8f:
68:9e:9c:f1:94:6b:f7:80:0b:4c:3a:2c:45:99:9b:
5f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:A6:5B:FE:AD:30:A7:58:C6:3A:2A:60:A1:93:67:FE:8C:74:01:60
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/8aZb_q0wp1jGOipgoZNn_ox0AWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:e1::/48
Signature Algorithm: sha256WithRSAEncryption
8e:77:24:e6:84:1d:f1:87:a4:b3:a8:4d:60:86:5e:f5:00:ba:
47:38:f3:8f:20:4d:74:79:2b:b4:9b:b0:6a:c5:a7:d6:52:7d:
a5:34:3f:0a:d1:86:f2:f7:12:02:02:c1:3e:cb:83:a9:f0:86:
4e:54:74:2e:da:1a:ad:ce:db:f5:e6:68:5c:b0:38:f6:e8:04:
15:53:85:f4:6e:4e:87:a6:2f:f6:06:d3:bc:b5:d4:8a:f4:cc:
cb:a8:67:0d:8c:fb:b8:03:0a:d2:9b:c7:47:33:8c:71:3c:a9:
34:6c:65:9d:f8:f4:09:a3:67:2a:81:a9:c2:be:39:87:16:18:
fb:c0:b5:fc:e2:81:4a:97:b1:4a:a7:70:3e:65:d2:52:28:69:
ef:2b:ea:5e:86:aa:7a:95:a3:0f:91:f8:50:1f:7c:74:62:44:
f0:fe:0f:a4:07:26:b0:5c:14:b6:fd:b2:de:49:1e:25:fb:9e:
3b:56:5a:a7:de:12:a0:74:3a:73:2d:f8:c7:8c:db:e9:35:6d:
c9:eb:e8:f0:9a:80:41:8d:b5:86:a8:7e:54:99:85:83:2d:47:
48:04:44:14:a6:93:0f:ab:a7:e1:f1:a0:de:28:ef:44:3c:2d:
5a:fe:7f:55:5d:93:77:5a:b0:26:c7:23:d1:8f:15:75:e7:ac:
6d:54:b2:6b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/qtGWC7jd5SmSoAW+9ZqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgyNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWE2NWJmZWFkMzBhNzU4YzYzYTJhNjBhMTkzNjdmZThjNzQwMTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFXEjT8ViEmQ6t0hTmqgCPmAOVmZ
4Nie1sRYoSQscGf4RweDwcu3Jp2idwl+G/98r9HWcEzf7JMB7TyAQvpVuMOSh+RO
oYQIrXG8dH9YraPZfABhDhoWJEaqbHbEfpTecRS3myRRpKUgCG2X9D+cW1m7tG0l
PMMrmgJBLueW023FkvVVi+L2S5efbdq/y9kLctciKp+u1lPN6XWKE+kEv+6nqaca
nv44Jprn+WbWldAjk+3sHx9WShMZ/NOvlM5s8RJJg7unlpP3FC5ns/5egCRnMcCz
HCa3NArZEBwJWeB2l036ERfVffz7hZSmV49onpzxlGv3gAtMOixFmZtfJQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPGmW/6tMKdYxjoqYKGTZ/6MdAFgMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvOGFaYl9xMHdwMWpHT2lwZ29aTm5fb3gwQVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQDh
MA0GCSqGSIb3DQEBCwUAA4IBAQCOdyTmhB3xh6SzqE1ghl71ALpHOPOPIE10eSu0
m7BqxafWUn2lND8K0Yby9xICAsE+y4Op8IZOVHQu2hqtztv15mhcsDj26AQVU4X0
bk6Hpi/2BtO8tdSK9MzLqGcNjPu4AwrSm8dHM4xxPKk0bGWd+PQJo2cqganCvjmH
Fhj7wLX84oFKl7FKp3A+ZdJSKGnvK+pehqp6laMPkfhQH3x0YkTw/g+kByawXBS2
/bLeSR4l+547Vlqn3hKgdDpzLfjHjNvpNW3J6+jwmoBBjbWGqH5UmYWDLUdIBEQU
ppMPq6fh8aDeKO9EPC1a/n9VXZN3WrAmxyPRjxV156xtVLJr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org