Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/A5f7PJQwO04ePVLSoVCl-zwFNjY.roa
File: A5f7PJQwO04ePVLSoVCl-zwFNjY.roa (raw, json)
Hash identifier: Smnw8kLIFoLxT5wrFjUA5zhK7V5NbBjtsJdj9Te/38Q=
Subject key identifier: 03:97:FB:3C:94:30:3B:4E:1E:3D:52:D2:A1:50:A5:FB:3C:05:36:36
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7EC8A656A73B094D5AD131F3162C8DB8
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/A5f7PJQwO04ePVLSoVCl-zwFNjY.roa
Signing time: Tue 06 Feb 2024 14:18:15 +0000
ROA not before: Tue 06 Feb 2024 14:18:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212934
IP address blocks: 2a0f:b241:11::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7e:c8:a6:56:a7:3b:09:4d:5a:d1:31:f3:16:2c:8d:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 14:18:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0397fb3c94303b4e1e3d52d2a150a5fb3c053636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:42:db:dc:4d:2d:c4:b0:a3:9e:c0:5e:83:7d:
77:13:a3:a3:1a:f5:2d:1c:e8:8b:ac:f7:ae:c7:be:
93:ef:0e:1d:85:84:0c:52:8d:98:82:5c:a2:df:73:
b3:a4:ca:70:49:38:32:ef:94:5b:2e:42:e6:78:9c:
97:0b:4e:9d:17:b8:93:50:01:57:05:68:b1:53:33:
00:89:f9:11:4c:f8:ad:cb:b8:db:1b:96:fe:15:15:
49:7a:ce:89:24:59:4c:4a:4f:06:73:b4:34:b3:7c:
25:a1:47:3e:04:e2:92:7a:b2:f8:54:30:1a:a9:94:
f1:ae:be:77:cf:53:4b:c0:2e:29:03:b6:2e:d8:0c:
8c:a5:9a:43:f0:17:46:ec:cb:65:51:40:8c:6c:11:
18:2d:de:ab:d8:6d:42:3d:01:b8:96:77:7f:9f:c1:
24:1b:10:31:29:53:5a:ba:03:fe:69:04:54:8d:5c:
d3:77:61:2e:fc:9f:f3:7e:14:92:ad:48:a7:bf:f9:
67:64:cd:fe:5f:cd:7e:34:6d:cd:1b:c4:7a:14:06:
9c:29:90:76:19:ae:aa:bb:51:52:d5:8d:23:ac:49:
94:30:62:4f:e7:d8:13:1e:a6:d3:13:15:5b:3a:c3:
fb:75:ac:e1:e5:56:06:1c:d9:00:ee:2c:8c:10:a0:
6b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:97:FB:3C:94:30:3B:4E:1E:3D:52:D2:A1:50:A5:FB:3C:05:36:36
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/A5f7PJQwO04ePVLSoVCl-zwFNjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:11::/48
Signature Algorithm: sha256WithRSAEncryption
49:0d:45:22:95:21:06:cf:37:09:51:02:9d:5d:ae:d1:99:4a:
3a:0a:65:52:dd:ba:21:3f:13:9d:08:3d:bc:ca:2f:d9:f4:0f:
8b:41:06:72:bd:56:bf:95:05:04:8b:ad:95:b6:2e:18:86:ff:
3c:d9:8e:f6:20:12:fc:0b:5a:06:91:26:b4:63:41:22:99:f3:
33:09:d8:b0:a1:57:4c:7b:03:b2:df:c6:1b:37:38:d1:44:3d:
71:da:7a:68:ee:40:50:a9:54:4a:18:bb:8f:9a:e7:d4:f7:06:
4c:cb:d2:3e:ae:8c:5f:43:85:d8:fb:3a:ba:7f:11:43:b6:98:
db:3e:7d:82:5b:ce:59:d1:b3:3e:31:87:f6:80:30:5b:70:f0:
1a:cb:ce:44:49:13:dd:27:6c:79:1f:9d:48:16:c9:53:2e:92:
fd:76:4a:37:a5:e1:5b:2d:33:8d:79:87:37:ce:3d:1e:97:fb:
d5:f3:64:33:81:2a:40:34:a1:28:a0:57:7d:1d:87:44:8e:b9:
89:bd:a8:2e:7c:4e:b6:3c:40:ba:59:df:2d:51:8b:52:9a:1e:
0d:ef:d5:1b:9d:1c:a0:94:b0:53:1e:93:28:e5:0a:01:02:7a:
76:fd:78:38:13:1d:a2:7e:7f:7d:5a:28:dc:3e:99:14:73:e1:
ed:31:66:25
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1+yKZWpzsJTVrRMfMWLI24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTQxODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzk3ZmIzYzk0MzAzYjRlMWUzZDUyZDJhMTUwYTVmYjNjMDUzNjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgULb3E0txLCjnsBeg313E6OjGvUt
HOiLrPeux76T7w4dhYQMUo2Yglyi33OzpMpwSTgy75RbLkLmeJyXC06dF7iTUAFX
BWixUzMAifkRTPity7jbG5b+FRVJes6JJFlMSk8Gc7Q0s3wloUc+BOKSerL4VDAa
qZTxrr53z1NLwC4pA7Yu2AyMpZpD8BdG7MtlUUCMbBEYLd6r2G1CPQG4lnd/n8Ek
GxAxKVNaugP+aQRUjVzTd2Eu/J/zfhSSrUinv/lnZM3+X81+NG3NG8R6FAacKZB2
Ga6qu1FS1Y0jrEmUMGJP59gTHqbTExVbOsP7dazh5VYGHNkA7iyMEKBr7QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAOX+zyUMDtOHj1S0qFQpfs8BTY2MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvQTVmN1BKUXdPMDRlUFZMU29WQ2wtendGTmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAR
MA0GCSqGSIb3DQEBCwUAA4IBAQBJDUUilSEGzzcJUQKdXa7RmUo6CmVS3bohPxOd
CD28yi/Z9A+LQQZyvVa/lQUEi62Vti4Yhv882Y72IBL8C1oGkSa0Y0EimfMzCdiw
oVdMewOy38YbNzjRRD1x2npo7kBQqVRKGLuPmufU9wZMy9I+roxfQ4XY+zq6fxFD
tpjbPn2CW85Z0bM+MYf2gDBbcPAay85ESRPdJ2x5H51IFslTLpL9dko3peFbLTON
eYc3zj0el/vV82QzgSpANKEooFd9HYdEjrmJvagufE62PEC6Wd8tUYtSmh4N79Ub
nRyglLBTHpMo5QoBAnp2/Xg4Ex2ifn99WijcPpkUc+HtMWYl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org